Hello, could someone please have a look at this log and help me out? I keep getting this alert from AVG FREE: Trojan horse Backdoor.Hupigon.AATB I can't move it to the virus vault, it says access is denied. Any help much appreciated. Thanks. ------------------------------- Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 7:03:41 PM, on 13/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\mIRC\mirc.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\hijackthis\HiJackThis_v2.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Sorry about that. I think something went wrong when I tried the first time. Here is the whole log: ------------------------------------- Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 7:03:41 PM, on 13/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\mIRC\mirc.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\hijackthis\HiJackThis_v2.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177065406843 O17 - HKLM\System\CCS\Services\Tcpip\..\{11056FE2-75E8-4D34-85E3-0EFECF891DCE}: NameServer = 10.0.0.138 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au O17 - HKLM\System\CS1\Services\Tcpip\..\{11056FE2-75E8-4D34-85E3-0EFECF891DCE}: NameServer = 10.0.0.138 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au O17 - HKLM\System\CS3\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au O17 - HKLM\System\CS3\Services\Tcpip\..\{11056FE2-75E8-4D34-85E3-0EFECF891DCE}: NameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE -- End of file - 6878 bytes
Download and Run ComboFix *Download this file from either of the two below listed places : http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe *Then double click combofix.exe & follow the prompts. *When finished, it shall produce a log for you. Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
ComboFix 07-08-09.3 - "Owner" 2007-08-14 12:03:08.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.231 [GMT 10:00] * Created a new restore point ((((((((((((((((((((((((( Files Created from 2007-07-14 to 2007-08-14 ))))))))))))))))))))))))))))))) 2007-08-14 11:53 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-08-14 01:29 22,080 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys 2007-08-14 01:29 21,056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys 2007-08-14 01:29 20,544 --a------ C:\WINDOWS\system32\drivers\SSFS0509.sys 2007-08-14 01:29 144,960 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys 2007-08-14 01:29 <DIR> d-------- C:\Program Files\Webroot 2007-08-14 01:29 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot 2007-08-14 01:29 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot 2007-08-14 01:27 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Webroot 2007-08-13 19:03 <DIR> d-------- C:\hijackthis 2007-08-13 10:03 12,408,087 --------- C:\avg7qt.dat 2007-08-07 14:42 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Ahead 2007-08-04 11:29 <DIR> d-------- C:\Program Files\SpongeBob SquarePants Pizza Toss 2007-08-04 11:00 <DIR> d-------- C:\Program Files\Wild Thornberrys Australian Wildlife Rescue 2007-08-04 10:59 <DIR> d-------- C:\Program Files\Nick Checkers 2007-08-04 10:57 <DIR> d-------- C:\Program Files\Jimmy Neutron Rescue Jet Fusion 2007-08-04 10:41 <DIR> d-------- C:\Program Files\Bursting Bubbles Deluxe 2007-08-04 10:36 <DIR> d-------- C:\Program Files\Mad Caps 2007-08-04 10:33 <DIR> d-------- C:\Program Files\Nick Video Jigsaw Jam 2007-08-04 10:02 <DIR> d-------- C:\Program Files\La Casa De Dora 2007-08-04 09:54 <DIR> d-------- C:\Program Files\Fairly Odd Parents Information Stupor Highway 2007-08-04 09:54 <DIR> d-------- C:\Program Files\Doras 3D Soccer 2007-08-04 09:53 <DIR> d-------- C:\Program Files\Professor Fizzwizzle 2007-08-04 09:50 <DIR> d-------- C:\Program Files\Snail Mail 2007-07-26 07:32 4,096 --a------ C:\WINDOWS\d3dx.dat 2007-07-26 07:31 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Wildfire 2007-07-23 17:18 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys 2007-07-23 17:11 <DIR> d--h----- C:\DOCUME~1\Owner\APPLIC~1\IJJIGame 2007-07-23 16:59 <DIR> d-------- C:\ijji 2007-07-20 19:44 <DIR> d-------- C:\Program Files\Selectsoft 2007-07-18 17:56 <DIR> d-------- C:\WINDOWS\system32\IOSUBSYS (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-14 11:48 --------- d-------- C:\DOCUME~1\Owner\APPLIC~1\Skype 2007-08-14 01:30 --------- d-------- C:\DOCUME~1\Owner\APPLIC~1\uTorrent 2007-08-14 01:29 --------- d-------- C:\Program Files\mIRC 2007-08-12 08:45 --------- d-------- C:\Program Files\DAEMON Tools 2007-08-05 18:20 --------- d-------- C:\Program Files\Guitar Scales Method 2007-08-03 10:50 14 --a------ C:\WINDOWS\popcinfo.dat 2007-07-28 12:53 --------- d-------- C:\Program Files\Doras Rapido River Rafting Race 2007-07-22 11:30 --------- d-------- C:\Program Files\SpywareBlaster 2007-07-18 17:56 --------- d-------- C:\Program Files\Picasa2 2007-07-13 14:42 --------- d-------- C:\Program Files\Guitar Pro 5 2007-07-13 12:46 --------- d-------- C:\Program Files\Comodo 2007-07-11 17:24 --------- d-------- C:\DOCUME~1\Owner\APPLIC~1\PlayFirst 2007-07-11 17:15 --------- d-------- C:\Program Files\Common Files\Sandlot Shared 2007-07-08 16:32 --------- d-------- C:\Program Files\BFG 2007-06-30 09:31 --------- d-------- C:\Program Files\GameHouse 2007-06-30 09:31 --------- d-------- C:\Program Files\BookWorm Deluxe 2007-06-25 13:09 --------- d-------- C:\Program Files\LimeWire 2007-06-25 13:09 --------- d-------- C:\Program Files\Guitar FX BOX 2.6 2007-06-25 13:03 --------- d-------- C:\DOCUME~1\Owner\APPLIC~1\LimeWire 2007-06-19 17:10 --------- d-------- C:\Program Files\Windows Media Connect 2 2007-05-30 16:08 796672 --a------ C:\WINDOWS\GPInstall.exe 2007-05-17 01:12 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll 2007-05-17 01:12 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll 2007-05-17 01:12 683520 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-17 01:12 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2007-05-17 01:12 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll 2007-05-17 01:12 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-04-07 00:19] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-07 00:07] "Dell AIO Printer A940"="C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" [2003-06-26 01:29] "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 22:36] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-04-21 09:26] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-06-16 09:15] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-03-30 13:34] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50] R0 SSFS0509;Spy Sweeper File System Filer Driver: 0509;C:\WINDOWS\system32\Drivers\SSFS0509.SYS R0 SSHRMD;Spy Sweeper Hookrack MiniDriver;C:\WINDOWS\system32\Drivers\SSHRMD.SYS R0 SSIDRV;Spy Sweeper Interdiction Driver;C:\WINDOWS\system32\Drivers\SSIDRV.SYS R3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter;C:\WINDOWS\system32\Drivers\sskbfd.sys R3 USB_RNDIS;Thomson ST Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys S3 tbhsd;Tunebite High-Speed Dubbing;C:\WINDOWS\system32\drivers\tbhsd.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc1cbc45-f58b-11db-8f07-000e50be96d7}] AutoRun\command- EXPLORER.EXE explore\Command- EXPLORER.EXE open\Command- EXPLORER.EXE ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-14 12:07:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:000001ab scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-08-14 12:08:15 --- E O F ---
