Author Topic: Repairs (Read 379 times)

LoRoC116 · « **on:** November 02, 2008, 12:32:00 PM »

Hi. The system's running extremely slow and was hoping you would be able to help me... thank you!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:12:23 PM, on 11/2/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Apoint\HidFind.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
c:\program files\searchme\taskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.jmu.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: InfoBand - {00552751-19CC-4D2D-9767-F37E2692A9FE} - C:\Program Files\searchme\LEDWiz.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: popguideBHO Class - {78CA4BFB-D6F4-4205-981B-C475007A1B60} - C:\Program Files\popguide\popguide.dll
O2 - BHO: OTSI Class - {85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597} - c:\program files\searchme\ots.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LineGuideObj - {AD12AEF1-4348-4055-9DEF-4E5738E3F163} - C:\Program Files\lineguide\lineguide.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: BrowserHelper Class - {EDDBE331-F018-4B1F-BE87-42DEC15E0E03} - C:\Program Files\pointre\cmbar.dll
O2 - BHO: SideModule_B1 - {F5525595-BF39-49E3-9DD3-F8B91F867F47} - C:\Program Files\lineguide\SideModule.dll
O3 - Toolbar: SearchMe - {E74BC74F-F470-4AD7-9FB4-1A4170A06082} - c:\program files\searchme\otwiz.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll
O3 - Toolbar: InfoBand - {00552751-19CC-4D2D-9767-F37E2692A9FE} - C:\Program Files\searchme\LEDWiz.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [DrVirus] "C:\Program Files\DrVirus\DrVirus.exe" -sh
O4 - HKLM\..\Run: [overtoolsupdate] "C:\Program Files\searchme\write.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lineguide] C:\Program Files\lineguide\lineguideup.exe
O4 - HKLM\..\Run: [Pointre] C:\Program Files\pointre\CMStart.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKCU\..\Run: [popguide] C:\Program Files\popguide\popguide_update.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ã‡Ã¶Â±ÃÂ¸Â®Â¿Ã¶ÂµÃ¥ - {26DFF40F-9082-4BDE-A703-D994E345C704} - "c:\program files\searchme\OTdm.exe" (file missing)
O9 - Extra 'Tools' menuitem: SearchMe Ã‡Ã¶Â±ÃÂµÂ¹Â·ÃÂ¹ÃžÂ±Ã¢ Ã€Ã»Â¸Â³Â±ÃÂºÂ¸Â±Ã¢ - {26DFF40F-9082-4BDE-A703-D994E345C704} - "c:\program files\searchme\OTdm.exe" (file missing)
O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra button: SideBand - {5A5B50C2-5A90-4FA7-ABCF-8640D8749FD3} - C:\Program Files\lineguide\sideband.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {7A32DC00-198C-457F-B8AE-C9C2591BBA0F} (GameLoaderX Control) - http://download.zerogame.co.kr/zerogame.cab
O16 - DPF: {8FAC8093-435B-440A-B5C0-9130B7180844} (BugKorea Control) - http://down.bugkorea.net/bugkorea.cab
O16 - DPF: {92D0D610-A6FA-48D8-94CB-BD47FDF68655} (Launcher Class) - http://dl.ipop.co.kr/ipop/ipopx.cab
O16 - DPF: {9CDD57AC-CA86-464C-B920-3228A388CC78} (NaverFileControl Control) - http://file.naver.com/down/NaverFile.cab
O16 - DPF: {9DEFEDFC-8193-4BE6-AA60-B6375AB7C8BE} (Launcher Class) - http://patch.mnet.com/NaverMusic/ActiveX/naverx.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {AF60D574-F249-4243-8040-5521AAA5BB5E} (PandoraTVSet Class) - http://imgcdn.pandora.tv/pan_img/p3player/...ge/pdrtvset.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D572CD64-9310-4712-8FFC-A4F9DC9D4AC1} (QbicUpdate Control) - http://qbic.hanafos.com/component/QbicUpdate.CAB
O16 - DPF: {DDE6FED7-88AB-405B-9D77-FD4CDA8B9EB5} (Qbic Control) - http://qbic.hanafos.com/component/Qbic.CAB
O16 - DPF: {F4A1D5E2-AF49-47A7-A945-23038106F3A4} (Pandora_SetUp Control) - http://imgcdn.pandora.tv/pan_img/launcher/...ora_SetUpAX.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NTRU Hybrid TSS v2.0.7 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 12919 bytes

guestolo · « **Reply #1 on:** November 02, 2008, 12:52:56 PM »

Can you do the following please
Download [color=\"blue\"]random's system information tool (RSIT)[/color] by [color=\"#6600cc\"]random/random[/color] from >>[color=\"red\"]here[/color]<< and save it to your desktop.

Double click on RSIT.exe to launch program.
Click Continue at the disclaimer screen.
Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
Once it has finished, two logs will open: log.txt[color=\"red\"]<-- this will be maximized[/color] and info.txt[color=\"red\"]<-- this will be minimized[/color].

Can you post Both those logs

LoRoC116 · « **Reply #2 on:** November 03, 2008, 12:35:27 AM »

log.txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Haejin Om at 2008-11-03 00:33:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (3%) free of 76 GB
Total RAM: 1014 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:48 AM, on 11/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Haejin Om\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Haejin Om.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.jmu.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
O2 - BHO: (no name) - {00552751-19CC-4D2D-9767-F37E2692A9FE} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: OTSI Class - {85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597} - c:\program files\searchme\ots.dll (file missing)
O3 - Toolbar: (no name) - {00552751-19CC-4D2D-9767-F37E2692A9FE} - (no file)
O3 - Toolbar: (no name) - {E74BC74F-F470-4AD7-9FB4-1A4170A06082} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DrVirus] "C:\Program Files\DrVirus\DrVirus.exe" -sh
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {8FAC8093-435B-440A-B5C0-9130B7180844} (BugKorea Control) - http://down.bugkorea.net/bugkorea.cab
O16 - DPF: {92D0D610-A6FA-48D8-94CB-BD47FDF68655} (Launcher Class) - http://dl.ipop.co.kr/ipop/ipopx.cab
O16 - DPF: {9CDD57AC-CA86-464C-B920-3228A388CC78} (NaverFileControl Control) - http://file.naver.com/down/NaverFile.cab
O16 - DPF: {9DEFEDFC-8193-4BE6-AA60-B6375AB7C8BE} (Launcher Class) - http://patch.mnet.com/NaverMusic/ActiveX/naverx.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {AF60D574-F249-4243-8040-5521AAA5BB5E} (PandoraTVSet Class) - http://imgcdn.pandora.tv/pan_img/p3player/...ge/pdrtvset.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D572CD64-9310-4712-8FFC-A4F9DC9D4AC1} (QbicUpdate Control) - http://qbic.hanafos.com/component/QbicUpdate.CAB
O16 - DPF: {DDE6FED7-88AB-405B-9D77-FD4CDA8B9EB5} (Qbic Control) - http://qbic.hanafos.com/component/Qbic.CAB
O16 - DPF: {F4A1D5E2-AF49-47A7-A945-23038106F3A4} (Pandora_SetUp Control) - http://imgcdn.pandora.tv/pan_img/launcher/...ora_SetUpAX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A056601B-8C55-47D3-A63E-D0CB1710714E}: Domain = jmu.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{A056601B-8C55-47D3-A63E-D0CB1710714E}: NameServer = 134.126.13.11,134.126.64.11
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = jmu.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = jmu.edu
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wxvault.dll,avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe
O23 - Service: NTRU Hybrid TSS v2.0.7 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9332 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00552751-19CC-4D2D-9767-F37E2692A9FE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-11-02 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597}]
OTSI Class - c:\program files\searchme\ots.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{00552751-19CC-4D2D-9767-F37E2692A9FE}
{E74BC74F-F470-4AD7-9FB4-1A4170A06082}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2005-10-07 176128]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-12-13 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-12-13 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-12-13 118784]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2005-12-19 1347584]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2006-03-24 282624]
"Document Manager"=C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe [2006-03-09 98304]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-12-09 49152]
"DrVirus"=C:\Program Files\DrVirus\DrVirus.exe -sh []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-14 282624]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-02 1234712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"=C:\Program Files\NetWaiting\netWaiting.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"DW6"=C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Cisco Systems VPN Client.lnk - C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
EMBASSY Trust Suite Secure Update.lnk - C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wxvault.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-12-13 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
nwprovau
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\_ishieldA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\_ishieldB.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\WINDOWS\system32\Qbic.exe"="C:\WINDOWS\system32\Qbic.exe:*:Enabled:QBIC

?

?"
"C:\WINDOWS\system32\pdrtvsvr.exe"="C:\WINDOWS\system32\pdrtvsvr.exe:*:Enabled:PandoraTV VoD Control"
"C:\Program Files\Pruna\Pruna.exe"="C:\Program Files\Pruna\Pruna.exe:*:Enabled:pruna"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Neowiz\PMang\PMangDL20.exe"="C:\Program Files\Neowiz\PMang\PMangDL20.exe:*:Enabled:Ã‡Ã‡Â¸Ã Â°Ã”Ã€Ã“ Â´Ã™Â¿Ã®Â·ÃŽÂ´Ãµ Ver 2.0"
"C:\Program Files\Neowiz\PMang\Gostop\Gostop.exe"="C:\Program Files\Neowiz\PMang\Gostop\Gostop.exe:*:Enabled:Ã‡Ã‡Â¸Ã - Â°ÃÂ½ÂºÃ…Ã©"
"C:\Program Files\Neowiz\PMang\Gostop\\Gostop.exe"="C:\Program Files\Neowiz\PMang\Gostop\\Gostop.exe:*:Enabled:Ã‡Ã‡Â¸Ã - Â°ÃÂ½ÂºÃ…Ã©"
"C:\NEOWIZ_TEMP\PMang\PMangDL20.exe"="C:\NEOWIZ_TEMP\PMang\PMangDL20.exe:*:Enabled:Ã‡Ã‡Â¸Ã Â°Ã”Ã€Ã“ Â´Ã™Â¿Ã®Â·ÃŽÂ´Ãµ Ver 2.0"
"C:\Neowiz\Pmang\Gostop3\Gostop3.exe"="C:\Neowiz\Pmang\Gostop3\Gostop3.exe:*:Enabled:Â¸Ã‚Â°ÃÃ‡ÃƒÂ·Â¯Â½Âº"
"C:\Neowiz\Pmang\PMangDL20.exe"="C:\Neowiz\Pmang\PMangDL20.exe:*:Enabled:Ã‡Ã‡Â¸Ã Â°Ã”Ã€Ã“ Â´Ã™Â¿Ã®Â·ÃŽÂ´Ãµ Ver 2.0"
"C:\Neowiz\Pmang\Gostop3\\Gostop3.exe"="C:\Neowiz\Pmang\Gostop3\\Gostop3.exe:*:Enabled:Â¸Ã‚Â°ÃÃ‡ÃƒÂ·Â¯Â½Âº"
"C:\Neowiz\Pmang\Gostop\Gostop.exe"="C:\Neowiz\Pmang\Gostop\Gostop.exe:*:Enabled:Â°ÃÂ½ÂºÃ…Ã©"
"C:\Neowiz\Pmang\Gostop\\Gostop.exe"="C:\Neowiz\Pmang\Gostop\\Gostop.exe:*:Enabled:Â°ÃÂ½ÂºÃ…Ã©"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pruna\Pruna.exe"="C:\Program Files\Pruna\Pruna.exe:*:Enabled:pruna"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f3229c1-93d9-11db-b6d0-0016cf2821dc}]
shell\AutoRun\command - E:\LaunchU3.exe

======List of files/folders created in the last 3 months======

2008-11-03 00:33:34 ----D---- C:\rsit
2008-11-02 23:50:11 ----HD---- C:\$AVG8.VAULT$
2008-11-02 23:46:20 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-11-02 23:45:59 ----D---- C:\Program Files\AVG
2008-11-02 23:45:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-11-02 23:27:02 ----D---- C:\Documents and Settings\Haejin Om\Application Data\Mozilla
2008-11-02 23:26:24 ----D---- C:\Program Files\Mozilla Firefox
2008-11-02 13:00:12 ----D---- C:\Program Files\Trend Micro
2008-11-02 12:07:42 ----D---- C:\Program Files\Netflix
2008-11-02 09:29:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-02 09:28:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-02 09:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-02 09:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-02 09:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-02 09:23:28 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-02 04:13:06 ----D---- C:\Documents and Settings\Haejin Om\Application Data\MSNInstaller
2008-09-29 14:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-28 13:26:47 ----D---- C:\WINDOWS\Prefetch
2008-09-28 13:23:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-28 13:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-28 13:22:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-28 13:22:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-28 13:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-28 13:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-09-28 13:22:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-28 13:21:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-28 13:21:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-28 13:21:28 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-28 13:21:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-28 13:10:29 ----D---- C:\WINDOWS\system32\scripting
2008-09-28 13:10:21 ----D---- C:\WINDOWS\l2schemas
2008-09-28 13:10:19 ----D---- C:\WINDOWS\system32\en
2008-09-28 13:10:18 ----D---- C:\WINDOWS\system32\bits
2008-09-28 13:04:18 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-28 12:49:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-10 02:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-10 02:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-06 05:31:13 ----D---- C:\Documents and Settings\Haejin Om\Application Data\SmartDraw
2008-09-06 05:27:12 ----D---- C:\Program Files\SmartDraw 2009
2008-08-30 06:05:23 ----D---- C:\WINDOWS\network diagnostic
2008-08-30 06:01:29 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-08-30 06:01:29 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\lsasrv.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\locator.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\localspl.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\ftp.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\format.com
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\cmd.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\cacls.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\autochk.exe
2008-08-30 06:00:21 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\printui.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-08-30 06:00:20 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\userinit.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\untfs.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\ulib.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\smss.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\services.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\schannel.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\savedump.exe
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\samlib.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-08-30 06:00:19 ----A---- C:\WINDOWS\system32\rasman.dll
2008-08-30 06:00:18 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-08-30 06:00:18 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-08-30 06:00:16 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-30 06:00:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-30 06:00:16 ----A---- C:\WINDOWS\system32\HAL.DLL
2008-08-24 02:26:02 ----A---- C:\WINDOWS\system32\SET141.tmp
2008-08-24 02:26:02 ----A---- C:\WINDOWS\system32\SET140.tmp
2008-08-24 02:26:01 ----A---- C:\WINDOWS\system32\SET145.tmp
2008-08-24 02:26:01 ----A---- C:\WINDOWS\system32\SET143.tmp
2008-08-24 02:26:00 ----A---- C:\WINDOWS\system32\SET14A.tmp
2008-08-24 02:26:00 ----A---- C:\WINDOWS\system32\SET147.tmp
2008-08-24 02:25:59 ----A---- C:\WINDOWS\system32\SET152.tmp
2008-08-24 02:25:59 ----A---- C:\WINDOWS\system32\SET14F.tmp
2008-08-24 02:25:59 ----A---- C:\WINDOWS\system32\SET14E.tmp
2008-08-24 02:25:55 ----A---- C:\WINDOWS\system32\SET15C.tmp
2008-08-24 02:25:55 ----A---- C:\WINDOWS\system32\SET15B.tmp
2008-08-24 02:25:54 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-24 02:25:54 ----A---- C:\WINDOWS\system32\SET15D.tmp
2008-08-24 02:25:53 ----A---- C:\WINDOWS\system32\SET165.tmp
2008-08-24 02:25:53 ----A---- C:\WINDOWS\system32\SET164.tmp
2008-08-24 02:25:53 ----A---- C:\WINDOWS\system32\SET162.tmp
2008-08-24 02:25:53 ----A---- C:\WINDOWS\system32\SET161.tmp
2008-08-24 02:25:53 ----A---- C:\WINDOWS\system32\SET160.tmp
2008-08-24 02:25:52 ----A---- C:\WINDOWS\system32\SET16A.tmp
2008-08-24 02:25:52 ----A---- C:\WINDOWS\system32\SET169.tmp
2008-08-24 02:25:52 ----A---- C:\WINDOWS\system32\SET168.tmp
2008-08-24 02:25:49 ----A---- C:\WINDOWS\system32\SET177.tmp
2008-08-24 02:25:48 ----A---- C:\WINDOWS\system32\SET179.tmp
2008-08-24 02:25:48 ----A---- C:\WINDOWS\system32\SET178.tmp
2008-08-24 02:25:45 ----A---- C:\WINDOWS\system32\SET17E.tmp
2008-08-24 02:25:45 ----A---- C:\WINDOWS\system32\SET17C.tmp
2008-08-24 02:25:44 ----A---- C:\WINDOWS\system32\SET183.tmp
2008-08-24 02:25:44 ----A---- C:\WINDOWS\system32\SET17F.tmp
2008-08-24 02:25:42 ----A---- C:\WINDOWS\system32\SET189.tmp
2008-08-24 02:25:42 ----A---- C:\WINDOWS\system32\SET188.tmp
2008-08-24 02:25:42 ----A---- C:\WINDOWS\system32\SET186.tmp
2008-08-24 02:25:41 ----A---- C:\WINDOWS\system32\SET18C.tmp
2008-08-24 02:25:41 ----A---- C:\WINDOWS\system32\SET18A.tmp
2008-08-24 02:25:37 ----A---- C:\WINDOWS\system32\SET197.tmp
2008-08-24 02:25:37 ----A---- C:\WINDOWS\system32\SET194.tmp
2008-08-24 02:25:37 ----A---- C:\WINDOWS\system32\SET193.tmp
2008-08-24 02:25:37 ----A---- C:\WINDOWS\system32\SET192.tmp
2008-08-24 02:25:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-24 02:25:34 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-24 02:25:34 ----A---- C:\WINDOWS\system32\SET19D.tmp
2008-08-24 02:25:31 ----A---- C:\WINDOWS\system32\SET1A4.tmp
2008-08-24 02:25:31 ----A---- C:\WINDOWS\system32\SET1A3.tmp
2008-08-24 02:25:30 ----A---- C:\WINDOWS\system32\SET1A7.tmp
2008-08-24 02:25:29 ----A---- C:\WINDOWS\system32\SET1AB.tmp
2008-08-24 02:25:29 ----A---- C:\WINDOWS\system32\SET1AA.tmp
2008-08-24 02:25:23 ----A---- C:\WINDOWS\system32\SET1B3.tmp
2008-08-24 02:25:23 ----A---- C:\WINDOWS\system32\SET1B2.tmp
2008-08-24 02:25:22 ----A---- C:\WINDOWS\system32\SET1BA.tmp
2008-08-24 02:25:22 ----A---- C:\WINDOWS\system32\SET1B6.tmp
2008-08-24 02:25:20 ----A---- C:\WINDOWS\system32\SET1CB.tmp
2008-08-24 02:25:20 ----A---- C:\WINDOWS\system32\SET1CA.tmp
2008-08-24 02:25:20 ----A---- C:\WINDOWS\system32\SET1C9.tmp
2008-08-24 02:25:20 ----A---- C:\WINDOWS\system32\SET1C7.tmp
2008-08-24 02:25:19 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-08-24 02:25:19 ----A---- C:\WINDOWS\system32\SET1CC.tmp
2008-08-24 02:25:17 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-08-24 02:25:17 ----A---- C:\WINDOWS\system32\SET1CE.tmp
2008-08-24 02:25:17 ----A---- C:\WINDOWS\system32\SET1CD.tmp
2008-08-24 02:25:13 ----N---- C:\WINDOWS\system32\slserv.exe
2008-08-24 02:25:13 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-08-24 02:25:13 ----N---- C:\WINDOWS\system32\slgen.dll
2008-08-24 02:25:13 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-08-24 02:25:13 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-08-24 02:25:13 ----N---- C:\WINDOWS\slrundll.exe
2008-08-24 02:25:12 ----A---- C:\WINDOWS\system32\SET1DC.tmp
2008-08-24 02:25:11 ----A---- C:\WINDOWS\system32\SET1E5.tmp
2008-08-24 02:25:11 ----A---- C:\WINDOWS\system32\SET1E3.tmp
2008-08-24 02:25:11 ----A---- C:\WINDOWS\system32\SET1E1.tmp
2008-08-24 02:25:09 ----A---- C:\WINDOWS\system32\SET1E7.tmp
2008-08-24 02:25:09 ----A---- C:\WINDOWS\system32\SET1E6.tmp
2008-08-24 02:25:08 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-24 02:25:08 ----A---- C:\WINDOWS\system32\SET1EB.tmp
2008-08-24 02:25:08 ----A---- C:\WINDOWS\system32\SET1EA.tmp
2008-08-24 02:25:07 ----A---- C:\WINDOWS\system32\SET1F5.tmp
2008-08-24 02:25:07 ----A---- C:\WINDOWS\system32\SET1F4.tmp
2008-08-24 02:25:07 ----A---- C:\WINDOWS\system32\SET1F3.tmp
2008-08-24 02:25:07 ----A---- C:\WINDOWS\system32\SET1F0.tmp
2008-08-24 02:25:07 ----A---- C:\WINDOWS\system32\SET1EF.tmp
2008-08-24 02:25:06 ----A---- C:\WINDOWS\system32\SET1FC.tmp
2008-08-24 02:25:06 ----A---- C:\WINDOWS\system32\SET1FB.tmp
2008-08-24 02:25:05 ----A---- C:\WINDOWS\system32\SET1FD.tmp
2008-08-24 02:25:02 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-08-24 02:25:01 ----A---- C:\WINDOWS\system32\SET205.tmp
2008-08-24 02:25:00 ----A---- C:\WINDOWS\system32\SET20D.tmp
2008-08-24 02:25:00 ----A---- C:\WINDOWS\system32\SET20C.tmp
2008-08-24 02:25:00 ----A---- C:\WINDOWS\system32\SET20B.tmp
2008-08-24 02:24:59 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-24 02:24:59 ----A---- C:\WINDOWS\system32\SET211.tmp
2008-08-24 02:24:59 ----A---- C:\WINDOWS\system32\SET20F.tmp
2008-08-24 02:24:58 ----A---- C:\WINDOWS\system32\SET217.tmp
2008-08-24 02:24:58 ----A---- C:\WINDOWS\system32\SET216.tmp
2008-08-24 02:24:57 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-24 02:24:57 ----A---- C:\WINDOWS\system32\SET223.tmp
2008-08-24 02:24:56 ----A---- C:\WINDOWS\system32\SET228.tmp
2008-08-24 02:24:56 ----A---- C:\WINDOWS\system32\SET227.tmp
2008-08-24 02:24:56 ----A---- C:\WINDOWS\system32\SET225.tmp
2008-08-24 02:24:55 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-24 02:24:55 ----A---- C:\WINDOWS\system32\SET229.tmp
2008-08-24 02:24:53 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-24 02:24:53 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-24 02:24:53 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-24 02:24:53 ----A---- C:\WINDOWS\system32\SET235.tmp
2008-08-24 02:24:52 ----A---- C:\WINDOWS\system32\SET238.tmp
2008-08-24 02:24:52 ----A---- C:\WINDOWS\system32\SET237.tmp
2008-08-24 02:24:51 ----A---- C:\WINDOWS\system32\SET23D.tmp
2008-08-24 02:24:51 ----A---- C:\WINDOWS\system32\SET23B.tmp
2008-08-24 02:24:50 ----A---- C:\WINDOWS\system32\SET240.tmp
2008-08-24 02:24:45 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-24 02:24:45 ----A---- C:\WINDOWS\system32\SET253.tmp
2008-08-24 02:24:45 ----A---- C:\WINDOWS\system32\SET251.tmp
2008-08-24 02:24:44 ----A---- C:\WINDOWS\system32\SET255.tmp
2008-08-24 02:24:44 ----A---- C:\WINDOWS\system32\SET254.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET26C.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET26B.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET26A.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET268.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET267.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET266.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET264.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET263.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET262.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET261.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET260.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET25D.tmp
2008-08-24 02:24:43 ----A---- C:\WINDOWS\system32\SET25C.tmp
2008-08-24 02:24:42 ----A---- C:\WINDOWS\system32\SET5B6.tmp
2008-08-24 02:24:42 ----A---- C:\WINDOWS\system32\SET26E.tmp
2008-08-24 02:24:41 ----A---- C:\WINDOWS\system32\SET5B7.tmp
2008-08-24 02:24:39 ----A---- C:\WINDOWS\system32\SET271.tmp
2008-08-24 02:24:37 ----A---- C:\WINDOWS\system32\SET277.tmp
2008-08-24 02:24:37 ----A---- C:\WINDOWS\system32\SET276.tmp
2008-08-24 02:24:35 ----A---- C:\WINDOWS\system32\SET278.tmp
2008-08-24 02:24:31 ----A---- C:\WINDOWS\system32\SET27F.tmp
2008-08-24 02:24:31 ----A---- C:\WINDOWS\system32\SET27E.tmp
2008-08-24 02:24:31 ----A---- C:\WINDOWS\system32\SET27D.tmp
2008-08-24 02:24:30 ----A---- C:\WINDOWS\system32\SET28A.tmp
2008-08-24 02:24:30 ----A---- C:\WINDOWS\system32\SET287.tmp
2008-08-24 02:24:30 ----A---- C:\WINDOWS\system32\SET286.tmp
2008-08-24 02:24:30 ----A---- C:\WINDOWS\system32\SET284.tmp
2008-08-24 02:24:30 ----A---- C:\WINDOWS\system32\SET281.tmp
2008-08-24 02:24:29 ----A---- C:\WINDOWS\system32\SET28E.tmp
2008-08-24 02:24:29 ----A---- C:\WINDOWS\system32\SET28B.tmp
2008-08-24 02:24:28 ----A---- C:\WINDOWS\system32\SET292.tmp
2008-08-24 02:24:28 ----A---- C:\WINDOWS\system32\SET291.tmp
2008-08-24 02:24:27 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-24 02:24:27 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-24 02:24:27 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-24 02:24:26 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-08-24 02:24:26 ----A---- C:\WINDOWS\system32\SET299.tmp
2008-08-24 02:24:26 ----A---- C:\WINDOWS\system32\SET294.tmp
2008-08-24 02:24:25 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-24 02:24:25 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-24 02:24:24 ----A---- C:\WINDOWS\system32\SET29E.tmp
2008-08-24 02:24:24 ----A---- C:\WINDOWS\system32\SET29B.tmp
2008-08-24 02:24:23 ----A---- C:\WINDOWS\system32\SET2A8.tmp
2008-08-24 02:24:23 ----A---- C:\WINDOWS\system32\SET2A6.tmp
2008-08-24 02:24:23 ----A---- C:\WINDOWS\system32\SET2A5.tmp
2008-08-24 02:24:23 ----A---- C:\WINDOWS\system32\SET2A4.tmp
2008-08-24 02:24:22 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-24 02:24:22 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-24 02:24:22 ----A---- C:\WINDOWS\system32\SET2A9.tmp
2008-08-24 02:24:21 ----A---- C:\WINDOWS\system32\SET2AF.tmp
2008-08-24 02:24:20 ----A---- C:\WINDOWS\system32\SET2B2.tmp
2008-08-24 02:24:20 ----A---- C:\WINDOWS\system32\SET2B1.tmp
2008-08-24 02:24:20 ----A---- C:\WINDOWS\system32\SET2B0.tmp
2008-08-24 02:24:13 ----A---- C:\WINDOWS\system32\SET2BB.tmp
2008-08-24 02:24:13 ----A---- C:\WINDOWS\system32\SET2BA.tmp
2008-08-24 02:24:13 ----A---- C:\WINDOWS\system32\SET2B9.tmp
2008-08-24 02:24:13 ----A---- C:\WINDOWS\system32\SET2B8.tmp
2008-08-24 02:24:12 ----A---- C:\WINDOWS\system32\SET2BF.tmp
2008-08-24 02:24:12 ----A---- C:\WINDOWS\system32\SET2BD.tmp
2008-08-24 02:24:12 ----A---- C:\WINDOWS\system32\SET2BC.tmp
2008-08-24 02:24:11 ----A---- C:\WINDOWS\system32\SET2C1.tmp
2008-08-24 02:24:08 ----A---- C:\WINDOWS\system32\SET2C4.tmp
2008-08-24 02:24:06 ----A---- C:\WINDOWS\system32\SET2CE.tmp
2008-08-24 02:24:05 ----A---- C:\WINDOWS\system32\SET2D2.tmp
2008-08-24 02:24:05 ----A---- C:\WINDOWS\system32\SET2D1.tmp
2008-08-24 02:24:05 ----A---- C:\WINDOWS\system32\SET2D0.tmp
2008-08-24 02:24:00 ----A---- C:\WINDOWS\system32\SET2D6.tmp
2008-08-24 02:23:58 ----A---- C:\WINDOWS\system32\SET5B9.tmp
2008-08-24 02:23:58 ----A---- C:\WINDOWS\system32\SET2DB.tmp
2008-08-24 02:23:57 ----A---- C:\WINDOWS\system32\SET5BF.tmp
2008-08-24 02:23:56 ----A---- C:\WINDOWS\system32\SET2DE.tmp
2008-08-24 02:23:56 ----A---- C:\WINDOWS\system32\SET2DD.tmp
2008-08-24 02:23:54 ----A---- C:\WINDOWS\system32\SET2E3.tmp
2008-08-24 02:23:53 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-24 02:23:53 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-24 02:23:53 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-24 02:23:53 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-24 02:23:52 ----A---- C:\WINDOWS\system32\SET2EE.tmp
2008-08-24 02:23:50 ----N---- C:\WINDOWS\system32\SET2F4.tmp
2008-08-24 02:23:50 ----A---- C:\WINDOWS\system32\SET2F3.tmp
2008-08-24 02:23:50 ----A---- C:\WINDOWS\system32\SET2F2.tmp
2008-08-24 02:23:49 ----A---- C:\WINDOWS\system32\SET2F7.tmp
2008-08-24 02:23:46 ----A---- C:\WINDOWS\system32\SET306.tmp
2008-08-24 02:23:46 ----A---- C:\WINDOWS\system32\SET301.tmp
2008-08-24 02:23:46 ----A---- C:\WINDOWS\system32\SET2FF.tmp
2008-08-24 02:23:45 ----A---- C:\WINDOWS\system32\SET308.tmp
2008-08-24 02:23:36 ----A---- C:\WINDOWS\system32\SET33F.tmp
2008-08-24 02:23:33 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-24 02:23:32 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-24 02:23:32 ----A---- C:\WINDOWS\system32\SET310.tmp
2008-08-24 02:23:32 ----A---- C:\WINDOWS\system32\SET30E.tmp
2008-08-24 02:23:31 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-24 02:23:31 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-24 02:23:30 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-24 02:23:30 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-24 02:23:29 ----A---- C:\WINDOWS\system32\SET31A.tmp
2008-08-24 02:23:25 ----A---- C:\WINDOWS\system32\SET324.tmp
2008-08-24 02:23:24 ----A---- C:\WINDOWS\system32\SET329.tmp
2008-08-24 02:23:22 ----A---- C:\WINDOWS\system32\SET32F.tmp
2008-08-24 02:23:22 ----A---- C:\WINDOWS\system32\SET32D.tmp
2008-08-24 02:23:21 ----A---- C:\WINDOWS\system32\SET331.tmp
2008-08-24 02:23:06 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-08-24 02:23:06 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-08-24 02:22:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-08-24 02:22:55 ----A---- C:\WINDOWS\system32\SET337.tmp
2008-08-24 02:22:54 ----A---- C:\WINDOWS\system32\SET33B.tmp
2008-08-24 02:22:50 ----A---- C:\WINDOWS\system32\SET34C.tmp
2008-08-24 02:22:48 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-08-24 02:22:47 ----A---- C:\WINDOWS\system32\SET353.tmp
2008-08-24 02:22:47 ----A---- C:\WINDOWS\system32\SET351.tmp
2008-08-24 02:22:46 ----A---- C:\WINDOWS\system32\SET354.tmp
2008-08-24 02:22:43 ----A---- C:\WINDOWS\system32\SET35A.tmp
2008-08-24 02:22:42 ----A---- C:\WINDOWS\system32\SET35E.tmp
2008-08-24 02:22:35 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-08-24 02:22:35 ----A---- C:\WINDOWS\003093_.tmp
2008-08-24 02:22:35 ----A---- C:\WINDOWS\003087_.tmp
2008-08-24 02:22:34 ----A---- C:\WINDOWS\SET451.tmp
2008-08-24 02:22:33 ----A---- C:\WINDOWS\system32\SET371.tmp
2008-08-24 02:22:33 ----A---- C:\WINDOWS\system32\SET370.tmp
2008-08-24 02:22:33 ----A---- C:\WINDOWS\system32\SET36F.tmp
2008-08-24 02:22:33 ----A---- C:\WINDOWS\system32\SET36D.tmp
2008-08-24 02:22:31 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-24 02:22:31 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-24 02:22:31 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-24 02:22:31 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-24 02:22:31 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-24 02:22:31 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-24 02:22:30 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-24 02:22:30 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-24 02:22:27 ----A---- C:\WINDOWS\system32\SET37D.tmp
2008-08-24 02:22:26 ----A---- C:\WINDOWS\system32\SET388.tmp
2008-08-24 02:22:24 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-24 02:22:24 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-24 02:22:24 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-24 02:22:24 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-24 02:22:24 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-24 02:22:24 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-24 02:22:23 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-24 02:22:23 ----A---- C:\WINDOWS\system32\SET39B.tmp
2008-08-24 02:22:23 ----A---- C:\WINDOWS\system32\SET39A.tmp
2008-08-24 02:22:21 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-24 02:22:20 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-24 02:22:19 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-24 02:22:18 ----A---- C:\WINDOWS\system32\SET3C0.tmp
2008-08-24 02:22:18 ----A---- C:\WINDOWS\system32\SET3BD.tmp
2008-08-24 02:22:18 ----A---- C:\WINDOWS\system32\SET3BC.tmp
2008-08-24 02:22:17 ----A---- C:\WINDOWS\system32\SET3C8.tmp
2008-08-24 02:22:17 ----A---- C:\WINDOWS\system32\SET3C5.tmp
2008-08-24 02:22:15 ----A---- C:\WINDOWS\system32\SET3D1.tmp
2008-08-24 02:22:15 ----A---- C:\WINDOWS\system32\SET3D0.tmp
2008-08-24 02:22:15 ----A---- C:\WINDOWS\system32\SET3CF.tmp
2008-08-24 02:22:14 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3DB.tmp
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3DA.tmp
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3D8.tmp
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3D6.tmp
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3D5.tmp
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3D4.tmp
2008-08-24 02:22:14 ----A---- C:\WINDOWS\system32\SET3D3.tmp
2008-08-24 02:22:13 ----A---- C:\WINDOWS\system32\SET3DD.tmp
2008-08-24 02:22:12 ----A---- C:\WINDOWS\system32\SET3E2.tmp
2008-08-24 02:22:12 ----A---- C:\WINDOWS\system32\SET3E0.tmp
2008-08-24 02:22:11 ----A---- C:\WINDOWS\system32\SET3E8.tmp
2008-08-24 02:22:11 ----A---- C:\WINDOWS\system32\SET3E7.tmp
2008-08-24 02:22:10 ----A---- C:\WINDOWS\system32\SET3F0.tmp
2008-08-24 02:22:08 ----A---- C:\WINDOWS\system32\SET3F6.tmp
2008-08-24 02:22:05 ----A---- C:\WINDOWS\system32\SET405.tmp
2008-08-24 02:22:05 ----A---- C:\WINDOWS\system32\SET403.tmp
2008-08-24 02:22:05 ----A---- C:\WINDOWS\system32\SET400.tmp
2008-08-24 02:22:05 ----A---- C:\WINDOWS\system32\SET3FD.tmp
2008-08-24 02:22:04 ----A---- C:\WINDOWS\system32\SET409.tmp
2008-08-24 02:22:03 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-24 02:22:03 ----A---- C:\WINDOWS\system32\SET412.tmp
2008-08-24 02:22:03 ----A---- C:\WINDOWS\system32\SET411.tmp
2008-08-24 02:22:03 ----A---- C:\WINDOWS\system32\SET40D.tmp
2008-08-24 02:22:03 ----A---- C:\WINDOWS\system32\SET40C.tmp
2008-08-24 02:22:02 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-24 02:22:02 ----A---- C:\WINDOWS\system32\SET417.tmp
2008-08-24 02:22:02 ----A---- C:\WINDOWS\system32\SET416.tmp
2008-08-24 02:22:01 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-08-24 02:22:01 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-08-24 02:22:01 ----A---- C:\WINDOWS\system32\SET41C.tmp
2008-08-24 02:22:00 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-08-24 02:22:00 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-08-24 02:21:59 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-08-24 02:21:58 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-08-24 02:21:58 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-08-24 02:21:57 ----A---- C:\WINDOWS\system32\SET41E.tmp
2008-08-24 02:21:53 ----A---- C:\WINDOWS\system32\SET421.tmp
2008-08-24 02:21:52 ----A---- C:\WINDOWS\system32\SET424.tmp
2008-08-24 02:21:49 ----A---- C:\WINDOWS\system32\SET428.tmp
2008-08-24 02:21:48 ----A---- C:\WINDOWS\system32\SET42A.tmp
2008-08-24 02:21:47 ----A---- C:\WINDOWS\system32\SET42C.tmp
2008-08-24 02:21:46 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-24 02:21:46 ----A---- C:\WINDOWS\system32\SET42E.tmp
2008-08-14 01:02:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-14 01:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-14 01:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 01:01:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-14 00:59:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 00:59:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-14 00:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$

======List of files/folders modified in the last 3 months======

2008-11-03 00:33:48 ----D---- C:\WINDOWS\Temp
2008-11-03 00:29:12 ----D---- C:\WINDOWS\system32
2008-11-02 23:50:11 ----D---- C:\Program Files\pointre
2008-11-02 23:46:19 ----D---- C:\WINDOWS\system32\drivers
2008-11-02 23:45:59 ----RD---- C:\Program Files
2008-11-02 23:45:49 ----SHD---- C:\WINDOWS\Installer
2008-11-02 23:45:48 ----D---- C:\WINDOWS\WinSxS
2008-11-02 23:45:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-02 23:45:15 ----SD---- C:\Documents and Settings\Haejin Om\Application Data\Microsoft
2008-11-02 23:45:14 ----D---- C:\WINDOWS
2008-11-02 23:34:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-02 23:34:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-02 23:33:53 ----D---- C:\Program Files\The Weather Channel FW
2008-11-02 23:23:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-02 23:22:25 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-02 23:16:03 ----D---- C:\Program Files\Yahoo!
2008-11-02 23:13:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-02 23:09:56 ----D---- C:\Program Files\Dell
2008-11-02 22:53:12 ----D---- C:\Program Files\Windows Live Toolbar
2008-11-02 22:52:50 ----SD---- C:\WINDOWS\Tasks
2008-11-02 22:51:06 ----D---- C:\Program Files\Symantec
2008-11-02 22:51:06 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-02 22:51:01 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-11-02 22:43:52 ----D---- C:\Python24
2008-11-02 22:33:12 ----D---- C:\Program Files\ArcGIS
2008-11-02 22:32:07 ----D---- C:\Program Files\Common Files
2008-11-02 22:31:15 ----D---- C:\Program Files\Microsoft Office
2008-11-02 22:31:14 ----D---- C:\Program Files\Common Files\DESIGNER
2008-11-02 22:31:10 ----D---- C:\Program Files\Common Files\ESRI
2008-11-02 22:28:32 ----D---- C:\Program Files\ESRI
2008-11-02 22:15:30 ----D---- C:\Program Files\GRETECH
2008-11-02 22:15:14 ----D---- C:\ZeroGame
2008-11-02 22:14:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-02 09:29:05 ----HD---- C:\WINDOWS\inf
2008-11-02 09:29:03 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-02 09:28:59 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-02 09:28:58 ----A---- C:\WINDOWS\imsins.BAK
2008-11-02 09:28:17 ----D---- C:\Program Files\Internet Explorer
2008-11-02 04:13:08 ----D---- C:\Program Files\MSN
2008-11-02 04:10:17 ----D---- C:\Program Files\Best Buy Rhapsody
2008-10-31 00:59:01 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-30 19:47:40 ----D---- C:\Documents and Settings\Haejin Om\Application Data\U3
2008-10-19 01:39:18 ----D---- C:\Program Files\BugKorea
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-07 14:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-03 12:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-28 15:37:58 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-28 13:26:50 ----A---- C:\WINDOWS\setuplog.txt
2008-09-28 13:26:02 ----D---- C:\WINDOWS\system32\Setup
2008-09-28 13:26:02 ----D---- C:\WINDOWS\AppPatch
2008-09-28 13:26:00 ----D---- C:\WINDOWS\system32\wbem
2008-09-28 13:25:56 ----RSD---- C:\WINDOWS\Fonts
2008-09-28 13:24:57 ----D---- C:\WINDOWS\security
2008-09-28 13:21:31 ----D---- C:\Program Files\Messenger
2008-09-28 13:11:13 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-28 13:11:13 ----D---- C:\WINDOWS\ime
2008-09-28 13:11:13 ----D---- C:\WINDOWS\Help
2008-09-28 13:10:33 ----D---- C:\WINDOWS\system32\usmt
2008-09-28 13:10:33 ----D---- C:\WINDOWS\system32\en-US
2008-09-28 13:10:18 ----D---- C:\WINDOWS\PeerNet
2008-09-28 13:10:17 ----D---- C:\Program Files\Movie Maker
2008-09-28 13:04:03 ----D---- C:\WINDOWS\system32\Restore
2008-09-28 13:04:03 ----D---- C:\WINDOWS\system32\npp
2008-09-28 13:04:02 ----D---- C:\WINDOWS\mui
2008-09-28 13:04:00 ----D---- C:\WINDOWS\msagent
2008-09-28 13:03:58 ----D---- C:\WINDOWS\srchasst
2008-09-28 13:03:50 ----D---- C:\Program Files\NetMeeting
2008-09-28 13:03:47 ----D---- C:\WINDOWS\system32\Com
2008-09-28 13:03:40 ----D---- C:\Program Files\Windows Media Player
2008-09-28 13:03:39 ----D---- C:\Program Files\Outlook Express
2008-09-28 13:03:31 ----D---- C:\Program Files\Common Files\System
2008-09-28 13:02:41 ----D---- C:\WINDOWS\system32\oobe
2008-09-28 13:02:35 ----D---- C:\WINDOWS\system
2008-09-28 12:56:38 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-28 12:49:45 ----D---- C:\WINDOWS\ehome
2008-09-05 22:30:42 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 22:30:06 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 22:29:58 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-08-27 03:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 02:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 02:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 02:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 02:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 02:24:29 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 02:24:29 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 03:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 03:37:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-24 01:45:39 ----D---- C:\WINDOWS\Debug
2008-08-23 00:54:51 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-08-23 00:23:29 ----D---- C:\Documents and Settings\Haejin Om\Application Data\Skype
2008-08-22 23:47:19 ----D---- C:\Documents and Settings\Haejin Om\Application Data\skypePM
2008-08-17 20:54:59 ----D---- C:\Program Files\eMule
2008-08-15 23:35:31 ----A---- C:\WINDOWS\cdplayer.ini
2008-08-15 22:29:15 ----D---- C:\Documents and Settings\Haejin Om\Application Data\Real
2008-08-15 13:23:13 ----D---- C:\Documents and Settings\Haejin Om\Application Data\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-02 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-02 26824]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-02 76040]
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2008-03-01 8413]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-04 12544]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Co

guestolo · « **Reply #3 on:** November 04, 2008, 11:31:49 AM »

Can you now do the following
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

In addition, can you post a fresh Hijackthis log

TheTechGuide Forum

News:

Author Topic: Repairs (Read 379 times)

LoRoC116

Repairs

guestolo

Repairs

LoRoC116

Repairs

guestolo

Repairs