Thread: Browser hijacker, backdoor.haxdoor, etc
View Single Post
Old 08-10-2007, 08:35 PM   #8 (permalink)
Ioo
Registered User
 
Join Date: Aug 2007
Posts: 15
OS: xp


Re: Browser hijacker, backdoor.haxdoor, etc
I have just realized that I've wrongfully posted a HJT log instead of DSS's.Sorry for my misconception..Here it is with a delay:



Deckard's System Scanner v20070809.63
Run by Serap on 2007-08-11 at 05:17:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; System Restore is disabled (service is not running).


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 503 MiB (512 MiB recommended).


-- HijackThis (run as Serap.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 05:19:03, on 11.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Keyboard Manager\Manager Utility\KeyboardManager.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Serap\Desktop\dss.exe
C:\PROGRA~1\Suxo\Serap.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Keyboard Manager Utility] "C:\Program Files\Keyboard Manager\Manager Utility\KeyboardManager.exe" /lang en /H
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1186416810968
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...95/mcfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.6.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.6.0>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 qkbfiltr (Quanta HotKey Keyboard Filter Driver) - c:\windows\system32\drivers\qkbfiltr.sys <Not Verified; Quanta Computer, Inc.; Quanta HotKey Keyboard Filter Driver>

S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
S3 CO_Mon - c:\windows\system32\drivers\co_mon.sys
S3 qmofiltr (Quanta HotKey Mouse Filter Driver) - c:\windows\system32\drivers\qmofiltr.sys <Not Verified; Quanta Computer, Inc.; Quanta Mouse Filter Device Driver>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service>
R2 OwnershipProtocol - c:\program files\intel\wireless\bin\oprotsvc.exe <Not Verified; Intel Corporation; Intel PROSet/Wireless>
R2 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>

S2 MWAgent -
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-07-11 and 2007-08-11 -----------------------------

2007-08-11 05:04:52 0 d-------- C:\WINDOWS\McAfee.com
2007-08-11 05:04:49 0 d-------- C:\WINDOWS\LastGood
2007-08-11 01:45:37 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-08-11 01:45:12 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-08-11 01:45:12 0 d-------- C:\Documents and Settings\serap\Application Data\SUPERAntiSpyware.com
2007-08-10 20:52:22 0 d-------- C:\Documents and Settings\serap\Application Data\HouseCall 6.6
2007-08-10 20:44:25 0 d-------- C:\WINDOWS\BDOSCAN8
2007-08-10 17:30:27 28672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-08-10 11:24:43 0 d-------- C:\WINDOWS\Prefetch
2007-08-09 13:54:58 90112 --a------ C:\WINDOWS\system32\RegDACL.exe <Not Verified; Frank Heyne Software; RegTools>
2007-08-09 08:46:05 82258 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-08-09 08:46:05 82258 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-08-09 08:45:17 0 d-------- C:\Program Files\Kaspersky Lab
2007-08-09 08:45:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-08-09 08:45:15 149792 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-08-09 08:45:15 3112736 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-08-08 22:29:49 111904 --a------ C:\WINDOWS\winsbak2.reg
2007-08-08 22:29:49 15676 --a------ C:\WINDOWS\winsbak.reg
2007-08-08 22:29:46 0 d-------- C:\Documents and Settings\NetworkService\Desktop
2007-08-08 22:29:46 0 d-------- C:\Documents and Settings\LocalService\Templates
2007-08-08 22:29:46 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2007-08-08 22:29:46 0 d-------- C:\Documents and Settings\LocalService\Sık Kullanılanlar
2007-08-08 22:29:46 0 d-------- C:\Documents and Settings\LocalService\Desktop
2007-08-08 22:29:46 0 d-------- C:\Documents and Settings\LocalService\Belgeler
2007-08-08 22:29:16 126976 --a------ C:\WINDOWS\system32\mwnsp.dll <Not Verified; MicroWorld Technologies Inc.; MicroWorld Internet Traffic Scanner>
2007-08-08 22:29:16 1044480 --a------ C:\WINDOWS\system32\contfilt.dll <Not Verified; MicroWorld Technologies Inc.; contfilt>
2007-08-08 22:29:15 7680 --a------ C:\WINDOWS\sporder.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
2007-08-08 22:29:15 9488 --a------ C:\WINDOWS\sporder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
2007-08-08 22:29:14 130560 --a------ C:\WINDOWS\system32\ZIPDLL.DLL <Not Verified; ; BCB/Delphi Zip>
2007-08-08 22:29:14 125440 --a------ C:\WINDOWS\system32\UNZDLL.DLL <Not Verified; ; BCB/Delphi UnZip>
2007-08-08 22:29:14 356352 --a------ C:\WINDOWS\system32\mwtsp.dll <Not Verified; MicroWorld Technologies Inc.; MicroWorld Internet Traffic Scanner>
2007-08-08 17:51:34 925184 --a------ C:\Program Files\Grabber.exe <Not Verified; CMS; >
2007-08-07 19:33:39 0 d-------- C:\Program Files\KCeasy
2007-08-06 19:47:34 0 d-------- C:\Program Files\Classic Menu for Office
2007-08-06 17:48:18 0 d-------- C:\Program Files\Microsoft Works
2007-08-06 17:45:29 0 d-------- C:\Program Files\Microsoft.NET
2007-08-06 17:40:30 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-08-06 17:35:47 0 d-------- C:\WINDOWS\SHELLNEW
2007-08-06 17:34:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-08-06 17:33:25 0 d-------- C:\MSOCache
2007-08-05 19:59:50 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2007-08-05 19:59:47 0 d-------- C:\Program Files\SpywareBlaster
2007-08-05 19:46:56 536811 --a------ C:\Program Files\ie-spyad.exe
2007-08-05 18:39:52 0 d-------- C:\Program Files\Google
2007-08-05 17:28:30 0 d-------- C:\Documents and Settings\serap\Application Data\CyberLink
2007-08-05 15:51:45 66048 --a------ C:\Program Files\BFU.exe <Not Verified; Soeperman Enterprises Ltd.; BFU>
2007-08-05 14:58:40 0 d-------- C:\WINDOWS\ERUNT
2007-08-04 21:51:11 0 d-------- C:\Program Files\MSBuild
2007-08-04 21:47:03 0 d-------- C:\WINDOWS\system32\XPSViewer
2007-08-04 21:45:50 0 d-------- C:\Program Files\Reference Assemblies
2007-08-04 08:36:30 0 d-------- C:\WINDOWS\system32\tr-tr
2007-08-04 08:31:18 0 d-------- C:\WINDOWS\network diagnostic
2007-08-04 07:40:44 0 d-------- C:\Program Files\Java
2007-08-04 07:40:41 0 d-------- C:\Program Files\Common Files\Java
2007-08-04 04:53:37 0 d-------- C:\WINDOWS\Sun
2007-08-04 04:35:49 0 d-------- C:\WINDOWS\pss
2007-08-04 03:30:00 0 d-------- C:\Documents and Settings\serap\Application Data\Sun
2007-08-04 02:57:09 0 d-------- C:\Documents and Settings\serap\Contacts
2007-08-04 00:20:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-08-03 23:56:46 0 d-------- C:\Program Files\Lavasoft
2007-08-03 23:56:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-08-03 23:56:05 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-03 23:49:54 50688 --a------ C:\Program Files\ATF-Cleaner.exe <Not Verified; Atribune.org; ATF Cleaner>
2007-08-03 23:41:19 0 d-------- C:\Program Files\Winamp
2007-08-03 23:34:30 0 d-------- C:\Documents and Settings\serap\Application Data\Ahead
2007-08-03 23:33:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-08-03 23:30:31 0 d-------- C:\Program Files\Nero
2007-08-03 23:30:31 0 d-------- C:\Program Files\Common Files\Ahead
2007-08-03 23:30:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-08-03 23:18:29 0 d-------- C:\Documents and Settings\serap\Application Data\AdobeUM
2007-08-03 23:17:53 0 d-------- C:\Documents and Settings\serap\Application Data\Adobe
2007-08-03 23:17:23 0 d-------- C:\WINDOWS\Downloaded Installations
2007-08-03 23:00:38 0 d-------- C:\Program Files\Microsoft DirectX SDK (June 2007)
2007-08-03 22:55:13 0 d-------- C:\WINDOWS\system32\URTTemp
2007-08-03 22:08:00 0 d-------- C:\Program Files\Suxo
2007-08-03 21:57:33 0 d-------- C:\WINDOWS\Dictionary
2007-08-03 21:57:32 0 d-------- C:\Program Files\English Fast
2007-08-03 21:55:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-08-03 21:55:48 0 d-------- C:\Program Files\Common Files\Adobe
2007-08-03 21:28:15 0 d-------- C:\Program Files\XP Lite
2007-08-03 21:22:31 0 d-------- C:\Program Files\Godlike Developers
2007-08-03 21:22:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-08-03 21:21:15 1356288 --a------ C:\Program Files\pqremove.com
2007-08-03 21:19:37 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-08-03 21:12:47 0 d-------- C:\Program Files\CyberLink
2007-08-03 2117 0 d-------- C:\Program Files\Windows Live
2007-08-03 2110 0 d-------- C:\Program Files\Messenger Plus! Live
2007-08-03 20:50:14 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intel
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Templates
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Start Menu
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Sık Kullanılanlar
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\SendTo
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Recent
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\PrintHood
2007-08-03 20:49:59 487424 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\NetHood
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Local Settings
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Cookies
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Belgelerim
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Application Data
2007-08-03 20:49:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-08-03 18:20:39 0 d-------- C:\Program Files\MoonStar
2007-08-03 18:18:34 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-08-03 18:17:25 0 d-------- C:\Program Files\MSN Messenger
2007-08-03 17:49:41 0 d-------- C:\Documents and Settings\serap\Application Data\Macromedia
2007-08-03 17:07:08 0 d-------- C:\Program Files\Windows Media Connect 2
2007-08-03 17:03:10 0 d-------- C:\WINDOWS\system32\LogFiles
2007-08-03 17:03:10 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-08-03 16:57:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-08-03 16:47:12 0 d--hs---- C:\Documents and Settings\serap\UserData
2007-08-03 16:24:18 0 d-------- C:\WINDOWS\system32\PreInstall
2007-08-03 16:18:14 0 d-------- C:\Documents and Settings\serap\Application Data\Google
2007-08-03 16:17:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-08-03 15:58:23 0 d-------- C:\WINDOWS\$hf_mig$
2007-08-03 15:32:11 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-08-03 02:23:27 0 d--hs---- C:\WINDOWS\Installer
2007-08-03 02:23:26 0 d-------- C:\Program Files\Common Files\ODBC
2007-08-03 02:23:21 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-08-03 02:23:20 0 dr------- C:\Program Files
2007-08-03 02:23:20 0 d-------- C:\Program Files\Common Files
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Templates
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Start Menu
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Sık Kullanılanlar
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\SendTo
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Recent
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\PrintHood
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\NetHood
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Local Settings
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Cookies
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\Default User\Belgelerim
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\All Users\Templates
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\All Users\Start Menu
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\All Users\Sık Kullanılanlar
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-08-03 02:22:46 0 d-------- C:\Documents and Settings\All Users\Belgeler
2007-08-03 02:22:28 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-08-03 02:22:28 0 d-------- C:\WINDOWS\system32\CatRoot
2007-08-03 02:22:23 0 d-------- C:\Documents and Settings\Default User\Application Data
2007-08-03 02:22:23 0 d-------- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-08-03 02:22:22 0 d-------- C:\Documents and Settings\All Users\Application Data
2007-08-03 02:22:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-08-03 02:21:38 0 d-------- C:\Documents and Settings
2007-08-03 02:16:31 0 d--hs---- C:\System Volume Information
2007-08-03 02:14:01 0 d-------- C:\WINDOWS
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\WinSxS
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Web
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\twain_32
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\wins
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\wbem
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\usmt
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\spool
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\ShellExt
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\Setup
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\ras
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\oobe
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\npp
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\mui
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\inetsrv
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\IME
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\icsxml
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\ias
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\export
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\drivers
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-08-03 02:14:01 0 d------c- C:\WINDOWS\system32\dllcache
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\dhcp
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\config
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\3076
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\2052
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1055
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1054
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1042
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1041
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1037
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1033
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1031
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1028
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system32\1025
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\system
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\security
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Resources
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\repair
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Provisioning
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\PeerNet
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\pchealth
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\msapps
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\msagent
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Media
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\java
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\inf
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\ime
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Help
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Fonts
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Driver Cache
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Debug
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\Cursors
2007-08-03 02:14:01 0 d-------- C:\WINDOWS\AppPatch
2007-08-03 00:51:20 0 d-------- C:\Temp
2007-08-03 00:46:44 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-08-03 00:44:25 153088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2007-08-03 00:44:25 75264 --a------ C:\WINDOWS\system32\unacev2.dll
2007-08-03 00:44:23 0 d-------- C:\Program Files\Trojan Remover
2007-08-03 00:44:23 0 d-------- C:\Documents and Settings\serap\Application Data\Simply Super Software
2007-08-03 00:44:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2007-08-03 00:34:42 0 d-------- C:\Documents and Settings\serap\Application Data\WinRAR
2007-08-03 00:12:10 63488 -ra------ C:\WINDOWS\system32\drivers\wssbtr1f.sys <Not Verified; National Semiconductor Sweden AB; National Semiconductor Sweden AB BlueCard PCMCIA driver>
2007-08-03 00:12:10 48556 -ra------ C:\WINDOWS\system32\drivers\SktBt2k.sys <Not Verified; Socket Communications, Inc.; SIO9502K>
2007-08-03 00:12:10 77824 -ra------ C:\WINDOWS\system32\drivers\SioUi2k.dll <Not Verified; Socket Communications Inc.; 16C950>
2007-08-03 00:12:10 48076 -ra------ C:\WINDOWS\system32\drivers\Sio9502k.sys <Not Verified; Socket Communications, Inc.; SIO9502K>
2007-08-03 00:12:10 40960 -ra------ C:\WINDOWS\system32\drivers\SCTray.exe <Not Verified; Socket Communications Inc.; SCTray>
2007-08-03 00:12:10 51169 -ra------ C:\WINDOWS\system32\drivers\OXSER.SYS <Not Verified; OEM; OX16C95x>
2007-08-03 00:12:05 13304 --a------ C:\WINDOWS\system32\drivers\BTNetFilter.sys
2007-08-03 00:12:04 11736 --a------ C:\WINDOWS\system32\drivers\VHIDMini.sys <Not Verified; IVT Corporation; IVT BlueSoleil>
2007-08-03 00:12:04 82148 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys <Not Verified; IVT Corporation; BlueSoleil>
2007-08-03 00:12:04 61312 --a------ C:\WINDOWS\system32\drivers\VComm.sys <Not Verified; IVT Corporation; BlueSoleil>
2007-08-03 00:12:04 11860 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys
2007-08-03 00:12:04 116021 --a------ C:\WINDOWS\system32\drivers\fw203x.sys <Not Verified; Broadcom; >
2007-08-03 00:12:04 10804 --a------ C:\WINDOWS\system32\drivers\BtNetDrv.sys <Not Verified; IVT Corporation; BlueSoleil>
2007-08-03 00:12:04 28271 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
2007-08-03 00:12:04 23000 --a------ C:\WINDOWS\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
2007-08-03 00:12:04 20096 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
2007-08-03 00:12:04 7680 --a------ C:\WINDOWS\system32\btinstall.dll <Not Verified; IVT Corporation; BlueSoleil>
2007-08-03 00:12:04 49152 --a------ C:\WINDOWS\system32\btfunc.dll <Not Verified; IVT Corporation; BlueSoleil>
2007-08-02 23:58:58 0 d-------- C:\Documents and Settings\serap\Application Data\Intel
2007-08-02 23:58:36 17119 --a------ C:\WINDOWS\system32\drivers\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.6.0>
2007-08-02 23:58:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
2007-08-02 23:57:28 1654784 --a------ C:\WINDOWS\system32\W29MLRES.DLL <Not Verified; Intel Corporation; Intel(R) PRO/Wireless 2915ABG Network Connection>
2007-08-02 23:54:56 0 d-------- C:\Program Files\Synaptics
2007-08-02 23:54:26 0 d-------- C:\WINDOWS\Motorola
2007-08-02 23:54:02 0 d-------- C:\Program Files\Keyboard Manager
2007-08-02 23:53:19 0 d-------- C:\Program Files\Intel
2007-08-02 23:52:25 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-08-02 23:51:40 0 d-------- C:\WINDOWS\tiinst
2007-08-02 23:50:24 0 d-------- C:\WINDOWS\system32\Lang
2007-08-02 23:46:23 294912 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2007-08-02 23:46:18 0 d-------- C:\WINDOWS\system32\RTCOM
2007-08-02 23:46:18 40960 -r------- C:\WINDOWS\system32\ChCfg.exe
2007-08-02 23:45:58 0 d-------- C:\Program Files\Realtek
2007-08-02 23:45:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-02 23:45:51 487424 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-08-02 23:45:46 0 d-------- C:\Program Files\Common Files\InstallShield
2007-08-02 23:41:26 0 d-------- C:\Documents and Settings\serap\Application Data\Identities
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\SendTo
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\Recent
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\PrintHood
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\NetHood
2007-08-02 23:41:17 0 d--h----- C:\Documents and Settings\serap\Local Settings
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\Desktop
2007-08-02 23:41:17 0 d--hs---- C:\Documents and Settings\serap\Cookies
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\Belgelerim
2007-08-02 23:41:17 0 d-------- C:\Documents and Settings\serap\Application Data
2007-08-02 23:41:16 0 d-------- C:\Documents and Settings\serap\Templates
2007-08-02 23:41:16 0 d-------- C:\Documents and Settings\serap\Start Menu
2007-08-02 23:41:16 0 d-------- C:\Documents and Settings\serap\Sık Kullanılanlar
2007-08-02 23:41:16 7602176 --a------ C:\Documents and Settings\serap\NTUSER.DAT
2007-08-02 23:39:59 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-08-02 23:39:54 0 d-------- C:\WINDOWS\system32\Microsoft
2007-08-02 23:39:52 1310720 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2007-08-02 23:39:52 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-08-02 23:39:52 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-08-02 23:39:52 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-08-02 23:39:52 0 d-------- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-08-02 23:39:35 1310720 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-08-02 23:39:35 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-08-02 23:39:35 0 d-------- C:\Documents and Settings\NetworkService\Cookies
2007-08-02 23:39:35 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-08-02 23:39:35 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-08-02 23:35:46 0 d-------- C:\WINDOWS\system32\xircom
2007-08-02 23:35:46 0 d-------- C:\Program Files\microsoft frontpage
2007-08-02 23:35:42 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-08-02 23:35:32 0 -rahs---- C:\MSDOS.SYS
2007-08-02 23:35:32 0 -rahs---- C:\IO.SYS
2007-08-02 23:35:32 0 --a------ C:\CONFIG.SYS
2007-08-02 23:35:32 0 -----n--- C:\AUTOEXEC.BAT
2007-08-02 23:34:19 0 d-------- C:\Documents and Settings\All Users\DRM
2007-08-02 23:34:06 0 d-------- C:\WINDOWS\Offline Web Pages
2007-08-02 23:34:06 0 d-------- C:\WINDOWS\Downloaded Program Files
2007-08-02 23:33:45 0 d-------- C:\Program Files\Online Services
2007-08-02 23:33:26 0 d-------- C:\WINDOWS\system32\DirectX
2007-08-02 23:32:53 0 d-------- C:\WINDOWS\Tasks
2007-08-02 23:32:52 0 d-------- C:\Program Files\Common Files\MSSoap
2007-08-02 23:32:47 0 d-------- C:\WINDOWS\srchasst
2007-08-02 23:32:46 0 d-------- C:\WINDOWS\system32\Macromed
2007-08-02 23:32:37 0 d-------- C:\Program Files\Movie Maker
2007-08-02 23:32:28 0 d-------- C:\WINDOWS\system32\Restore
2007-08-02 23:32:06 21736 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-08-02 23:31:43 0 d-------- C:\WINDOWS\Registration
2007-08-02 23:31:00 0 d-------- C:\Program Files\Messenger
2007-08-02 23:30:56 0 d-------- C:\Program Files\MSN Gaming Zone
2007-08-02 23:30:22 0 d-------- C:\Program Files\Windows NT
2007-08-02 23:30:18 0 d-------- C:\WINDOWS\system32\MsDtc
2007-08-02 23:30:15 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2007-08-10 14:55:09 668 --a------ C:\Program Files\grabber.ini
2007-08-06 20:12:15 415112 --a------ C:\WINDOWS\system32\perfh01F.dat
2007-08-06 20:12:15 75488 --a------ C:\WINDOWS\system32\perfc01F.dat
2007-08-03 02:22:46 62 --ahs---- C:\Documents and Settings\Serap\Application Data\desktop.ini
2007-08-02 12:54:56 42663246 --a------ C:\Program Files\avgmalware.rar


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [07.01.2005 17:07 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [12.07.2005 05:55 C:\WINDOWS\RTHDCPL.EXE]
"Keyboard Manager Utility"="C:\Program Files\Keyboard Manager\Manager Utility\KeyboardManager.exe" [12.07.2005 05:55]
"SMSERIAL"="sm56hlpr.exe" [12.07.2005 05:55 C:\WINDOWS\sm56hlpr.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [12.07.2005 05:55]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12.07.2005 05:55]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [15.10.2004 11:27]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [15.10.2004 11:31]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [14.03.2007 21:01]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [07.02.2007 16:21]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01.03.2007 15:57]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.05.2007 03:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12.07.2007 04:00]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [27.10.2006 00:47]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [15.06.2007 17:00]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [28.06.2007 12:51]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 15:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19.01.2007 12:55]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [27.06.2007 19:03]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [09.08.2007 23:01]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCpl"=0 (0x0)
"DisableChangePassword"=0 (0x0)
"DisableLockWorkstation"=0 (0x0)
"NoDispCpl"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideClock"=0 (0x0)
"NoLowDiskSpaceChecks"=0 (0x0)
"StartmenuLogoff"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"NoDeletePrinter"=0 (0x0)
"NoAddPrinter"=0 (0x0)
"NoNetworkConnections"=0 (0x0)
"NoShellSearchButton"=0 (0x0)
"NoRecentDocsNetHood"=0 (0x0)
"NoChangeAnimation"=0 (0x0)
"NoChangeKeyboardNavigationIndicators"=0 (0x0)
"NoToolbarCustomize"=0 (0x0)
"NoBandCustomize"=0 (0x0)
"NoManageMyComputerVerb"=0 (0x0)
"NoStartMenuPinnedList"=0 (0x0)
"NoStartMenuMFUprogramsList"=0 (0x0)
"NoUserNameInStartMenu"=0 (0x0)
"NoStartMenuSubFolders"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"NoRecentDocsMenu"=0 (0x0)
"NoPrinterTabs"=0 (0x0)
"NoPrinters"=0 (0x0)
"NoFavoritesMenu"=0 (0x0)
"NoSMHelp"=0 (0x0)
"NoChangeStartMenu"=0
Attached Files
File Type: txt extra.txt (12.0 KB, 1 views)
Ioo is offline