Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
3 Posts
Discussion Starter · #1 ·
Several days ago, I'm not sure how many because I went on a trip for six days and the problem was there before but I'm not sure how long before, maybe three or four days, and I've been home for three days. So this is a problem I've had for almost two weeks now, I guess. I don't know if it was something that got downloaded, or what.

Here's my problem: I can't open any folders on my computer. I click on a folder to open it, it opens and then the hourglass goes for a second and the folder closes on its own. My desktop icons disappear, then a few seconds later reappear. When I start my computer or log off and log back in, I get some error messages about .dll files that cannot be found and cannot run.

I have tried anti-virus, cleaners, anti-spyware and nothing seems to be helping. Please help!

Windows Vista

HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:36:20 PM, on 3/6/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00

(7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\mobsync.exe
C:\Windows\sttray.exe
C:\Windows\zHotkey.exe
C:\Windows\ModPS2Key.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common

Files\aol\1170463887\ee\aolsoftware.exe
C:\Program Files\AOL\Active Security

Monitor\ASMonitor.exe
C:\Program

Files\McAfee.com\Agent\mcagent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media

Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Program Files\Internet

Explorer\ieuser.exe
C:\Program Files\Internet

Explorer\iexplore.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Program Files\Verizon Wireless\VZAccess

Manager\VZAccess Manager.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Windows\system32

\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Windows\explorer.exe
C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://www.gateway.com/g/startpage.html?

Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3615
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.gateway.com/g/startpage.html?

Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3615
R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,SearchAssistant =

http://www.gateway.com/g/sidepanel.html?

Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3615
R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program Files\Yahoo!

\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38

-C3F9-4EFB-9B51-7695ECA05670} - C:\Program

Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-

C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Adobe Acrobat 6.0

\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-

462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-

8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program

Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79

-B68D-6309F01C5231} - C:\Program

Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58

-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class -

{AE7CD045-E861-484f-8273-0445EE161910} -

C:\Program Files\Adobe\Adobe Acrobat 6.0

\Acrobat\AcroIEFavClient.dll
O2 - BHO: CBrowserHelperObject Object -

{CA6319C0-31B7-401E-A518-A07C3DB8F777} -

c:\google\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4

-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-

4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-

4125-9FA8-0819E2EAAC93} - C:\Program

Files\Adobe\Adobe Acrobat 6.0

\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-

C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-

41A7-809B-AA305ED9D922} - C:\Program

Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [Windows Defender] %

ProgramFiles%\Windows Defender\MSASCui.exe

-hide
O4 - HKLM\..\Run: [SigmatelSysTrayApp]

sttray.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [ModPS2] ModPS2Key.exe
O4 - HKLM\..\Run: [IgfxTray]

C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]

C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]

C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HostManager] C:\Program

Files\Common Files\AOL\1170463887

\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [ASM] "C:\Program

Files\AOL\Active Security

Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [mcagent_exe] C:\Program

Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [ehTray.exe]

C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program

Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe

C:\Users\Allison\AppData\Local\Temp\nnlii.dl

l,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe

C:\Users\Allison\AppData\Local\Temp\wvwwu.dl

l,c
O4 - HKCU\..\Run: [0674fc20] rundll32.exe

"C:\Users\Allison\AppData\Local\Temp\lodlbom

w.dll",b
O4 - HKCU\..\Run: [AOL Fast Start]

"C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKCU\..\Run: [MS Juan] rundll32

"C:\Users\Allison\AppData\Local\Temp\fpdtgtg

p.dll",run
O4 - HKCU\..\Run: [BM0547cfbc] Rundll32.exe

"C:\Users\Allison\AppData\Local\Temp\caauviq

o.dll",s
O4 - HKCU\..\RunOnce: [mozilla_cleanup]

C:\Program Files\Netscape\Netscape

Browser\xpicleanup.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows

Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %

ProgramFiles%\Windows Sidebar\Sidebar.exe

/detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run:

[WindowsWelcomeCenter] rundll32.exe

oobefldr.dll,ShowWelcomeCenter (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %

ProgramFiles%\Windows Sidebar\Sidebar.exe

/detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM]

C:\Program Files\MySpace\IM\MySpaceIM.exe

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM]

C:\Program Files\MySpace\IM\MySpaceIM.exe

(User 'Default user')
O8 - Extra context menu item: &AOL Toolbar

Search - c:\program files\aol\aol toolbar

5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to

Microsoft Excel - res://C:\PROGRA~1

\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-

4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java

Console - {08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program

Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to

OneNote - {2670000A-7350-4f3c-8081-

5663EE0C6C49} - C:\PROGRA~1\MICROS~2

\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-

62E9-4bda-8103-B4C75499B578} - C:\Program

Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358

-4ca6-A83D-ACC663939424} - C:\Program

Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-

18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1

\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-

1baa-4bc4-9cf8-a92d743db949} -

C:\Users\Allison\AppData\Roaming\Microsoft\W

indows\Start Menu\Programs\IMVU\Run IMVU.lnk

(file missing)
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-

1E41684E07BB} -

http://ak.exe.imgfarm.com/images/nocache/fun

webproducts/ei-

3/ZwinkyInitialSetup1.0.1.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-

fa1d4f56a2ab} (YInstStarter Class) -

C:\Program Files\Yahoo!

\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-

D83562940134} (MySpace Uploader Control) -

http://lads.myspace.com/upload/MySpaceUpload

er1005.cab
O16 - DPF: {639658F3-B141-4D6B-B936-

226F75A5EAC3} (CPlayFirstDinerDash2Control

Object) -

http://aolsvc.aol.com/onlinegames/trydinerda

sh2/DinerDash2.1.0.0.67.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-

99445E0FC22B} (GameHouse Games Player) -

http://aolsvc.aol.com/onlinegames/free-

trial-mind-medley/gamehouseplayer.cab
O16 - DPF: {775879E2-7309-4619-BB02-

AADE41F4B690} (CPlayFirstdreamControl

Object) -

http://aolsvc.aol.com/onlinegames/free-

trial-dream-chronicles/dreamweb.1.0.0.9.cab
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-

7670F5AADC21} (SpinTop Games Launcher) -

http://aolsvc.aol.com/onlinegames/free-

trial-mystery-solitaire-secret-

island/SpinTopGamesLauncher.cab
O16 - DPF: {8FA2192F-B95D-40E3-898F-

8D7ABB8E00D0} -

http://aolsvc.aol.com/onlinegames/free-

trial-mystery-pi-the-lottery-

ticket/SpinTopGamesLauncher.cab
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-

173346E090A7} (CPlayFirstzenerchiControl

Object) -

http://aolsvc.aol.com/onlinegames/free-

trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-

EEB3FF2ECD19} (CPlayFirstddfotgControl

Object) -

http://aolsvc.aol.com/onlinegames/free-

trial-diner-dash-flo-on-the-

go/ddfotg.1.0.0.33.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-

B2CCF06D9A1B} (Zylom Games Player) -

http://aolsvc.aol.com/onlinegames/free-

trial-delicious-2-deluxe/zylomplayer.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-

73DB16A1543A} (PopCapLoader Object) -

http://aolsvc.aol.com/onlinegames/chuzzledel

uxe/popcaploader_v10.cab
O16 - DPF: {EA6246B4-F380-443F-8727-

9AEA3371146C} (CPlayFirstWeddingDashControl

Object) -

http://aolsvc.aol.com/onlinegames/free-

trial-wedding-dash/WeddingDash.1.0.0.47.cab
O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-

F3C737E37BC4} (CPlayFirstSweetopiaControl

Object) -

http://aolsvc.aol.com/onlinegames/free-

trial-sweetopia/Sweetopia.1.0.0.22.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{FD29F617

-BBBA-4149-B39A-1D14EE6E1D3F}: NameServer =

66.174.92.14 66.174.95.44
O20 - AppInit_DLLs: C:\PROGRA~1

\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown

owner - C:\Program Files\Common Files\Adobe

Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL

ACS) - AOL LLC - C:\Program Files\Common

Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple,

Inc. - C:\Program Files\Common

Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc.

- C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service

(gusvc) - Google - C:\Program

Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. -

C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) -

McAfee, Inc. - C:\PROGRA~1

\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent

(McNASvc) - McAfee, Inc. - c:\PROGRA~1

\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) -

McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1

\mcods.exe
O23 - Service: McAfee Proxy Service

(McProxy) - McAfee, Inc. - c:\PROGRA~1

\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner

(McShield) - McAfee, Inc. - C:\PROGRA~1

\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards

(McSysmon) - McAfee, Inc. - C:\PROGRA~1

\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall

Service (MpfService) - McAfee, Inc. -

C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PrismXL - New Boundary

Technologies, Inc. - C:\Program Files\Common

Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SigmaTel Audio Service

(STacSV) - SigmaTel, Inc. - C:\Program

Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: XAudioService - Conexant

Systems, Inc. - C:\Windows\system32

\DRIVERS\xaudio.exe
O23 - Service: Xlgbnaswlmsn - Conexant

Systems, Inc. - (no file)

--
End of file - 12119 bytes
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #2 ·
Here is the ComboFix Log--

ComboFix 08-03-06.3 - Allison 2008-03-06 22:10:14.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.342 [GMT -7:00]
Running from: C:\Users\Allison\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Allison\AppData\Roaming\inst.exe
C:\Windows\system32\systeminfo3.dll
C:\Windows\system32\x64
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-02-07 to 2008-03-07 )))))))))))))))))))))))))))))))
.

2008-03-06 22:06 . 2008-03-06 22:06 d-------- C:\Users\Allison\AppData\Roaming\SUPERAntiSpyware.com
2008-03-06 22:06 . 2008-03-06 22:06 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-03-06 22:06 . 2008-03-06 22:06 d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-03-06 22:06 . 2008-03-06 22:06 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-06 22:05 . 2008-03-06 22:05 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-06 21:35 . 2008-03-06 21:35 d-------- C:\Program Files\Trend Micro
2008-03-06 06:52 . 2008-03-06 06:52 d-------- C:\Users\Allison\AppData\Roaming\PC Tools
2008-03-06 06:52 . 2008-03-06 20:58 d-------- C:\Program Files\Spyware Doctor
2008-03-06 06:50 . 2008-03-06 06:50 d-------- C:\Program Files\Picasa2
2008-03-06 06:49 . 2008-03-06 06:49 d-------- C:\Program Files\Norton Security Scan
2008-03-06 06:48 . 2008-03-06 07:48 d-------- C:\Users\All Users\Google Updater
2008-03-06 06:48 . 2008-03-06 07:48 d-------- C:\ProgramData\Google Updater
2008-03-05 18:39 . 2008-03-05 18:50 2,374 --a------ C:\Windows\System32\Config.MPF
2008-03-05 18:10 . 2008-03-05 18:33 d-------- C:\mcafee_mcpr
2008-03-05 18:10 . 2007-07-21 09:08 201,288 --a------ C:\Windows\System32\drivers\mfehidk.sys
2008-03-05 18:10 . 2007-07-13 09:21 125,728 --a------ C:\Windows\System32\drivers\Mpfp.sys
2008-03-05 18:10 . 2007-07-24 07:40 79,304 --a------ C:\Windows\System32\drivers\mfeavfk.sys
2008-03-05 18:10 . 2007-07-21 09:08 40,488 --a------ C:\Windows\System32\drivers\mfesmfk.sys
2008-03-05 18:10 . 2007-07-21 09:08 35,240 --a------ C:\Windows\System32\drivers\mfebopk.sys
2008-03-05 18:10 . 2007-07-24 12:02 33,800 --a------ C:\Windows\System32\drivers\mferkdk.sys
2008-03-05 18:09 . 2008-03-05 18:10 d-------- C:\Program Files\McAfee.com
2008-03-05 18:09 . 2008-03-05 18:51 d-------- C:\Program Files\McAfee
2008-03-05 18:09 . 2008-03-05 18:41 d-------- C:\Program Files\Common Files\McAfee
2008-03-05 17:46 . 2008-03-05 17:46 500 --a------ C:\Windows\WinInit.Ini
2008-03-05 17:23 . 2008-03-05 16:59 54,832 --a------ C:\Windows\System32\AOLParconLink.exe
2008-03-05 17:21 . 2008-03-05 17:21 d-------- C:\Windows\aolshare
2008-03-05 17:21 . 2008-03-05 17:26 d-------- C:\Program Files\AOL 9.1
2008-03-05 16:38 . 2008-03-05 16:38 d-------- C:\Users\Allison\AppData\Roaming\Sereniti
2008-03-05 06:43 . 2008-03-05 06:43 d-------- C:\Users\All Users\Yahoo! Companion
2008-03-05 06:43 . 2008-03-05 06:43 d-------- C:\ProgramData\Yahoo! Companion
2008-03-04 21:16 . 2008-03-04 21:16 d-------- C:\Program Files\Yahoo!
2008-03-04 21:16 . 2008-03-04 21:17 d-------- C:\Program Files\CCleaner
2008-02-18 21:47 . 2008-02-18 21:47 d-------- C:\Program Files\uTorrent
2008-02-18 21:46 . 2008-02-22 07:19 d-------- C:\Users\Allison\AppData\Roaming\uTorrent
2008-02-18 17:17 . 2008-02-18 17:24 37,888 --a------ C:\Windows\System32\rar.exe
2008-02-17 13:09 . 2008-02-17 13:09 d-------- C:\Program Files\SendSpace
2008-02-15 18:39 . 2008-01-09 22:50 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2008-02-13 03:24 . 2008-02-13 03:24 194,560 --a------ C:\Windows\System32\WebClnt.dll
2008-02-13 03:24 . 2008-02-13 03:24 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
2008-02-13 03:13 . 2008-02-13 03:13 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-02-13 03:12 . 2008-02-13 03:12 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 03:12 . 2008-02-13 03:12 1,686,528 --a------ C:\Windows\System32\gameux.dll
2008-02-13 03:03 . 2008-02-13 03:03 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-02-11 17:44 . 2003-08-11 10:07 14,604 --a------ C:\Windows\System32\drivers\pfc.sys
2008-02-09 19:25 . 2008-02-09 20:03 d-------- C:\Users\Allison\New Folder
2008-02-07 20:18 . 2008-02-07 20:18 d-------- C:\Users\Allison\AppData\Roaming\AdobeAUM

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-07 03:55 --------- d---a-w C:\ProgramData\TEMP
2008-03-06 13:48 --------- d-----w C:\Program Files\Google
2008-03-06 01:23 --------- d-----w C:\ProgramData\McAfee
2008-03-06 00:44 --------- d-----w C:\ProgramData\SiteAdvisor
2008-03-06 00:26 --------- d-----w C:\Users\Allison\AppData\Roaming\AOL
2008-03-06 00:23 --------- d-----w C:\Program Files\Common Files\aol
2008-03-06 00:21 --------- d-----w C:\ProgramData\AOL
2008-03-06 00:21 --------- d-----w C:\Program Files\Common Files\aolshare
2008-03-06 00:09 --------- d-----w C:\ProgramData\AOL Downloads
2008-03-05 23:41 --------- d-----w C:\ProgramData\AOL OCP
2008-02-22 00:54 --------- d-----w C:\Users\Allison\AppData\Roaming\Vso
2008-02-22 00:51 --------- d-----w C:\Program Files\DVDFab Platinum 4
2008-02-19 00:19 47,360 ----a-w C:\Users\Allison\AppData\Roaming\pcouffin.sys
2008-02-13 10:13 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 10:13 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 10:13 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 10:13 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 10:13 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 10:13 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 10:13 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 10:13 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 10:13 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 10:13 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-13 10:13 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 10:12 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 10:12 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 10:12 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 10:12 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 10:02 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 10:02 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 10:02 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 10:02 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-13 03:09 --------- d-----w C:\Program Files\Flock
2008-02-12 00:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-08 03:14 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-07 02:31 --------- d-----w C:\Program Files\Safari
2008-02-07 01:53 --------- d-----w C:\Users\Allison\AppData\Roaming\Apple Computer
2008-02-07 01:51 --------- d-----w C:\Program Files\Bonjour
2008-01-31 01:47 --------- d-----w C:\Users\Allison\AppData\Roaming\IMVU
2008-01-30 00:34 --------- d-----w C:\Program Files\Movavi Video Converter 6
2008-01-30 00:34 --------- d-----w C:\Program Files\Common Files\MOVAVI
2008-01-30 00:18 --------- d-----w C:\Program Files\QuickTime
2008-01-25 23:29 --------- d-----w C:\ProgramData\Microsoft Help
2008-01-23 10:16 499,712 ----a-w C:\Windows\System32\msvcp71.dll
2008-01-23 10:16 348,160 ----a-w C:\Windows\System32\msvcr71.dll
2008-01-08 22:55 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-08 22:55 --------- d-----w C:\Program Files\Windows Mail
2008-01-08 19:07 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-08 19:07 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-08 19:07 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-08 05:39 --------- d-----w C:\Users\Guest\AppData\Roaming\Smith Micro
2007-12-26 20:54 81,920 ----a-w C:\Users\Allison\AppData\Roaming\ezpinst.exe
2007-12-12 10:10 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 10:10 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 10:10 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-10-19 01:43 79,856 ----a-w C:\Users\Allison\MySpaceIM_Setup.exe
2007-09-25 09:29 174 --sha-w C:\Program Files\desktop.ini
2007-05-15 02:10 128 ----a-w C:\Users\Allison\AppData\Roaming\wklnhst.dat
2007-04-21 14:55 104 ----a-w C:\Users\Jared\AppData\Roaming\wklnhst.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 05:35 125440]
"Aim6"="" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 05:36 201728]
"0674fc20"="C:\Users\Allison\AppData\Local\Temp\lodlbomw.dll" [2008-03-05 20:40 91200]
"AOL Fast Start"="C:\Program Files\AOL 9.1\AOL.exe" [2008-01-23 03:15 50528]
"BM0547cfbc"="C:\Users\Allison\AppData\Local\Temp\caauviqo.dll" [2008-03-05 20:40 91712]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"mozilla_cleanup"="C:\Program Files\Netscape\Netscape Browser\xpicleanup.exe" [2007-03-21 17:54 31744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-11 02:03 1006264]
"SigmatelSysTrayApp"="sttray.exe" [2006-11-02 13:38 303104 C:\Windows\sttray.exe]
"CHotkey"="zHotkey.exe" [2006-11-07 15:08 547840 C:\Windows\zHotkey.exe]
"ShowWnd"="ShowWnd.exe" [2005-01-27 10:13 36864 C:\Windows\ShowWnd.exe]
"ModPS2"="ModPS2Key.exe" [2006-11-07 15:34 53248 C:\Windows\ModPS2Key.exe]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-12-12 10:02 98304]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-12-12 10:03 106496]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2006-12-12 10:02 81920]
"HostManager"="C:\Program Files\Common Files\AOL\1170463887\ee\AOLSoftware.exe" [2007-05-25 10:16 42032]
"ASM"="C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" [2006-11-07 15:11 2500096]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-08-13 17:04 5562368]

C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
VZAccess Manager.lnk - C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe [2007-09-24 17:29:10 1680944]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinPrint.exe

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{182C7ED7-E56D-4509-9D9B-AC49318D9895}"= C:\Windows\system32\ljhhgdc.dll [ ]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
"LoadAppInit_DLLs"=1 (0x1)

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BigFix.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BigFix.lnk
backup=C:\Windows\pss\BigFix.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\0674fc20]
C:\Users\Allison\AppData\Local\Temp\ogeqycmo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
--a------ 2006-11-10 05:12 50736 C:\PROGRA~1\AOL9~1.0A\AOL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigFix]
--a------ 2006-11-16 17:04 2348584 c:\program files\Bigfix\bigfix.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtcMaestro]
--------- 2006-11-03 09:18 339968 C:\Program Files\KMaestro\KMaestro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2007-04-05 19:23 220160 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
--a------ 2007-05-25 10:16 42032 C:\Program Files\Common Files\AOL\1170463887\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-11-02 18:36 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS Juan]
C:\Users\Allison\AppData\Local\Temp\dkbbaqwj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MskAgentexe]
C:\Program Files\McAfee\MSK\MskAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
C:\Windows\system32\ljhhgdc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
--a------ 2007-08-13 17:04 5562368 C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]
C:\Program Files\Napster\napster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-10 15:27 385024 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-02-20 08:12 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1923214666-2850258380-1336480479-1000]
"EnableNotificationsRef"=dword:00000002

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1923214666-2850258380-1336480479-1001]
"EnableNotificationsRef"=dword:00000002

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1923214666-2850258380-1336480479-500]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E33C2584-ED93-43F0-889F-7C31CB5D79D3}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{15003273-3D3A-4005-A2E4-5AAD86BCC0D8}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{14C5B1DA-419F-4725-839D-5EC47D1CDDCA}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{C2CAAB6A-0F65-48E8-B27F-669AFC539A78}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{795FEE1E-149C-4AE2-A71A-9A5D5ED57D0A}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{3E07FB9D-E155-4656-B66D-1328EF95CA53}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{EA11DBA0-BBDF-4E84-B439-F01B7E2878AB}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{A46332F3-455E-4809-B6AF-F8DE85F6CFAB}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{EE350F58-99D8-4A74-A189-9C44CC199876}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{023F181B-764A-42A9-A7B8-404CBF8EB7AF}"= UDP:C:\Program Files\AOL 9.0a\waol.exe:AOL
"{1595B5AC-EC1C-492E-99E0-EDED9D86C2D7}"= TCP:C:\Program Files\AOL 9.0a\waol.exe:AOL
"{8DFDADF5-6045-481F-94E7-052300535F07}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{D3B03658-C2DA-460C-8CDA-84BCCB69CE20}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{380278E1-0879-461F-84C0-5F2DCCA1B85C}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{61CEECC9-F75C-46AA-B1AF-C5007EE914C3}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{5B5B1A22-7516-4466-B6BA-CDAB8D1E1EE7}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{00FA42CD-DC9D-4EC5-8CC7-85F754086636}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{0573DA75-1796-40EB-8B6D-6198AE90B2F0}"= UDP:C:\Program Files\Common Files\aol\1170463887\ee\aolsoftware.exe:AOL Services
"{CDE0D182-5F95-4F59-8EC0-52E43FB916B4}"= TCP:C:\Program Files\Common Files\aol\1170463887\ee\aolsoftware.exe:AOL Services
"{AFB6E28D-7A3E-42E8-90DB-275A226379E4}"= UDP:C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:TurboTax
"{8A5192E1-4453-4134-B3C8-3DE4D8E5DF9A}"= TCP:C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:TurboTax
"{B6A2C31C-DF95-4E29-B80C-645A607D2160}"= UDP:C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:TurboTax Update Manager
"{07CCB3C4-31CC-4CF8-842D-6A81C6603D2B}"= TCP:C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:TurboTax Update Manager
"{B9E470CD-9281-4A37-B066-B0FA0679A1A4}"= UDP:C:\Program Files\AOL 9.0b\waol.exe:AOL
"{141EE222-43A8-4BDC-A8BD-B9A84B0DBA0F}"= TCP:C:\Program Files\AOL 9.0b\waol.exe:AOL
"{E68C77C8-5F3D-4D13-B339-2BA4705486E1}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{451FCD70-49CD-4CA5-A0A1-133FC99F87D8}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{5EEFA55F-CCF8-48C9-8CA9-26E9344C23FA}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{6002E38E-EE8E-4A5A-80B6-E6076086F1D7}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{C4DB3F21-AEE3-451F-ACE2-71BB43171B23}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL
"{F9ECA236-EBCF-4913-839D-21F163C501CB}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL
"{1C6EE066-803B-4888-85A3-3A53245D8512}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{3A0A02B2-B9A6-4816-B641-7EDB3A2287E0}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{08AE49AE-4E1E-4D11-A6DC-9B5A65BBCD2A}"= UDP:C:\Program Files\DC++\DCPlusPlus.exe:DC++
"{B85585A8-F20D-464D-A7E6-7DF35144D052}"= TCP:C:\Program Files\DC++\DCPlusPlus.exe:DC++
"{372E71FD-6279-4447-8A8B-B84E68817695}"= UDP:C:\Program Files\Movavi Video Converter 6\VideoConverter.exe:VideoConverter
"{23B8EA33-869B-4E8B-9518-CB77BFBC48C9}"= TCP:C:\Program Files\Movavi Video Converter 6\VideoConverter.exe:VideoConverter
"{0883FC4C-A2A7-4CE8-AAAB-61BB8E4E5AAE}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{D377C284-6D17-4A2B-958D-09E4036F2AC7}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{31DE74EA-C44C-4AA6-9D2A-651956E21B5C}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{53C996BC-53FF-47D5-859E-F5630F282E3C}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{200AC6E1-A9CA-41E3-A135-0B1A3C59375A}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{203DC102-2AF1-4084-82AE-91459885B1A4}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{0979BDB9-3FDE-4E52-917F-B124EFC485DA}"= UDP:C:\Program Files\Common Files\aol\1170463887\ee\aolsoftware.exe:AOL Shared Components
"{40728C7C-C40B-420E-8B1A-1E625AE41D72}"= TCP:C:\Program Files\Common Files\aol\1170463887\ee\aolsoftware.exe:AOL Shared Components
"{D10D382E-06D5-4E6A-B369-7FE3072BA167}"= UDP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{C615CDFE-959C-43CA-9605-C7770029FAD2}"= TCP:C:\Program Files\AOL 9.1\waol.exe:AOL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 18:39]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-12-12 10:49]
R3 NWADI;NWADI Bus Enumerator;C:\Windows\system32\DRIVERS\NWADIenum.sys [2007-02-01 15:25]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 00:30]

*Newly Created Service* - SASDIFSV
*Newly Created Service* - SASENUM
*Newly Created Service* - SASKUTIL
.
Contents of the 'Scheduled Tasks' folder
"2008-03-06 01:41:05 C:\Windows\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2008-03-06 01:41:05 C:\Windows\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-06 22:14:02
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-06 22:14:57
ComboFix-quarantined-files.txt 2008-03-07 05:14:55
.
2008-03-05 00:46:10 --- E O F ---
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #3 ·
Here is the SuperAntiSpyware Log--

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/06/2008 at 10:34 PM

Application Version : 4.0.1154

Core Rules Database Version : 3415
Trace Rules Database Version: 1407

Scan type : Quick Scan
Total Scan Time : 00:18:18

Memory items scanned : 682
Memory threats detected : 1
Registry items scanned : 450
Registry threats detected : 0
File items scanned : 18697
File threats detected : 105

Adware.Vundo Variant/Resident
C:\USERS\ALLISON\APPDATA\LOCAL\TEMP\WVWWU.DLL
C:\USERS\ALLISON\APPDATA\LOCAL\TEMP\WVWWU.DLL

Adware.Vundo-Variant/Small-A
C:\USERS\JARED\APPDATA\LOCAL\TEMP\KULSJQCK.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\CURBQXEY.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\DOMOIGVW.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\FEALITXJ.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\PGCMSHMY.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\RSHGLKCJ.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\TLGUINEP.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\VPCBLSWC.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\VRLLDMSR.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\XYEFCCTE.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\XYJYFNFM.DLL

Adware.Vundo-Variant/PolyMorph-A
C:\USERS\JARED\APPDATA\LOCAL\TEMP\AWTTT.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\CBAYX.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\CBXXW.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\FCCDB.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\HGGEE.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\IIIFC.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\IIIGE.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\NNNNO.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\OPPQP.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\RQOMM.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\TUSTQ.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\VTUVV.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\XXWXU.DLL

Trojan.Unclassifed/Dropper-B
C:\USERS\JARED\APPDATA\LOCAL\TEMP\HLNDSYDQ.DLL
C:\USERS\JARED\APPDATA\LOCAL\TEMP\WUDMIGCN.DLL

Adware.Vundo-Variant
C:\USERS\JARED\APPDATA\LOCAL\TEMP\QOMLM.DLL

Adware.Tracking Cookie
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][6].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][4].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][5].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected]worldwide[2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected]pro-advertising[1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Jared\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top