Windows XP Community - XPHeads
Forums Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
   



Spyware Doctor

C:\resycled\boot.com is not a valid Win32 application

microsoft.public.windowsxp.help_and_support

Reply
Page 2 of 3 < 1 2 3 >
 
LinkBack Thread Tools Display Modes
  #11 (permalink)  
Old 11-12-2008, 11:59 AM
ralph rosancrans
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application
im having the same prob with C:\resycled\boot.com ad all of my drives now i
tryed doin the cmd thing it sed that the attrib -h -r -s C:\Autorun.inf and
c:\Autorun.inf and ether were found i have the OTScanIt can sum 1 help me
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Sponsored Links
  #12 (permalink)  
Old 11-12-2008, 12:23 PM
ralph rosancrans
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded
Program Files/paint.ocx\\{C93C1C34-CEA9-49B1-9046-040F59E0E0D8} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/swapit.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded
Program Files/swapit.ocx\\.Owner -> {AC2881FD-5760-46DB-83AE-20A5C6432A7E} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded
Program Files/swapit.ocx\\{AC2881FD-5760-46DB-83AE-20A5C6432A7E} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wwlaunch.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded
Program Files/wwlaunch.ocx\\.Owner -> {8A94C905-FF9D-43B6-8708-F0F22D22B1CB}
->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/Downloaded
Program Files/wwlaunch.ocx\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{C93C1C34-CEA9-49B1-9046-040F59E0E0D8} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{62969CF2-0F7A-433B-A221-FD8818C06C2F} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{97438FE9-D361-4279-BA82-98CC0877A717} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{CF969D51-F764-4FBF-9E90-475248601C8A} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{AC2881FD-5760-46DB-83AE-20A5C6432A7E} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{C93C1C34-CEA9-49B1-9046-040F59E0E0D8} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{62969CF2-0F7A-433B-A221-FD8818C06C2F} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{97438FE9-D361-4279-BA82-98CC0877A717} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{CF969D51-F764-4FBF-9E90-475248601C8A} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{AC2881FD-5760-46DB-83AE-20A5C6432A7E} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{C93C1C34-CEA9-49B1-9046-040F59E0E0D8} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{62969CF2-0F7A-433B-A221-FD8818C06C2F} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{97438FE9-D361-4279-BA82-98CC0877A717} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{CF969D51-F764-4FBF-9E90-475248601C8A} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{AC2881FD-5760-46DB-83AE-20A5C6432A7E} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} -> ->



[Files/Folders - Created Within 30 days]
$AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Created Date =
11/11/2008 9:04:12 PM | Attr = H ]
resycled -> %SystemDrive%\resycled -> [Folder | Created Date = 11/10/2008
7:13:35 AM | Attr = RHS]
_OTScanIt -> %SystemDrive%\_OTScanIt -> [Folder | Created Date = 11/12/2008
6:28:14 AM | Attr = ]
Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Created Date =
11/11/2008 8:41:54 PM | Attr = ]
avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size =
6061540 bytes | Created Date = 11/11/2008 8:41:54 PM | Attr = ]
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = |
Size = 29988216 bytes | Created Date = 11/11/2008 8:41:54 PM | Attr = ]
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = |
Size = 27569 bytes | Created Date = 11/11/2008 8:41:54 PM | Attr = ]
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = |
Size = 334743 bytes | Created Date = 11/11/2008 8:41:54 PM | Attr = ]
ndisprot.sys -> %SystemRoot%\System32\drivers\ndisprot.sys -> Windows (R)
Codename Longhorn DDK provider [Ver = 6.0.6000.16386 built by: WinDDK | Size
= 27904 bytes | Created Date = 11/10/2008 7:13:38 AM | Attr = ]
RKHit.sys -> %SystemRoot%\System32\drivers\RKHit.sys -> [Ver = 2, 0, 0, 0 |
Size = 30080 bytes | Created Date = 11/10/2008 7:10:03 AM | Attr = ]
AK083E209605E394C.lie -> %SystemRoot%\System32\AK083E209605E394C.lie ->
[Ver = | Size = 42 bytes | Created Date = 11/9/2008 3:40:43 PM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes |
Created Date = 11/9/2008 2:51:32 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes |
Created Date = 11/9/2008 2:51:32 PM | Attr = H ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified
Date = 11/11/2008 8:31:48 PM | Attr = HS]
avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size =
6061540 bytes | Modified Date = 11/11/2008 8:41:54 PM | Attr = ]
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = |
Size = 29988216 bytes | Modified Date = 11/11/2008 8:45:51 PM | Attr = ]
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = |
Size = 27569 bytes | Modified Date = 11/11/2008 8:45:34 PM | Attr = ]
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = |
Size = 334743 bytes | Modified Date = 11/11/2008 8:45:34 PM | Attr = ]
dump_wmimmc.sys -> %SystemRoot%\System32\drivers\dump_wmimmc.sys -> [Ver =
| Size = 153925 bytes | Modified Date = 11/11/2008 5:16:55 PM | Attr = ]
ndisprot.sys -> %SystemRoot%\System32\drivers\ndisprot.sys -> Windows (R)
Codename Longhorn DDK provider [Ver = 6.0.6000.16386 built by: WinDDK | Size
= 27904 bytes | Modified Date = 11/10/2008 7:13:38 AM | Attr = ]
AK083E209605E394C.lie -> %SystemRoot%\System32\AK083E209605E394C.lie ->
[Ver = | Size = 42 bytes | Modified Date = 11/9/2008 3:40:43 PM | Attr = ]
5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size =
205712 bytes | Modified Date = 11/10/2008 7:01:58 AM | Attr = ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size =
41040 bytes | Modified Date = 11/9/2008 2:25:15 PM | Attr = ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size =
314838 bytes | Modified Date = 11/9/2008 2:25:15 PM | Attr = ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver
= | Size = 360124 bytes | Modified Date = 11/9/2008 2:25:15 PM | Attr = ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes |
Modified Date = 11/11/2008 8:03:07 PM | Attr = ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes |
Modified Date = 11/11/2008 8:36:37 PM | Attr = S]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1393 bytes |
Modified Date = 11/10/2008 6:50:45 AM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes |
Modified Date = 11/9/2008 2:51:32 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes |
Modified Date = 11/11/2008 8:07:23 PM | Attr = H ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 271 bytes |
Modified Date = 11/11/2008 8:31:48 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 826 bytes | Modified
Date = 11/11/2008 8:31:48 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified
Date = 11/11/2008 8:36:50 PM | Attr = H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ ->
C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help ->
[Folder | Modified Date = 4/26/2007 7:11:58 AM | Attr = ]
hhcolreg.dat -> C:\Documents and Settings\All Users\Application
Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 8134 bytes |
Modified Date = 4/26/2007 7:11:58 AM | Attr = ]
C:\Documents and Settings\All Users\Application
Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All
Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified
Date = 4/2/2007 9:43:49 PM | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application
Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4617 bytes |
Modified Date = 11/9/2008 7:56:14 PM | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application
Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4232 bytes |
Modified Date = 11/9/2008 7:56:14 PM | Attr = ]
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\
-> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA
-> [Folder | Modified Date = 8/15/2007 9:00:25 PM | Attr = ]
opa11.dat -> C:\Documents and Settings\All Users\Application
Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes |
Modified Date = 8/15/2007 9:00:25 PM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\ -> C:\Documents
and Settings\DEMON_GRUB\Local Settings\Temp -> [Folder | Modified Date =
11/12/2008 6:26:01 AM | Attr = ]
d2l_Install.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\d2l_Install.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 5 |
Size = 352256 bytes | Modified Date = 5/9/2001 11:19:26 AM | Attr = ]
d2l_PlayD2.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\d2l_PlayD2.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 5 |
Size = 331776 bytes | Modified Date = 5/21/2000 3:46:38 PM | Attr = ]
DXSETUP.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\DXSETUP.exe -> Microsoft Corporation [Ver = 4.9.0.0904 | Size =
503144 bytes | Modified Date = 7/19/2007 8:00:32 PM | Attr = ]
EXEtender.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\EXEtender.exe -> Exent Technologies Ltd.
[Ver = 06.02.22.00
| Size = 11503440 bytes | Modified Date = 1/11/2008 9:49:35 AM | Attr =
]
matcleanup.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\matcleanup.exe -> [Ver = | Size = 16384 bytes | Modified Date
= 9/28/2007 1:33:00 PM | Attr = ]
messenger_update.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\messenger_update.exe -> [Ver = | Size = 606000 bytes |
Modified Date = 8/29/2007 6:08:19 PM | Attr = ]
mun3.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\mun3.exe -> Microsoft Corporation [Ver = 6.10.0016.1624 | Size
= 32768 bytes | Modified Date = 8/23/2001 7:00:00 AM | Attr = ]
regincd2.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\regincd2.exe -> [Ver = | Size = 3072 bytes | Modified Date =
4/14/2008 11:04:31 AM | Attr = ]
regtdi.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\regtdi.exe -> [Ver = | Size = 3584 bytes | Modified Date =
4/14/2008 11:04:43 AM | Attr = ]
setup_wm.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\setup_wm.exe -> Microsoft Corporation [Ver = 9.00.00.3250 |
Size = 774144 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
verizonhelpSupport.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\verizonhelpSupport.exe -> [Ver = | Size = 10153176 bytes |
Modified Date = 1/11/2008 9:51:22 AM | Attr = ]
VISS-6.0.1-21393-Consumer-Setup.exe -> C:\Documents and
Settings\DEMON_GRUB\Local Settings\Temp\VISS-6.0.1-21393-Consumer-Setup.exe
-> Verizon [Ver = 6.0.1.21393 | Size = 36153392 bytes | Modified Date =
1/11/2008 9:52:37 AM | Attr = ]
VZ_Backup_Sharing.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\VZ_Backup_Sharing.exe -> Verizon
[Ver = 1.0.0.8 | Size = 287071 bytes |
Modified Date = 1/11/2008 9:52:34 AM | Attr = ]
VZ_DSL_BookMarks.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\VZ_DSL_BookMarks.exe -> Verizon
[Ver = 1.0.0.7 | Size = 343440 bytes |
Modified Date = 1/11/2008 9:57:17 AM | Attr = ]
VZ_DSL_controls.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\VZ_DSL_controls.exe -> Verizon
[Ver = 6.5.0.17 | Size = 4370224 bytes |
Modified Date = 1/11/2008 9:41:20 AM | Attr = ]
VZ_OEConfig.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\VZ_OEConfig.exe -> Verizon
[Ver = 1.0.0.8 | Size = 375624 bytes | Modified
Date = 1/11/2008 9:49:25 AM | Attr = ]
vz_ServicePoint.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\vz_ServicePoint.exe -> Verizon
[Ver = 1.0.0.8 | Size = 1590640 bytes |
Modified Date = 1/11/2008 9:57:01 AM | Attr = ]
_is1B.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is1B.exe -> Verizon [Ver = 6.0.3.27063 | Size = 476400 bytes |
Modified Date = 2/26/2008 5:14:28 PM | Attr = ]
_is56.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is56.exe -> Verizon [Ver = 6.0.3.27063 | Size = 476400 bytes |
Modified Date = 2/26/2008 5:14:28 PM | Attr = ]
211 C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp files ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp ->
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{10FA3AC0-F365-45AA-91F8-15062AB71267}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{10FA3AC0-F365-45AA-91F8-15062AB71267} -> [Folder | Modified
Date = 11/10/2008 7:26:16 AM | Attr = ]
dotnetinstaller.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{10FA3AC0-F365-45AA-91F8-15062AB71267}\dotnetinstaller.exe ->
InstallShield Software Corporation [Ver = 12.0.0.49974 | Size = 10672 bytes |
Modified Date = 5/17/2006 10:21:16 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F657DB93-03AE-48DC-BFD7-E0B839AF9FBD}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{F657DB93-03AE-48DC-BFD7-E0B839AF9FBD} -> [Folder | Modified
Date = 11/9/2008 2:38:42 PM | Attr = ]
dotnetinstaller.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F657DB93-03AE-48DC-BFD7-E0B839AF9FBD}\dotnetinstaller.exe ->
InstallShield Software Corporation [Ver = 12.0.0.49974 | Size = 10672 bytes |
Modified Date = 5/17/2006 10:21:16 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F6EF2C8D-BDFF-41E3-A552-6DD8D7D73892}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{F6EF2C8D-BDFF-41E3-A552-6DD8D7D73892} -> [Folder | Modified
Date = 11/9/2008 3:48:49 PM | Attr = ]
dotnetinstaller.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F6EF2C8D-BDFF-41E3-A552-6DD8D7D73892}\dotnetinstaller.exe ->
InstallShield Software Corporation [Ver = 12.0.0.49974 | Size = 10672 bytes |
Modified Date = 5/17/2006 10:21:16 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F92532F9-CFE5-442D-8454-2B54EAA23C67}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{F92532F9-CFE5-442D-8454-2B54EAA23C67} -> [Folder | Modified
Date = 11/9/2008 3:23:43 PM | Attr = ]
dotnetinstaller.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F92532F9-CFE5-442D-8454-2B54EAA23C67}\dotnetinstaller.exe ->
InstallShield Software Corporation [Ver = 12.0.0.49974 | Size = 10672 bytes |
Modified Date = 5/17/2006 10:21:16 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RarSFX2\ ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RarSFX2 -> [Folder
| Modified Date = 4/13/2008 12:01:08 PM | Attr = ]
setup.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\setup.exe -> AVG Technologies CZ, s.r.o. [Ver =
8.0.0.86 | Size = 1748736 bytes | Modified Date = 3/12/2008 12:28:31 PM |
Attr = ]
vcredist_x86.exe -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\vcredist_x86.exe -> Microsoft Corporation [Ver =
6.00.3790.0 (srv03_rtm.030324-2048) | Size = 2723264 bytes | Modified Date =
9/4/2007 9:22:51 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\ -> C:\Documents
and Settings\DEMON_GRUB\Local Settings\Temp -> [Folder | Modified Date =
11/12/2008 6:26:01 AM | Attr = ]
bigmoney.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\bigmoney.dll -> [Ver = | Size = 2150400 bytes | Modified Date
= 2/1/2008 10:33:29 PM | Attr = ]
binkw32.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\binkw32.dll -> [Ver = | Size = 263168 bytes | Modified Date =
4/5/2000 11:00:00 PM | Attr = ]
bookworm.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\bookworm.dll -> [Ver = 2.0.0.6 | Size = 2220032 bytes |
Modified Date = 2/1/2008 10:42:07 PM | Attr = ]
chuzzle.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\chuzzle.dll -> [Ver = | Size = 2269184 bytes | Modified Date
= 2/1/2008 10:37:01 PM | Attr = ]
DSETUP.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\DSETUP.dll -> Microsoft Corporation [Ver = 4.9.0.0904 | Size =
77160 bytes | Modified Date = 7/19/2007 7:55:30 PM | Attr = ]
dsetup32.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\dsetup32.dll -> Microsoft Corporation [Ver = 4.9.0.0904 | Size
= 1673576 bytes | Modified Date = 7/19/2007 7:55:16 PM | Attr = ]
InstHelp.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\InstHelp.dll -> [Ver = | Size = 57344 bytes | Modified Date =
10/12/2004 11:14:18 AM | Attr = ]
lingo.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\lingo.dll -> [Ver = | Size = 2048000 bytes | Modified Date =
2/2/2008 11:05:27 AM | Attr = ]
SIntf16.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\SIntf16.dll -> [Ver = | Size = 12305 bytes | Modified Date =
10/15/2007 7:03:33 PM | Attr = ]
SIntf32.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\SIntf32.dll -> [Ver = | Size = 20016 bytes | Modified Date =
10/15/2007 7:03:33 PM | Attr = ]
SIntfNT.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\SIntfNT.dll -> [Ver = | Size = 24744 bytes | Modified Date =
10/15/2007 7:03:33 PM | Attr = ]
swt-awt-win32-3346.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\swt-awt-win32-3346.dll -> Eclipse Foundation [Ver = 3.346 |
Size = 32768 bytes | Modified Date = 3/27/2008 11:55:31 PM | Attr = ]
swt-win32-3346.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\swt-win32-3346.dll -> Eclipse Foundation [Ver = 3.346 | Size =
307200 bytes | Modified Date = 3/27/2008 11:55:31 PM | Attr = ]
211 C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp files ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp ->
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> C:\Documents and
Settings\DEMON_GRUB\Local Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> [Folder
| Modified Date = 4/6/2007 8:29:50 PM | Attr = ]
5085858.DLL -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\5085858.DLL -> [Ver = | Size = 28160
bytes | Modified Date = 7/19/2002 3:19:34 PM | Attr = R ]
HSAPI.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\HSAPI.dll -> [Ver = | Size = 55808
bytes | Modified Date = 7/19/2002 3:19:34 PM | Attr = R ]
Instaide.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\Instaide.dll -> Palm Computing, Inc., a
3Com Company [Ver = 3.0.1 | Size = 195584 bytes | Modified Date = 7/19/2002
3:19:34 PM | Attr = R ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{036FD8FD-01B8-4B4F-9C74-8CE7476ACEA9}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{036FD8FD-01B8-4B4F-9C74-8CE7476ACEA9} -> [Folder | Modified
Date = 11/10/2008 7:26:15 AM | Attr = ]
_Setup.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{036FD8FD-01B8-4B4F-9C74-8CE7476ACEA9}\_Setup.dll ->
Macrovision Corporation [Ver = 12.0.49974 | Size = 152496 bytes | Modified
Date = 5/17/2006 10:21:06 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{1A4BC773-4C8E-401A-83BC-4CBD98989031}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{1A4BC773-4C8E-401A-83BC-4CBD98989031} -> [Folder | Modified
Date = 11/9/2008 3:48:47 PM | Attr = ]
_Setup.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{1A4BC773-4C8E-401A-83BC-4CBD98989031}\_Setup.dll ->
Macrovision Corporation [Ver = 12.0.49974 | Size = 152496 bytes | Modified
Date = 5/17/2006 10:21:06 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0} -> [Folder | Modified
Date = 11/9/2008 3:23:42 PM | Attr = ]
ISSetup.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0}\ISSetup.dll ->
Macrovision Corporation [Ver = 12.0.58849 | Size = 492032 bytes | Modified
Date = 1/19/2007 11:05:28 PM | Attr = ]
_Setup.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0}\_Setup.dll ->
Macrovision Corporation [Ver = 12.0.49974 | Size = 152496 bytes | Modified
Date = 5/17/2006 10:21:06 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5} -> [Folder | Modified
Date = 11/9/2008 2:38:42 PM | Attr = ]
ISSetup.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5}\ISSetup.dll ->
Macrovision Corporation [Ver = 12.0.58849 | Size = 492032 bytes | Modified
Date = 1/19/2007 11:05:28 PM | Attr = ]
_Setup.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5}\_Setup.dll ->
Macrovision Corporation [Ver = 12.0.49974 | Size = 152496 bytes | Modified
Date = 5/17/2006 10:21:06 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\7345671\ ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\7345671 -> [Folder
| Modified Date = 4/12/2007 12:16:59 AM | Attr = ]
ywiseext.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\7345671\ywiseext.dll -> Yahoo! Inc. [Ver = 2007, 3, 7, 1 | Size
= 102400 bytes | Modified Date = 3/7/2007 12:52:18 PM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RarSFX2\ ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RarSFX2 -> [Folder
| Modified Date = 4/13/2008 12:01:08 PM | Attr = ]
sporder.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\sporder.dll -> Microsoft Corporation [Ver = 5.00.2134.1
| Size = 8464 bytes | Modified Date = 8/7/2007 7:01:31 PM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RSPSoftware\ ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RSPSoftware ->
[Folder | Modified Date = 1/26/2008 11:07:00 AM | Attr = ]
rspov2701.dll -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RSPSoftware\rspov2701.dll -> RSP Software -
http://rspsoftware.clic3.net [Ver = 1, 0, 0, 1 | Size = 196608 bytes |
Modified Date = 1/26/2008 11:07:00 AM | Attr = ]

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #13 (permalink)  
Old 11-12-2008, 12:23 PM
ralph rosancrans
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\ -> C:\Documents and
Settings\DEMON_GRUB\Local Settings\Temp -> [Folder | Modified Date =
11/12/2008 6:26:01 AM | Attr = ]
Perflib_Perfdata_a7c.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\Perflib_Perfdata_a7c.dat -> [Ver = | Size = 16384 bytes |
Modified Date = 12/14/2007 1:30:06 PM | Attr = ]
Perflib_Perfdata_abc.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\Perflib_Perfdata_abc.dat -> [Ver = | Size = 16384 bytes |
Modified Date = 3/5/2008 1:15:30 PM | Attr = ]
Perflib_Perfdata_d6c.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\Perflib_Perfdata_d6c.dat -> [Ver = | Size = 16384 bytes |
Modified Date = 12/24/2007 1:43:08 PM | Attr = ]
Perflib_Perfdata_d78.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\Perflib_Perfdata_d78.dat -> [Ver = | Size = 16384 bytes |
Modified Date = 12/3/2007 1:27:55 AM | Attr = ]
211 C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp files ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RarSFX2\ ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\RarSFX2 -> [Folder
| Modified Date = 4/13/2008 12:01:08 PM | Attr = ]
afuinst64.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\afuinst64.dat -> [Ver = 7, 1, 0, 377 | Size = 317440
bytes | Modified Date = 7/3/2007 12:14:31 PM | Attr = ]
avgfinst.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\avgfinst.dat -> AVG Technologies CZ, s.r.o. [Ver =
8.0.0.86 | Size = 189952 bytes | Modified Date = 3/12/2008 12:28:29 PM | Attr
= ]
BUYLNK.DAT -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\BUYLNK.DAT -> [Ver = | Size = 47 bytes | Modified
Date = 3/27/2008 1:26:29 PM | Attr = ]
files.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\files.dat -> [Ver = | Size = 105571682 bytes |
Modified Date = 3/12/2008 12:29:00 PM | Attr = ]
setup.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\setup.dat -> [Ver = | Size = 836669 bytes | Modified
Date = 3/12/2008 12:28:28 PM | Attr = ]
trialkey.dat -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RarSFX2\trialkey.dat -> [Ver = | Size = 67 bytes | Modified
Date = 3/26/2008 11:26:07 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\ -> C:\Documents
and Settings\DEMON_GRUB\Local Settings\Temp -> [Folder | Modified Date =
11/12/2008 6:26:01 AM | Attr = ]
RunTime.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\RunTime.ini -> [Ver = | Size = 578 bytes | Modified Date =
12/10/2007 4:43:41 PM | Attr = ]
{AC76BA86-7AD7-1033-7B44-A81100000003}.ini -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{AC76BA86-7AD7-1033-7B44-A81100000003}.ini -> [Ver = | Size =
761 bytes | Modified Date = 3/31/2008 9:09:30 PM | Attr = ]
{AC76BA86-7AD7-1033-7B44-A81200000003}.ini -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{AC76BA86-7AD7-1033-7B44-A81200000003}.ini -> [Ver = | Size =
578 bytes | Modified Date = 3/31/2008 9:10:06 PM | Attr = ]
211 C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp files ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\*.tmp ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\_is8D\ ->
C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\_is8D -> [Folder |
Modified Date = 4/2/2007 11:42:42 PM | Attr = ]
0x0404.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0404.ini -> [Ver = | Size = 3261 bytes | Modified
Date = 4/2/2007 11:41:29 PM | Attr = ]
0x0406.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0406.ini -> [Ver = | Size = 4855 bytes | Modified
Date = 4/2/2007 11:41:29 PM | Attr = ]
0x0407.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0407.ini -> [Ver = | Size = 5140 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x0409.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0409.ini -> [Ver = | Size = 4632 bytes | Modified
Date = 4/2/2007 11:41:29 PM | Attr = ]
0x040a.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x040a.ini -> [Ver = | Size = 5275 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x040b.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x040b.ini -> [Ver = | Size = 4734 bytes | Modified
Date = 4/2/2007 11:41:29 PM | Attr = ]
0x040c.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x040c.ini -> [Ver = | Size = 5406 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x0410.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0410.ini -> [Ver = | Size = 5130 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x0411.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0411.ini -> [Ver = | Size = 5014 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x0412.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0412.ini -> [Ver = | Size = 4303 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x0413.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0413.ini -> [Ver = | Size = 5118 bytes | Modified
Date = 4/2/2007 11:41:29 PM | Attr = ]
0x0414.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0414.ini -> [Ver = | Size = 4810 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x041d.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x041d.ini -> [Ver = | Size = 4636 bytes | Modified
Date = 4/2/2007 11:41:30 PM | Attr = ]
0x0804.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\0x0804.ini -> [Ver = | Size = 3326 bytes | Modified
Date = 4/2/2007 11:41:29 PM | Attr = ]
Setup.INI -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\Setup.INI -> [Ver = | Size = 1440 bytes | Modified Date
= 4/2/2007 11:41:29 PM | Attr = ]
_ISMSIDEL.INI -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\_is8D\_ISMSIDEL.INI -> [Ver = | Size = 1203 bytes | Modified
Date = 4/2/2007 11:42:43 PM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{036FD8FD-01B8-4B4F-9C74-8CE7476ACEA9}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{036FD8FD-01B8-4B4F-9C74-8CE7476ACEA9} -> [Folder | Modified
Date = 11/10/2008 7:26:15 AM | Attr = ]
setup.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{036FD8FD-01B8-4B4F-9C74-8CE7476ACEA9}\setup.ini -> [Ver = |
Size = 530 bytes | Modified Date = 11/10/2008 7:26:15 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{10FA3AC0-F365-45AA-91F8-15062AB71267}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{10FA3AC0-F365-45AA-91F8-15062AB71267} -> [Folder | Modified
Date = 11/10/2008 7:26:16 AM | Attr = ]
corecomp.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{10FA3AC0-F365-45AA-91F8-15062AB71267}\corecomp.ini -> [Ver =
| Size = 65503 bytes | Modified Date = 5/16/2006 10:58:14 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{1A4BC773-4C8E-401A-83BC-4CBD98989031}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{1A4BC773-4C8E-401A-83BC-4CBD98989031} -> [Folder | Modified
Date = 11/9/2008 3:48:47 PM | Attr = ]
setup.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{1A4BC773-4C8E-401A-83BC-4CBD98989031}\setup.ini -> [Ver = |
Size = 530 bytes | Modified Date = 11/9/2008 3:48:46 PM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0} -> [Folder | Modified
Date = 11/9/2008 3:23:42 PM | Attr = ]
setup.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{55635896-3D3A-4C83-835D-4928834B2DB0}\setup.ini -> [Ver = |
Size = 530 bytes | Modified Date = 11/9/2008 3:23:41 PM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F657DB93-03AE-48DC-BFD7-E0B839AF9FBD}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{F657DB93-03AE-48DC-BFD7-E0B839AF9FBD} -> [Folder | Modified
Date = 11/9/2008 2:38:42 PM | Attr = ]
corecomp.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F657DB93-03AE-48DC-BFD7-E0B839AF9FBD}\corecomp.ini -> [Ver =
| Size = 65503 bytes | Modified Date = 5/16/2006 10:58:14 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F6EF2C8D-BDFF-41E3-A552-6DD8D7D73892}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{F6EF2C8D-BDFF-41E3-A552-6DD8D7D73892} -> [Folder | Modified
Date = 11/9/2008 3:48:49 PM | Attr = ]
corecomp.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F6EF2C8D-BDFF-41E3-A552-6DD8D7D73892}\corecomp.ini -> [Ver =
| Size = 65503 bytes | Modified Date = 5/16/2006 10:58:14 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F92532F9-CFE5-442D-8454-2B54EAA23C67}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{F92532F9-CFE5-442D-8454-2B54EAA23C67} -> [Folder | Modified
Date = 11/9/2008 3:23:43 PM | Attr = ]
corecomp.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{F92532F9-CFE5-442D-8454-2B54EAA23C67}\corecomp.ini -> [Ver =
| Size = 65503 bytes | Modified Date = 5/16/2006 10:58:14 AM | Attr = ]
C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5}\ -> C:\Documents and
Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5} -> [Folder | Modified
Date = 11/9/2008 2:38:42 PM | Attr = ]
setup.ini -> C:\Documents and Settings\DEMON_GRUB\Local
Settings\Temp\{FC7E1921-97C8-4110-8AF5-ABBBBEFB3BA5}\setup.ini -> [Ver = |
Size = 530 bytes | Modified Date = 11/9/2008 2:38:41 PM | Attr = ]
C:\WINDOWS\Temp\Cookies\ -> C:\WINDOWS\Temp\Cookies -> [Folder | Modified
Date = 4/6/2007 7:29:02 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [Ver = | Size = 16384
bytes | Modified Date = 1/9/2008 9:56:01 PM | Attr = ]
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\
-> [Folder | Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [Ver = |
Size = 32768 bytes | Modified Date = 1/9/2008 9:56:01 PM | Attr = ]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ ->
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified
Date = 4/6/2007 7:29:02 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat
-> [Ver = | Size = 32768 bytes | Modified Date = 1/9/2008 9:56:01 PM | Attr
= ]
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\
-> [Folder | Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]
desktop.ini -> C:\WINDOWS\Temp\History\History.IE5\desktop.ini -> [Ver = |
Size = 113 bytes | Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ ->
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified
Date = 4/6/2007 7:29:02 PM | Attr = HS]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet
Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date =
4/6/2007 7:29:02 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CHA3Q7WL\ ->
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CHA3Q7WL -> [Folder |
Modified Date = 1/9/2008 9:56:06 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet
Files\Content.IE5\CHA3Q7WL\desktop.ini -> [Ver = | Size = 67 bytes |
Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CXY30ZIX\ ->
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CXY30ZIX -> [Folder |
Modified Date = 1/9/2008 9:56:08 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet
Files\Content.IE5\CXY30ZIX\desktop.ini -> [Ver = | Size = 67 bytes |
Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\KLUB85QL\ ->
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\KLUB85QL -> [Folder |
Modified Date = 1/9/2008 9:56:08 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet
Files\Content.IE5\KLUB85QL\desktop.ini -> [Ver = | Size = 67 bytes |
Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\YB8PIJAL\ ->
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\YB8PIJAL -> [Folder |
Modified Date = 1/9/2008 9:56:07 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet
Files\Content.IE5\YB8PIJAL\desktop.ini -> [Ver = | Size = 67 bytes |
Modified Date = 4/6/2007 7:29:02 PM | Attr = HS]

< End of report >
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #14 (permalink)  
Old 11-13-2008, 02:25 AM
Bill Blanton
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application
Open a cmd prompt. Start > Run... [type in] cmd > Ok
At the prompt, enter the following commands:

attrib -h -r -s C:\Autorun.inf

del C:\Autorun.inf

attrib -h -r -s D:\Autorun.inf

del D:\Autorun.inf


etc.


(do this for every drive letter (C: D: E: etc) and do NOT open any drives with
Explorer until you're completed)



Here are a couple of useful links previously posted in this thread

Kaspersky Antivirus (http://www.kaspersky.com/virusscanner)
Panda ActiveScan (http://www.pandasoftware.com/activescan)







"ralph rosancrans" <ralph rosancrans@discussions.microsoft.com> wrote in message
news:9BAAE10C-6D6A-4D77-85A3-8E46E51BF126@microsoft.com...
> im having the same prob with C:\resycled\boot.com ad all of my drives now i
> tryed doin the cmd thing it sed that the attrib -h -r -s C:\Autorun.inf and
> c:\Autorun.inf and ether were found i have the OTScanIt can sum 1 help me


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #15 (permalink)  
Old 11-13-2008, 02:27 AM
Bill Blanton
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application
This "forum" doesn't generally accept scanner logs. See my previous reply.

"ralph rosancrans" <ralphrosancrans@discussions.microsoft.com> wrote in message
news:45BB485F-6007-48BF-B3DD-07B2E7A85761@microsoft.com...
> C:\Documents and Settings\DEMON_GRUB\Local Settings\Temp\ -> C:\Documents and
> Settings\DEMON_GRUB\Local Settings\Temp -> [Folder | Modified Date =
> 11/12/2008 6:26:01 AM | Attr = ]
> Perflib_Perfdata_a7c.dat -> C:\Documents and Settings\DEMON_GRUB\Local
> Settings\Temp\Perflib_Perfdata_a7c.dat -> [Ver = | Size = 16384 bytes |
> Modified Date = 12/14/2007 1:30:06 PM | Attr = ]
> Perflib_Perfdata_abc.dat -> C:\Documents and Settings\DEMON_GRUB\Local


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #16 (permalink)  
Old 11-16-2008, 07:23 PM
dvdenglr
 
Posts: n/a
RE: C:\resycled\boot.com is not a valid Win32 application
I have the same problem exept C: works fine, Its all my other hard drives
that this is happening to.

"Marks" wrote:

> I can't open c: when double click on it but pop up a message
> "C:\resycled\boot.com is not a valid Win32 application". Please help.
> Thanks.
>
>
>
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #17 (permalink)  
Old 11-26-2008, 04:15 PM
Richard
 
Posts: n/a
RE: C:\resycled\boot.com is not a valid Win32 application


"Marks" wrote:

> I can't open c: when double click on it but pop up a message
> "C:\resycled\boot.com is not a valid Win32 application". Please help.
> not only c drive almost all the drives.
Thanks.
>
>
>
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #18 (permalink)  
Old 11-30-2008, 05:44 PM
laurie
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application

here is my logfile:
Logfile of HijackThis v1.99.1
Scan saved at 17:36:17, on 30/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\LVComsX.exe
C:\Documents and Settings\Lauren1\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.logitech.com/msnmsg
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyServer = http=127.0.0.1:9090
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = *.local;<local>
O4 - HKLM\..\Run: [AS00_WN311B] C:\Program
Files\NETGEAR\WN311B\Utility\WN311B.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common
Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common
Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdptu.exe]
C:\WINDOWS\system32\kdptu.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common
Files\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows
Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Acme.PCHButton]
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\ PCHButton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE"
/background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program
Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program
files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) -
https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{01A8033F-7BC4-45DB-8913-C399E8E1E28C}:
NameServer = 85.255.112.113;85.255.112.73
O17 -
HKLM\System\CCS\Services\Tcpip\..\{828A1076-8579-481E-BDD9-ABD78DE5D3E4}:
NameServer = 85.255.112.113;85.255.112.73
O17 -
HKLM\System\CS1\Services\Tcpip\..\{01A8033F-7BC4-45DB-8913-C399E8E1E28C}:
NameServer = 85.255.112.113;85.255.112.73
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -
C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll
(file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program
Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation -
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe


p.s my removal programmes: malwarebytes', spybot and ad-aware are not
removing the repeated infected items. obviously i haven't got a clue
what to do! also when i try and download live messenger the download
page cannot be displayed or when i use google i am directed to other
pages?!


--
laurie
------------------------------------------------------------------------
laurie's Profile: http://forums.techarena.in/members/laurie.htm
View this thread: http://forums.techarena.in/windows-x...rt/1064141.htm

http://forums.techarena.in

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #19 (permalink)  
Old 11-30-2008, 06:45 PM
laurie
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application

i have read about a system 32 trojan
although system32 is crucial for windows??


--
laurie
------------------------------------------------------------------------
laurie's Profile: http://forums.techarena.in/members/laurie.htm
View this thread: http://forums.techarena.in/windows-x...rt/1064141.htm

http://forums.techarena.in

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #20 (permalink)  
Old 11-30-2008, 07:49 PM
The Real Truth MVP
 
Posts: n/a
Re: C:\resycled\boot.com is not a valid Win32 application
Your system is infected with the Zlob DNS Changer see here
http://www.google.com/search?hl=en&r...nger&spell= 1




--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/




"laurie" <laurie.3jpana@DoNotSpam.com> wrote in message
news:laurie.3jpana@DoNotSpam.com...
>
> here is my logfile:
> Logfile