Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

djfabo

[Resolvido] Meu log (depois de ser infectado pelo bagle)

Recommended Posts

aí estão meus logs ! eu estava infectado com o bagle. e fiz vários procedimentos que encontrei aqui no fórum e axo que me livrei dele.

 

mais como não sei ver os logs aí estão eles.

 

 

se alguém puder me ajudar ficarei grato!

 

Obrigado

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 4:54:19 PM, on 5/13/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

D:\Program Files\Alwil Software\Avast4\ashServ.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

D:\Program Files\Digidesign\Drivers\MMERefresh.exe

D:\WINDOWS\eHome\ehRecvr.exe

D:\WINDOWS\eHome\ehSched.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\PROGRA~1\SPYWAR~1\sp_rsser.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

D:\WINDOWS\system32\dllhost.exe

D:\WINDOWS\Explorer.exe

D:\Program Files\DAEMON Tools\daemon.exe

D:\Program Files\PowerISO\SCDEmuApp.exe

D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

D:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe

D:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

D:\WINDOWS\system32\MAFWTray.exe

D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program Files\CamSplitter\camsplitter.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe

D:\WINDOWS\system32\wscntfy.exe

D:\WINDOWS\system32\wuauclt.exe

D:\Program Files\Windows Live\Contacts\wlcomm.exe

D:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll (file missing)

O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - D:\Program Files\E-Book Systems\FlipViewer\fplaunch.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - D:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - D:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll

O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sCDEmuApp.exe] D:\Program Files\PowerISO\SCDEmuApp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [spywareTerminator] "D:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"

O4 - HKLM\..\Run: [H2O] D:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

O4 - HKLM\..\Run: [MAFWTaskbarApp] D:\WINDOWS\system32\MAFWTray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Startup: Camsplitter.lnk = D:\Program Files\CamSplitter\camsplitter.exe

O8 - Extra context menu item: &Clean Traces - D:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: Download all by Rapidown... - D:\Program Files\Rapidown\rapidownGetAll.htm

O8 - Extra context menu item: Download by Rapidown... - D:\Program Files\Rapidown\rapidownGet.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send to &Bluetooth Device... - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - D:\Program Files\Rapidown\rapidown.exe

O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - D:\Program Files\Rapidown\rapidown.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - D:\Program Files\Digidesign\Drivers\MMERefresh.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\PROGRA~1\SPYWAR~1\sp_rsser.exe

 

--

End of file - 9155 bytes

 

 

 

 

 

 

 

ComboFix 08-05-12.1 - djfabopx 2008-05-13 16:10:30.1 - NTFSx86 NETWORK

 

Running from: D:\Documents and Settings\djfabopx\Desktop\ComboFix.exe

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

D:\autorun.inf

D:\WINDOWS\system32\28463

D:\WINDOWS\system32\drivers\downld

D:\WINDOWS\system32\drivers\downld\100062.exe

D:\WINDOWS\system32\drivers\downld\100078.exe

D:\WINDOWS\system32\drivers\downld\101625.exe

D:\WINDOWS\system32\drivers\downld\101828.exe

D:\WINDOWS\system32\drivers\downld\103109.exe

D:\WINDOWS\system32\drivers\downld\103515.exe

D:\WINDOWS\system32\drivers\downld\108203.exe

D:\WINDOWS\system32\drivers\downld\108593.exe

D:\WINDOWS\system32\drivers\downld\110750.exe

D:\WINDOWS\system32\drivers\downld\113843.exe

D:\WINDOWS\system32\drivers\downld\114921.exe

D:\WINDOWS\system32\drivers\downld\118234.exe

D:\WINDOWS\system32\drivers\downld\123296.exe

D:\WINDOWS\system32\drivers\downld\128609.exe

D:\WINDOWS\system32\drivers\downld\132609.exe

D:\WINDOWS\system32\drivers\downld\137875.exe

D:\WINDOWS\system32\drivers\downld\137921.exe

D:\WINDOWS\system32\drivers\downld\139546.exe

D:\WINDOWS\system32\drivers\downld\141000.exe

D:\WINDOWS\system32\drivers\downld\144312.exe

D:\WINDOWS\system32\drivers\downld\147156.exe

D:\WINDOWS\system32\drivers\downld\148406.exe

D:\WINDOWS\system32\drivers\downld\149593.exe

D:\WINDOWS\system32\drivers\downld\153375.exe

D:\WINDOWS\system32\drivers\downld\154781.exe

D:\WINDOWS\system32\drivers\downld\157609.exe

D:\WINDOWS\system32\drivers\downld\158406.exe

D:\WINDOWS\system32\drivers\downld\160093.exe

D:\WINDOWS\system32\drivers\downld\173093.exe

D:\WINDOWS\system32\drivers\downld\177484.exe

D:\WINDOWS\system32\drivers\downld\178375.exe

D:\WINDOWS\system32\drivers\downld\186656.exe

D:\WINDOWS\system32\drivers\downld\200078.exe

D:\WINDOWS\system32\drivers\downld\205859.exe

D:\WINDOWS\system32\drivers\downld\234953.exe

D:\WINDOWS\system32\drivers\downld\236015.exe

D:\WINDOWS\system32\drivers\downld\236468.exe

D:\WINDOWS\system32\drivers\downld\258250.exe

D:\WINDOWS\system32\drivers\downld\259031.exe

D:\WINDOWS\system32\drivers\downld\259328.exe

D:\WINDOWS\system32\drivers\downld\271250.exe

D:\WINDOWS\system32\drivers\downld\271484.exe

D:\WINDOWS\system32\drivers\downld\278343.exe

D:\WINDOWS\system32\drivers\downld\287187.exe

D:\WINDOWS\system32\drivers\downld\30071109.exe

D:\WINDOWS\system32\drivers\downld\30073937.exe

D:\WINDOWS\system32\drivers\downld\30084656.exe

D:\WINDOWS\system32\drivers\downld\30115781.exe

D:\WINDOWS\system32\drivers\downld\30144265.exe

D:\WINDOWS\system32\drivers\downld\30154421.exe

D:\WINDOWS\system32\drivers\downld\30207765.exe

D:\WINDOWS\system32\drivers\downld\30248765.exe

D:\WINDOWS\system32\drivers\downld\30283906.exe

D:\WINDOWS\system32\drivers\downld\30304859.exe

D:\WINDOWS\system32\drivers\downld\308296.exe

D:\WINDOWS\system32\drivers\downld\321484.exe

D:\WINDOWS\system32\drivers\downld\333484.exe

D:\WINDOWS\system32\drivers\downld\352046.exe

D:\WINDOWS\system32\drivers\downld\361265.exe

D:\WINDOWS\system32\drivers\downld\373406.exe

D:\WINDOWS\system32\drivers\downld\378437.exe

D:\WINDOWS\system32\drivers\downld\379859.exe

D:\WINDOWS\system32\drivers\downld\382937.exe

D:\WINDOWS\system32\drivers\downld\391515.exe

D:\WINDOWS\system32\drivers\downld\405406.exe

D:\WINDOWS\system32\drivers\downld\417531.exe

D:\WINDOWS\system32\drivers\downld\82000.exe

D:\WINDOWS\system32\drivers\downld\86531.exe

D:\WINDOWS\system32\drivers\downld\90968.exe

D:\WINDOWS\system32\drivers\downld\95015.exe

D:\WINDOWS\system32\drivers\downld\98093.exe

D:\WINDOWS\system32\drivers\mdelk.exe

D:\WINDOWS\system32\lsprst7.dll

D:\WINDOWS\system32\plugin1.dat

D:\WINDOWS\system32\ssprs.dll

D:\WINDOWS\system32\SysPr.prx

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_SROSA

 

 

((((((((((((((((((((((((( Files Created from 2008-04-13 to 2008-05-13 )))))))))))))))))))))))))))))))

.

 

2008-05-13 16:16 . 2008-05-13 16:16 <DIR> d-------- D:\WINDOWS\system32\drivers\downld

2008-05-13 04:27 . 2008-05-13 04:27 1,018,520 --a------ D:\fsbl.exe

2008-05-13 04:21 . 2008-05-13 04:21 <DIR> d-------- D:\Program Files\AVG

2008-05-13 04:21 . 2008-05-13 05:25 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\avg8

2008-05-13 02:53 . 2008-05-13 02:53 <DIR> d-------- D:\Program Files\Alwil Software

2008-05-13 00:53 . 2008-05-13 02:57 <DIR> d-------- D:\SDFix

2008-05-13 00:29 . 2008-05-13 05:13 <DIR> d-------- D:\!KillBox

2008-05-12 15:18 . 2008-05-12 15:18 <DIR> d-------- D:\Program Files\PowerQuest

2008-05-11 16:27 . 2008-05-11 16:27 <DIR> d-------- D:\Documents and Settings\djfabopx\Application Data\Cycling '74

2008-05-09 18:04 . 2008-05-09 18:04 <DIR> d-------- D:\Program Files\Cycling '74

2008-05-09 18:04 . 2008-05-09 18:04 <DIR> d-------- D:\Program Files\Common Files\C74 Plug-in Support

2008-05-06 15:01 . 2008-05-06 15:01 <DIR> d-------- D:\Program Files\Common Files\Adobe AIR

2008-05-06 15:01 . 2008-05-06 15:01 <DIR> d-------- D:\Program Files\BeatportDownloader

2008-05-06 15:01 . 2008-05-06 15:01 <DIR> d-------- D:\Documents and Settings\djfabopx\Application Data\BeatportDownloader.EE670286545758FAB4A69D4439CF6054F83E0AC2.1

2008-05-05 18:30 . 2008-05-05 18:30 15 --a------ D:\WINDOWS\minih.ini

2008-05-05 18:21 . 2008-05-06 01:50 22 --a------ D:\WINDOWS\scraph.ini

2008-05-05 18:16 . 2008-05-05 18:46 1,646 --a------ D:\WINDOWS\confh.ini

2008-05-04 20:13 . 2008-05-04 20:13 <DIR> d-------- D:\Program Files\M-Audio

2008-05-04 20:13 . 2008-05-04 20:13 <DIR> d-------- D:\Documents and Settings\djfabopx\Application Data\InstallShield

2008-04-26 00:53 . 2008-05-13 03:28 <DIR> d-------- D:\Documents and Settings\djfabopx\Application Data\Waves Preferences

2008-04-26 00:53 . 2008-04-26 00:53 <DIR> d-------- D:\Documents and Settings\djfabopx\Application Data\Waves

2008-04-23 19:00 . 2008-05-13 03:35 <DIR> d-------- D:\Documents and Settings\Administrator\Application Data\Spyware Terminator

2008-04-23 18:59 . 2008-05-13 03:43 <DIR> d-------- D:\Documents and Settings\Administrator

2008-04-23 18:59 . 2008-05-13 16:10 1,024 --ah----- D:\Documents and Settings\Administrator\NTUSER.DAT.LOG

2008-04-23 15:02 . 2008-04-23 15:02 0 --ah----- D:\Documents and Settings\djfabopx\Application Data\.AC4AA152C0ADD4DD.sys

2008-04-23 14:59 . 2008-04-23 14:59 <DIR> d-------- D:\Program Files\Elastik

2008-04-23 03:20 . 2008-04-23 03:20 41 --a------ D:\WINDOWS\system32\Filzip.ini

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-13 17:30 --------- d-----w D:\Program Files\Mozilla Firefox 3 Beta 4

2008-05-13 08:23 --------- d-----w D:\Documents and Settings\All Users\Application Data\avg7

2008-05-13 06:24 --------- d-----w D:\Program Files\WinClamAVShield

2008-05-13 06:23 --------- d-----w D:\Program Files\Spyware Terminator

2008-05-13 06:23 --------- d-----w D:\Documents and Settings\djfabopx\Application Data\Spyware Terminator

2008-05-13 06:04 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spyware Terminator

2008-05-13 00:14 --------- d-----w D:\Program Files\Mozilla Thunderbird

2008-05-11 19:27 --------- d-----w D:\Documents and Settings\djfabopx\Application Data\PACE Anti-Piracy

2008-05-11 19:27 --------- d-----w D:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy

2008-05-11 04:33 --------- d-----w D:\Program Files\Steam

2008-05-05 18:34 --------- d-----w D:\Program Files\Orkut Cute

2008-05-05 18:32 --------- d-----w D:\Program Files\Orkut Cute 9.4.44

2008-04-25 03:19 --------- d-----w D:\Program Files\Waves

2008-04-23 17:59 --------- d--h--w D:\Program Files\InstallShield Installation Information

2008-04-23 06:25 --------- d-----w D:\Program Files\iZotope

2008-04-20 05:38 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-04-12 19:58 --------- d-----w D:\Program Files\Tibia

2008-04-11 20:52 --------- d-----w D:\Program Files\FTP Commander

2008-04-07 03:50 --------- d-----w D:\Documents and Settings\djfabopx\Application Data\Steinberg

2008-04-03 20:24 --------- d-----w D:\Program Files\FriendBlasterPro

2008-04-03 05:15 --------- d-----w D:\Program Files\BitComet

2008-03-29 20:34 --------- d-----w D:\Program Files\WIDCOMM

2008-03-28 06:17 --------- d-----w D:\Program Files\Fantasy Codecs

2008-03-24 05:24 --------- d-----w D:\Program Files\WaveArts

2008-03-24 05:16 --------- d-----w D:\Documents and Settings\All Users\Application Data\Wave Arts

2008-03-24 05:10 --------- d-----w D:\Program Files\Rapidown

2008-03-24 00:49 --------- d-----w D:\Documents and Settings\djfabopx\Application Data\Microsoft Games

2008-03-24 00:44 --------- d-----w D:\Program Files\GameSpy Arcade

2008-03-24 00:40 --------- d-----w D:\Program Files\Microsoft Games

2008-03-24 00:37 --------- d-----w D:\Documents and Settings\djfabopx\Application Data\Skype

2008-03-23 23:47 --------- d-----w D:\Documents and Settings\djfabopx\Application Data\skypePM

2008-03-19 22:51 --------- d-----w D:\Program Files\FriendBot

2008-03-14 02:27 --------- d-----w D:\Program Files\eMule

2007-12-21 01:19 32 ----a-w D:\Documents and Settings\All Users\Application Data\ezsid.dat

2007-07-24 23:56 81,920 ----a-w D:\Documents and Settings\djfabopx\Application Data\ezpinst.exe

2007-07-24 23:56 47,360 ----a-w D:\Documents and Settings\djfabopx\Application Data\pcouffin.sys

2007-07-04 00:08 2,232,320 ----a-w D:\Program Files\Tibia.exe

2007-01-08 20:46 0 ---ha-w D:\Documents and Settings\djfabopx\Application Data\.AC4AA1524A06AB74.sys

2007-01-08 20:46 0 ---ha-w D:\Documents and Settings\djfabopx\Application Data\.AC4AA1524A06AB73.sys

2004-10-03 16:14 28,672 ----a-w D:\Program Files\jhg

2007-02-22 23:46 56 --sh--r D:\WINDOWS\system32\C1332C1D52.sys

.

 

------- Sigcheck -------

 

2006-05-10 02:25 663552 d94cffdb53e7ac867438e2dfd50e7cbc D:\WINDOWS\$hf_mig$\KB916281\SP2QFE\wininet.dll

2006-06-23 08:25 664576 64ce26db72810b30f7855ea51e1df836 D:\WINDOWS\$hf_mig$\KB918899\SP2QFE\wininet.dll

2006-09-14 05:31 664576 d207370287cf769aebebf03837784963 D:\WINDOWS\$hf_mig$\KB922760\SP2QFE\wininet.dll

2006-10-23 12:34 664576 231ef4179acabe486376b5ca893f1076 D:\WINDOWS\$hf_mig$\KB925454\SP2QFE\wininet.dll

2007-01-04 11:05 665088 3ffa1573fc274e5aa7467d03941c45ee D:\WINDOWS\$hf_mig$\KB928090\SP2QFE\wininet.dll

2007-02-20 06:52 665600 b258c922d22deec880b60720531d7627 D:\WINDOWS\$hf_mig$\KB931768\SP2QFE\wininet.dll

2007-04-18 09:46 665600 4261ba03afd659de04f0a17dfbdd454d D:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll

2007-06-26 11:35 665600 e1a3dd68b5380b360a7310a64d9bb188 D:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll

2007-08-22 09:55 665600 a1bc17eb3758d73c3938b2318820f5b4 D:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll

2007-10-11 02:57 666112 80d660a49e0d118144423099b2a9f5da D:\WINDOWS\$hf_mig$\KB942615\SP2QFE\wininet.dll

2004-08-03 23:56 656384 c0823fc5469663ba63e7db88f9919d70 D:\WINDOWS\$NtUninstallKB916281$\wininet.dll

2006-05-10 02:23 658432 38ab7a56f566d9aaad31812494944824 D:\WINDOWS\$NtUninstallKB918899$\wininet.dll

2006-06-23 08:02 658944 2b4db890936430c71419037039502752 D:\WINDOWS\$NtUninstallKB922760$\wininet.dll

2006-09-14 05:39 658944 621af3f6174a3f60677f5230e28bcc07 D:\WINDOWS\$NtUninstallKB925454$\wininet.dll

2006-10-23 12:17 658944 6b2735adff5a5d3b9130ca4a794722f0 D:\WINDOWS\$NtUninstallKB928090$\wininet.dll

2007-01-04 10:37 658944 8c393df5234cbcbff1ee31902d6b40ae D:\WINDOWS\$NtUninstallKB931768$\wininet.dll

2007-02-20 06:48 658944 30d1c47e40efbb792ff8d3c3b51ce507 D:\WINDOWS\$NtUninstallKB933566$\wininet.dll

2007-04-18 09:31 658944 b7156cd97e739f3014bc4d61758f868a D:\WINDOWS\$NtUninstallKB937143$\wininet.dll

2007-06-26 11:09 658944 184e47c8f7b331025e6dc92740db188f D:\WINDOWS\$NtUninstallKB939653$\wininet.dll

2007-08-22 10:12 658944 1901ad51da8be9f8b38d5d526e5d1788 D:\WINDOWS\$NtUninstallKB942615$\wininet.dll

2008-02-16 05:59 659456 0c690e77c0e924c45b4d7045b182fff1 D:\WINDOWS\SoftwareDistribution\Download\4f34fed83363df83031761e8fceb73ae\sp2gdr\wininet.dll

2008-02-16 06:32 666112 bb1eacd6ab47e78ebca02eb781550d55 D:\WINDOWS\SoftwareDistribution\Download\4f34fed83363df83031761e8fceb73ae\sp2qfe\wininet.dll

2007-10-11 03:13 804352 02dd11ab8c0dccd840e520cb5cb147ef D:\WINDOWS\system32\wininet.dll

2007-10-11 03:13 804352 02dd11ab8c0dccd840e520cb5cb147ef D:\WINDOWS\system32\dllcache\wininet.dll

2007-10-11 03:13 659456 2005ad86a22aee68e21ee59f9ccb77f2 D:\WINDOWS\VistaMizer\old\wininet.dll

 

2006-06-14 17:43 541696 73442592a30db34661bee4d70f01b0b0 D:\WINDOWS\system32\winlogon.exe

2006-06-14 17:43 502272 6e8ca4fcb30282f216f5db9dd58a5f81 D:\WINDOWS\VistaMizer\old\winlogon.exe

 

2005-03-01 21:36 2056832 d8aba3eab509627e707a3b14f00fbb6b D:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe

2006-12-19 13:12 2059392 ba4b97c00a437c1cc3da365d93ee1e9d D:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe

2007-02-28 06:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba D:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe

2004-08-10 03:32 2056832 947fb1d86d14afcffdb54bf837ec25d0 D:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe

2005-03-01 21:34 2056832 81013f36b21c7f72cf784cc6731e0002 D:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe

2006-12-19 09:55 2057600 1d659bfb788ed2ba45075624b748d249 D:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe

2007-02-28 05:38 2057600 515d30e2c90a3665a2739309334c9283 D:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe

2007-02-28 05:38 2314752 dec5e0d5185864e2beeef76daa3d38c2 D:\WINDOWS\system32\ntkrnlpa.exe

2007-02-28 05:38 2314752 dec5e0d5185864e2beeef76daa3d38c2 D:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2007-02-28 05:38 2057600 515d30e2c90a3665a2739309334c9283 D:\WINDOWS\VistaMizer\old\ntkrnlpa.exe

 

2005-03-01 22:04 2179456 28187802b7c368c0d3aef7d4c382aabb D:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe

2006-12-19 13:51 2182016 cef243f6defd20be4adde26c7ecacb54 D:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe

2007-02-28 06:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 D:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe

2004-08-03 22:20 2180992 ce218bc7088681faa06633e218596ca7 D:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe

2005-03-01 21:59 2179328 4d4cf2c14550a4b7718e94a6e581856e D:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe

2006-12-19 11:17 2180352 8f0deab1f81fb83f9c5995853ce48b9f D:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe

2007-02-28 06:10 2180352 582a8dbaa58c3b1f176eb2817daee77c D:\WINDOWS\Driver Cache\i386\ntoskrnl.exe

2007-02-28 06:10 2437504 9809aefbe836dfd733fd520a40d5f67c D:\WINDOWS\system32\ntoskrnl.exe

2007-02-28 06:10 2437504 9809aefbe836dfd733fd520a40d5f67c D:\WINDOWS\system32\dllcache\ntoskrnl.exe

2007-02-28 06:10 2180352 582a8dbaa58c3b1f176eb2817daee77c D:\WINDOWS\VistaMizer\old\ntoskrnl.exe

 

2007-06-13 07:23 1551360 4893afc1937e67f288983e23f36a9f48 D:\WINDOWS\explorer.exe

2007-06-13 08:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 D:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

2004-08-03 23:56 1032192 a0732187050030ae399b241436565e64 D:\WINDOWS\$NtUninstallKB938828$\explorer.exe

2007-06-13 07:23 1551360 4893afc1937e67f288983e23f36a9f48 D:\WINDOWS\system32\dllcache\explorer.exe

2007-06-13 07:23 1033216 97bd6515465659ff8f3b7be375b2ea87 D:\WINDOWS\VistaMizer\old\explorer.exe

 

2004-08-03 23:56 25088 5f1724d0e11eb88c95a3b73a6dd72779 D:\WINDOWS\system32\ctfmon.exe

2004-08-03 23:56 25088 5f1724d0e11eb88c95a3b73a6dd72779 D:\WINDOWS\system32\dllcache\ctfmon.exe

2004-08-03 23:56 15360 24232996a38c0b0cf151c2140ae29fc8 D:\WINDOWS\VistaMizer\old\ctfmon.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-07 15:34 3739672]

"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 25088]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 11:57 133016]

"NeroFilterCheck"="D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2005-09-15 02:10 700416]

"SCDEmuApp.exe"="D:\Program Files\PowerISO\SCDEmuApp.exe" [2005-10-15 22:15 167936]

"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

"SpywareTerminator"="D:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-03-05 17:14 2957824]

"H2O"="D:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 14:18 307200]

"MAFWTaskbarApp"="D:\WINDOWS\system32\MAFWTray.exe" [2007-10-24 14:37 245760]

"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]

"avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-13 03:56 79224]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="D:\PROGRA~1\Grisoft\AVG7\avgw.exe" [ ]

"MySpaceIM"="D:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-01-11 22:45 4898816]

 

D:\Documents and Settings\djfabopx\Start Menu\Programs\Startup\

Camsplitter.lnk - D:\Program Files\CamSplitter\camsplitter.exe [2007-09-20 02:29:04 86016]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"InstallVisualStyle"= D:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"= D:\WINDOWS\Resources\Themes\Royale.theme

"EnableLUA"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableRegedit"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon]

"Shell"="Explorer.exe \"\""

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=D:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"MSVideo9"= D:\PROGRA~1\CAMSPL~1\cs32.dll

"vidc.DIVF"= DivX412.dll

"vidc.avrn"= D:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL

"vidc.advj"= D:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL

"vidc.mszh"= D:\PROGRA~1\ACEMEG~1\SystemS\avimszh.dll

"vidc.zlib"= D:\PROGRA~1\ACEMEG~1\SystemS\avizlib.dll

"vidc.cscd"= D:\PROGRA~1\ACEMEG~1\SystemS\camcodec.dll

"vidc.cvid"= D:\PROGRA~1\ACEMEG~1\SystemS\iccvid.dll

"msacm.trspch"= D:\PROGRA~1\ACEMEG~1\SystemS\tssoft32.acm

"vidc.em2v"= D:\PROGRA~1\ACEMEG~1\SystemS\etxcodec.dll

"vidc.mkvc"= D:\PROGRA~1\ACEMEG~1\SystemS\kmvidc32.dll

"vidc.hfyu"= D:\PROGRA~1\ACEMEG~1\SystemS\huffyuv.dll

"msacm.lhacm"= D:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm

"msacm.l3acm"= D:\PROGRA~1\ACEMEG~1\SystemS\l3codecp.acm

"vidc.sjpg"= D:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll

"vidc.dmb2"= D:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll

"vidc.gepj"= D:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll

"vidc.qpeg"= D:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll

"vidc.q1.0"= D:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll

"vidc.tscc"= D:\PROGRA~1\ACEMEG~1\SystemS\tsccvid.dll

"vidc.vifp"= D:\PROGRA~1\ACEMEG~1\SystemS\vfcodec.dll

"vidc.wrpr"= D:\PROGRA~1\ACEMEG~1\SystemS\aviwrap.dll

"vidc.wnv1"= D:\PROGRA~1\ACEMEG~1\SystemS\wnvplay1.dll

"vidc.advs"= D:\PROGRA~1\ACEMEG~1\SystemS\Adaptec\Dvc.dll

"vidc.aflc"= D:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL

"vidc.afli"= D:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL

"vidc.aasc"= D:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll

"vidc.aas4"= D:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll

"vidc.asv1"= D:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv1.dll

"vidc.asv2"= D:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll

"vidc.asvx"= D:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll

"vidc.vcr1"= D:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr1.dll

"vidc.vcr2"= D:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr2.dll

"vidc.yv12"= D:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL

"vidc.mwv1"= D:\PROGRA~1\ACEMEG~1\SystemS\Aware\icmw_32.dll

"vidc.bt20"= D:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv

"vidc.y41p"= D:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv

"msacm.pcdv"= D:\PROGRA~1\ACEMEG~1\SystemS\Canopus\pcdv.acm

"vidc.cdvc"= D:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL

"vidc.ddvc"= D:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL

"vidc.png1"= D:\PROGRA~1\ACEMEG~1\SystemS\Core\COREPN~1.DLL

"msacm.CoreFLAC_ACM"= D:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM

"vidc.davc"= D:\PROGRA~1\ACEMEG~1\SystemS\dicas\davcvfw.dll

"vidc.div3"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll

"vidc.div5"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll

"vidc.mpg3"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll

"vidc.div4"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll

"vidc.div6"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll

"vidc.ap41"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll

"vidc.dvx4"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\divx4.dll

"vidc.divx"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll

"msacm.divxa32"= D:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm

"vidc.frwd"= D:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll

"vidc.frwt"= D:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll

"vidc.frwa"= D:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwt.dll

"vidc.frwu"= D:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwu.dll

"vidc.glzw"= D:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GLZW.dll

"vidc.gpeg"= D:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GPEG.dll

"vidc.i263"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\i263_32.drv

"vidc.iv30"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv31"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv32"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv33"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv34"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv35"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv36"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv37"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv38"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv39"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv40"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv42"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv43"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv44"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv45"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv46"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv47"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv48"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv49"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.ir21"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL

"vidc.rt21"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL

"msacm.imc"= D:\PROGRA~1\ACEMEG~1\SystemS\Intel\IMC32.ACM

"vidc.lead"= D:\PROGRA~1\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL

"vidc.dvsd"= D:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

"vidc.dvc"= D:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

"vidc.dvcs"= D:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

"vidc.dcmj"= D:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

"vidc.avi1"= D:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

"vidc.avi2"= D:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

"msacm.msadpcm"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msadp32.acm

"msacm.imaadpcm"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\imaadp32.acm

"msacm.msg711"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msg711.acm

"msacm.msg723"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msg723.acm

"msacm.msgsm610"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msgsm32.acm

"vidc.m261"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msh261.drv

"vidc.m263"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msh263.drv

"vidc.mrle"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msrle32.dll

"vidc.msvc"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll

"vidc.cram"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll

"vidc.mpg4"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp41"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp42"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp43"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp4s"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp4v"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.wmv3"= D:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\WMV9VCM.dll

"vidc.vixl"= D:\PROGRA~1\ACEMEG~1\SystemS\Miro\miroxl32.dll

"vidc.nt00"= D:\PROGRA~1\ACEMEG~1\SystemS\Newtek\ntcodec.dll

"vidc.vp30"= D:\PROGRA~1\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll

"vidc.vp31"= D:\PROGRA~1\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll

"vidc.vp60"= D:\PROGRA~1\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll

"vidc.vp61"= D:\PROGRA~1\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll

"vidc.pdvc"= D:\PROGRA~1\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll

"vidc.ipdv"= D:\PROGRA~1\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll

"vidc.pvw2"= D:\PROGRA~1\ACEMEG~1\SystemS\Pegasus\pvwv220.dll

"vidc.pimj"= D:\PROGRA~1\ACEMEG~1\SystemS\Pegasus\pvljpg20.dll

"vidc.mjpx"= D:\PROGRA~1\ACEMEG~1\SystemS\Pegasus\pvmjpg21.dll

"vidc.miro"= D:\PROGRA~1\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL

"vidc.dcap"= D:\PROGRA~1\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL

"vidc.mjpa"= D:\PROGRA~1\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL

"vidc.gpjm"= D:\PROGRA~1\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL

"vidc.pim1"= D:\PROGRA~1\ACEMEG~1\SystemS\Pinnacle\pclepim1.dll

"msacm.qmpeg"= D:\PROGRA~1\ACEMEG~1\SystemS\QDesign\qmpeg.acm

"vidc.rmp4"= D:\PROGRA~1\ACEMEG~1\SystemS\REALMA~1\rmp4.dll

"vidc.rud0"= D:\PROGRA~1\ACEMEG~1\SystemS\Rududu\rududu.dll

"msacm.at3"= D:\PROGRA~1\ACEMEG~1\SystemS\SONY\atrac3.acm

"vidc.sony"= D:\PROGRA~1\ACEMEG~1\SystemS\SONY\sonydv.dll

"vidc.dvcp"= D:\PROGRA~1\ACEMEG~1\SystemS\SONY\sonydv.dll

"vidc.s422"= D:\PROGRA~1\ACEMEG~1\SystemS\Tekram\tekyuv.dll

"vidc.t420"= D:\PROGRA~1\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll

"vidc.y411"= D:\PROGRA~1\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll

"vidc.vssv"= D:\PROGRA~1\ACEMEG~1\SystemS\VANGUA~1\vsscodec.dll

"msacm.voxacm160"= D:\PROGRA~1\ACEMEG~1\SystemS\VoxWare\vct3216.acm

"vidc.xvid"= D:\PROGRA~1\ACEMEG~1\SystemS\XviD\xvidvfw.dll

"msacm.l3codecp"= l3codecp.acm

"Midi1"= MYokeNT.DLL

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

@="Driver"

 

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

 

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]

path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk

backup=D:\WINDOWS\pss\Bluetooth.lnkCommon Startup

 

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=D:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

 

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]

path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk

backup=D:\WINDOWS\pss\HP Image Zone Fast Start.lnkCommon Startup

 

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]

path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Google Web Accelerator.lnk

backup=D:\WINDOWS\pss\Run Google Web Accelerator.lnkCommon Startup

 

[HKLM\~\startupfolder\D:^Documents and Settings^djfabopx^Start Menu^Programs^Startup^BitComet.lnk]

path=D:\Documents and Settings\djfabopx\Start Menu\Programs\Startup\BitComet.lnk

backup=D:\WINDOWS\pss\BitComet.lnkStartup

 

[HKLM\~\startupfolder\D:^Documents and Settings^djfabopx^Start Menu^Programs^Startup^Rapidown.lnk]

path=D:\Documents and Settings\djfabopx\Start Menu\Programs\Startup\Rapidown.lnk

backup=D:\WINDOWS\pss\Rapidown.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]

--a------ 2004-08-10 12:37 61440 D:\Program Files\AIM\aim.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]

--a------ 2007-01-09 15:58 50736 D:\Program Files\AIM6\aim6.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIMWDInstallFilename]

--------- 2004-01-12 17:29 102400 D:\PROGRA~1\AIM\AIMWDI~1.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]

D:\PROGRA~1\Grisoft\AVG7\avgcc.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CoolSMS]

D:\Program Files\CoolSMS\CoolSMS.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

--a------ 2004-08-03 23:56 25088 D:\WINDOWS\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DigidesignMMERefresh]

--a------ 2005-10-25 23:21 61440 D:\Program Files\Digidesign\Drivers\MMERefresh.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

--a------ 2004-08-10 04:04 59392 D:\WINDOWS\ehome\ehtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlipViewer Library]

--a------ 2006-12-29 14:53 390936 D:\Program Files\E-Book Systems\FlipViewer\FlipViewerLibrary.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

--a------ 2006-08-10 00:57 169984 D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

--a------ 2007-01-01 18:22 3739648 D:\Program Files\Google\Google Talk\googletalk.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]

--a------ 2005-12-18 14:18 307200 D:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

D:\Program Files\Common Files\AOL\1151168913\ee\AOLHostManager.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2005-05-11 23:12 49152 D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetCalls]

--a------ 2006-08-25 08:32 7046720 D:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

--a------ 2005-08-11 16:30 249856 D:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

--a------ 2005-08-11 16:30 81920 D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2006-10-30 09:36 256576 D:\Program Files\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

D:\WINDOWS\system32\dumprep 0 -k

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KOUQ Agent]

D:\WINDOWS\system32\28463\KOUQ.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LowRateVoip]

--a------ 2006-11-07 16:05 7431736 D:\Program Files\LowRateVoip\LowRateVoip.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

D:\Program Files\MSN Messenger\MsnMsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]

--a------ 2007-01-11 22:45 4898816 D:\Program Files\MySpace\IM\MySpaceIM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2006-10-22 12:22 7700480 D:\WINDOWS\system32\NvCpl.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2006-10-22 12:22 86016 D:\WINDOWS\system32\nvmctray.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2006-10-22 12:22 1622016 D:\WINDOWS\system32\nwiz.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

--a------ 2007-10-07 21:18 360448 D:\Program Files\Winamp Remote\bin\OrbTray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2007-06-29 06:24 286720 D:\Program Files\QuickTime\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScratchAmp]

--a------ 2004-11-18 07:51 1363968 D:\Program Files\Stanton\FinalScratch\ScratchAmpControl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]

--a------ 2004-06-10 13:48 286720 D:\WINDOWS\vsnpstd.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SparVoip]

D:\Program Files\SparVoip\SparVoip.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\startkey]

D:\WINDOWS\system32\svhost.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]

--a------ 2003-03-25 05:49 106544 D:\WINDOWS\system32\tweakui.cpl

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]

D:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vssms32]

D:\WINDOWS\system32\vssms32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2007-10-10 02:28 36352 D:\Program Files\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ose"=3 (0x3)

"odserv"=3 (0x3)

"Viewpoint Manager Service"=2 (0x2)

"WLSetupSvc"=3 (0x3)

"MDM"=2 (0x2)

"iPod Service"=3 (0x3)

"Bonjour Service"=2 (0x2)

"Pml Driver HPZ12"=2 (0x2)

"digiSPTIService"=3 (0x3)

"usnjsvc"=3 (0x3)

"FLEXnet Licensing Service"=3 (0x3)

"AVGEMS"=2 (0x2)

"avg8wd"=2 (0x2)

"avast! Web Scanner"=3 (0x3)

"avast! Mail Scanner"=3 (0x3)

"avast! Antivirus"=2 (0x2)

"aswUpdSv"=2 (0x2)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"D:\\Program Files\\BitComet\\BitComet.exe"=

"D:\\Program Files\\Soulseek\\slsk.exe"=

"D:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"D:\\Program Files\\AIM\\aim.exe"=

"D:\\Program Files\\eMule\\emule.exe"=

"D:\\Program Files\\FTP Commander\\ftpcomm.exe"=

"C:\\Program Files\\Neoact\\Carom3D\\update.exe"=

"D:\\Program Files\\Messenger\\msmsgs.exe"=

"D:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=

"D:\\Program Files\\DAP\\DAP.exe"=

"D:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"D:\\Program Files\\iTunes\\iTunes.exe"=

"D:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\GGclient.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"D:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=

"D:\\WINDOWS\\system32\\sessmgr.exe"=

"D:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=

"D:\\Program Files\\Steam\\steamapps\\fenix550\\counter-strike\\hl.exe"=

"D:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=

"D:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"D:\\Program Files\\LowRateVoip\\LowRateVoip.exe"=

"D:\\Program Files\\FX Teleport\\Configure.exe"=

"D:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=

"D:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=

"D:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"D:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"D:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"17781:TCP"= 17781:TCP:BitComet 17781 TCP

"17781:UDP"= 17781:UDP:BitComet 17781 UDP

"4662:TCP"= 4662:TCP:192.168.0.102

"4672:UDP"= 4672:UDP:192.168.0.102

 

R0 DigiFilter;DigiFilter;D:\WINDOWS\system32\drivers\DigiFilt.sys [2005-10-25 23:19]

R1 Asapi;Asapi;D:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 20:27]

R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [2008-05-12 13:36]

R1 oreans32;oreans32;D:\WINDOWS\system32\drivers\oreans32.sys [2007-05-02 23:00]

R1 sp_rsdrv2;Spyware Terminator Driver 2;D:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-03-05 17:14]

R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-12 13:38]

R2 MobiCap;Fix8 Live Cam, WDM Video Capture;D:\WINDOWS\system32\DRIVERS\MobiCap.sys [2007-11-15 11:52]

R3 CLEDX;Team H2O CLEDX service;D:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]

R3 MAFW;MAFW;D:\WINDOWS\system32\DRIVERS\mafw.sys [2007-10-24 14:37]

S3 fs2_1394;fs2_1394;D:\WINDOWS\system32\Drivers\fs2_1394.sys [2004-11-18 07:51]

S3 fs2_avs;fs2_avs;D:\WINDOWS\system32\Drivers\fs2_avs.sys [2004-11-18 07:51]

S3 kxwdmdrv;kX WDM Driver Service;D:\WINDOWS\system32\drivers\kx.sys []

S3 SynasUSB;SynasUSB;D:\WINDOWS\system32\drivers\SynasUSB.sys [2006-11-23 18:20]

S4 avg8wd;AVG8 WatchDog;D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-13 05:25]

S4 Viewpoint Manager Service;Viewpoint Manager Service;"D:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 18:38]

 

.

Contents of the 'Scheduled Tasks' folder

"2008-05-10 00:56:01 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- D:\Program Files\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-13 16:16:01

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

 

D:\WINDOWS\system32\drivers\downld

 

scan completed successfully

hidden files: 1

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

D:\WINDOWS\ehome\ehRecvr.exe

D:\WINDOWS\ehome\ehSched.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\PROGRA~1\SPYWAR~1\sp_rsser.exe

D:\WINDOWS\system32\dllhost.exe

D:\WINDOWS\system32\wscntfy.exe

D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe

D:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe

.

**************************************************************************

.

Completion time: 2008-05-13 16:24:42 - machine was rebooted

ComboFix-quarantined-files.txt 2008-05-13 19:24:14

 

Pre-Run: 18,043,408,384 bytes free

Post-Run: 16,893,161,472 bytes free

 

598 --- E O F --- 2008-05-08 05:19:53

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto é necessário enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.