nexplore pop up problem galore
hi i just recently became a member and am in need of a bit of tech support lately i have been getting pop ups from nexplore quite a few enough to slow even freeze my comeputer sometimes please let me know if there is anything you can do i have the highjack this log file below
Logfile of random's system information tool 1.06 (written by random/random)
Run by Eadames at 2010-04-27 20:43:57
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (15%) free of 76 GB
Total RAM: 3063 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:44:12 PM, on 4/27/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\vVX3000.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Users\Eadames\AppData\Local\Apps\2.0\VKGMAW8C.6TQ\9VAXY85A.HYJ\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eadames\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Eadames.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [iYogiToolbar] C:\Program Files\iYogi SupportDock\iYogiSupportDock.exe
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\Splash.exe
O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
O4 - HKLM\..\Run: [greenRun] "C:\Program Files\\iYogi GreenPC\greenRun.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE /FU "C:\Windows\TEMP\E_S5A37.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [wimuvapozu] Rundll32.exe "C:\ProgramData\tizijehe\tizijehe.dll",s
O4 - HKCU\..\Run: [wilabatab] Rundll32.exe "c:\progra~2\gegipomo\gegipomo.dll",a
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HomeNet Manager.lnk = ?
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EngineServer - Unknown owner - C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE (file missing)
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - Unknown owner - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 8145 bytes
======Scheduled tasks folder======
C:\Windows\tasks\sismmmlf.job
C:\Windows\tasks\User_Feed_Synchronization-{7DBBBEE8-CC4E-4F3D-9314-B3E36073C2D1}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-21 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"VX3000"=C:\Windows\vVX3000.exe [2009-06-26 757248]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2009-07-24 118640]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 133656]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
"iYogiToolbar"=C:\Program Files\iYogi SupportDock\iYogiSupportDock.exe [2009-08-07 849136]
"MVS Splash"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\Splash.exe []
"McAfee Managed Services Tray"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe []
"greenRun"=C:\Program Files\\iYogi GreenPC\greenRun.exe []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-21 2064736]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"FUFAXSTM"=C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [2009-02-06 843776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2010-02-22 2633976]
"EPSON WorkForce 610 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE [2009-01-26 199680]
"wimuvapozu"=C:\ProgramData\tizijehe\tizijehe.dll,s []
"wilabatab"=c:\progra~2\gegipomo\gegipomo.dll [2010-01-15 96256]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HomeNet Manager.lnk - C:\Windows\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB6.exe
C:\Users\Eadames\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-18 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{021c81e0-4b63-11df-a00f-0019213d2682}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-04-27 20:43:58 ----D---- C:\Program Files\trend micro
2010-04-27 20:43:57 ----D---- C:\rsit
2010-04-27 11:21:28 ----D---- C:\inetpub
2010-04-27 11:05:21 ----SHD---- C:\Config.Msi
2010-04-21 15:26:49 ----D---- C:\Users\Eadames\AppData\Roaming\U3
2010-04-15 17:33:57 ----D---- C:\ProgramData\naluwota
2010-04-15 17:33:57 ----D---- C:\ProgramData\gedofano
2010-04-15 16:33:43 ----D---- C:\ProgramData\halulula
2010-04-15 16:33:43 ----D---- C:\ProgramData\firevaku
2010-04-15 15:33:24 ----D---- C:\ProgramData\zasiyove
2010-04-15 15:33:24 ----D---- C:\ProgramData\pipibuju
2010-04-15 14:33:10 ----D---- C:\ProgramData\liwomajo
2010-04-15 14:33:10 ----D---- C:\ProgramData\kuzizubi
2010-04-15 13:32:58 ----D---- C:\ProgramData\yilejino
2010-04-15 13:32:58 ----D---- C:\ProgramData\kufefele
2010-04-15 07:13:58 ----D---- C:\ProgramData\Sun
2010-04-15 07:13:57 ----D---- C:\Program Files\Common Files\Java
2010-04-15 07:13:04 ----A---- C:\Windows\system32\javaws.exe
2010-04-15 07:13:04 ----A---- C:\Windows\system32\javaw.exe
2010-04-15 07:13:04 ----A---- C:\Windows\system32\java.exe
2010-04-15 07:13:04 ----A---- C:\Windows\system32\deployJava1.dll
2010-04-15 01:32:37 ----D---- C:\ProgramData\vefulopu
2010-04-15 01:32:37 ----D---- C:\ProgramData\gegipomo
2010-04-15 00:42:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-15 00:42:07 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-15 00:42:02 ----A---- C:\Windows\system32\vbscript.dll
2010-04-15 00:41:46 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 13:32:19 ----D---- C:\ProgramData\silebovu
2010-04-14 13:32:19 ----D---- C:\ProgramData\nibiloji
2010-04-14 05:32:07 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 05:31:28 ----A---- C:\Windows\system32\cabview.dll
2010-04-14 01:31:58 ----D---- C:\ProgramData\varunefe
2010-04-14 01:31:58 ----D---- C:\ProgramData\kolizube
2010-04-14 00:31:43 ----D---- C:\ProgramData\robamuja
2010-04-14 00:31:43 ----D---- C:\ProgramData\lozeviki
2010-04-13 23:31:31 ----D---- C:\ProgramData\mirokomo
2010-04-13 23:31:31 ----D---- C:\ProgramData\dapehako
2010-04-13 22:31:21 ----D---- C:\ProgramData\kozuriya
2010-04-13 22:31:21 ----D---- C:\ProgramData\bemamuve
2010-04-13 21:30:59 ----D---- C:\ProgramData\tujiwopu
2010-04-13 21:30:59 ----D---- C:\ProgramData\jafutaga
2010-04-13 09:30:32 ----D---- C:\ProgramData\segoduku
2010-04-13 09:30:32 ----D---- C:\ProgramData\munewaya
2010-04-13 07:27:14 ----D---- C:\ProgramData\mijuwohu
2010-04-13 07:27:14 ----D---- C:\ProgramData\bejevopu
2010-04-13 06:26:52 ----D---- C:\ProgramData\wekazuri
2010-04-13 06:26:52 ----D---- C:\ProgramData\fevimedu
2010-04-13 05:26:37 ----D---- C:\ProgramData\vizafeze
2010-04-13 05:26:37 ----D---- C:\ProgramData\lotuvowu
2010-04-12 17:26:30 ----D---- C:\ProgramData\sekoseye
2010-04-12 17:26:30 ----D---- C:\ProgramData\hitihofi
2010-04-12 16:26:16 ----D---- C:\ProgramData\zojarepi
2010-04-12 16:26:16 ----D---- C:\ProgramData\mabowomi
2010-04-12 15:26:04 ----D---- C:\ProgramData\lonamapo
2010-04-12 15:26:04 ----D---- C:\ProgramData\fejodezi
2010-04-12 14:25:52 ----D---- C:\ProgramData\jibebaba
2010-04-12 14:25:52 ----D---- C:\ProgramData\fimukoto
2010-04-12 13:25:38 ----D---- C:\ProgramData\vojadita
2010-04-12 11:53:22 ----D---- C:\ProgramData\lijugoni
2010-04-12 11:53:22 ----D---- C:\ProgramData\johigivi
2010-04-12 10:52:57 ----D---- C:\ProgramData\koziluta
2010-04-12 10:52:57 ----D---- C:\ProgramData\giwugaya
2010-04-12 09:52:36 ----D---- C:\ProgramData\gedipiku
2010-04-12 09:52:36 ----D---- C:\ProgramData\dogirasa
2010-04-12 08:52:24 ----D---- C:\ProgramData\wenifalo
2010-04-12 08:52:24 ----D---- C:\ProgramData\fadonovi
2010-04-12 07:52:08 ----D---- C:\ProgramData\zolekohi
2010-04-12 07:52:08 ----D---- C:\ProgramData\vabubulo
2010-04-12 06:51:51 ----D---- C:\ProgramData\samodamu
2010-04-12 06:51:51 ----D---- C:\ProgramData\niyohaja
2010-04-12 05:51:37 ----D---- C:\ProgramData\guziyazi
2010-04-12 05:51:37 ----D---- C:\ProgramData\gagaviju
2010-04-12 04:51:23 ----D---- C:\ProgramData\pegojehe
2010-04-12 04:51:23 ----D---- C:\ProgramData\pakebewe
2010-04-12 03:51:12 ----D---- C:\ProgramData\lupuwufe
2010-04-12 03:51:12 ----D---- C:\ProgramData\fusuyevo
2010-04-12 02:51:01 ----D---- C:\ProgramData\nepihene
2010-04-12 02:51:01 ----D---- C:\ProgramData\lekeroto
2010-04-12 02:51:01 ----D---- C:\ProgramData\dameziti
2010-04-11 14:50:59 ----D---- C:\ProgramData\nogezote
2010-04-11 14:50:56 ----D---- C:\ProgramData\nukiyofi
2010-04-11 13:50:44 ----D---- C:\ProgramData\kapigagi
2010-04-11 13:50:44 ----D---- C:\ProgramData\fujigayu
2010-04-11 12:50:33 ----D---- C:\ProgramData\yudufiyo
2010-04-11 12:50:33 ----D---- C:\ProgramData\vizisida
2010-04-11 11:50:04 ----D---- C:\ProgramData\todusubi
2010-04-11 11:50:04 ----D---- C:\ProgramData\nudegeno
2010-04-11 10:49:57 ----D---- C:\ProgramData\vuwilamu
2010-04-11 10:49:57 ----D---- C:\ProgramData\bikurifo
2010-04-10 21:45:09 ----D---- C:\ProgramData\gogikebu
2010-04-10 21:45:09 ----D---- C:\ProgramData\bumigalu
2010-04-10 09:44:59 ----D---- C:\ProgramData\zadasoma
2010-04-10 09:44:59 ----D---- C:\ProgramData\rimojagu
2010-04-10 02:33:17 ----D---- C:\ProgramData\helivuwo
2010-04-10 02:33:17 ----D---- C:\ProgramData\dudesore
2010-04-10 01:33:04 ----D---- C:\ProgramData\zekikima
2010-04-10 01:33:04 ----D---- C:\ProgramData\mulebape
2010-04-10 00:32:51 ----D---- C:\ProgramData\peyoviwa
2010-04-10 00:32:51 ----D---- C:\ProgramData\lelukiwi
2010-04-09 23:32:38 ----D---- C:\ProgramData\fabayefe
2010-04-09 23:32:37 ----D---- C:\ProgramData\tudeyohi
2010-04-09 22:32:20 ----D---- C:\ProgramData\wusifima
2010-04-09 22:32:20 ----D---- C:\ProgramData\nuluvalo
2010-04-09 10:32:11 ----D---- C:\ProgramData\funoyene
2010-04-09 10:32:11 ----D---- C:\ProgramData\bomukako
2010-04-08 22:31:54 ----D---- C:\ProgramData\tosofove
2010-04-08 22:31:54 ----D---- C:\ProgramData\fufahoro
2010-04-08 10:31:52 ----D---- C:\ProgramData\komeyabi
2010-04-08 10:31:52 ----D---- C:\ProgramData\dutisihu
2010-04-08 09:31:39 ----D---- C:\ProgramData\vewezune
2010-04-08 09:31:39 ----D---- C:\ProgramData\pezawuru
2010-04-08 08:31:16 ----D---- C:\ProgramData\zejuzope
2010-04-08 08:31:16 ----D---- C:\ProgramData\yivibegu
2010-04-07 15:32:48 ----D---- C:\ProgramData\bivulota
2010-04-07 15:32:48 ----D---- C:\ProgramData\bihawonu
2010-04-07 13:10:17 ----D---- C:\ProgramData\zenatosi
2010-04-07 13:10:17 ----D---- C:\ProgramData\vafubamu
2010-04-07 12:11:01 ----D---- C:\ProgramData\yujodiju
2010-04-07 12:11:01 ----D---- C:\ProgramData\pohulomo
2010-04-07 12:11:01 ----D---- C:\ProgramData\fatodogi
2010-04-06 21:40:35 ----D---- C:\ProgramData\wokayora
2010-04-06 21:40:35 ----D---- C:\ProgramData\vonahobe
2010-04-06 09:40:28 ----D---- C:\ProgramData\wijuveke
2010-04-06 09:40:28 ----D---- C:\ProgramData\vumerate
2010-04-06 09:40:28 ----D---- C:\ProgramData\legijada
2010-04-05 21:39:59 ----D---- C:\ProgramData\yipiwopa
2010-04-05 21:39:59 ----D---- C:\ProgramData\wesagibu
2010-04-05 21:39:59 ----D---- C:\ProgramData\rojayefi
2010-04-05 21:39:59 ----D---- C:\ProgramData\jopiroka
2010-04-05 21:00:12 ----D---- C:\Program Files\CCleaner
2010-04-05 20:40:31 ----D---- C:\ProgramData\tisovafe
2010-04-05 20:40:31 ----D---- C:\ProgramData\remohuza
2010-04-05 20:40:31 ----D---- C:\ProgramData\pirovowu
2010-04-05 20:40:31 ----D---- C:\ProgramData\haseyene
2010-04-05 08:40:02 ----D---- C:\ProgramData\vupesasu
2010-04-05 08:40:02 ----D---- C:\ProgramData\bemoriva
2010-04-05 08:39:30 ----D---- C:\ProgramData\yuwegiju
2010-04-05 08:39:30 ----D---- C:\ProgramData\tigayadi
2010-04-05 08:39:30 ----D---- C:\ProgramData\suluyohe
2010-04-05 08:39:30 ----D---- C:\ProgramData\palimode
2010-04-05 08:39:30 ----D---- C:\ProgramData\gerabuse
2010-04-04 20:39:01 ----D---- C:\ProgramData\yutepuwa
2010-04-04 20:39:01 ----D---- C:\ProgramData\sosufove
2010-04-04 20:39:01 ----D---- C:\ProgramData\moheligo
2010-04-04 20:31:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-04 19:38:53 ----D---- C:\ProgramData\vubepado
2010-04-04 19:38:53 ----D---- C:\ProgramData\kukenowu
2010-04-04 19:38:53 ----D---- C:\ProgramData\jigujiyo
2010-04-04 18:38:40 ----D---- C:\ProgramData\vafezewu
2010-04-04 18:38:40 ----D---- C:\ProgramData\tosikuli
2010-04-04 18:38:40 ----D---- C:\ProgramData\sevabija
2010-04-04 18:38:40 ----D---- C:\ProgramData\nefaneji
2010-04-04 18:33:35 ----HD---- C:\$AVG
2010-04-04 18:33:31 ----D---- C:\ProgramData\sekunara
2010-04-04 18:33:31 ----D---- C:\ProgramData\sazukojo
2010-04-04 18:33:31 ----D---- C:\ProgramData\noyajego
2010-03-31 12:34:06 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 12:34:04 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 12:34:03 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 12:34:03 ----A---- C:\Windows\system32\iertutil.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\occache.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\mstime.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\msfeedssync.exe
2010-03-31 12:34:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\jsproxy.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iesysprep.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iesetup.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iernonce.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\ie4uinit.exe
2010-03-29 22:40:09 ----D---- C:\Users\Eadames\AppData\Roaming\Ventrilo
2010-03-29 22:38:30 ----D---- C:\Program Files\Ventrilo
2010-03-29 22:38:23 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
======List of files/folders modified in the last 1 months======
2010-04-27 20:44:12 ----D---- C:\Windows\Prefetch
2010-04-27 20:43:58 ----RD---- C:\Program Files
2010-04-27 20:43:43 ----D---- C:\Windows\Temp
2010-04-27 19:24:46 ----AD---- C:\ProgramData\TEMP
2010-04-27 11:26:02 ----RSD---- C:\Windows\assembly
2010-04-27 11:26:02 ----D---- C:\Windows\Microsoft.NET
2010-04-27 11:24:28 ----SHD---- C:\System Volume Information
2010-04-27 11:23:29 ----D---- C:\Windows
2010-04-27 11:23:27 ----D---- C:\Windows\System32
2010-04-27 11:23:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-27 11:22:18 ----D---- C:\Windows\winsxs
2010-04-27 11:22:04 ----D---- C:\Windows\system32\0409
2010-04-27 11:22:04 ----D---- C:\Windows\inf
2010-04-27 11:22:03 ----D---- C:\Windows\system32\migration
2010-04-27 11:22:02 ----D---- C:\Windows\system32\inetsrv
2010-04-27 11:21:50 ----D---- C:\Windows\system32\en-US
2010-04-27 11:10:56 ----SD---- C:\Users\Eadames\AppData\Roaming\Microsoft
2010-04-27 11:08:06 ----HD---- C:\Program Files\Mozilla Firefox
2010-04-27 11:06:35 ----SHD---- C:\Windows\Installer
2010-04-21 15:20:20 ----SHD---- C:\$Recycle.Bin
2010-04-21 08:11:24 ----D---- C:\Windows\system32\drivers
2010-04-19 21:05:35 ----D---- C:\Users\Eadames\AppData\Roaming\Epson
2010-04-18 20:53:18 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-15 18:22:09 ----HD---- C:\ProgramData
2010-04-15 07:13:57 ----D---- C:\Program Files\Common Files
2010-04-15 07:13:02 ----D---- C:\Program Files\Java
2010-04-15 03:27:22 ----D---- C:\Windows\system32\catroot
2010-04-15 03:27:20 ----D---- C:\Windows\system32\catroot2
2010-04-15 03:22:12 ----D---- C:\Program Files\Windows Mail
2010-04-15 03:06:22 ----D---- C:\ProgramData\Microsoft Help
2010-04-15 03:03:58 ----D---- C:\Windows\Debug
2010-04-14 16:15:38 ----D---- C:\Users\Eadames\AppData\Roaming\Facebook
2010-04-07 07:11:01 ----D---- C:\Windows\system32\WDI
2010-04-06 13:52:54 ----A---- C:\Windows\system32\mrt.exe
2010-04-05 21:40:03 ----D---- C:\Windows\Tasks
2010-04-05 21:02:36 ----D---- C:\Windows\Minidump
2010-04-05 20:56:57 ----D---- C:\Windows\system32\Tasks
2010-04-04 20:05:33 ----D---- C:\Program Files\iYogi SupportDock
2010-04-01 03:17:38 ----D---- C:\Program Files\Internet Explorer
2010-03-29 22:37:32 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-03-13 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-03-13 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R1 mfetdik;McAfee Inc. mfetdik; C:\Windows\system32\drivers\mfetdik.sys [2009-08-06 55304]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-29 8704]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2007-06-20 267264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-10 1792792]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2009-06-26 1956352]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S2 Packet;Auto Internet Protocol; C:\Windows\system32\DRIVERS\packet.sys [2006-12-18 12672]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-03-13 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-13 308064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hnmsvc;Advanced Networking Service; C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe [2007-07-13 111912]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2009-07-24 139120]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-29 386560]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 EngineServer;EngineServer; C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE []
S2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe /ServiceStart []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
EOF
Logfile of random's system information tool 1.06 (written by random/random)
Run by Eadames at 2010-04-27 20:43:57
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (15%) free of 76 GB
Total RAM: 3063 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:44:12 PM, on 4/27/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\vVX3000.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Users\Eadames\AppData\Local\Apps\2.0\VKGMAW8C.6TQ\9VAXY85A.HYJ\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eadames\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eadames\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Eadames.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [iYogiToolbar] C:\Program Files\iYogi SupportDock\iYogiSupportDock.exe
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\Splash.exe
O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
O4 - HKLM\..\Run: [greenRun] "C:\Program Files\\iYogi GreenPC\greenRun.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE /FU "C:\Windows\TEMP\E_S5A37.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [wimuvapozu] Rundll32.exe "C:\ProgramData\tizijehe\tizijehe.dll",s
O4 - HKCU\..\Run: [wilabatab] Rundll32.exe "c:\progra~2\gegipomo\gegipomo.dll",a
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HomeNet Manager.lnk = ?
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EngineServer - Unknown owner - C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE (file missing)
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - Unknown owner - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 8145 bytes
======Scheduled tasks folder======
C:\Windows\tasks\sismmmlf.job
C:\Windows\tasks\User_Feed_Synchronization-{7DBBBEE8-CC4E-4F3D-9314-B3E36073C2D1}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-21 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"VX3000"=C:\Windows\vVX3000.exe [2009-06-26 757248]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2009-07-24 118640]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 133656]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
"iYogiToolbar"=C:\Program Files\iYogi SupportDock\iYogiSupportDock.exe [2009-08-07 849136]
"MVS Splash"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\Splash.exe []
"McAfee Managed Services Tray"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe []
"greenRun"=C:\Program Files\\iYogi GreenPC\greenRun.exe []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-21 2064736]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"FUFAXSTM"=C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [2009-02-06 843776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2010-02-22 2633976]
"EPSON WorkForce 610 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE [2009-01-26 199680]
"wimuvapozu"=C:\ProgramData\tizijehe\tizijehe.dll,s []
"wilabatab"=c:\progra~2\gegipomo\gegipomo.dll [2010-01-15 96256]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HomeNet Manager.lnk - C:\Windows\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB6.exe
C:\Users\Eadames\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-18 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{021c81e0-4b63-11df-a00f-0019213d2682}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-04-27 20:43:58 ----D---- C:\Program Files\trend micro
2010-04-27 20:43:57 ----D---- C:\rsit
2010-04-27 11:21:28 ----D---- C:\inetpub
2010-04-27 11:05:21 ----SHD---- C:\Config.Msi
2010-04-21 15:26:49 ----D---- C:\Users\Eadames\AppData\Roaming\U3
2010-04-15 17:33:57 ----D---- C:\ProgramData\naluwota
2010-04-15 17:33:57 ----D---- C:\ProgramData\gedofano
2010-04-15 16:33:43 ----D---- C:\ProgramData\halulula
2010-04-15 16:33:43 ----D---- C:\ProgramData\firevaku
2010-04-15 15:33:24 ----D---- C:\ProgramData\zasiyove
2010-04-15 15:33:24 ----D---- C:\ProgramData\pipibuju
2010-04-15 14:33:10 ----D---- C:\ProgramData\liwomajo
2010-04-15 14:33:10 ----D---- C:\ProgramData\kuzizubi
2010-04-15 13:32:58 ----D---- C:\ProgramData\yilejino
2010-04-15 13:32:58 ----D---- C:\ProgramData\kufefele
2010-04-15 07:13:58 ----D---- C:\ProgramData\Sun
2010-04-15 07:13:57 ----D---- C:\Program Files\Common Files\Java
2010-04-15 07:13:04 ----A---- C:\Windows\system32\javaws.exe
2010-04-15 07:13:04 ----A---- C:\Windows\system32\javaw.exe
2010-04-15 07:13:04 ----A---- C:\Windows\system32\java.exe
2010-04-15 07:13:04 ----A---- C:\Windows\system32\deployJava1.dll
2010-04-15 01:32:37 ----D---- C:\ProgramData\vefulopu
2010-04-15 01:32:37 ----D---- C:\ProgramData\gegipomo
2010-04-15 00:42:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-15 00:42:07 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-15 00:42:02 ----A---- C:\Windows\system32\vbscript.dll
2010-04-15 00:41:46 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 13:32:19 ----D---- C:\ProgramData\silebovu
2010-04-14 13:32:19 ----D---- C:\ProgramData\nibiloji
2010-04-14 05:32:07 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 05:31:28 ----A---- C:\Windows\system32\cabview.dll
2010-04-14 01:31:58 ----D---- C:\ProgramData\varunefe
2010-04-14 01:31:58 ----D---- C:\ProgramData\kolizube
2010-04-14 00:31:43 ----D---- C:\ProgramData\robamuja
2010-04-14 00:31:43 ----D---- C:\ProgramData\lozeviki
2010-04-13 23:31:31 ----D---- C:\ProgramData\mirokomo
2010-04-13 23:31:31 ----D---- C:\ProgramData\dapehako
2010-04-13 22:31:21 ----D---- C:\ProgramData\kozuriya
2010-04-13 22:31:21 ----D---- C:\ProgramData\bemamuve
2010-04-13 21:30:59 ----D---- C:\ProgramData\tujiwopu
2010-04-13 21:30:59 ----D---- C:\ProgramData\jafutaga
2010-04-13 09:30:32 ----D---- C:\ProgramData\segoduku
2010-04-13 09:30:32 ----D---- C:\ProgramData\munewaya
2010-04-13 07:27:14 ----D---- C:\ProgramData\mijuwohu
2010-04-13 07:27:14 ----D---- C:\ProgramData\bejevopu
2010-04-13 06:26:52 ----D---- C:\ProgramData\wekazuri
2010-04-13 06:26:52 ----D---- C:\ProgramData\fevimedu
2010-04-13 05:26:37 ----D---- C:\ProgramData\vizafeze
2010-04-13 05:26:37 ----D---- C:\ProgramData\lotuvowu
2010-04-12 17:26:30 ----D---- C:\ProgramData\sekoseye
2010-04-12 17:26:30 ----D---- C:\ProgramData\hitihofi
2010-04-12 16:26:16 ----D---- C:\ProgramData\zojarepi
2010-04-12 16:26:16 ----D---- C:\ProgramData\mabowomi
2010-04-12 15:26:04 ----D---- C:\ProgramData\lonamapo
2010-04-12 15:26:04 ----D---- C:\ProgramData\fejodezi
2010-04-12 14:25:52 ----D---- C:\ProgramData\jibebaba
2010-04-12 14:25:52 ----D---- C:\ProgramData\fimukoto
2010-04-12 13:25:38 ----D---- C:\ProgramData\vojadita
2010-04-12 11:53:22 ----D---- C:\ProgramData\lijugoni
2010-04-12 11:53:22 ----D---- C:\ProgramData\johigivi
2010-04-12 10:52:57 ----D---- C:\ProgramData\koziluta
2010-04-12 10:52:57 ----D---- C:\ProgramData\giwugaya
2010-04-12 09:52:36 ----D---- C:\ProgramData\gedipiku
2010-04-12 09:52:36 ----D---- C:\ProgramData\dogirasa
2010-04-12 08:52:24 ----D---- C:\ProgramData\wenifalo
2010-04-12 08:52:24 ----D---- C:\ProgramData\fadonovi
2010-04-12 07:52:08 ----D---- C:\ProgramData\zolekohi
2010-04-12 07:52:08 ----D---- C:\ProgramData\vabubulo
2010-04-12 06:51:51 ----D---- C:\ProgramData\samodamu
2010-04-12 06:51:51 ----D---- C:\ProgramData\niyohaja
2010-04-12 05:51:37 ----D---- C:\ProgramData\guziyazi
2010-04-12 05:51:37 ----D---- C:\ProgramData\gagaviju
2010-04-12 04:51:23 ----D---- C:\ProgramData\pegojehe
2010-04-12 04:51:23 ----D---- C:\ProgramData\pakebewe
2010-04-12 03:51:12 ----D---- C:\ProgramData\lupuwufe
2010-04-12 03:51:12 ----D---- C:\ProgramData\fusuyevo
2010-04-12 02:51:01 ----D---- C:\ProgramData\nepihene
2010-04-12 02:51:01 ----D---- C:\ProgramData\lekeroto
2010-04-12 02:51:01 ----D---- C:\ProgramData\dameziti
2010-04-11 14:50:59 ----D---- C:\ProgramData\nogezote
2010-04-11 14:50:56 ----D---- C:\ProgramData\nukiyofi
2010-04-11 13:50:44 ----D---- C:\ProgramData\kapigagi
2010-04-11 13:50:44 ----D---- C:\ProgramData\fujigayu
2010-04-11 12:50:33 ----D---- C:\ProgramData\yudufiyo
2010-04-11 12:50:33 ----D---- C:\ProgramData\vizisida
2010-04-11 11:50:04 ----D---- C:\ProgramData\todusubi
2010-04-11 11:50:04 ----D---- C:\ProgramData\nudegeno
2010-04-11 10:49:57 ----D---- C:\ProgramData\vuwilamu
2010-04-11 10:49:57 ----D---- C:\ProgramData\bikurifo
2010-04-10 21:45:09 ----D---- C:\ProgramData\gogikebu
2010-04-10 21:45:09 ----D---- C:\ProgramData\bumigalu
2010-04-10 09:44:59 ----D---- C:\ProgramData\zadasoma
2010-04-10 09:44:59 ----D---- C:\ProgramData\rimojagu
2010-04-10 02:33:17 ----D---- C:\ProgramData\helivuwo
2010-04-10 02:33:17 ----D---- C:\ProgramData\dudesore
2010-04-10 01:33:04 ----D---- C:\ProgramData\zekikima
2010-04-10 01:33:04 ----D---- C:\ProgramData\mulebape
2010-04-10 00:32:51 ----D---- C:\ProgramData\peyoviwa
2010-04-10 00:32:51 ----D---- C:\ProgramData\lelukiwi
2010-04-09 23:32:38 ----D---- C:\ProgramData\fabayefe
2010-04-09 23:32:37 ----D---- C:\ProgramData\tudeyohi
2010-04-09 22:32:20 ----D---- C:\ProgramData\wusifima
2010-04-09 22:32:20 ----D---- C:\ProgramData\nuluvalo
2010-04-09 10:32:11 ----D---- C:\ProgramData\funoyene
2010-04-09 10:32:11 ----D---- C:\ProgramData\bomukako
2010-04-08 22:31:54 ----D---- C:\ProgramData\tosofove
2010-04-08 22:31:54 ----D---- C:\ProgramData\fufahoro
2010-04-08 10:31:52 ----D---- C:\ProgramData\komeyabi
2010-04-08 10:31:52 ----D---- C:\ProgramData\dutisihu
2010-04-08 09:31:39 ----D---- C:\ProgramData\vewezune
2010-04-08 09:31:39 ----D---- C:\ProgramData\pezawuru
2010-04-08 08:31:16 ----D---- C:\ProgramData\zejuzope
2010-04-08 08:31:16 ----D---- C:\ProgramData\yivibegu
2010-04-07 15:32:48 ----D---- C:\ProgramData\bivulota
2010-04-07 15:32:48 ----D---- C:\ProgramData\bihawonu
2010-04-07 13:10:17 ----D---- C:\ProgramData\zenatosi
2010-04-07 13:10:17 ----D---- C:\ProgramData\vafubamu
2010-04-07 12:11:01 ----D---- C:\ProgramData\yujodiju
2010-04-07 12:11:01 ----D---- C:\ProgramData\pohulomo
2010-04-07 12:11:01 ----D---- C:\ProgramData\fatodogi
2010-04-06 21:40:35 ----D---- C:\ProgramData\wokayora
2010-04-06 21:40:35 ----D---- C:\ProgramData\vonahobe
2010-04-06 09:40:28 ----D---- C:\ProgramData\wijuveke
2010-04-06 09:40:28 ----D---- C:\ProgramData\vumerate
2010-04-06 09:40:28 ----D---- C:\ProgramData\legijada
2010-04-05 21:39:59 ----D---- C:\ProgramData\yipiwopa
2010-04-05 21:39:59 ----D---- C:\ProgramData\wesagibu
2010-04-05 21:39:59 ----D---- C:\ProgramData\rojayefi
2010-04-05 21:39:59 ----D---- C:\ProgramData\jopiroka
2010-04-05 21:00:12 ----D---- C:\Program Files\CCleaner
2010-04-05 20:40:31 ----D---- C:\ProgramData\tisovafe
2010-04-05 20:40:31 ----D---- C:\ProgramData\remohuza
2010-04-05 20:40:31 ----D---- C:\ProgramData\pirovowu
2010-04-05 20:40:31 ----D---- C:\ProgramData\haseyene
2010-04-05 08:40:02 ----D---- C:\ProgramData\vupesasu
2010-04-05 08:40:02 ----D---- C:\ProgramData\bemoriva
2010-04-05 08:39:30 ----D---- C:\ProgramData\yuwegiju
2010-04-05 08:39:30 ----D---- C:\ProgramData\tigayadi
2010-04-05 08:39:30 ----D---- C:\ProgramData\suluyohe
2010-04-05 08:39:30 ----D---- C:\ProgramData\palimode
2010-04-05 08:39:30 ----D---- C:\ProgramData\gerabuse
2010-04-04 20:39:01 ----D---- C:\ProgramData\yutepuwa
2010-04-04 20:39:01 ----D---- C:\ProgramData\sosufove
2010-04-04 20:39:01 ----D---- C:\ProgramData\moheligo
2010-04-04 20:31:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-04 19:38:53 ----D---- C:\ProgramData\vubepado
2010-04-04 19:38:53 ----D---- C:\ProgramData\kukenowu
2010-04-04 19:38:53 ----D---- C:\ProgramData\jigujiyo
2010-04-04 18:38:40 ----D---- C:\ProgramData\vafezewu
2010-04-04 18:38:40 ----D---- C:\ProgramData\tosikuli
2010-04-04 18:38:40 ----D---- C:\ProgramData\sevabija
2010-04-04 18:38:40 ----D---- C:\ProgramData\nefaneji
2010-04-04 18:33:35 ----HD---- C:\$AVG
2010-04-04 18:33:31 ----D---- C:\ProgramData\sekunara
2010-04-04 18:33:31 ----D---- C:\ProgramData\sazukojo
2010-04-04 18:33:31 ----D---- C:\ProgramData\noyajego
2010-03-31 12:34:06 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 12:34:04 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 12:34:03 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 12:34:03 ----A---- C:\Windows\system32\iertutil.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\occache.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\mstime.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 12:34:02 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\msfeedssync.exe
2010-03-31 12:34:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\jsproxy.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iesysprep.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iesetup.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iernonce.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 12:34:01 ----A---- C:\Windows\system32\ie4uinit.exe
2010-03-29 22:40:09 ----D---- C:\Users\Eadames\AppData\Roaming\Ventrilo
2010-03-29 22:38:30 ----D---- C:\Program Files\Ventrilo
2010-03-29 22:38:23 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
======List of files/folders modified in the last 1 months======
2010-04-27 20:44:12 ----D---- C:\Windows\Prefetch
2010-04-27 20:43:58 ----RD---- C:\Program Files
2010-04-27 20:43:43 ----D---- C:\Windows\Temp
2010-04-27 19:24:46 ----AD---- C:\ProgramData\TEMP
2010-04-27 11:26:02 ----RSD---- C:\Windows\assembly
2010-04-27 11:26:02 ----D---- C:\Windows\Microsoft.NET
2010-04-27 11:24:28 ----SHD---- C:\System Volume Information
2010-04-27 11:23:29 ----D---- C:\Windows
2010-04-27 11:23:27 ----D---- C:\Windows\System32
2010-04-27 11:23:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-27 11:22:18 ----D---- C:\Windows\winsxs
2010-04-27 11:22:04 ----D---- C:\Windows\system32\0409
2010-04-27 11:22:04 ----D---- C:\Windows\inf
2010-04-27 11:22:03 ----D---- C:\Windows\system32\migration
2010-04-27 11:22:02 ----D---- C:\Windows\system32\inetsrv
2010-04-27 11:21:50 ----D---- C:\Windows\system32\en-US
2010-04-27 11:10:56 ----SD---- C:\Users\Eadames\AppData\Roaming\Microsoft
2010-04-27 11:08:06 ----HD---- C:\Program Files\Mozilla Firefox
2010-04-27 11:06:35 ----SHD---- C:\Windows\Installer
2010-04-21 15:20:20 ----SHD---- C:\$Recycle.Bin
2010-04-21 08:11:24 ----D---- C:\Windows\system32\drivers
2010-04-19 21:05:35 ----D---- C:\Users\Eadames\AppData\Roaming\Epson
2010-04-18 20:53:18 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-15 18:22:09 ----HD---- C:\ProgramData
2010-04-15 07:13:57 ----D---- C:\Program Files\Common Files
2010-04-15 07:13:02 ----D---- C:\Program Files\Java
2010-04-15 03:27:22 ----D---- C:\Windows\system32\catroot
2010-04-15 03:27:20 ----D---- C:\Windows\system32\catroot2
2010-04-15 03:22:12 ----D---- C:\Program Files\Windows Mail
2010-04-15 03:06:22 ----D---- C:\ProgramData\Microsoft Help
2010-04-15 03:03:58 ----D---- C:\Windows\Debug
2010-04-14 16:15:38 ----D---- C:\Users\Eadames\AppData\Roaming\Facebook
2010-04-07 07:11:01 ----D---- C:\Windows\system32\WDI
2010-04-06 13:52:54 ----A---- C:\Windows\system32\mrt.exe
2010-04-05 21:40:03 ----D---- C:\Windows\Tasks
2010-04-05 21:02:36 ----D---- C:\Windows\Minidump
2010-04-05 20:56:57 ----D---- C:\Windows\system32\Tasks
2010-04-04 20:05:33 ----D---- C:\Program Files\iYogi SupportDock
2010-04-01 03:17:38 ----D---- C:\Program Files\Internet Explorer
2010-03-29 22:37:32 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-03-13 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-03-13 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R1 mfetdik;McAfee Inc. mfetdik; C:\Windows\system32\drivers\mfetdik.sys [2009-08-06 55304]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-29 8704]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2007-06-20 267264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-10 1792792]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2009-06-26 1956352]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S2 Packet;Auto Internet Protocol; C:\Windows\system32\DRIVERS\packet.sys [2006-12-18 12672]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-03-13 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-13 308064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hnmsvc;Advanced Networking Service; C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe [2007-07-13 111912]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2009-07-24 139120]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-29 386560]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 EngineServer;EngineServer; C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE []
S2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe /ServiceStart []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
EOF
0