Forum Home
Press F1
Thread ID: 96721	2009-01-20 06:15:00	Unable to access hard drives..	m3dic (14437)	Press F1

Post ID	Timestamp	Content	User
740573	2009-01-20 07:55:00	After this has been fixed, update to SP3 and MAKE SURE its up to date. Or you may get hit by another nasty - Conficker And if you have USB flash drives, SCAN them first, BEFORE you use them This is what it does (www.sophos.com) Every 200 seconds VBS/Solow-A enumerates available devices in attempt to copy itself with the filename MS32DLL.DLL.VBS and to create the file autorun.inf that contains instructions to autorun the copy of the worm once infected drive is accessed. This file should be deleted. If you've used USB flash drives in other systems (if they've been used on this computer), scan them as well	Speedy Gonzales (78)
740574	2009-01-20 08:14:00	Ok . Lets get you fixed Run both these programs . Please download Malwarebytes' Anti-Malware from one of these places: . majorgeeks . com/Malwarebytes_Anti-Malware_d5756 . html" target="_blank">www . majorgeeks . com . besttechie . net/tools/mbam-setup . exe" target="_blank">www . besttechie . net Double Click mbam-setup . exe to install the application . If it will not run rename MBAM . exe to xxx . exe * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish . * If an update is found, it will download and install the latest version . * Once the program has loaded, select "Perform Quick Scan", then click Scan . * The scan may take some time to finish,so please be patient . * When the scan is complete, click OK, then Show Results to view the results . * Make sure that everything is checked, and click Remove Selected . * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart . (See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM . * Copy&Paste the entire report in your next reply along with a fresh HijackThis log . Please Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately . ================================================== =================================== ================================================== =================================== Ok . Lets download ComboFix . exe . This will give me a better view to the files running and also hidden on your computer and also those in the registry . . Please download from one of these webpages . . bleepingcomputer . com/sUBs/ComboFix . exe" target="_blank">download . bleepingcomputer . com . forospyware . com/sUBs/ComboFix . exe" target="_blank">www . forospyware . com . geekstogo . com/ComboFix . exe" target="_blank">subs . geekstogo . com * IMPORTANT !!! Save ComboFix . exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right-click on the System Tray icon . They may otherwise interfere with our tools . Double-click on ComboFix . exe & follow the prompts . As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed . With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal . It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware . Recovery Console can be installed from your disc if you have Vista if you wish . Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console . **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures . . photobucket . com/albums/hh103/velta911/RcAuto1 . gif" target="_blank">i254 . photobucket . com Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: . photobucket . com/albums/hh103/velta911/whatnext . png" target="_blank">i254 . photobucket . com Click on Yes to continue scanning for malware . When finished, it shall produce a log for you . Please include the C:\ComboFix . txt in your next reply .	Pancake (6359)
740575	2009-01-20 21:21:00	Malware log : #444444; font-style : italic; "> : Malwarebytes' Anti-Malware 1.33 Database version : #444444; font-style : italic; "> : 1671 Windows 5.1.2600 Service Pack 2 21/01/2009 10 : #444444; font-style : italic; "> : 05 : #444444; font-style : italic; "> : 49 a.m. mbam-log-2009-01-21 (10-05-49).txt Scan type : #444444; font-style : italic; "> : Full Scan (C : #444444; font-style : italic; "> : \|) Objects scanned : #444444; font-style : italic; "> : 153611 Time elapsed : #444444; font-style : italic; "> : 1 hour(s), 7 minute(s), 25 second(s) Memory Processes Infected : #444444; font-style : italic; "> : 0 Memory Modules Infected : #444444; font-style : italic; "> : 0 Registry Keys Infected : #444444; font-style : italic; "> : 0 Registry Values Infected : #444444; font-style : italic; "> : 0 Registry Data Items Infected : #444444; font-style : italic; "> : 0 Folders Infected : #444444; font-style : italic; "> : 0 Files Infected : #444444; font-style : italic; "> : 0 Memory Processes Infected : #444444; font-style : italic; "> : (No malicious items detected) Memory Modules Infected : #444444; font-style : italic; "> : (No malicious items detected) Registry Keys Infected : #444444; font-style : italic; "> : (No malicious items detected) Registry Values Infected : #444444; font-style : italic; "> : (No malicious items detected) Registry Data Items Infected : #444444; font-style : italic; "> : (No malicious items detected) Folders Infected : #444444; font-style : italic; "> : (No malicious items detected) Files Infected : #444444; font-style : italic; "> : (No malicious items detected) Spyware log : #444444; font-style : italic; "> : Logfile of Spyware Terminator v2.5.1.028 (db : #444444; font-style : italic; "> : 3.001.019.000) Scan Time : #444444; font-style : italic; "> : 21/01/2009 8 : #444444; font-style : italic; "> : 36 : #444444; font-style : italic; "> : 48 a.m. length : #444444; font-style : italic; "> : 1009 s Platform : #444444; font-style : italic; "> : WXP (5.1.0.2600) User : #444444; font-style : italic; "> : Admin Boot Mode : #444444; font-style : italic; "> : Normal Scan type : #444444; font-style : italic; "> : Full_Spyware_Scan Scanned Objects : #444444; font-style : italic; "> : 59307 (Critical : #444444; font-style : italic; "> : 2) Filter : #444444; font-style : italic; "> : No System items, No Safe items, No Invalid items Running Processes nvsvc32.exe [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32.exe Mixer.exe [C-Media Electronic Inc. : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> (www.cmedia.com.tw)] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\Mixer.exe thunderbird.exe [Mozilla Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Mozilla Thunderbird\thunderbird.exe Internet Settings R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = : #444444; font-style : italic; "> : //www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" target="_blank">www.microsoft.com R - HKLM\System\CurrentControlSet\Services\Tcpip\Param eters, Domain = R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Tel ephony, DomainName = BHO 02 - BHO : #444444; font-style : italic; "> : FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Free Download Manager\iefdm2.dll StartUps 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , JMB36X IDE Setup : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\JM\JMInsIDE.exe 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , 36X Raid Configurer : #444444; font-style : italic; "> : [JMicron Technology Corp.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\JMRAIDSETUP.EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , C-Media Mixer : #444444; font-style : italic; "> : [C-Media Electronic Inc. : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> (www.cmedia.com.tw)] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\Mixer.exe 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , TrojanScanner : #444444; font-style : italic; "> : [Simply Super Software] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\TROJAN REMOVER\TRJSCAN.EXE Shell Extensions WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\WinRAR\rarext.dll Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\nvshell.dll - {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\nvshell.dll nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\nvshell.dll AlcoholShellEx - {32020A01-506E-484D-A2A8-BE3CF17601C3} - [Alcohol Soft Development Team] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Alcohol Soft\Alcohol 120\AXShlEx.dll Acrobat Elements Context Menu - {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - [Adobe Systems Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB.DLL WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB.DLL WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB.DLL WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB.DLL 7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [Igor Pavlov] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\7-Zip\7-zip.dll Trojan Remover Shell Extension - {52B87208-9CCF-42C9-B88E-069281105805} - [Simply Super Software] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Trojan Remover\Trshlex.dll Shell Service Objects - {IconPackager Repair} - [Stardock.net, Inc] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll Services 23 - [Advanced Micro Devices] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\AmdK8.sys 23 - [Digital Camera] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\Ca533av.sys 23 - [C-Media Inc] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\drivers\cmaudio.sys 23 - [JMicron] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\JGOGO.sys 23 - [JMicron Technology Corp.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\jraid.sys 23 - : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\ASACPI.sys 23 - [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\nvata.sys 23 - [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\nvnetbus.sys 23 - [NVIDIA Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32.exe 23 - [USB BULK] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\Bulk533.sys Threat Files <Trojan.Agent.49152.BE> : #444444; font-style : italic; "> : e : #444444; font-style : italic; "> : \Other\Apps\3ds max 2009\vRay\crack\Keymaker.exe <Trojan.Virtl.7757> : #444444; font-style : italic; "> : e : #444444; font-style : italic; "> : \Other\Games\YU GI OH\TRAINERS\kaiba_trn.exe Advanced Files Report %SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 169.06] MD5=357CDE6C24EB15888E810C6D2787C238 SIZE=155716 %SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=05CFBD59DFFD6B2F2109A016B7F1ADD2 SIZE=385024 %PROGRAMFILES%\Stardock\Object Desktop\IconPackager\iprepair.dll [Stardock.net, Inc] [IconPackager for ObjectDesktop] MD5=3E9DFC0050BD86A08AAA247FA6BF0799 SIZE=65536 %SYSDIR%\cmnprop.dll [C-Media Corporation] [CMI8738/CMI9738 Audio Device] MD5=6C04E2383A0B245AC42F64CD7F095CD0 SIZE=32768 %PROGRAMFILES%\MSN Messenger\MSIMG32.dll [Patchou] [Messenger Plus! Live] MD5=67DE23C7D320590168DAD1B59CF59F3A SIZE=59728 %PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive.dll [Patchou] [Messenger Plus! Live] MD5=2F90405B21686A8A81B77B2824D95521 SIZE=3379024 %PROGRAMFILES%\Messenger Plus! Live\Detoured.dll MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096 %PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes.dll [Patchou] [Messenger Plus! Live] MD5=68262E065949567D7B38F4EC757B09E7 SIZE=1831248 %SYSDIR%\Macromed\Flash\FlDbg9c.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=14F08AE5D3107E6D9EFB58007D0F7617 SIZE=2611432 %PROGRAMFILES%\Mozilla Thunderbird\thunderbird.exe [Mozilla Corporation] [Thunderbird] MD5=A9D830B99ABEA315C465A440C4AA1B94 SIZE=8504936 %PROGRAMFILES%\Mozilla Thunderbird\js3250.dll [Netscape Communications Corporation] [NETSCAPE] MD5=7C4A1822055BF598F35D72E0EC98F429 SIZE=458848 %PROGRAMFILES%\Mozilla Thunderbird\nspr4.dll [Netscape Communications Corporation] [Netscape Portable Runtime] MD5=312DC77A5D170D38F3D88873181FCC0E SIZE=161384 %PROGRAMFILES%\Mozilla Thunderbird\xpcom_core.dll [Mozilla Foundation] [Thunderbird] MD5=A723CCE7E469839E7728A8EEFA835A17 SIZE=420456 %PROGRAMFILES%\Mozilla Thunderbird\plc4.dll [Netscape Communications Corporation] [Netscape Portable Runtime] MD5=9ED02E151C4F5417C10594A19EEEB034 SIZE=34416 %PROGRAMFILES%\Mozilla Thunderbird\plds4.dll [Netscape Communications Corporation] [Netscape Portable Runtime] MD5=5D35EE582ED616947ADE1002F25682CA SIZE=30312 %PROGRAMFILES%\Mozilla Thunderbird\smime3.dll [Mozilla Foundation] [Network Security Services] MD5=05FF877978A22599F8675344AFF7E9AC SIZE=112224 %PROGRAMFILES%\Mozilla Thunderbird\nss3.dll [Mozilla Foundation] [Network Security Services] MD5=0E845C5A84427B1AF9B577C122BC4E23 SIZE=382560 %PROGRAMFILES%\Mozilla Thunderbird\softokn3.dll [Mozilla Foundation] [Network Security Services] MD5=DA7C7F8681BC177CC5CC1A5564BD6CE5 SIZE=254060 %PROGRAMFILES%\Mozilla Thunderbird\ssl3.dll [Mozilla Foundation] [Network Security Services] MD5=FDF29B3A596524ADCC11C6031E682E16 SIZE=136800 %PROGRAMFILES%\Mozilla Thunderbird\NSLDAP32V50.dll MD5=7081AF61B5B48EE3709FFE2996B3362C SIZE=145032 %PROGRAMFILES%\Mozilla Thunderbird\NSLDAPPR32V50.dll MD5=B8019E6A4DCF1037AB4FB3EA74FFF91D SIZE=30344 %PROGRAMFILES%\Mozilla Thunderbird\xpcom_compat.dll [Mozilla Foundation] [Thunderbird] MD5=E9B352B512E03ED5C35D6350414B68AD SIZE=73840 %PROGRAMFILES%\Mozilla Thunderbird\components\myspell.dll [Mozilla Foundation] [Thunderbird] MD5=C04860FDA00029873C454838978B34BF SIZE=34944 %PROGRAMFILES%\Mozilla Thunderbird\components\jar50.dll [Mozilla Foundation] [Thunderbird] MD5=653729BD50871348C8DE29467159DDFF SIZE=67688 %PROGRAMFILES%\Mozilla Thunderbird\extensions\talkback@mozilla.org\compon ents\qfaservices.dll [Mozilla Foundation] [Thunderbird] MD5=2D4FF109D3FAB7EDA2EFC99D0B1B975A SIZE=14448 %PROGRAMFILES%\Mozilla Thunderbird\extensions\talkback@mozilla.org\compon ents\FULLSOFT.DLL [Full Circle Software, Inc.] [Full Circle Talkback] MD5=F95D9ED1633C7D9C300AA4B7089816D8 SIZE=156536 %PROGRAMFILES%\Mozilla Thunderbird\components\spellchk.dll [Mozilla Foundation] [Thunderbird] MD5=05A4099FFAD8E2D98AC03C5C9C939A91 SIZE=46712 %PROGRAMFILES%\Mozilla Thunderbird\freebl3.dll [Mozilla Foundation] [Network Security Services] MD5=B482CCF4CEFBBFC273734815074E009E SIZE=200829 %PROGRAMFILES%\Mozilla Thunderbird\nssckbi.dll [Mozilla Foundation] [Network Security Services] MD5=149C290A75D21AD2FBDDA93F544E11AF SIZE=276072 deskpan.dll %PROGRAMFILES%\WinRAR\rarext.dll MD5=3552CBED461D5309E86B640AD40C7F3E SIZE=120832 %SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 111.29] MD5=5238E5928F3AC2FC0B5E79645C4AB5B5 SIZE=466944 %PROGRAMFILES%\Alcohol Soft\Alcohol 120\AXShlEx.dll [Alcohol Soft Development Team] [Alcohol ShellEx] MD5=0C1D3CA7D2C8A48AB01DFA958E150169 SIZE=387584 %PROGRAMFILES%\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [Adobe Systems Inc.] [Adobe Acrobat Elements] MD5=8DFADBF07EDEF36EE825EA4B0B8B3029 SIZE=685696 %PROGRAMFILES%\WinZip\WZSHLSTB.DLL [WinZip Computing LP] [WinZip] MD5=C897E5F411D87BF5029F3126058882C4 SIZE=5120 %PROGRAMFILES%\7-Zip\7-zip.dll [Igor Pavlov] [7-Zip] MD5=BF58D2BD6F8F22E2166E1D23AFEC8110 SIZE=70144 %PROGRAMFILES%\Trojan Remover\Trshlex.dll [Simply Super Software] [Trojan Remover] MD5=B76FDC3CDB2580405FE8100D248B4821 SIZE=467552 %SYSDIR%\DRIVERS\AmdK8.sys [Advanced Micro Devices] [AMD Processor Driver] MD5=0A4D13B388C814560BD69C3A496ECFA8 SIZE=36864 %SYSDIR%\svchost.exe -k netsvcs %SYSDIR%\Drivers\Ca533av.sys [Digital Camera] [Digital Camera Driver] MD5=CB767B4677E95AB30C9634ACC7E8539D SIZE=514929 %SYSDIR%\drivers\cmaudio.sys [C-Media Inc] [C-Media Audio Driver (WDM)] MD5=21D32A883613739D206166EC1AE561F1 SIZE=370382 %SYSDIR%\svchost -k DcomLaunch %SYSDIR%\svchost.exe -k NetworkService %SYSDIR%\DRIVERS\JGOGO.sys [JMicron] [SCSI Port upper filter driver] MD5=C995C0E8B4503FAC38793BB0236AD246 SIZE=6912 %SYSDIR%\DRIVERS\jraid.sys [JMicron Technology Corp.] [JMicron JMB36X RAID Driver] MD5=C341318BEAE24FA4042C5F8C64CB38B6 SIZE=44416 %SYSDIR%\svchost.exe -k LocalService %SYSDIR%\DRIVERS\ASACPI.sys [ATK0110 ACPI Utility] MD5=D48659BB24C48345D926ECB45C1EBDF5 SIZE=5810 %SYSDIR%\DRIVERS\nvata.sys [NVIDIA Corporation] [NVIDIA nForce(TM) IDE Driver] MD5=4D6C6B46B3EDF6F2E219A86B61D104AE SIZE=105344 %SYSDIR%\DRIVERS\nvnetbus.sys [NVIDIA Corporation] [NVNETBUS] MD5=57B669F9234604A350174B86764444B0 SIZE=19968 %SYSDIR%\svchost -k rpcss %SYSDIR%\svchost.exe -k imgsvc %SYSDIR%\Drivers\Bulk533.sys [USB BULK] [Platform SDK Sample Code] MD5=0C28DD9EC68CCB6E95D49BFD24FD2C11 SIZE=10986 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\ACE.dll [Adobe Systems Incorporated] [ACE] MD5=CC954BD96AC969F9CDCC34E0349570DE SIZE=845824 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AGM.dll [Adobe Systems Incorporated] [AGM] MD5=0B6A7C548C07EE28AFE05E6ABB96CD2E SIZE=5345280 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Adobe DNG Converter.exe [Adobe Systems Incorporated] [Adobe DNG Converter] MD5=740F204E91A64455C60C7866664E742F SIZE=6183088 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AdobeLM_libFNP.dll [Macrovision Europe Ltd.] [FLEXnet Publisher (32 bit)] MD5=1D6BFFBC5CDDA17E4812288FC5C5CE22 SIZE=2531328 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AdobeUpdater.dll [Adobe Systems Incorporated] [Adobe Updater Library] MD5=88EAB5C445EB10829513D076B4E3675A SIZE=496128 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\BIB.dll [Adobe Systems Incorporated] [BIB] MD5=AF000DDB9802F88C3E40FA8378B835F7 SIZE=276480 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\FNP_Act_Installer.dll [Macrovision Europe Ltd.] [FLEXnet Publisher (32 bit)] MD5=6F2E09108202E5EB008C69488FAFD27C SIZE=934400 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\MPS.dll [Adobe Systems Incorporated] [MPS] MD5=63FFF89A754FC2B2D9DC37320B04547B SIZE=3798016 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\OperaMgr.dll [Adobe Systems Incorporated] [Adobe Opera Manager] MD5=DE0C3BB21AA525F07786BD748D6BD6DB SIZE=73728 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Photodownloader.exe [Adobe Systems Incorporated] [Adobe Photo Downloader] MD5=47714AEAFFAB5A29DE9EA08CB4A74C04 SIZE=4937904 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\ASEFormat.8bi MD5=B13A5EBEEDF948B99F4817A7E4750579 SIZE=290816 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\Cineon.8bi [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=81F9ACB9E9C30B6766CF21B775D51EB2 SIZE=29184 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\MMXCore.8BX [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=6E5259852ACB4E964FEBD7FA5B5F9216 SIZE=245760 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\adobe_personalization.dll [Adobe Systems Incorporated] [Adobe EPIC Personalization] MD5=157E5B28440B22797106EC574805E10B SIZE=346624 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libagli18n28.dll [IBM Corporation and others] [International Components for Unicode] MD5=E110D3350932FD8F193AB3D8A75F51D4 SIZE=671744 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libagluc28.dll [IBM Corporation and others] [International Components for Unicode] MD5=B9460E79EC16BE1416869EB13CE68D2C SIZE=589824 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libmmd.dll [Intel Corporation] [Intel(r) C Compiler, Intel(r) C++ Compiler, Intel(r) Fortran Compiler] MD5=A8E9F6ED6912CE1B03A172DB99CC1823 SIZE=2797660 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libmysqld.dll MD5=6A9DC6FB11A6BF111171AF8FADDC2809 SIZE=2748416 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\ols.dll [Adobe Systems Incorporated] [Adobe Online Services] MD5=EC903FC197E43A61EC1B7B3B3C025584 SIZE=290816 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\pspluginsupport.dll [Adobe Systems Incorporated] [Adobe Photo Downloader 4.0 component] MD5=AC6417E173833D9B0E6738CE1485F783 SIZE=114688 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\zlib.dll [ZLib.DLL] MD5=038F501695724FF0A44A0129DE8279DE SIZE=618496 %PROGRAMFILES%\Adobe\Adobe Device Central CS3\SCL.dll [Adobe Systems Incorporated] [Adobe SCL] MD5=70C98B718A3C72922A212C5762DC9F2A SIZE=1410048 %PROGRAMFILES%\Adobe\Adobe Stock Photos CS3\adobe_caps.dll [Adobe Systems Incorporated] [Adobe CAPS] MD5=C4A9FBE8B7D32E29880AE41738166C4B SIZE=220856 %COMMONFILES%\Adobe\Adobe Asset Services CS3\ARE.dll [Adobe Systems Incorporated] [ARE] MD5=8B507D67731B1C6244BD61E0E92621CD SIZE=319160 %COMMONFILES%\Adobe\Adobe Asset Services CS3\AXE8SharedExpat.dll [Adobe Systems Incorporated] [AXE8SharedExpat] MD5=EF6873EF162288CD053C31EFAAF366AD SIZE=167936 %COMMONFILES%\Adobe\Adobe Asset Services CS3\AdobeXMPFiles.dll [Adobe XMP Files] MD5=456D65C2543902E768CF6105386ABCBE SIZE=339968 %COMMONFILES%\Adobe\Adobe Asset Services CS3\BIB.dll [Adobe Systems Incorporated] [BIB] MD5=A864913759544CB26093B792206C0894 SIZE=282816 %COMMONFILES%\Adobe\Adobe Asset Services CS3\BIBUtils.dll [Adobe Systems Incorporated] [BIBUtils] MD5=2BD9F80EF217317935D9513320CF9CA6 SIZE=249552 %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\Cineon.8bi [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=81F9ACB9E9C30B6766CF21B775D51EB2 SIZE=29184 %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\FastCore.8BX [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=EA820925DED97BF9EDACD6A0FCBFD05C SIZE=32768 %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\PCX.8BI [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=65CFE9BE2452FC842B8EF107107972FC SIZE=22528 %COMMONFILES%\Adobe\Linguistics\Providers\Plugins\ WRLiloPlugin1.0\NFTWin_MacEnc.dll [Winsoft SA - NeuroSoft SA] [NFTWin_MacEnc.dll Dynamic Link Library] MD5=167FC2C88CB8366C2189E82A70281162 SIZE=221184 %COMMONFILES%\Adobe\Updater5\AdobeUpdater.ar_AE [Adobe Systems Incorporated] [Adobe Updater] MD5=37C241539946B96B1C3C83AE06F43079 SIZE=60608 %COMMONFILES%\Adobe\Updater5\AdobeUpdater.bg_BG [Adobe Systems Incorporated] [Adobe Updater] MD5=9E888FA177852B86278AAC34B8D0FDDF SIZE=64704 %COMMONFILES%\Adobe\Updater5\AdobeUpdater.et_EE [Adobe Systems Incorporated] [Adobe Updater] MD5=8973BF847409AE84191BBE8A24A4B167 SIZE=63168 %COMMONFILES%\Adobe\Updater5\AdobeUpdater.lt_LT [Adobe Systems Incorporated] [Adobe Updater] MD5=310EAE4D478D85DD6FBE0F05F42F2B2B SIZE=63168 %COMMONFILES%\Adobe\Updater5\AdobeUpdater.uk_UA [Adobe Systems Incorporated] [Adobe Updater] MD5=7766741BF52B87D901453EC62AE9EFCF SIZE=63680 %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9 a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=CB23B162AC655F24C6711A5F5DF348C6 SIZE=61440 %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=1B7524806D0270B81360C63A2FA047CB SIZE=1101824 %SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536 %SYSDIR%\MFC71JPN.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C3CA0BF342DD90C9012C77BCFFD9D43D SIZE=49152 %COMMONFILES%\Microsoft Shared\Smart Tag\FPERSON.DLL [Microsoft Corporation] [Microsoft Office 2003] MD5=B88AECBFC7434B37D6921199D9C47947 SIZE=179768 %COMMONFILES%\Microsoft Shared\OFFICE11\1033\MSOINTL.DLL [Microsoft Corporation] [Microsoft Office 2003] MD5=C1AA3D8D5E20D231FDD502889FC20793 SIZE=1748536 %SYSDIR%\drivers\mbamswissarmy.sys [Malwarebytes Corporation] [Malwarebytes' Anti-Malware] MD5=3FADDD373612EEB94C364A257A308978 SIZE=38496 End of Report Hijack this : #444444; font-style : italic; "> : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10 : #444444; font-style : italic; "> : 21 : #444444; font-style : italic; "> : 07 a.m., on 21/01/2009 Platform : #444444; font-style : italic; "> : Windows XP SP2 (WinNT 5.01.2600) MSIE : #444444; font-style : italic; "> : Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode : #444444; font-style : italic; "> : Normal Running processes : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\System32\smss.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\winlogon.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\services.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\lsass.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\svchost.exe C : #444444; font-style : italic; "> : \WINDOWS\System32\svchost.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\spoolsv.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32.exe C : #444444; font-style : italic; "> : \Program Files\Spyware Terminator\sp_rsser.exe C : #444444; font-style : italic; "> : \WINDOWS\System32\svchost.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\wscntfy.exe C : #444444; font-style : italic; "> : \WINDOWS\Explorer.EXE C : #444444; font-style : italic; "> : \WINDOWS\system32\RUNDLL32.EXE C : #444444; font-style : italic; "> : \WINDOWS\system32\ctfmon.exe C : #444444; font-style : italic; "> : \Program Files\MSN Messenger\msnmsgr.exe C : #444444; font-style : italic; "> : \Program Files\foobar2000\foobar2000.exe C : #444444; font-style : italic; "> : \Program Files\Mozilla Firefox\firefox.exe C : #444444; font-style : italic; "> : \Program Files\Malwarebytes' Anti-Malware\mbam.exe C : #444444; font-style : italic; "> : \Program Files\Mozilla Thunderbird\thunderbird.exe C : #444444; font-style : italic; "> : \WINDOWS\system32\NOTEPAD.EXE C : #444444; font-style : italic; "> : \WINDOWS\system32\NOTEPAD.EXE C : #444444; font-style : italic; "> : \Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about : #444444; font-style : italic; "> : blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla O2 - BHO : #444444; font-style : italic; "> : Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C : #444444; font-style : italic; "> : \Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO : #444444; font-style : italic; "> : Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO : #444444; font-style : italic; "> : FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C : #444444; font-style : italic; "> : \Program Files\Free Download Manager\iefdm2.dll O3 - Toolbar : #444444; font-style : italic; "> : Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run : #444444; font-style : italic; "> : [JMB36X IDE Setup] C : #444444; font-style : italic; "> : \WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run : #444444; font-style : italic; "> : [36X Raid Configurer] C : #444444; font-style : italic; "> : \WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run : #444444; font-style : italic; "> : [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run : #444444; font-style : italic; "> : [NvCplDaemon] RUNDLL32.EXE C : #444444; font-style : italic; "> : \WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run : #444444; font-style : italic; "> : [nwiz] nwiz.exe /install O4 - HKLM\..\Run : #444444; font-style : italic; "> : [NvMediaCenter] RUNDLL32.EXE C : #444444; font-style : italic; "> : \WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run : #444444; font-style : italic; "> : [TrojanScanner] C : #444444; font-style : italic; "> : \Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKCU\..\Run : #444444; font-style : italic; "> : [CTFMON.EXE] C : #444444; font-style : italic; "> : \WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run : #444444; font-style : italic; "> : [msnmsgr] "C : #444444; font-style : italic; "> : \Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run : #444444; font-style : italic; "> : [CTFMON.EXE] C : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run : #444444; font-style : italic; "> : [CTFMON.EXE] C : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run : #444444; font-style : italic; "> : [CTFMON.EXE] C : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run : #444444; font-style : italic; "> : [CTFMON.EXE] C : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item : #444444; font-style : italic; "> : Append to existing PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert link target to Adobe PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert link target to existing PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert selected links to Adobe PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert selected links to existing PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert selection to Adobe PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert selection to existing PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item : #444444; font-style : italic; "> : Convert to Adobe PDF - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item : #444444; font-style : italic; "> : Download all with Free Download Manager - file : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item : #444444; font-style : italic; "> : Download selected with Free Download Manager - file : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item : #444444; font-style : italic; "> : Download video with Free Download Manager - file : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item : #444444; font-style : italic; "> : Download with Free Download Manager - file : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item : #444444; font-style : italic; "> : E&xport to Microsoft Excel - res : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : \PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button : #444444; font-style : italic; "> : Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C : #444444; font-style : italic; "> : \PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button : #444444; font-style : italic; "> : Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C : #444444; font-style : italic; "> : \Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem : #444444; font-style : italic; "> : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C : #444444; font-style : italic; "> : \Program Files\Messenger\msmsgs.exe O23 - Service : #444444; font-style : italic; "> : FLEXnet Licensing Service - Macrovision Europe Ltd. - C : #444444; font-style : italic; "> : \Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service : #444444; font-style : italic; "> : InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C : #444444; font-style : italic; "> : \Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service : #444444; font-style : italic; "> : NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32.exe O23 - Service : #444444; font-style : italic; "> : Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C : #444444; font-style : italic; "> : \Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 5922 bytes If no one can report anything new from this I will now install SP3 and try pancake's advice.	m3dic (14437)
740576	2009-01-20 21:22:00	Malware log : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> Malwarebytes' Anti-Malware 1 . 33 Database version : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 1671 Windows 5 . 1 . 2600 Service Pack 2 21/01/2009 10 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 05 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 49 a . m . mbam-log-2009-01-21 (10-05-49) . txt Scan type : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Full Scan (C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \|) Objects scanned : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 153611 Time elapsed : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 1 hour(s), 7 minute(s), 25 second(s) : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> Memory Processes Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 Memory Modules Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 Registry Keys Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 Registry Values Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 Registry Data Items Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 Folders Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 Files Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 0 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> Memory Processes Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Memory Modules Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Registry Keys Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Registry Values Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Registry Data Items Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Folders Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Files Infected : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : (No malicious items detected) Spyware log : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Logfile of Spyware Terminator v2 . 5 . 1 . 028 (db : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 3 . 001 . 019 . 000) Scan Time : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> 21/01/2009 8 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 36 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 48 a . m . : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> length : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 1009 s Platform : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : WXP (5 . 1 . 0 . 2600) User : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Admin Boot Mode : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Normal Scan type : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Full_Spyware_Scan Scanned Objects : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 59307 (Critical : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 2) Filter : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : No System items, No Safe items, No Invalid items Running Processes nvsvc32 . exe [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32 . exe Mixer . exe : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> [C-Media Electronic Inc . : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> (www . cmedia . com . tw)] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\Mixer . exe thunderbird . exe [Mozilla Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Mozilla Thunderbird\thunderbird . exe Internet Settings R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //www . microsoft . com/isapi/redir . dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" target="_blank">www . microsoft . com R - HKLM\System\CurrentControlSet\Services\Tcpip\Param eters, Domain = R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Tel ephony, DomainName = BHO 02 - BHO : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Free Download Manager\iefdm2 . dll StartUps 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , JMB36X IDE Setup : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\JM\JMInsIDE . exe 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , 36X Raid Configurer : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [JMicron Technology Corp . ] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\JMRAIDSETUP . EXE 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , C-Media Mixer : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> [C-Media Electronic Inc . : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> (www . cmedia . com . tw)] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\Mixer . exe 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , TrojanScanner : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [Simply Super Software] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\TROJAN REMOVER\TRJSCAN . EXE Shell Extensions WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\WinRAR\rarext . dll Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvshell . dll - {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvshell . dll nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvshell . dll AlcoholShellEx - {32020A01-506E-484D-A2A8-BE3CF17601C3} - [Alcohol Soft Development Team] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Alcohol Soft\Alcohol 120\AXShlEx . dll Acrobat Elements Context Menu - {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - [Adobe Systems Inc . ] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat Elements\ContextMenu . dll WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB . DLL WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB . DLL WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB . DLL WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\WinZip\WZSHLSTB . DLL 7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [Igor Pavlov] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\7-Zip\7-zip . dll Trojan Remover Shell Extension - {52B87208-9CCF-42C9-B88E-069281105805} - [Simply Super Software] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Trojan Remover\Trshlex . dll Shell Service Objects - {IconPackager Repair} - [Stardock . net, Inc] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Stardock\Object Desktop\IconPackager\iprepair . dll Services 23 - [Advanced Micro Devices] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\AmdK8 . sys 23 - [Digital Camera] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\Ca533av . sys 23 - [C-Media Inc] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\drivers\cmaudio . sys 23 - [JMicron] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\JGOGO . sys 23 - [JMicron Technology Corp . ] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\jraid . sys 23 - : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\ASACPI . sys 23 - [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\nvata . sys 23 - [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\nvnetbus . sys 23 - [NVIDIA Corporation] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32 . exe 23 - [USB BULK] : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\Bulk533 . sys Threat Files <Trojan . Agent . 49152 . BE> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : e : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Other\Apps\3ds max 2009\vRay\crack\Keymaker . exe <Trojan . Virtl . 7757> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : e : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Other\Games\YU GI OH\TRAINERS\kaiba_trn . exe Advanced Files Report %SYSDIR%\nvsvc32 . exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 169 . 06] MD5=357CDE6C24EB15888E810C6D2787C238 SIZE=155716 %SYSDIR%\nvapi . dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=05CFBD59DFFD6B2F2109A016B7F1ADD2 SIZE=385024 %PROGRAMFILES%\Stardock\Object Desktop\IconPackager\iprepair . dll [Stardock . net, Inc] [IconPackager for ObjectDesktop] MD5=3E9DFC0050BD86A08AAA247FA6BF0799 SIZE=65536 %SYSDIR%\cmnprop . dll [C-Media Corporation] [CMI8738/CMI9738 Audio Device] MD5=6C04E2383A0B245AC42F64CD7F095CD0 SIZE=32768 %PROGRAMFILES%\MSN Messenger\MSIMG32 . dll [Patchou] [Messenger Plus! Live] MD5=67DE23C7D320590168DAD1B59CF59F3A SIZE=59728 %PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive . dll [Patchou] [Messenger Plus! Live] MD5=2F90405B21686A8A81B77B2824D95521 SIZE=3379024 %PROGRAMFILES%\Messenger Plus! Live\Detoured . dll MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096 %PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes . dll [Patchou] [Messenger Plus! Live] MD5=68262E065949567D7B38F4EC757B09E7 SIZE=1831248 %SYSDIR%\Macromed\Flash\FlDbg9c . ocx [Adobe Systems, Inc . ] [Shockwave Flash] MD5=14F08AE5D3107E6D9EFB58007D0F7617 SIZE=2611432 %PROGRAMFILES%\Mozilla Thunderbird\thunderbird . exe [Mozilla Corporation] [Thunderbird] MD5=A9D830B99ABEA315C465A440C4AA1B94 SIZE=8504936 %PROGRAMFILES%\Mozilla Thunderbird\js3250 . dll [Netscape Communications Corporation] [NETSCAPE] MD5=7C4A1822055BF598F35D72E0EC98F429 SIZE=458848 %PROGRAMFILES%\Mozilla Thunderbird\nspr4 . dll [Netscape Communications Corporation] [Netscape Portable Runtime] MD5=312DC77A5D170D38F3D88873181FCC0E SIZE=161384 %PROGRAMFILES%\Mozilla Thunderbird\xpcom_core . dll [Mozilla Foundation] [Thunderbird] MD5=A723CCE7E469839E7728A8EEFA835A17 SIZE=420456 %PROGRAMFILES%\Mozilla Thunderbird\plc4 . dll [Netscape Communications Corporation] [Netscape Portable Runtime] MD5=9ED02E151C4F5417C10594A19EEEB034 SIZE=34416 %PROGRAMFILES%\Mozilla Thunderbird\plds4 . dll [Netscape Communications Corporation] [Netscape Portable Runtime] MD5=5D35EE582ED616947ADE1002F25682CA SIZE=30312 %PROGRAMFILES%\Mozilla Thunderbird\smime3 . dll [Mozilla Foundation] [Network Security Services] MD5=05FF877978A22599F8675344AFF7E9AC SIZE=112224 %PROGRAMFILES%\Mozilla Thunderbird\nss3 . dll [Mozilla Foundation] [Network Security Services] MD5=0E845C5A84427B1AF9B577C122BC4E23 SIZE=382560 %PROGRAMFILES%\Mozilla Thunderbird\softokn3 . dll [Mozilla Foundation] [Network Security Services] MD5=DA7C7F8681BC177CC5CC1A5564BD6CE5 SIZE=254060 %PROGRAMFILES%\Mozilla Thunderbird\ssl3 . dll [Mozilla Foundation] [Network Security Services] MD5=FDF29B3A596524ADCC11C6031E682E16 SIZE=136800 %PROGRAMFILES%\Mozilla Thunderbird\NSLDAP32V50 . dll MD5=7081AF61B5B48EE3709FFE2996B3362C SIZE=145032 %PROGRAMFILES%\Mozilla Thunderbird\NSLDAPPR32V50 . dll MD5=B8019E6A4DCF1037AB4FB3EA74FFF91D SIZE=30344 %PROGRAMFILES%\Mozilla Thunderbird\xpcom_compat . dll [Mozilla Foundation] [Thunderbird] MD5=E9B352B512E03ED5C35D6350414B68AD SIZE=73840 %PROGRAMFILES%\Mozilla Thunderbird\components\myspell . dll [Mozilla Foundation] [Thunderbird] MD5=C04860FDA00029873C454838978B34BF SIZE=34944 %PROGRAMFILES%\Mozilla Thunderbird\components\jar50 . dll [Mozilla Foundation] [Thunderbird] MD5=653729BD50871348C8DE29467159DDFF SIZE=67688 %PROGRAMFILES%\Mozilla Thunderbird\extensions\talkback@mozilla . org\compon ents\qfaservices . dll [Mozilla Foundation] [Thunderbird] MD5=2D4FF109D3FAB7EDA2EFC99D0B1B975A SIZE=14448 %PROGRAMFILES%\Mozilla Thunderbird\extensions\talkback@mozilla . org\compon ents\FULLSOFT . DLL [Full Circle Software, Inc . ] [Full Circle Talkback] MD5=F95D9ED1633C7D9C300AA4B7089816D8 SIZE=156536 %PROGRAMFILES%\Mozilla Thunderbird\components\spellchk . dll [Mozilla Foundation] [Thunderbird] MD5=05A4099FFAD8E2D98AC03C5C9C939A91 SIZE=46712 %PROGRAMFILES%\Mozilla Thunderbird\freebl3 . dll [Mozilla Foundation] [Network Security Services] MD5=B482CCF4CEFBBFC273734815074E009E SIZE=200829 %PROGRAMFILES%\Mozilla Thunderbird\nssckbi . dll [Mozilla Foundation] [Network Security Services] MD5=149C290A75D21AD2FBDDA93F544E11AF SIZE=276072 deskpan . dll %PROGRAMFILES%\WinRAR\rarext . dll MD5=3552CBED461D5309E86B640AD40C7F3E SIZE=120832 %SYSDIR%\nvshell . dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 111 . 29] MD5=5238E5928F3AC2FC0B5E79645C4AB5B5 SIZE=466944 %PROGRAMFILES%\Alcohol Soft\Alcohol 120\AXShlEx . dll [Alcohol Soft Development Team] [Alcohol ShellEx] MD5=0C1D3CA7D2C8A48AB01DFA958E150169 SIZE=387584 %PROGRAMFILES%\Adobe\Acrobat 8 . 0\Acrobat Elements\ContextMenu . dll [Adobe Systems Inc . ] [Adobe Acrobat Elements] MD5=8DFADBF07EDEF36EE825EA4B0B8B3029 SIZE=685696 %PROGRAMFILES%\WinZip\WZSHLSTB . DLL [WinZip Computing LP] [WinZip] MD5=C897E5F411D87BF5029F3126058882C4 SIZE=5120 %PROGRAMFILES%\7-Zip\7-zip . dll [Igor Pavlov] [7-Zip] MD5=BF58D2BD6F8F22E2166E1D23AFEC8110 SIZE=70144 %PROGRAMFILES%\Trojan Remover\Trshlex . dll [Simply Super Software] [Trojan Remover] MD5=B76FDC3CDB2580405FE8100D248B4821 SIZE=467552 %SYSDIR%\DRIVERS\AmdK8 . sys [Advanced Micro Devices] [AMD Processor Driver] MD5=0A4D13B388C814560BD69C3A496ECFA8 SIZE=36864 %SYSDIR%\svchost . exe -k netsvcs %SYSDIR%\Drivers\Ca533av . sys [Digital Camera] [Digital Camera Driver] MD5=CB767B4677E95AB30C9634ACC7E8539D SIZE=514929 %SYSDIR%\drivers\cmaudio . sys [C-Media Inc] [C-Media Audio Driver (WDM)] MD5=21D32A883613739D206166EC1AE561F1 SIZE=370382 %SYSDIR%\svchost -k DcomLaunch %SYSDIR%\svchost . exe -k NetworkService %SYSDIR%\DRIVERS\JGOGO . sys [JMicron] [SCSI Port upper filter driver] MD5=C995C0E8B4503FAC38793BB0236AD246 SIZE=6912 %SYSDIR%\DRIVERS\jraid . sys [JMicron Technology Corp . ] [JMicron JMB36X RAID Driver] MD5=C341318BEAE24FA4042C5F8C64CB38B6 SIZE=44416 %SYSDIR%\svchost . exe -k LocalService %SYSDIR%\DRIVERS\ASACPI . sys [ATK0110 ACPI Utility] MD5=D48659BB24C48345D926ECB45C1EBDF5 SIZE=5810 %SYSDIR%\DRIVERS\nvata . sys [NVIDIA Corporation] [NVIDIA nForce(TM) IDE Driver] MD5=4D6C6B46B3EDF6F2E219A86B61D104AE SIZE=105344 %SYSDIR%\DRIVERS\nvnetbus . sys [NVIDIA Corporation] [NVNETBUS] MD5=57B669F9234604A350174B86764444B0 SIZE=19968 %SYSDIR%\svchost -k rpcss %SYSDIR%\svchost . exe -k imgsvc %SYSDIR%\Drivers\Bulk533 . sys [USB BULK] [Platform SDK Sample Code] MD5=0C28DD9EC68CCB6E95D49BFD24FD2C11 SIZE=10986 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\ACE . dll [Adobe Systems Incorporated] [ACE] MD5=CC954BD96AC969F9CDCC34E0349570DE SIZE=845824 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AGM . dll [Adobe Systems Incorporated] [AGM] MD5=0B6A7C548C07EE28AFE05E6ABB96CD2E SIZE=5345280 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Adobe DNG Converter . exe [Adobe Systems Incorporated] [Adobe DNG Converter] MD5=740F204E91A64455C60C7866664E742F SIZE=6183088 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AdobeLM_libFNP . dll [Macrovision Europe Ltd . ] [FLEXnet Publisher (32 bit)] MD5=1D6BFFBC5CDDA17E4812288FC5C5CE22 SIZE=2531328 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AdobeUpdater . dll [Adobe Systems Incorporated] [Adobe Updater Library] MD5=88EAB5C445EB10829513D076B4E3675A SIZE=496128 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\BIB . dll [Adobe Systems Incorporated] [BIB] MD5=AF000DDB9802F88C3E40FA8378B835F7 SIZE=276480 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\FNP_Act_Installer . dll [Macrovision Europe Ltd . ] [FLEXnet Publisher (32 bit)] MD5=6F2E09108202E5EB008C69488FAFD27C SIZE=934400 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\MPS . dll [Adobe Systems Incorporated] [MPS] MD5=63FFF89A754FC2B2D9DC37320B04547B SIZE=3798016 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\OperaMgr . dll [Adobe Systems Incorporated] [Adobe Opera Manager] MD5=DE0C3BB21AA525F07786BD748D6BD6DB SIZE=73728 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Photodownloader . exe [Adobe Systems Incorporated] [Adobe Photo Downloader] MD5=47714AEAFFAB5A29DE9EA08CB4A74C04 SIZE=4937904 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\ASEFormat . 8bi MD5=B13A5EBEEDF948B99F4817A7E4750579 SIZE=290816 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\Cineon . 8bi [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=81F9ACB9E9C30B6766CF21B775D51EB2 SIZE=29184 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\MMXCore . 8BX [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=6E5259852ACB4E964FEBD7FA5B5F9216 SIZE=245760 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\adobe_personalization . dll [Adobe Systems Incorporated] [Adobe EPIC Personalization] MD5=157E5B28440B22797106EC574805E10B SIZE=346624 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libagli18n28 . dll [IBM Corporation and others] [International Components for Unicode] MD5=E110D3350932FD8F193AB3D8A75F51D4 SIZE=671744 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libagluc28 . dll [IBM Corporation and others] [International Components for Unicode] MD5=B9460E79EC16BE1416869EB13CE68D2C SIZE=589824 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libmmd . dll [Intel Corporation] [Intel(r) C Compiler, Intel(r) C++ Compiler, Intel(r) Fortran Compiler] MD5=A8E9F6ED6912CE1B03A172DB99CC1823 SIZE=2797660 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libmysqld . dll MD5=6A9DC6FB11A6BF111171AF8FADDC2809 SIZE=2748416 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\ols . dll [Adobe Systems Incorporated] [Adobe Online Services] MD5=EC903FC197E43A61EC1B7B3B3C025584 SIZE=290816 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\pspluginsupport . dll [Adobe Systems Incorporated] [Adobe Photo Downloader 4 . 0 component] MD5=AC6417E173833D9B0E6738CE1485F783 SIZE=114688 %PROGRAMFILES%\Adobe\Adobe Bridge CS3\zlib . dll [ZLib . DLL] MD5=038F501695724FF0A44A0129DE8279DE SIZE=618496 %PROGRAMFILES%\Adobe\Adobe Device Central CS3\SCL . dll [Adobe Systems Incorporated] [Adobe SCL] MD5=70C98B718A3C72922A212C5762DC9F2A SIZE=1410048 %PROGRAMFILES%\Adobe\Adobe Stock Photos CS3\adobe_caps . dll [Adobe Systems Incorporated] [Adobe CAPS] MD5=C4A9FBE8B7D32E29880AE41738166C4B SIZE=220856 %COMMONFILES%\Adobe\Adobe Asset Services CS3\ARE . dll [Adobe Systems Incorporated] [ARE] MD5=8B507D67731B1C6244BD61E0E92621CD SIZE=319160 %COMMONFILES%\Adobe\Adobe Asset Services CS3\AXE8SharedExpat . dll [Adobe Systems Incorporated] [AXE8SharedExpat] MD5=EF6873EF162288CD053C31EFAAF366AD SIZE=167936 %COMMONFILES%\Adobe\Adobe Asset Services CS3\AdobeXMPFiles . dll [Adobe XMP Files] MD5=456D65C2543902E768CF6105386ABCBE SIZE=339968 %COMMONFILES%\Adobe\Adobe Asset Services CS3\BIB . dll [Adobe Systems Incorporated] [BIB] MD5=A864913759544CB26093B792206C0894 SIZE=282816 %COMMONFILES%\Adobe\Adobe Asset Services CS3\BIBUtils . dll [Adobe Systems Incorporated] [BIBUtils] MD5=2BD9F80EF217317935D9513320CF9CA6 SIZE=249552 %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\Cineon . 8bi [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=81F9ACB9E9C30B6766CF21B775D51EB2 SIZE=29184 %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\FastCore . 8BX [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=EA820925DED97BF9EDACD6A0FCBFD05C SIZE=32768 %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\PCX . 8BI [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=65CFE9BE2452FC842B8EF107107972FC SIZE=22528 %COMMONFILES%\Adobe\Linguistics\Providers\Plugins\ WRLiloPlugin1 . 0\NFTWin_MacEnc . dll [Winsoft SA - NeuroSoft SA] [NFTWin_MacEnc . dll Dynamic Link Library] MD5=167FC2C88CB8366C2189E82A70281162 SIZE=221184 %COMMONFILES%\Adobe\Updater5\AdobeUpdater . ar_AE [Adobe Systems Incorporated] [Adobe Updater] MD5=37C241539946B96B1C3C83AE06F43079 SIZE=60608 %COMMONFILES%\Adobe\Updater5\AdobeUpdater . bg_BG [Adobe Systems Incorporated] [Adobe Updater] MD5=9E888FA177852B86278AAC34B8D0FDDF SIZE=64704 %COMMONFILES%\Adobe\Updater5\AdobeUpdater . et_EE [Adobe Systems Incorporated] [Adobe Updater] MD5=8973BF847409AE84191BBE8A24A4B167 SIZE=63168 %COMMONFILES%\Adobe\Updater5\AdobeUpdater . lt_LT [Adobe Systems Incorporated] [Adobe Updater] MD5=310EAE4D478D85DD6FBE0F05F42F2B2B SIZE=63168 %COMMONFILES%\Adobe\Updater5\AdobeUpdater . uk_UA [Adobe Systems Incorporated] [Adobe Updater] MD5=7766741BF52B87D901453EC62AE9EFCF SIZE=63680 %WINDIR%\WinSxS\x86_Microsoft . VC80 . MFCLOC_1fc8b3b9 a1e18e3b_8 . 0 . 50727 . 762_x-ww_91481303\mfc80ITA . dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=CB23B162AC655F24C6711A5F5DF348C6 SIZE=61440 %WINDIR%\WinSxS\x86_Microsoft . VC80 . MFC_1fc8b3b9a1e 18e3b_8 . 0 . 50727 . 762_x-ww_3bf8fa05\mfc80 . dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=1B7524806D0270B81360C63A2FA047CB SIZE=1101824 %SYSDIR%\MFC71DEU . DLL [Microsoft Corporation] [Microsoft® Visual Studio . NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536 %SYSDIR%\MFC71JPN . DLL [Microsoft Corporation] [Microsoft® Visual Studio . NET] MD5=C3CA0BF342DD90C9012C77BCFFD9D43D SIZE=49152 %COMMONFILES%\Microsoft Shared\Smart Tag\FPERSON . DLL [Microsoft Corporation] [Microsoft Office 2003] MD5=B88AECBFC7434B37D6921199D9C47947 SIZE=179768 %COMMONFILES%\Microsoft Shared\OFFICE11\1033\MSOINTL . DLL [Microsoft Corporation] [Microsoft Office 2003] MD5=C1AA3D8D5E20D231FDD502889FC20793 SIZE=1748536 %SYSDIR%\drivers\mbamswissarmy . sys [Malwarebytes Corporation] [ : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> Malwarebytes' Anti-Malware] MD5=3FADDD373612EEB94C364A257A308978 SIZE=38496 End of Report Hijack this : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 10 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 21 : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : 07 a . m . , on 21/01/2009 Platform : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Windows XP SP2 (WinNT 5 . 01 . 2600) MSIE : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Internet Explorer v6 . 00 SP2 (6 . 00 . 2900 . 2180) Boot mode : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Normal Running processes : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\smss . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\winlogon . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\services . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\lsass . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\svchost . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\svchost . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\spoolsv . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32 . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Spyware Terminator\sp_rsser . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\svchost . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\wscntfy . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\Explorer . EXE C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\RUNDLL32 . EXE C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\ctfmon . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\MSN Messenger\msnmsgr . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\foobar2000\foobar2000 . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Mozilla Firefox\firefox . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\ : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : italic; "> Malwarebytes' Anti-Malware\mbam . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Mozilla Thunderbird\thunderbird . exe C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\NOTEPAD . EXE C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\NOTEPAD . EXE C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Trend Micro\HijackThis\HijackThis . exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla O2 - BHO : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper . dll O2 - BHO : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll O2 - BHO : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Free Download Manager\iefdm2 . dll O3 - Toolbar : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [JMB36X IDE Setup] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\JM\JMInsIDE . exe O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [36X Raid Configurer] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\JMRaidSetup . exe boot O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [C-Media Mixer] Mixer . exe /startup O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [NvCplDaemon] RUNDLL32 . EXE C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\NvCpl . dll,NvStartup O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [nwiz] nwiz . exe /install O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [NvMediaCenter] RUNDLL32 . EXE C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\NvMcTray . dll,NvTaskbarInit O4 - HKLM\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [TrojanScanner] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Trojan Remover\Trjscan . exe /boot O4 - HKCU\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [CTFMON . EXE] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\ctfmon . exe O4 - HKCU\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [msnmsgr] "C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\MSN Messenger\msnmsgr . exe" /background O4 - HKUS\S-1-5-19\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [CTFMON . EXE] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON . EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [CTFMON . EXE] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON . EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [CTFMON . EXE] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON . EXE (User 'SYSTEM') O4 - HKUS\ . DEFAULT\ . . \Run : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : [CTFMON . EXE] C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\System32\CTFMON . EXE (User 'Default user') O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Append to existing PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIEAppend . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert link target to Adobe PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIECapture . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert link target to existing PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIEAppend . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert selected links to Adobe PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIECaptureSelLinks . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert selected links to existing PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIEAppendSelLinks . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert selection to Adobe PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIECapture . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert selection to existing PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIEAppend . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Convert to Adobe PDF - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 8 . 0\Acrobat\AcroIEFavClient . dll/AcroIECapture . html O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Download all with Free Download Manager - file : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dlall . htm O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Download selected with Free Download Manager - file : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dlselected . htm O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Download video with Free Download Manager - file : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dlfvideo . htm O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Download with Free Download Manager - file : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Free Download Manager\dllink . htm O8 - Extra context menu item : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : E&xport to Microsoft Excel - res : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : //C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \PROGRA~1\MICROS~2\OFFICE11\EXCEL . EXE/3000 O9 - Extra button : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \PROGRA~1\MICROS~2\OFFICE11\REFIEBAR . DLL O9 - Extra button : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Messenger\msmsgs . exe O9 - Extra 'Tools' menuitem : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Messenger\msmsgs . exe O23 - Service : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : FLEXnet Licensing Service - Macrovision Europe Ltd . - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService . exe O23 - Service : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT . exe O23 - Service : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \WINDOWS\system32\nvsvc32 . exe O23 - Service : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler . com - C : #444444; font-style : italic; "> : #444444; font-style : #444444; font-style : italic; "> : italic; "> : #444444; font-style : italic; "> : \Program Files\Spyware Terminator\sp_rsser . exe -- End of file - 5922 bytes If no one can report anything new from this I will now install SP3 and try pancake's advice .	m3dic (14437)
740577	2009-01-20 21:37:00	Tick this entry then tick fix checked Close browsers R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla	Speedy Gonzales (78)
740578	2009-01-20 22:01:00	Track these down and remove them : #444444; font-style : italic; "> : <Trojan.Agent.49152.BE> : #444444; font-style : italic; "> : e : #444444; font-style : italic; "> : \Other\Apps\3ds max 2009\vRay\crack\Keymaker.exe <Trojan.Virtl.7757> : #444444; font-style : italic; "> : e : #444444; font-style : italic; "> : \Other\Games\YU GI OH\TRAINERS\kaiba_trn.exe	Pancake (6359)
1 2