Hijack log! Meget langsom computer

Afinstaller
* BearShare
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284
* Logitech Desktop Messenger (*)
via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

---------------------------------------

... Nu er der ikke alle (u)ønskede elementer som viser sig med en HiJackThis Log; hvis du har 'mod' på det så gennemfør proceduren herfra -> http://www.eksperten.dk/artikler/1123

http://www.ccleaner.com/download
Hent denne, kør en rens og en gang problemer, slet det den finder.

Her er så de 4 logs langt om længe =)

********************************* ROOTCHK-(5-12-07)-LOG, by ejvindh
26-12-2007 19:31:15,18

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-26 19:31:16
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:30:34, on 26-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Alec Hoang\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm130YYDK
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://smb-support.vaio-link.com/eSupport/PortalJSP/Portal.jsp
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.10.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/games/ricochet-lost-worlds/en/ReflexiveWebGameLoader.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/snailmail/sis/slgwebinstall.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/sis/mjolauncher.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.shockwave.com/content/tumblebugs/sis/axhost.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - http://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

--
End of file - 12810 bytes

ComboFix 07-12-21.4 - Alec Hoang 2007-12-26 19:34:08.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.114 [GMT 1:00]
Running from: C:\Documents and Settings\Alec Hoang\Desktop\New Folder\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Alec Hoang\Application Data\FunWebProducts
C:\Documents and Settings\Alec Hoang\Application Data\FunWebProducts\Data\Alec Hoang\avatar.dat
C:\Documents and Settings\Friends & Family\Application Data\macromedia\Flash Player\#SharedObjects\VXCWA6PC\www.broadcaster.com
C:\Documents and Settings\Friends & Family\Application Data\macromedia\Flash Player\#SharedObjects\VXCWA6PC\www.broadcaster.com\played_list.sol
C:\Documents and Settings\Friends & Family\Application Data\macromedia\Flash Player\#SharedObjects\VXCWA6PC\www.broadcaster.com\video_queue.sol
C:\Documents and Settings\Friends & Family\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Friends & Family\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\system32\drivers\sfsync02.sys

.
(((((((((((((((((((((((((((((((((((((((  Drivers/Services  )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NWSAPAGENT
-------\LEGACY_SFSYNC02
-------\nm
-------\NwSapAgent
-------\sfsync02


(((((((((((((((((((((((((  Files Created from 2007-11-26 to 2007-12-26  )))))))))))))))))))))))))))))))
.

2007-12-26 17:23 . 2007-12-26 17:50    <DIR>    d--------    C:\Program Files\SUPERAntiSpyware
2007-12-26 17:23 . 2007-12-26 17:23    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-26 17:23 . 2007-12-26 17:23    <DIR>    d--------    C:\Documents and Settings\Alec Hoang\Application Data\SUPERAntiSpyware.com
2007-12-26 17:22 . 2007-12-26 17:22    <DIR>    d--------    C:\Program Files\Common Files\Wise Installation Wizard
2007-12-26 17:16 . 2007-12-26 17:17    <DIR>    d--------    C:\Program Files\Yahoo!
2007-12-26 17:16 . 2007-12-26 17:16    <DIR>    d--------    C:\Program Files\CCleaner
2007-12-26 16:06 . 2007-07-30 19:19    271,224    --a------    C:\WINDOWS\system32\mucltui.dll
2007-12-26 16:06 . 2007-07-30 19:19    207,736    --a------    C:\WINDOWS\system32\muweb.dll
2007-12-26 16:06 . 2007-07-30 19:19    30,072    --a------    C:\WINDOWS\system32\mucltui.dll.mui
2007-12-26 00:26 . 2006-11-29 13:06    3,426,072    --a------    C:\WINDOWS\system32\d3dx9_32.dll
2007-12-26 00:17 . 2007-12-26 00:17    <DIR>    d--------    C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-26 00:03 . 2007-12-26 00:27    <DIR>    d--------    C:\Program Files\Windows Live
2007-12-26 00:03 . 2007-12-26 00:09    <DIR>    d--hsc---    C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-26 00:02 . 2007-12-26 00:02    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-25 21:39 . 2007-12-25 21:40    <DIR>    d--------    C:\Soldat
2007-12-25 21:39 . 2007-12-25 21:39    <DIR>    d--------    C:\Documents and Settings\Alec Hoang\Application Data\Soldat
2007-12-25 11:41 . 2007-09-24 23:31    69,632    --a------    C:\WINDOWS\system32\javacpl.cpl
2007-12-20 19:33 . 2007-12-26 17:10    <DIR>    d--------    C:\Program Files\BearShare Applications
2007-12-20 19:33 . 2006-11-12 11:39    483,328    --a------    C:\WINDOWS\system32\actskn45.ocx
2007-12-16 14:16 . 2007-12-16 14:16    <DIR>    d--------    C:\WINDOWS\system32\zk_sc dir
2007-12-16 14:16 . 2007-12-16 14:16    203,264    --a------    C:\WINDOWS\system32\zk_sc.scr
2007-12-05 18:15 . 2007-12-05 18:15    <DIR>    d--------    C:\Program Files\Microsoft Games
2007-12-04 17:25 . 2007-12-04 18:02    <DIR>    d--------    C:\Program Files\Steam
2007-12-04 16:19 . 2007-12-04 16:19    <DIR>    d--------    C:\Documents and Settings\Alec Hoang\Application Data\PoivY
2007-12-02 20:03 . 2007-12-04 17:21    <DIR>    d--------    C:\Documents and Settings\Alec Hoang\Application Data\My Battle for Middle-earth(tm) II Files

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-26 16:12    ---------    d-----w    C:\Program Files\Logitech
2007-12-25 19:38    ---------    d-----w    C:\Program Files\Rainlendar2
2007-12-25 15:41    ---------    d-----w    C:\Program Files\Google
2007-12-25 13:26    ---------    d-----w    C:\Program Files\Microsoft Works
2007-12-25 10:41    ---------    d-----w    C:\Program Files\Java
2007-12-24 12:14    ---------    d-----w    C:\Program Files\Apple Software Update
2007-12-20 18:28    ---------    d-----w    C:\Program Files\LimeWire
2007-11-17 20:47    ---------    d-----w    C:\Program Files\BannedStory
2007-11-13 10:25    20,480    ----a-w    C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 19:50    ---------    d-----w    C:\Program Files\Common Files\Teleca Shared
2007-11-06 11:47    ---------    d-----w    C:\Program Files\Shockwave.com
2007-10-26 17:02    ---------    d--h--w    C:\Program Files\InstallShield Installation Information
2007-10-23 16:49    586,240    ----a-w    C:\WINDOWS\WLXPGSS.SCR
2006-11-19 17:39    80    --sh--r    C:\WINDOWS\system32\94D748CC14.dll
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2005-04-15 16:08]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-29 06:33]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-29 06:33]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-29 06:33]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-04-13 11:12]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 16:46 C:\WINDOWS\system32\ico.exe]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 05:51]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 14:12]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2005-01-20 20:24]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 13:43]
"PDService.exe"="C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 14:15]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 21:05]
"Biomenu"="C:\Program Files\Protector Suite QL\menusw.exe" [2005-07-25 19:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-22 22:25 C:\WINDOWS\KHALMNPR.Exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 16:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 08:18]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00]

C:\Documents and Settings\Alec Hoang\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2007-04-28 18:55:45]
PowerReg Scheduler.exe [2006-11-19 09:49:55]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-06-21 18:50:48]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-09-11 19:00:48]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
fusstub.dll 2005-07-25 19:06 39936 C:\WINDOWS\system32\fusstub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-06-30 12:12 73728 C:\WINDOWS\system32\VESWinlogon.dll
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2005-03-03 21:47    483328    --a------    C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-07-10 08:18    270648    --a------    C:\Program Files\iTunes\iTunesHelper.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
            C:\Program Files\QuickTime\qttask.exe -atboottime
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
            C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
            C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
            C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -quiet

R0 SI3112;SiI-3112 SATALink Controller;C:\WINDOWS\system32\DRIVERS\SI3112.sys [2005-08-12 04:46]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 14:07]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-04 04:47]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2005-07-25 19:08]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2005-07-25 19:08]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-06-10 05:26]
R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2005-07-25 19:01]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2005-07-20 07:01]
S3 ctmmfilt;Audio Filter Driver;C:\WINDOWS\system32\drivers\ctmmfilt.sys []
S3 CTMSFSYN;Creative SoundFont Synth;C:\WINDOWS\system32\drivers\ctmsfsyn.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2006-10-24 13:49]
S3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{430b37a0-e5b0-11db-9b09-0002c783005b}]
\Shell\AutoRun\command - H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fecc65fa-e381-11db-9b02-0002c783005b}]
\Shell\AutoRun\command - H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fecc65fc-e381-11db-9b02-0002c783005b}]
\Shell\AutoRun\command - H:\AutoRun.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-12-24 12:14:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-26 19:48:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-26 19:50:29 - machine was rebooted
.
2007-12-25 14:23:41    --- E O F --- 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/26/2007 at 07:09 PM

Application Version : 3.7.1018

Core Rules Database Version : 3368
Trace Rules Database Version: 1365

Scan type      : Complete Scan
Total Scan Time : 01:18:55

Memory items scanned      : 175
Memory threats detected  : 0
Registry items scanned    : 5670
Registry threats detected : 5
File items scanned        : 75055
File threats detected    : 354

Adware.Tracking Cookie
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@58032969[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adopt.hbmediapro[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.dailyrush[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@dk.drivecleaner[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.adultswim[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.stardoll[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adultanimepictures[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@anad.tacoda[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@e2.emediate[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad.ofir[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@jobtrack[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@2.marketbanker[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads2.gamereactor[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adv.tvnet[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@clicktorrent[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@data2.perf.overture[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@3d-sexgames[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adultswim[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@bs.serving-sys[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@coreg.smileymedia[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad1.hardware[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adfair[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@20316[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@clickaider[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@banner.gratis-ting[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@interactivesexgames[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[7].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@eas.apm.emediate[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.ft[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.ims[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adultadworld[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.gametrust[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adfair[3].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@h.starware[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ats[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@bannerlandia.com[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads2.jubii[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[6].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@3.adbrite[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad1.clickhype[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@eyewonder[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.newgrounds[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@azjmp[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad.creafi[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@gamefinder.disney.go[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.heias[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cz4.clickzs[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@a[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@67.15.239[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.realtechnetwork[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@data4.perf.overture[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@1070605952[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@53312104[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adopt.specificclick[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@bidclix[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@justsexyvideos[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@1071489915[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adtech[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@counterstrike[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@banner.cdpoker[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[10].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@banners2.battleon[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@crackserialkeygen[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@30113244[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad.zanox[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@click-fr[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.adbrite[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@82763522[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.freeonlinegames[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@drivecleaner[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@eroticlick[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.teleint[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@acvs.mediaonenetwork[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.us.e-planning[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@eas4.emediate[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@audit.median[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@belnk[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.drawn-sex[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.exitexchange[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.tibaco[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@atwola[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@2o7[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.cartoonnetwork[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[4].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@dist.belnk[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@dlv[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@banners.battleon[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@2.adbrite[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@20317[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.planetactive[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[9].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@focalex[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@5574[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad.directanetworks[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@banner.fynskemedier[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@1070478657[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@1066486777[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.habbohotel[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.arto[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.awesomehouseparty[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@clicksor[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ad.cibleclick[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.foxkidseurope[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.spele[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@gogurtmonstertracker[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.habbogroup[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adlegend[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ads.gamesbannernet[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@interclick[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@optimost[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@stats.drivecleaner[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@image.masterstats[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@mediaonenetwork[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@cgi-bin[8].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@netmediagroup[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@horoscopes[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@mywebsearch[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@sexcess[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@sbl[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@komtrack[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ncom.banneradministration[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@st[5].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.adultpussygames[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@id2541[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@mediavantage[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@track.effiliation[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@counter-strike[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@hentaicounter[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@media.mtvnservices[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@ilead.itrack[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@new-pcp[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@popular[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@kinxxx[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@exitexchange[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@myxxxgames[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.3d-sexgames[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@qxl.banneradministration[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@stats.searchtrack[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@st[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@sexyfuckgames[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@m1.webstats.motigo[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@online.adservicemedia[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@http.edge.vru4[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@list[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@track.adform[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@top[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@leraar[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.findalt[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@nac.nasmedia.co[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@warezreleases[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@richmedia.yahoo[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@stat.www[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.freesexgames[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@wegener[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@windowsmedia[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@stat.mystat[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.yourdailymedia[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@sexyandfunny[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@try.starware[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@serving-sys[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@screensavers[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.clickxchange[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@tribalfusion[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@yourmedia[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@teentrendsgirls.everythinggirl[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.pstats[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.123sexgames[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@usenext[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@serialz[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@tracking.notabenestats[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@webtracking.touchclarity[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@server.cpmstar[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@toplist[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@uclick[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.eroticlick[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.drivecleaner[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@work[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.sexyandfunny[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@stat.postdanmark[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@sexygames[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@tdstats[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.sexyandfunny[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.counters[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@yourdailymedia[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.macromedia[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@toplist[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@track[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.mysexgames[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@yadro[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@www.thepornart[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@xiti[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@adultgames[1].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@burstnet[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@click_track[2].txt
    C:\Documents and Settings\Alec Hoang\Cookies\alec hoang@wTracker[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@2.adbrite[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@2o7[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@3.adbrite[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@4.adbrite[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ad.adition[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ad.thewheelof[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ad.yieldmanager[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ad1.clickhype[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ad1.emediate[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adbrite[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adfair[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adfarm1.adition[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adrevolver[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adrevolver[3].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.adbrite[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.addynamix[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.belointeractive[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.cartoonnetwork[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.gamesbannernet[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.newgrounds[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.pointroll[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.spele[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ads.stardoll[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adserver.adremedy[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adserver.banneradministration[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adserver.easyad[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adserver.spele[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adserver2.spele[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adserving.cpxinteractive[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adtech[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adultadworld[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adultcomix[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@adultfriendfinder[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@advertising[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@as-eu.falkag[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@as-us.falkag[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@atdmt[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@azjmp[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@banner.gratis-ting[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@bluestreak[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@bs.serving-sys[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@c5.zedo[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@casalemedia[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@cassava[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@chokertraffic[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@clicktorrent[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@counter11.sextracker[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@counter16.sextracker[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@counter8.sextracker[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@cpvfeed[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@cs.sexcounter[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@cz5.clickzs[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@doubleclick[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@e2.emediate[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ehg-dig.hitbox[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ehg-lifetimeentertainment.hitbox[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@ehg.hitbox[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@fastclick[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@fishsexgames[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@focalex[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@free.wegcash[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@h.starware[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@hentaisexsites[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@hitbox[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@hornygamer[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@image.masterstats[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@indexstats[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@komtrack[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@likecrack[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@mediaplex[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@myhornycartoons[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@mywebsearch[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@myxxxgames[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@netmediagroup[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@oddcast[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@overture[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@partygaming.122.2o7[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@partypoker[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@paycounter[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@perf.overture[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@popularscreensavers[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@programs.wegcash[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@questionmarket[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@rotator.adjuggler[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@server.cpmstar[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@serving-sys[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@sexdating[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@sexlist[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@sextracker[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@sexyandfunny[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@sexyanimevideos[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@sexyfuckgames[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@smileycentral[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@stat.onestat[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@statcounter[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@stats.channel4[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@statse.webtrendslive[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@stats[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@stats[3].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@topsexart[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@track.adform[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@tracking.notabenestats[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@tradedoubler[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@tradetracker[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@tribalfusion[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@try.starware[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@vhost.oddcast[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@wannafind[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.drawn-sex[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.hentaisexsites[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.likecrack[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.mysexgames[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.porncartoon[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.pstats[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.sexyhumorgames[2].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@www.teensluts4free[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@xiti[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@xxxcounter[1].txt
    C:\Documents and Settings\Friends & Family\Cookies\friends & family@zedo[2].txt

Registry Cleaner Trial
    HKCR\Install.Install
    HKCR\Install.Install\CLSID
    HKCR\Install.Install\CurVer
    HKCR\Install.Install.1
    HKCR\Install.Install.1\CLSID

Trace.Known Threat Sources
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\81QRGTA7\gecv2[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\AXQPSZ0N\Layout[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\L48RPTOL\BrandAccess[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\GPU74TUN\DetectEnvironment[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\K94H67KX\mozxpath[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\K94H67KX\PluginDetection[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\81QRGTA7\UserSetting[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\K94H67KX\galleryInit[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\GTUNSTYZ\skanksville_large[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\VB9J7LGW\nav_b3_off[1].gif
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\I7M981WP\hentai_girl_fuck_large[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\I7M981WP\toilet_sex_large[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\G5YZSHYV\anal_sex_large[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\GTUNSTYZ\common[2].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\G5YZSHYV\adult_stripping_flash_large[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\CVZ3MWXD\playthepimp[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\VB9J7LGW\prompt[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\VB9J7LGW\beige_btn[1].gif
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\ALVS94BI\nav_b3_on[1].gif
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\CVZ3MWXD\yum_yum_casino_large[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\ALVS94BI\dressup_icons[1].gif
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\CVZ3MWXD\prompt[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\MRI7UXIB\logging[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\G5YZSHYV\BrandDetection[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\AXQPSZ0N\bg[3].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\K94H67KX\logging[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\81QRGTA7\prompt[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\GPU74TUN\DRM[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\AXQPSZ0N\gec[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\MRI7UXIB\adrianamastvid002.wmv[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\G5YZSHYV\prompt[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\UDAVWPE7\prompt[1].js
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\I7M981WP\images[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\I7M981WP\prompt[1].htm
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\L48RPTOL\seekmo[1].jpg
    C:\Documents and Settings\Friends & Family\Local Settings\Temporary Internet Files\Content.IE5\ALVS94BI\button[1].jpg

Afinstaller
* BearShare
* Limewire
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284

-------------------------------------------------------------

ComboFix har allerede fixet noget Uønskede elementer *S*

Samt dette ->

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - (no file)

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm130YYDK
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

Genstart, kør en ny scanning med hijackthis, og kopier en frisk log herind til tjek.

------------------------------------------------------------------------

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:40:08, on 28-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Alec Hoang\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://smb-support.vaio-link.com/eSupport/PortalJSP/Portal.jsp
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.10.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/games/ricochet-lost-worlds/en/ReflexiveWebGameLoader.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/snailmail/sis/slgwebinstall.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/sis/mjolauncher.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.shockwave.com/content/tumblebugs/sis/axhost.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - http://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

--
End of file - 10127 bytes

Hvordan er status så nu ?



PS: Nogle gange _kan_ denne lave ballade ->
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll

Jamen den kører da som en drøm igen - sådan kører en computer jo efter du har kigget mine logs igennem. Tusind tak for det =)

Der er ikke mere 'snavs' ifølge din Log...

Du er velkommen en anden gang...

Du bør rense temp med denne fil, det tager kun få sek.
http://www.spywareinfo.dk/download/cleantempxp2k.bat

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelsesfilerne.
Deaktiver systemgendannelse -> http://www.spywareinfo.dk/#/tip-og-tricks/deaktiver_systemgendannelse.htm
Genstart din computer - aktiver systemgendannelse. Dette gøres samme sted, hvor du deaktiverede, denne gang skal du blot aktivere.
Det vil også være en god idé manuelt at oprette et nyt punkt, som du kan navngive, og vende tilbage til, hvis du skulle få problemer af nogen art.

Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414

Safe Surfing...