Bestwebsearch.net?
I have some sort of virus that wont let search engines work, and mess up youtube... Please someone help me get it off!! I know very little about computers...
0
This discussion has been closed.
Comments
the tools used may cause damage if used on a computer with different infections.
If you think you have similar problems, please post a log in the HJT forum and wait for help.
Hello and welcome to the forums
My name is Katana and I will be helping you to remove any infection(s) that you may have.
Please observe these rules while we work:
(Just because you can't see a problem doesn't mean it isn't there)
If you can do those few things, everything should go smoothly
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
Download and Run RSIT
Please Download GMER to your desktop
Download GMER and extract it to your desktop.
***Please close any open programs ***
Double-click gmer.exe. The program will begin to run.
**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst
If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked.
DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
Run by Johnny Drama at 2009-07-23 01:45:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 34 GB (46%) free of 73 GB
Total RAM: 511 MB (46% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ErrorFix Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}]
Gamevance - C:\Program Files\Gamevance\gamevancelib32.dll [2009-04-25 108032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-18 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-21 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-26 1008896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-26 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-06-26 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-06-26 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll [2008-12-04 83800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-21 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-21 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BA52B914-B692-46c4-B683-905236F6F655}
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll [2008-12-04 83800]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-26 1008896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-26 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-21 136600]
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-15 293168]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-06-22 1948440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Gamevance"=C:\Program Files\Gamevance\gamevance32.exe a []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Internet Antivirus Pro"=C:\program files\Internet Antivirus Pro\IAPro.exe /s []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"CurseClient"=C:\Program Files\Curse\CurseClient.exe [2009-07-06 1966592]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe [2008-12-12 9555968]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-26 39408]
"A00F3A2451CD.exe"=C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp\_A00F3A2451CD.exe []
"A00F6183D.exe"=C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp\_A00F6183D.exe []
"A00F4468B.exe"=C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp\_A00F4468B.exe []
"A00F37773.exe"=C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp\_A00F37773.exe []
"A00F95CD9.exe"=C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp\_A00F95CD9.exe []
"A00F1632D898.exe"=C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp\_A00F1632D898.exe [2009-07-23 36352]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
ActivClient Agent.lnk - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Documents and Settings\Johnny Drama\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\System32\ddraw32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\3030d854648]
C:\WINDOWS\System32\ddraw32.dll [2009-07-16 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ackpbsc]
C:\WINDOWS\system32\ackpbsc.dll [2007-05-15 112640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acunlock]
C:\Program Files\ActivIdentity\ActivClient\acunlock.dll [2007-05-15 281088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-06-22 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c001010]
C:\WINDOWS\system32\__c001010.dat [2009-07-22 27648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0058FA9]
C:\WINDOWS\system32\__c0058FA9.dat []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0065227]
C:\WINDOWS\system32\__c0065227.dat []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00D9282]
C:\WINDOWS\system32\__c00D9282.dat []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Johnny Drama\Local Settings\Temp\Blizzard Launcher Temporary - dda5dbd8\Launcher.exe"="C:\Documents and Settings\Johnny Drama\Local Settings\Temp\Blizzard Launcher Temporary - dda5dbd8\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\World of Warcraft\Repair.exe"="C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client"
"C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe"="C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe:*:Enabled:script-fu"
"C:\Program Files\Graboid\GraboidVideo\1.6.5.0\GraboidClient.exe"="C:\Program Files\Graboid\GraboidVideo\1.6.5.0\GraboidClient.exe:*:Enabled: "
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-07-23 01:45:28 ----D---- C:\Program Files\trend micro
2009-07-23 01:45:23 ----D---- C:\rsit
2009-07-22 22:13:25 ----ASH---- C:\WINDOWS\system32\19E.tmp
2009-07-22 02:13:25 ----ASH---- C:\WINDOWS\system32\D5.tmp
2009-07-21 06:13:25 ----ASH---- C:\WINDOWS\system32\D3.tmp
2009-07-20 10:13:24 ----ASH---- C:\WINDOWS\system32\6A.tmp
2009-07-19 14:13:24 ----ASH---- C:\WINDOWS\system32\68.tmp
2009-07-18 02:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-07-17 01:47:18 ----A---- C:\WINDOWS\wininit.ini
2009-07-17 00:36:30 ----D---- C:\d711782223d7b31af9d63c51260c81fa
2009-07-17 00:34:41 ----D---- C:\WINDOWS\system32\XPSViewer
2009-07-17 00:34:34 ----D---- C:\Program Files\MSBuild
2009-07-17 00:34:22 ----D---- C:\Program Files\Reference Assemblies
2009-07-17 00:33:31 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-07-17 00:33:30 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-07-17 00:33:30 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-07-17 00:33:29 ----D---- C:\51457dff57ba4a493e58
2009-07-17 00:16:04 ----D---- C:\b035899922a859c6e9
2009-07-17 00:15:50 ----D---- C:\d5990bbd8fcd7c0fb7768ebe6019
2009-07-16 20:31:32 ----A---- C:\WINDOWS\GnuHashes.ini
2009-07-16 20:27:23 ----A---- C:\WINDOWS\system32\BsKg6.vbs
2009-07-16 20:26:06 ----A---- C:\WINDOWS\system32\922jn.vbs
2009-07-16 20:24:09 ----A---- C:\WINDOWS\system32\l17Pryv4Z6hq9DL.vbs
2009-07-16 20:23:34 ----SHD---- C:\WINDOWS\system32\SystemX86
2009-07-16 20:23:30 ----ASH---- C:\WINDOWS\system32\217.tmp
2009-07-16 20:23:23 ----A---- C:\WINDOWS\system32\ddraw32.dll
2009-07-16 20:23:22 ----A---- C:\WINDOWS\system32\0DDK9aFxqHueI7k.vbs
2009-07-15 03:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 03:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 03:13:00 ----A---- C:\WINDOWS\system32\MRT.INI
2009-07-15 03:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-06-29 13:51:01 ----D---- C:\WINDOWS\ie8updates
2009-06-29 13:41:18 ----HDC---- C:\WINDOWS\ie8
2009-06-26 17:06:55 ----D---- C:\Documents and Settings\Johnny Drama\Application Data\Google
2009-06-26 16:48:12 ----D---- C:\Program Files\Google
2009-06-26 16:48:12 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-06-26 16:47:39 ----D---- C:\WINDOWS\system32\Adobe
======List of files/folders modified in the last 1 months======
2009-07-23 01:45:28 ----RD---- C:\Program Files
2009-07-23 01:44:58 ----D---- C:\WINDOWS\Prefetch
2009-07-23 01:39:41 ----D---- C:\WINDOWS\system32
2009-07-23 01:36:43 ----D---- C:\WINDOWS\Temp
2009-07-22 15:21:29 ----HD---- C:\$AVG8.VAULT$
2009-07-21 20:55:30 ----D---- C:\WINDOWS\Help
2009-07-21 20:22:42 ----D---- C:\WINDOWS\network diagnostic
2009-07-19 12:00:38 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-07-18 18:17:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-18 09:14:40 ----D---- C:\WINDOWS\system32\drivers
2009-07-18 06:54:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-18 04:23:59 ----D---- C:\WINDOWS\Microsoft.NET
2009-07-18 03:15:35 ----D---- C:\WINDOWS
2009-07-18 02:37:26 ----HD---- C:\WINDOWS\inf
2009-07-18 02:37:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-18 02:37:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-18 02:35:13 ----SHD---- C:\WINDOWS\Installer
2009-07-17 05:38:20 ----RSD---- C:\WINDOWS\assembly
2009-07-17 03:10:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-17 03:09:20 ----D---- C:\WINDOWS\WinSxS
2009-07-17 02:48:10 ----D---- C:\Program Files\World of Warcraft
2009-07-17 00:34:36 ----D---- C:\WINDOWS\system32\en-US
2009-07-17 00:34:30 ----RSD---- C:\WINDOWS\Fonts
2009-07-17 00:34:01 ----D---- C:\WINDOWS\system32\spool
2009-07-17 00:06:17 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-16 20:59:13 ----D---- C:\Documents and Settings\Johnny Drama\Application Data\LimeWire
2009-07-15 03:15:08 ----A---- C:\WINDOWS\imsins.BAK
2009-07-15 03:14:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-15 03:12:58 ----D---- C:\Program Files\Common Files
2009-07-07 10:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-06 16:21:42 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-07-02 12:25:54 ----D---- C:\Program Files\Mozilla Firefox
2009-06-29 14:11:08 ----D---- C:\WINDOWS\Media
2009-06-29 14:11:08 ----D---- C:\Program Files\Internet Explorer
2009-06-26 16:48:46 ----D---- C:\Documents and Settings\Johnny Drama\Application Data\Adobe
2009-06-26 16:48:43 ----D---- C:\WINDOWS\system32\Macromed
2009-06-26 16:48:43 ----D---- C:\Documents and Settings\Johnny Drama\Application Data\Macromedia
2009-06-26 16:47:45 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-06-24 22:33:39 ----D---- C:\Documents and Settings\Johnny Drama\Application Data\vlc
2009-06-24 22:31:58 ----D---- C:\Program Files\Graboid
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-18 335752]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-06-22 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-04 108552]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-06 580992]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 actccid;ActivCard USB Reader V2; C:\WINDOWS\system32\DRIVERS\actccid.sys [2007-05-03 63608]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-07-16 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 accoca;ActivClient Middleware Service; C:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-18 907032]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-06-22 298776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-21 152984]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S2 ITGrdEngine;Guard Service; C:\Documents and Settings\Johnny Drama\Local Settings\Application Data\Microsoft\Windows\services.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-26 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-03-03 143360]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
ActivClient 6.1 x86-->MsiExec.exe /I{AC194855-F7AC-4D04-B4C9-07BA46FCB697}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Advanced Control Suite-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{468190DA-FB4C-45BA-8E40-4B165FF1A939} /l1033
Citrix Presentation Server Client - Web Only-->MsiExec.exe /X{E9459BCF-0982-498B-ABA7-26C34323493F}
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Curse Client-->C:\Program Files\Curse\uninstall.exe
Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Gamevance-->C:\Program Files\Gamevance\gvun.exe
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
Intel(R) PROSet-->MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar-->MsiExec.exe /I{10C69612-017B-45F5-B986-7D113D5A2EA3}
MySpaceIM-->C:\Program Files\MySpace\IM\Uninstall.exe
NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242}
Privacy center-->C:\Program Files\PCenter\uninstall.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 8 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913433)-->C:\WINDOWS\System32\MacroMed\Flash\genuinst.exe C:\WINDOWS\System32\MacroMed\Flash\KB913433.inf
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe"
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: HOOSIERS-1GD2CF
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00111131100F. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 1768
Source Name: Dhcp
Time Written: 20090225232217.000000-360
Event Type: warning
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00111131100F. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 1767
Source Name: Dhcp
Time Written: 20090225232102.000000-360
Event Type: warning
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00111131100F. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 1766
Source Name: Dhcp
Time Written: 20090225231836.000000-360
Event Type: warning
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00111131100F. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 1765
Source Name: Dhcp
Time Written: 20090225231343.000000-360
Event Type: warning
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00111131100F. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 1764
Source Name: Dhcp
Time Written: 20090225230356.000000-360
Event Type: warning
User:
=====Application event log=====
Computer Name: HOOSIERS-1GD2CF
Event Code: 1002
Message: Hanging application iexplore.exe, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 285
Source Name: Application Hang
Time Written: 20090414225912.000000-300
Event Type: error
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1002
Message: Hanging application iexplore.exe, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 284
Source Name: Application Hang
Time Written: 20090414225910.000000-300
Event Type: error
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1002
Message: Hanging application iexplore.exe, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 282
Source Name: Application Hang
Time Written: 20090412031920.000000-300
Event Type: error
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1002
Message: Hanging application iexplore.exe, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 281
Source Name: Application Hang
Time Written: 20090411100216.000000-300
Event Type: error
User:
Computer Name: HOOSIERS-1GD2CF
Event Code: 1002
Message: Hanging application iexplore.exe, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 274
Source Name: Application Hang
Time Written: 20090409010123.000000-300
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ActivIdentity\ActivClient\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
EOF
IMPORTANT
I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
LimeWire 4.18.8
I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
Also available here.
My recommendation is you go to Control Panel > Add/Remove Programs and uninstall any P2P programs
Please note: you must NOT use any P2P whilst we are cleaning your machine.
Step 1
Disable Teatimer
We need to disable Teatimer as it may interfere with the cleaning.
Please do not re-enable it until I give instructions.
First step:
- Right-click the Spybot Icon in the System Tray (looks like a blue/white calendar with a padlock symbol)
- If you have the new version 1.5, Click once on Resident Protection, then Right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.
- If you have Version 1.4, Click on Exit Spybot S&D Resident
Second step, For Either Version :Step 2
Remove Programs
Older versions of some programs have vulnerabilities that malware can use to infect your system.
Now click Start---Control Panel. Double click Add or Remove Programs (XP) / Programs and Features (Vista) .
If any of the following programs are still listed there, click on the program to highlight it, and click on remove.
- Gamevance
Now close the Control Panel.NOD32 FiX v2.1
Privacy center
Step 3
Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
Step 4
Disable resident protections (Antivirus...); you'll re-enable them after the scan
Download Lop S&D < here
Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
Database version: 2421
Windows 5.1.2600 Service Pack 3
7/23/2009 3:22:44 PM
mbam-log-2009-07-23 (15-22-44).txt
Scan type: Full Scan (C:\|)
Objects scanned: 250566
Time elapsed: 2 hour(s), 15 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 11
Registry Values Infected: 12
Registry Data Items Infected: 5
Folders Infected: 9
Files Infected: 141
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\Documents and Settings\Johnny Drama\Local Settings\Temp\E.tmp (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c008F556.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c00DD82A.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\ddraw32.dll (Trojan.Agent) -> Delete on reboot.
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ITGrdEngine (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internet antivirus pro_is1 (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c001010 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0058fa9 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0065227 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00d9282 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00dd82a (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\3030d854648 (Trojan.Agent) -> Delete on reboot.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet antivirus pro (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f6183d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f4468b.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f37773.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f95cd9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f3e87d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f283bc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f36d90.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f3a2451cd.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f1632d898.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f742d74.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\prs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\ddraw32.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: system32\ddraw32.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Documents and Settings\Johnny Drama\Application Data\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Johnny Drama\Application Data\PCenter (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\keys (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\temp (Rogue.PCenter) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86 (Worm.Archive) -> Quarantined and deleted successfully.
Files Infected:
C:\Documents and Settings\Johnny Drama\Local Settings\Temp\E.tmp (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\johnny drama\local settings\Temp\1EF.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\Temp\D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\local settings\temporary internet files\Content.IE5\SIXPKIYX\Setup[1].exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e8cd3e34-7842-497c-b858-5f37c8fba60e}\RP361\A0045442.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\resultsw.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\Logs\2009-03-16 09-59-090.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\Logs\2009-03-16 10-36-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-0.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-1.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-10.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-11.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-12.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-13.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-14.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-15.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-16.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-17.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-18.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-19.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-2.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-20.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-21.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-22.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-23.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-24.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-25.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-26.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-27.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-28.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-29.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-3.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-30.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-31.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-32.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-33.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-34.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-35.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-36.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-37.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-38.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-39.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-4.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-40.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-41.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-42.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-43.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-44.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-45.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-46.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-47.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-48.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-49.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-5.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-50.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-51.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-52.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-53.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-54.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-55.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-56.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-57.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-58.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-59.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-6.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-60.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-61.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-62.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-63.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-64.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-65.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-66.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-67.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-68.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-69.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-7.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-70.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-71.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-72.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-73.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-74.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-75.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-76.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-77.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-78.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-79.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-8.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-80.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-81.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-82.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-83.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-84.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-85.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-86.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-87.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-88.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\ErrorFix\quarantinew\2009-03-16 10-00-390\regb-9.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases\cg.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases\mw.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases\rd.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases\sc.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases\sm.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\dbases\sp.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\keys\cg.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\keys\rd.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\keys\sc.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\keys\sp.key (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\documents and settings\johnny drama\application data\PCenter\temp\settings.ini (Rogue.PCenter) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\221.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\221.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\222.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\222.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\223.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\223.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\224.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\224.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\225.music.au (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\225.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\226.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\226.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\227.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\227.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\228.music.snd (Worm.Archive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\systemx86\228.music.snd.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\rundll32.exe (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\system32\__c00DD82A.dat (Trojan.Vundo) -> Delete on reboot.
c:\WINDOWS\system32\__c005FB6D.dat (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\__c006EDC6.dat (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\__c008F556.dat (Trojan.Agent) -> Delete on reboot.
c:\WINDOWS\system32\__c00B76C5.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\rundll.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\Tasks\ErrorFix Scan.job (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddraw32.dll (Trojan.Agent) -> Delete on reboot.
\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A10
USER : Johnny Drama ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:34 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Thu 07/23/2009|15:42 )
\\ Listing folders in APPLIC~1
[02/24/2009|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[03/27/2009|04:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[02/24/2009|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[02/24/2009|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[07/06/2009|04:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AVG Security Toolbar
[07/23/2009|04:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[12/20/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Blizzard
[06/26/2009|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[07/23/2009|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[12/18/2008|08:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
[06/20/2009|07:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[12/18/2008|06:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MSN6
[01/07/2009|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NOS
[03/17/2009|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[03/18/2009|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/19/2008|05:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[12/18/2008|06:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[06/26/2009|04:48] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Adobe
[02/24/2009|06:19] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Apple Computer
[05/05/2009|02:21] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> AVGTOOLBAR
[03/17/2009|09:45] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> GetRightToGo
[06/26/2009|05:06] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Google
[06/20/2009|11:35] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> gtk-2.0
[12/21/2008|08:06] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> ICAClient
[12/18/2008|06:23] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Identities
[12/19/2008|05:09] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> IEPro
[07/16/2009|08:59] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> LimeWire
[06/26/2009|04:48] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Macromedia
[07/23/2009|01:05] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Malwarebytes
[06/21/2009|01:57] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Microsoft
[12/19/2008|05:10] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> MiniDm
[02/03/2009|09:36] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Mozilla
[06/21/2009|01:37] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> MozillaControl
[05/13/2009|05:54] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> MSN6
[05/27/2009|08:26] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> MySpace
[01/12/2009|05:58] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> OpenOffice.org
[12/21/2008|08:14] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> Sun
[06/24/2009|10:33] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> vlc
[06/21/2009|02:29] C:\DOCUME~1\JOHNNY~1\APPLIC~1\<DIR> WinRAR
[06/22/2009|10:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> AVGTOOLBAR
[03/16/2009|08:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[03/16/2009|08:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[07/18/2009 05:59 PM] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[07/23/2009 03:26 PM] C:\WINDOWS\tasks\SA.DAT
[07/16/2003 03:36 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini
\\ Listing Folders in C:\Program Files
[03/16/2009|10:54] C:\Program Files\<DIR> ActivIdentity
[03/27/2009|04:08] C:\Program Files\<DIR> Adobe
[12/19/2008|05:04] C:\Program Files\<DIR> Analog Devices
[02/24/2009|06:16] C:\Program Files\<DIR> Apple Software Update
[12/19/2008|08:06] C:\Program Files\<DIR> AVG
[02/24/2009|06:18] C:\Program Files\<DIR> Bonjour
[12/21/2008|08:02] C:\Program Files\<DIR> Citrix
[07/15/2009|03:12] C:\Program Files\<DIR> Common Files
[12/18/2008|06:12] C:\Program Files\<DIR> ComPlus Applications
[04/27/2009|01:18] C:\Program Files\<DIR> Curse
[03/16/2009|10:40] C:\Program Files\<DIR> CyberDefender
[07/23/2009|12:15] C:\Program Files\<DIR> ESET
[06/26/2009|04:48] C:\Program Files\<DIR> Google
[06/24/2009|10:31] C:\Program Files\<DIR> Graboid
[03/16/2009|10:54] C:\Program Files\<DIR> IEPro
[12/19/2008|05:04] C:\Program Files\<DIR> InstallShield Installation Information
[12/18/2008|08:17] C:\Program Files\<DIR> Intel
[06/29/2009|02:11] C:\Program Files\<DIR> Internet Explorer
[02/24/2009|06:18] C:\Program Files\<DIR> iPod
[02/24/2009|06:18] C:\Program Files\<DIR> iTunes
[01/12/2009|05:54] C:\Program Files\<DIR> Java
[01/12/2009|05:54] C:\Program Files\<DIR> JRE
[07/23/2009|12:56] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[12/20/2008|04:24] C:\Program Files\<DIR> Messenger
[12/18/2008|06:18] C:\Program Files\<DIR> microsoft frontpage
[12/20/2008|04:20] C:\Program Files\<DIR> Movie Maker
[06/21/2009|01:35] C:\Program Files\<DIR> Mozilla ActiveX Control v1.7.12
[07/02/2009|12:25] C:\Program Files\<DIR> Mozilla Firefox
[07/17/2009|12:34] C:\Program Files\<DIR> MSBuild
[12/21/2008|08:15] C:\Program Files\<DIR> MSN
[12/18/2008|06:11] C:\Program Files\<DIR> MSN Gaming Zone
[05/27/2009|08:26] C:\Program Files\<DIR> MySpace
[12/20/2008|04:16] C:\Program Files\<DIR> NetMeeting
[01/07/2009|08:14] C:\Program Files\<DIR> NOS
[12/18/2008|06:13] C:\Program Files\<DIR> Online Services
[01/12/2009|05:54] C:\Program Files\<DIR> OpenOffice.org 3
[12/20/2008|04:15] C:\Program Files\<DIR> Outlook Express
[02/24/2009|06:17] C:\Program Files\<DIR> QuickTime
[07/17/2009|12:34] C:\Program Files\<DIR> Reference Assemblies
[03/17/2009|10:11] C:\Program Files\<DIR> Spybot - Search & Destroy
[07/23/2009|01:45] C:\Program Files\<DIR> trend micro
[12/18/2008|06:22] C:\Program Files\<DIR> Uninstall Information
[06/21/2009|01:26] C:\Program Files\<DIR> VideoLAN
[12/19/2008|08:23] C:\Program Files\<DIR> Windows Media Connect 2
[12/20/2008|04:15] C:\Program Files\<DIR> Windows Media Player
[12/20/2008|04:15] C:\Program Files\<DIR> Windows NT
[12/19/2008|05:13] C:\Program Files\<DIR> WindowsUpdate
[07/17/2009|02:48] C:\Program Files\<DIR> World of Warcraft
[12/18/2008|06:18] C:\Program Files\<DIR> xerox
\\ Listing Folders in C:\Program Files\Common Files
[01/12/2009|05:15] C:\Program Files\Common Files\<DIR> ActivIdentity
[03/27/2009|04:08] C:\Program Files\Common Files\<DIR> Adobe
[01/04/2009|11:26] C:\Program Files\Common Files\<DIR> Adobe AIR
[02/24/2009|06:16] C:\Program Files\Common Files\<DIR> Apple
[12/18/2008|07:02] C:\Program Files\Common Files\<DIR> Blizzard Entertainment
[12/18/2008|08:13] C:\Program Files\Common Files\<DIR> InstallShield
[01/12/2009|05:53] C:\Program Files\Common Files\<DIR> Java
[06/21/2009|01:28] C:\Program Files\Common Files\<DIR> Microsoft Shared
[12/18/2008|06:12] C:\Program Files\Common Files\<DIR> MSSoap
[12/18/2008|12:06] C:\Program Files\Common Files\<DIR> ODBC
[12/18/2008|06:12] C:\Program Files\Common Files\<DIR> Services
[12/18/2008|12:06] C:\Program Files\Common Files\<DIR> SpeechEngines
[12/20/2008|04:15] C:\Program Files\Common Files\<DIR> System
\\ Process
( 45 Processes )
iexplore.exe ~ [PID:3236]
iexplore.exe ~ [PID:3648]
\\ Searching with S_Lop
No Lop folder found !
\\ Searching for Lop Files - Folders
No Lop folder found !
\\ Searching within the Registry
..... OK !
\\ Checking the Hosts file
Hosts file CLEAN
\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-23 15:43:39
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
\\ Searching for other infections
\\ Cracks & Keygens ..
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 1 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 2 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 3 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 1 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Data1.dll
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 2 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Data1.dll
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 2 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Data2.dll
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 2 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.nfo
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 3 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Data1.dll
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 3 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Data2.dll
C:\DOCUME~1\JOHNNY~1\Local Settings\Temp\Temporary Directory 3 for Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.zip\Fruity Loops Studio Producer Edition XXL v.8.0.0 + CRACK.nfo
C:\DOCUME~1\JOHNNY~1\Local Settings\Temporary Internet Files\Content.IE5\QTH517QW\hd_lifeishotincracktownposter[1].jpg
C:\DOCUME~1\JOHNNY~1\Local Settings\Temporary Internet Files\Content.IE5\S3J715NJ\fran_crack_whore_small[1].jpg
C:\DOCUME~1\JOHNNY~1\Local Settings\Temporary Internet Files\Content.IE5\UQN9XTQ1\2whores_crack_whore_sm[1].jpg
C:\DOCUME~1\JOHNNY~1\Local Settings\Temporary Internet Files\Content.IE5\UQN9XTQ1\bethany_crack_whore_sm[1].jpg
C:\DOCUME~1\JOHNNY~1\My Documents\LimeWire\Saved\Freeway f. Peedie Crack - Flipside.mp3
C:\DOCUME~1\JOHNNY~1\My Documents\LimeWire\Saved\sims 3 full osx + keygen
C:\DOCUME~1\JOHNNY~1\My Documents\LimeWire\Saved\sims 3 full osx + keygen.zip
C:\DOCUME~1\JOHNNY~1\My Documents\LimeWire\Saved\Snow Patrol - Crack The Shutter.mp3
C:\DOCUME~1\JOHNNY~1\My Documents\LimeWire\Saved\sims 3 full osx + keygen\bab.icu
C:\DOCUME~1\JOHNNY~1\My Documents\My Music\08 Crack Music.wma
C:\DOCUME~1\JOHNNY~1\Recent\Fruity_Loops_8_XXL_Producer_Edition___Crack.WORKING.4105403.TPB.lnk
C:\DOCUME~1\JOHNNY~1\Recent\keygen_by_SSG.lnk
C:\DOCUME~1\JOHNNY~1\Recent\sims 3 full osx + keygen.lnk
[F:78][D:22]-> C:\DOCUME~1\JOHNNY~1\LOCALS~1\Temp
[F:16][D:0]-> C:\DOCUME~1\JOHNNY~1\Cookies
[F:92781][D:327]-> C:\DOCUME~1\JOHNNY~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Thu 07/23/2009|15:56 - Option : [1]
\\ Scan completed at 15:56:40
As you have admitted to, or the log(s) you've posted indicate that, you've used one or more of the above, we can not provide you with any help.
We do NOT knowingly provide help for anyone using any form of cracked software and/or Operating Systems.
In using the crack, the 'cracker' has broken the 'End User Licence Agreement' (EULA) of the product concerned.
The distribution and use of cracked software is illegal in almost every developed country.
They are also one of the biggest causes of infection.
This applies to Cracks, Keygens and Warez
As most other forums have the same policy, your best option is to format and re-install your operating system and programs from legitimate sources.
In the future I strongly suggest you stay away from using cracks and/or Keygens.
This topic will be closed and archived.