Active hiJack Malware log files

[Active] hiJack Malware log files

DDS.txt


DDS (Ver_09-10-26.01) - NTFSx86
Run by Administrator at 20:48:47.71 on Wed 10/28/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.353 [GMT -5:00]

AV: avast! antivirus 4.8.1351 [VPS 091028-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\windows\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\stsystra.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe
C:\windows\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
svchost.exe
C:\windows\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\wuauclt.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\windows\Explorer.EXE
C:\Documents and Settings\Administrator\My Documents\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.co.uk
uDefault_Page_URL = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
mSearchAssistant = hxxp://www.google.co.uk/ie
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: RefresherBand Class: {b24ba06e-fb7b-4757-95c2-dc01125f750e} - c:\progra~1\yrefre~1\YREFRE~1.DLL
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6; FunWebProducts; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322; MSN Optimized;US)" - "http://habbzhotel.ath.cx/client.php "
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [DLCGCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCGtime.dll,_RunDLLEntry@16
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\d-link\d-link rangebooster n dwa-142\wirelesscm.exe
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
mPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} - hxxp://www.flashants.com/codebase/fmplayer.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233340450953
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://avatar.mabinogi.jp/3drender/renderer/mabiweb.2007.4.4.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {87A638DE-396F-40FD-A2F8-01B56072F553} - hxxp://download.gemfighter.com/launcher/gemx2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {8F60EE6F-DC53-4F9C-9E66-84BD2A545805} - hxxp://hb.getamped.com/start/CsLauncher.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9B1BD804-DDCE-4042-9F19-A771F2921992} - hxxp://tgun.gamengame.com/eng/activex/NPHgeLauncher.cab
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-1-30 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-1-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-30 20560]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-3-5 24652]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-7-16 234888]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\admini~1\locals~1\temp\rar$ex03.515\mle1365.sys --> c:\docume~1\admini~1\locals~1\temp\rar$ex03.515\MLE1365.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 tap0901;TAP-Win32 Adapter V9;c:\windows\system32\drivers\tap0901.sys [2008-11-19 25216]
S3 XDva224;XDva224;\??\c:\windows\system32\xdva224.sys --> c:\windows\system32\XDva224.sys [?]
S3 XDva225;XDva225;\??\c:\windows\system32\xdva225.sys --> c:\windows\system32\XDva225.sys [?]

============== File Associations ===============

regfile= "regedit.exe" "%1 "

=============== Created Last 30 ================

2009-10-29 01:29:37 0 d-----w- c:\program files\Trend Micro
2009-10-29 01:13:46 266240 ----a-w- c:\windows\system32\OGPIEPlugin.ocx
2009-10-27 22:17:49 597 ----a-w- c:\windows\winconfig.vbs
2009-10-24 19:22:57 555 ----a-w- C:\MapleConfig.cfg
2009-10-21 00:45:05 0 d-----w- c:\program files\a-squared Free
2009-10-17 15:05:29 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-10-16 22:50:30 0 d--h--w- c:\windows\PIF
2009-10-16 03:22:40 0 d-----w- c:\docume~1\admini~1\applic~1\OpenOffice.org
2009-10-12 18:37:28 0 d-----w- c:\program files\Exhort Network
2009-10-05 01:06:04 0 d-----w- c:\program files\Eudemons Online
2009-10-04 17:08:30 1654869 ----a-w- c:\docume~1\alluse~1\applic~1\DynuEncrypt.dll
2009-10-04 15:10:31 75264 ----a-w- c:\windows\system32\uc_holybeast_launching.dll
2009-10-04 15:08:52 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll
2009-10-04 15:08:52 61440 ----a-w- c:\windows\system32\uc_atlantica_launching.dll
2009-10-04 15:08:52 53248 ----a-w- c:\windows\system32\uc_luminary_launching.dll
2009-10-04 15:08:52 208384 ----a-w- c:\windows\system32\uc_rohan_launching.dll
2009-10-04 15:08:46 0 d-----w- c:\program files\ijji
2009-10-04 15:06:15 87472 ----a-w- c:\windows\system32\ijjiChannelingPlugin.dll
2009-10-03 17:27:28 0 d-----w- c:\program files\GLSoft
2009-10-02 21:20:49 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-01 02:29:33 0 d-----w- c:\program files\HyCam2
2009-09-30 02:11:02 0 d-----w- c:\program files\Microsoft
2009-09-29 23:54:17 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-09-29 23:54:17 1970176 ----a-w- c:\windows\system32\d3dx9.dll

==================== Find3M ====================

2009-10-29 01:42:32 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-10-29 01:42:26 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-09-25 01:32:48 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-05 16:03:51 37 ----a-w- c:\documents and settings\administrator\jagex_runescape_preferences.dat
2009-09-05 15:49:41 45 ----a-w- c:\documents and settings\administrator\jagex_runescape_preferences2.dat
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-09-02 20:17:22 4451 ----a-w- c:\windows\unins000.dat
2009-09-02 20:17:18 695642 ----a-w- c:\windows\unins000.exe
2009-08-28 10:35:52 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2009-08-17 12:48:26 158952 ----a-w- c:\windows\system32\PubPlugin.dll
2009-08-07 00:24:18 327896 ----a-w- c:\windows\system32\dllcache\wucltui.dll
2009-08-07 00:24:18 209632 ----a-w- c:\windows\system32\dllcache\wuweb.dll
2009-08-07 00:24:10 35552 ----a-w- c:\windows\system32\dllcache\wups.dll
2009-08-07 00:24:06 53472 ----a-w- c:\windows\system32\dllcache\wuauclt.exe
2009-08-07 00:24:04 96480 ----a-w- c:\windows\system32\dllcache\cdm.dll
2009-08-07 00:23:54 575704 ----a-w- c:\windows\system32\dllcache\wuapi.dll
2009-08-07 00:23:46 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-07 00:23:46 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-07 00:23:46 1929952 ----a-w- c:\windows\system32\dllcache\wuaueng.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-05 01:44:46 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-05 01:44:46 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 15:13:08 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 14:20:09 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 14:20:08 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 14:20:08 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe

============= FINISH: 20:49:15.65 ===============

Attach

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/30/2009 11:58:49 AM
System Uptime: 10/28/2009 8:42:08 PM (0 hours ago)

Motherboard: Dell Inc | | 0HY175
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket M2 | 2204/1000mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 98.019 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP332: 10/2/2009 8:58:09 PM - Software Distribution Service 3.0
RP333: 10/2/2009 9:01:01 PM - Software Distribution Service 3.0
RP334: 10/2/2009 9:17:56 PM - Software Distribution Service 3.0
RP335: 10/2/2009 9:28:29 PM - Software Distribution Service 3.0
RP336: 10/2/2009 9:34:39 PM - Software Distribution Service 3.0
RP337: 10/2/2009 9:43:02 PM - Software Distribution Service 3.0
RP338: 10/2/2009 9:54:38 PM - Software Distribution Service 3.0
RP339: 10/2/2009 9:57:09 PM - Software Distribution Service 3.0
RP340: 10/2/2009 10:20:25 PM - Software Distribution Service 3.0
RP341: 10/2/2009 10:32:38 PM - Software Distribution Service 3.0
RP342: 10/2/2009 10:38:05 PM - Software Distribution Service 3.0
RP343: 10/2/2009 11:31:50 PM - Software Distribution Service 3.0
RP344: 10/3/2009 10:40:35 AM - Software Distribution Service 3.0
RP345: 10/3/2009 12:27:27 PM - Installed GridClicker
RP346: 10/3/2009 2:40:11 PM - Software Distribution Service 3.0
RP347: 10/3/2009 3:11:26 PM - Software Distribution Service 3.0
RP348: 10/3/2009 5:44:30 PM - Software Distribution Service 3.0
RP349: 10/3/2009 10:50:44 PM - Software Distribution Service 3.0
RP350: 10/3/2009 11:34:48 PM - Software Distribution Service 3.0
RP351: 10/4/2009 10:08:45 AM - Installed ijji REACTOR
RP352: 10/4/2009 11:02:56 AM - Software Distribution Service 3.0
RP353: 10/4/2009 5:11:54 PM - Software Distribution Service 3.0
RP354: 10/4/2009 6:21:54 PM - Software Distribution Service 3.0
RP355: 10/4/2009 6:23:12 PM - Software Distribution Service 3.0
RP356: 10/4/2009 6:49:24 PM - Software Distribution Service 3.0
RP357: 10/4/2009 8:05:57 PM - Installed Eudemons Online
RP358: 10/4/2009 8:06:02 PM - Installed Eudemons Online
RP359: 10/4/2009 10:01:55 PM - Software Distribution Service 3.0
RP360: 10/5/2009 8:03:40 AM - Software Distribution Service 3.0
RP361: 10/5/2009 8:10:58 AM - Software Distribution Service 3.0
RP362: 10/5/2009 4:22:44 PM - Software Distribution Service 3.0
RP363: 10/5/2009 8:00:35 PM - Software Distribution Service 3.0
RP364: 10/6/2009 4:06:43 PM - Software Distribution Service 3.0
RP365: 10/6/2009 4:59:01 PM - Removed Eudemons Online
RP366: 10/6/2009 4:59:08 PM - Removed Eudemons Online
RP367: 10/7/2009 8:20:02 AM - Software Distribution Service 3.0
RP368: 10/7/2009 5:45:24 PM - Software Distribution Service 3.0
RP369: 10/7/2009 7:10:17 PM - Software Distribution Service 3.0
RP370: 10/7/2009 9:45:58 PM - Software Distribution Service 3.0
RP371: 10/8/2009 5:46:59 PM - Software Distribution Service 3.0
RP372: 10/8/2009 10:05:15 PM - Software Distribution Service 3.0
RP373: 10/9/2009 8:30:30 AM - Software Distribution Service 3.0
RP374: 10/9/2009 4:48:15 PM - Software Distribution Service 3.0
RP375: 10/9/2009 4:56:32 PM - Software Distribution Service 3.0
RP376: 10/9/2009 5:09:57 PM - Software Distribution Service 3.0
RP377: 10/9/2009 5:15:09 PM - Software Distribution Service 3.0
RP378: 10/10/2009 12:01:57 AM - Software Distribution Service 3.0
RP379: 10/10/2009 12:22:42 AM - Software Distribution Service 3.0
RP380: 10/10/2009 1:50:53 AM - Software Distribution Service 3.0
RP381: 10/10/2009 3:23:22 PM - Software Distribution Service 3.0
RP382: 10/10/2009 4:09:07 PM - Software Distribution Service 3.0
RP383: 10/11/2009 9:50:01 AM - Software Distribution Service 3.0
RP384: 10/11/2009 3:05:54 PM - Software Distribution Service 3.0
RP385: 10/12/2009 9:38:06 AM - Software Distribution Service 3.0
RP386: 10/12/2009 3:33:22 PM - Software Distribution Service 3.0
RP387: 10/13/2009 8:08:02 PM - Installed WonderKing.
RP388: 10/13/2009 8:15:25 PM - Software Distribution Service 3.0
RP389: 10/13/2009 8:55:16 PM - Software Distribution Service 3.0
RP390: 10/13/2009 9:04:03 PM - Software Distribution Service 3.0
RP391: 10/14/2009 4:36:50 PM - Installed Nanovor
RP392: 10/14/2009 4:47:37 PM - Software Distribution Service 3.0
RP393: 10/14/2009 5:17:07 PM - Software Distribution Service 3.0
RP394: 10/14/2009 5:24:27 PM - Software Distribution Service 3.0
RP395: 10/14/2009 5:30:18 PM - Software Distribution Service 3.0
RP396: 10/14/2009 5:37:51 PM - Software Distribution Service 3.0
RP397: 10/14/2009 5:45:39 PM - Software Distribution Service 3.0
RP398: 10/14/2009 5:53:43 PM - Software Distribution Service 3.0
RP399: 10/14/2009 5:57:40 PM - Software Distribution Service 3.0
RP400: 10/14/2009 6:24:40 PM - Software Distribution Service 3.0
RP401: 10/14/2009 6:39:15 PM - Software Distribution Service 3.0
RP402: 10/14/2009 6:48:06 PM - Software Distribution Service 3.0
RP403: 10/14/2009 7:08:12 PM - Software Distribution Service 3.0
RP404: 10/14/2009 7:25:54 PM - Software Distribution Service 3.0
RP405: 10/14/2009 7:38:48 PM - Software Distribution Service 3.0
RP406: 10/14/2009 7:43:08 PM - Software Distribution Service 3.0
RP407: 10/14/2009 8:10:36 PM - Software Distribution Service 3.0
RP408: 10/14/2009 8:25:59 PM - Software Distribution Service 3.0
RP409: 10/14/2009 8:42:54 PM - Software Distribution Service 3.0
RP410: 10/14/2009 9:00:59 PM - Software Distribution Service 3.0
RP411: 10/14/2009 9:22:43 PM - Software Distribution Service 3.0
RP412: 10/14/2009 9:34:25 PM - Software Distribution Service 3.0
RP413: 10/14/2009 10:21:59 PM - Software Distribution Service 3.0
RP414: 10/15/2009 7:55:40 AM - Software Distribution Service 3.0
RP415: 10/15/2009 4:17:53 PM - Software Distribution Service 3.0
RP416: 10/15/2009 4:48:31 PM - Software Distribution Service 3.0
RP417: 10/15/2009 10:53:36 PM - Software Distribution Service 3.0
RP418: 10/16/2009 3:49:57 PM - Software Distribution Service 3.0
RP419: 10/16/2009 4:04:54 PM - Software Distribution Service 3.0
RP420: 10/16/2009 4:11:32 PM - Software Distribution Service 3.0
RP421: 10/16/2009 5:06:41 PM - Software Distribution Service 3.0
RP422: 10/16/2009 5:13:49 PM - Software Distribution Service 3.0
RP423: 10/16/2009 5:29:37 PM - Software Distribution Service 3.0
RP424: 10/16/2009 5:47:45 PM - Software Distribution Service 3.0
RP425: 10/16/2009 6:14:00 PM - Software Distribution Service 3.0
RP426: 10/16/2009 6:28:19 PM - Installed Windows Live Communications Platform
RP427: 10/16/2009 6:30:21 PM - Software Distribution Service 3.0
RP428: 10/16/2009 6:35:04 PM - Software Distribution Service 3.0
RP429: 10/16/2009 6:45:59 PM - Software Distribution Service 3.0
RP430: 10/16/2009 6:59:40 PM - Software Distribution Service 3.0
RP431: 10/16/2009 7:18:30 PM - Software Distribution Service 3.0
RP432: 10/16/2009 7:28:35 PM - Removed Nanovor
RP433: 10/16/2009 7:36:40 PM - Software Distribution Service 3.0
RP434: 10/16/2009 7:44:19 PM - Software Distribution Service 3.0
RP435: 10/16/2009 8:02:21 PM - Software Distribution Service 3.0
RP436: 10/16/2009 8:14:46 PM - Software Distribution Service 3.0
RP437: 10/16/2009 8:44:47 PM - Software Distribution Service 3.0
RP438: 10/16/2009 8:56:31 PM - Software Distribution Service 3.0
RP439: 10/16/2009 9:05:35 PM - Software Distribution Service 3.0
RP440: 10/16/2009 9:20:20 PM - Software Distribution Service 3.0
RP441: 10/16/2009 9:25:20 PM - Software Distribution Service 3.0
RP442: 10/16/2009 9:39:55 PM - Software Distribution Service 3.0
RP443: 10/16/2009 9:52:46 PM - Software Distribution Service 3.0
RP444: 10/16/2009 9:59:03 PM - Installed Windows Installer Clean Up
RP445: 10/16/2009 10:00:47 PM - Software Distribution Service 3.0
RP446: 10/16/2009 10:07:58 PM - Software Distribution Service 3.0
RP447: 10/17/2009 9:39:18 AM - Software Distribution Service 3.0
RP448: 10/17/2009 9:55:17 AM - Software Distribution Service 3.0
RP449: 10/17/2009 9:59:38 AM - Software Distribution Service 3.0
RP450: 10/17/2009 10:14:49 AM - Installed Windows Installer Clean Up
RP451: 10/17/2009 10:35:56 AM - Installed WonderKing.
RP452: 10/17/2009 1:25:58 PM - Software Distribution Service 3.0
RP453: 10/17/2009 10:21:40 PM - Software Distribution Service 3.0
RP454: 10/17/2009 11:02:17 PM - Software Distribution Service 3.0
RP455: 10/17/2009 11:19:17 PM - Software Distribution Service 3.0
RP456: 10/18/2009 9:03:10 AM - Software Distribution Service 3.0
RP457: 10/18/2009 10:20:13 PM - Software Distribution Service 3.0
RP458: 10/19/2009 8:08:11 AM - Software Distribution Service 3.0
RP459: 10/19/2009 9:31:45 PM - Software Distribution Service 3.0
RP460: 10/20/2009 8:27:42 AM - Software Distribution Service 3.0
RP461: 10/20/2009 3:48:35 PM - Software Distribution Service 3.0
RP462: 10/20/2009 7:37:53 PM - ADVANCED REGISTRY OPTIMIZER - FIRST RUN
RP463: 10/20/2009 7:38:49 PM - Advanced Registry Optimizer Tue, Oct 20, 09 19:38
RP464: 10/20/2009 8:40:34 PM - Software Distribution Service 3.0
RP465: 10/20/2009 9:35:17 PM - Software Distribution Service 3.0
RP466: 10/21/2009 8:05:12 AM - Software Distribution Service 3.0
RP467: 10/21/2009 10:30:38 PM - Software Distribution Service 3.0
RP468: 10/22/2009 8:28:36 AM - Software Distribution Service 3.0
RP469: 10/22/2009 5:32:42 PM - Software Distribution Service 3.0
RP470: 10/22/2009 9:08:13 PM - Software Distribution Service 3.0
RP471: 10/22/2009 9:13:39 PM - Software Distribution Service 3.0
RP472: 10/22/2009 11:23:55 PM - Software Distribution Service 3.0
RP473: 10/23/2009 8:09:00 PM - Software Distribution Service 3.0
RP474: 10/23/2009 10:01:26 PM - Software Distribution Service 3.0
RP475: 10/24/2009 2:07:56 PM - Windows Defender Checkpoint
RP476: 10/24/2009 5:34:59 PM - Software Distribution Service 3.0
RP477: 10/24/2009 11:27:32 PM - Software Distribution Service 3.0
RP478: 10/24/2009 11:49:17 PM - Software Distribution Service 3.0
RP479: 10/25/2009 9:45:31 AM - Software Distribution Service 3.0
RP480: 10/25/2009 10:01:07 PM - Software Distribution Service 3.0
RP481: 10/26/2009 8:34:12 AM - Software Distribution Service 3.0
RP482: 10/26/2009 6:04:34 PM - Software Distribution Service 3.0
RP483: 10/26/2009 6:08:20 PM - Software Distribution Service 3.0
RP484: 10/26/2009 6:28:04 PM - Software Distribution Service 3.0
RP485: 10/26/2009 7:02:33 PM - Software Distribution Service 3.0
RP486: 10/26/2009 8:22:48 PM - Software Distribution Service 3.0
RP487: 10/26/2009 9:29:45 PM - Software Distribution Service 3.0
RP488: 10/27/2009 8:27:46 AM - Software Distribution Service 3.0
RP489: 10/27/2009 9:50:37 PM - Software Distribution Service 3.0
RP490: 10/28/2009 8:16:14 AM - Software Distribution Service 3.0
RP491: 10/28/2009 6:15:46 PM - Software Distribution Service 3.0
RP492: 10/28/2009 8:39:40 PM - Software Distribution Service 3.0
RP493: 10/28/2009 8:45:23 PM - Software Distribution Service 3.0

==== Installed Programs ======================

Moyea SWF to Video Converter Standard version 3.5.1.6
µTorrent
7-Zip 4.65
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player
AIM 6
AIM Toolbar
Ask Toolbar
avast! Antivirus
CamStudio
CCleaner (remove only)
Cheat Engine 5.5
Chinese (Simplified) Language Support
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PhotoNow
D-Link RangeBooster N DWA-142
Download Updater (AOL LLC)
Fraps (remove only)
Google Chrome
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Huffyuv AVI lossless video codec (Remove Only)
Hybrid Downloader 1,0,2,6
HyperCam 2
ijji REACTOR
Japanese Language Support
Korean Language Support
Lagarith Lossless Codec (1.3.20)
Lagarith lossless video codec (Remove Only)
Logitech QuickCam Driver Package
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows XP Video Decoder Checkup Utility
Neffy 1,2,1,11
NVIDIA Drivers
OGPlanet Game Launcher
Pando Media Booster
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SigmaTel Audio
Super Smash Flash EXE Version 1.0
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VDownloader 0.83
version 5.0.0
Viewpoint Media Player
Windows Genuine Advantage Notifications (KB905474)
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WonderKing
XML Paper Specification Shared Components Pack 1.0
Yrefresher 1.00

==== Event Viewer Messages From Past Week ========

10/27/2009 4:21:53 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.101 with the system having network hardware address 00:11:95:8D:80:6B. Network operations on this system may be disrupted as a result.
10/26/2009 6:24:42 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.103 with the system having network hardware address 00:20:00:3A:53:7D. Network operations on this system may be disrupted as a result.
10/26/2009 3:51:41 PM, error: Dhcp [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 00195B094F9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/24/2009 11:30:46 PM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 00195B094F9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/23/2009 8:40:25 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00195B094F9A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
10/22/2009 11:24:20 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB974417).
10/22/2009 11:24:16 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.
10/22/2009 11:24:11 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297).
10/21/2009 7:44:00 AM, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 00195B094F9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================

 

I can't download anything and login anything and sign in into anything.
When i try to login or sign in the website fails to load.
When i try to download anything it doesn't work. I click start and after its done it says it failed. The SmartScreen filter service is offline.

And i think it something to do with cookies also.


I got dds from http://www.windowsbbs.com/malware-virus-removal/announcements.html

 

http://www.windowsbbs.com/malware-virus-removal/announcements.html

 

Re:

I got it from http://www.windowsbbs.com/malware-virus-removal/announcements.html

 

http://www.windowsbbs.com/malware-virus-removal/announcements.html
thats where i got it from.