Thread: Constant Pop-ups
View Single Post
Old 10-09-2007, 11:19 AM   #1 (permalink)
WeNeedToTalk
Registered User
 
Join Date: Oct 2007
Posts: 39
OS: XP


Constant Pop-ups
Hi there.

I've been having alot of Pop-ups for the last few months - up until now it has really p***ed me off.

Pop-ups from Celldorado, Sex-Explorer, Spyware-secure, stuff like that.

I use IE7.

No spyware remover can detect it. That's why i came here.

Deckard's System Scanner v20070905.67
Run by Nick on 2007-10-09 18:03:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
14: 2007-10-09 17:04:00 UTC - RP130 - Deckard's System Scanner Restore Point
13: 2007-10-09 13:45:57 UTC - RP129 - Installed Battlefield 2 Patch v1.41
12: 2007-10-09 12:38:21 UTC - RP128 - Installed Battlefield 2 Patch v1.41
11: 2007-10-09 11:35:01 UTC - RP127 - Configured VeohTV BETA
10: 2007-10-08 15:21:05 UTC - RP126 - Installed Battlefield 2(TM)


-- First Restore Point --
1: 2007-09-28 15:32:01 UTC - RP117 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

System Drive C: has 11.44 GiB (less than 15%) free.


-- HijackThis (run as Nick.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:05:35, on 09/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\KSE\nHancer 32bit\nHancerService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Downloads\Software\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Nick.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [mtbhflryee] c:\windows\system32\mtbhflryee.exe mtbhflryee
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/soft...ch/alaunch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\KSE\nHancer 32bit\nHancerService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 5478 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 oreans32 - c:\windows\system32\drivers\oreans32.sys
R1 StyleXPHelper - c:\program files\tgtsoft\stylexp\stylexphelper.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 TBPanel - c:\windows\system32\drivers\tbpanel.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>

S0 szkg - c:\windows\system32\drivers\szkg.sys (file missing)
S3 Cardex - c:\windows\system32\drivers\tbpanel.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 NTProcDrv (Process creation detector for NT.) - c:\documents and settings\nick\desktop\ntprocdrv.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 nHancer (nHancer Support) - "c:\program files\kse\nhancer 32bit\nhancerservice.exe" <Not Verified; KSE - Korndörfer Software Engineering; nHancer>
R2 StyleXPService - "c:\program files\tgtsoft\stylexp\stylexpservice.exe" <Not Verified; ; StyleXPService Module>

S3 AresChatServer (Ares Chatroom server) - c:\program files\ares\chatserver.exe <Not Verified; Ares Development Group; Ares Chat Server>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200014F1&REV_00\4&1F7DBC9F&0&10F0
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200014F1&REV_00\4&1F7DBC9F&0&10F0
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\B083D0FEA0A
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\B083D0FEA0A
Service: NIC1394

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Audio Controller
Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_A0021458&REV_02\3&13C0B0C5&0&FD
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_A0021458&REV_02\3&13C0B0C5&0&FD
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Loopback Adapter
Device ID: ROOT\NET\0000
Manufacturer: Microsoft
Name: Microsoft Loopback Adapter
PNP Device ID: ROOT\NET\0000
Service: msloop


-- Scheduled Tasks -------------------------------------------------------------

2007-10-08 11:48:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-09-09 and 2007-10-09 -----------------------------

2007-10-09 17:58:24 0 d-------- C:\ie-spyad_zo
2007-10-09 17:56:07 0 d-------- C:\Program Files\SpywareBlaster
2007-10-09 16:50:51 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-10-09 10:08:28 0 d-------- C:\Documents and Settings\Nick\Application Data\Dev-Cpp
2007-10-09 10:08:09 0 d-------- C:\Dev-Cpp
2007-10-07 10:35:11 0 d-------- C:\Program Files\World of Warcraft
2007-10-07 10:35:11 0 d-------- C:\Documents and Settings\Nick\Application Data\WoWUploader
2007-10-07 10:35:10 0 d-------- C:\Program Files\WOWUploader
2007-10-07 09:58:15 1970176 --a------ C:\WINDOWS\system32\d3dx9.dll
2007-10-07 09:58:15 679936 --a------ C:\WINDOWS\system32\D3DX81ab.dll <Not Verified; Generated by JEDI; D3DX81>
2007-10-07 09:58:14 0 d-------- C:\Program Files\Cheat Engine
2007-10-01 09:13:08 0 d-------- C:\Documents and Settings\Nick\Application Data\Free Download Manager
2007-10-01 09:13:05 0 d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2007-09-30 07:44:09 0 d-------- C:\WINDOWS\RegisteredPackages
2007-09-29 12:25:23 0 d-------- C:\Program Files\Common Files\Real
2007-09-29 12:25:22 0 d-------- C:\Documents and Settings\Nick\Application Data\Real
2007-09-28 17:05:50 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-09-28 17:05:50 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-09-28 17:05:40 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-09-28 17:05:40 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-28 17:05:40 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-28 17:05:40 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-28 17:05:08 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-09-28 03:13:37 0 d-------- C:\Program Files\Windows Media Connect 2
2007-09-28 03:13:14 0 d-------- C:\3711eb845a30de831b1c9e5eb22ba406
2007-09-28 03:12:44 0 d-------- C:\67669fd8fd4ae22647f60fa821e04626
2007-09-28 03:12:41 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-28 03:10:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Kontiki
2007-09-28 03:10:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Channel4
2007-09-24 12:56:24 0 d-------- C:\Program Files\Rockstar Games
2007-09-24 08:54:55 0 d-------- C:\Program Files\MSXML 4.0
2007-09-24 08:31:00 0 d-------- C:\Documents and Settings\Nick\Application Data\ECSoftware
2007-09-24 08:30:41 0 d-------- C:\Program Files\HexEdit
2007-09-24 08:13:56 0 d-------- C:\Documents and Settings\All Users\Application Data\HHD Software
2007-09-24 08:13:30 0 d-------- C:\Program Files\HHD Software
2007-09-20 06:55:07 135168 --a------ C:\WINDOWS\system32\DSKernel2.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS Multimedia Filter Pack>
2007-09-20 06:54:58 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-09-20 06:54:40 0 d-------- C:\Program Files\Replay Converter
2007-09-20 06:53:50 0 d-------- C:\Documents and Settings\Nick\Application Data\GetRightToGo
2007-09-19 11:30:11 0 d-------- C:\Documents and Settings\Nick\Application Data\Apple Computer
2007-09-19 11:29:55 0 d-------- C:\Program Files\iPod
2007-09-19 11:29:51 0 d-------- C:\Program Files\iTunes
2007-09-19 11:29:05 0 d-------- C:\Program Files\QuickTime
2007-09-19 11:29:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-19 11:28:49 0 d-------- C:\Program Files\Apple Software Update
2007-09-19 11:28:27 0 d-------- C:\Program Files\Common Files\Apple
2007-09-19 11:28:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-09-18 09:48:14 0 d-------- C:\Program Files\Bullfrog
2007-09-17 04:37:38 0 d-------- C:\Program Files\Sierra
2007-09-16 08:53:15 0 d-------- C:\Program Files\Electronic Arts
2007-09-16 08:47:13 0 d-------- C:\Program Files\ACR
2007-09-15 22:53:14 0 d-------- C:\Program Files\Free Download Manager
2007-09-14 05:16:51 506 --a------ C:\WINDOWS\eReg.dat
2007-09-13 21:19:54 0 d-------- C:\WINDOWS\Downloaded Installations
2007-09-12 16:44:26 0 d-------- C:\Program Files\KONAMI
2007-09-12 07:01:19 0 d--h----- C:\WINDOWS\PIF
2007-09-11 13:02:11 0 d-------- C:\Program Files\WinAce
2007-09-11 02:17:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Test Drive Unlimited
2007-09-10 02:21:43 92544 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
2007-09-10 02:21:42 0 d-------- C:\Program Files\MagicDisc
2007-09-09 05:49:28 38160 --a------ C:\WINDOWS\system32\LMRTREND.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2007-09-09 05:49:27 182032 --a------ C:\WINDOWS\system32\dxtmsft3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2007-09-09 05:49:23 63488 --a------ C:\WINDOWS\system32\unam4ie.exe <Not Verified; Microsoft Corporation; DirectShow>
2007-09-09 05:49:21 10240 --a------ C:\WINDOWS\system32\vidx16.dll
2007-09-09 05:49:21 194320 --a------ C:\WINDOWS\system32\qcut.dll <Not Verified; Microsoft Corporation; DirectShow>
2007-09-09 05:49:20 4608 --a------ C:\WINDOWS\system32\w95inf32.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-09-09 05:49:20 2272 --a------ C:\WINDOWS\system32\w95inf16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-09-09 05:48:13 0 d-------- C:\Program Files\Red Storm Entertainment
2007-09-09 05:41:28 0 d-------- C:\Program Files\MagicISO
2007-09-09 04:04:24 0 d-------- C:\Program Files\XoftSpySE


-- Find3M Report ---------------------------------------------------------------

2007-10-09 18:05:25 0 d-------- C:\Program Files\Trend Micro
2007-10-09 14:59:05 0 d-------- C:\Program Files\Ares
2007-10-09 12:35:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-08 16:21:06 0 d-------- C:\Program Files\EA GAMES
2007-10-08 13:27:59 0 d-------- C:\Documents and Settings\Nick\Application Data\teamspeak2
2007-10-08 13:27:09 0 d-------- C:\Documents and Settings\Nick\Application Data\Xfire
2007-10-04 14:42:34 0 d-------- C:\Program Files\Xfire
2007-10-03 09:31:53 0 d-------- C:\Program Files\DivX
2007-10-02 10:21:34 0 d-------- C:\Program Files\Common Files
2007-10-02 08:09:32 0 d-------- C:\Documents and Settings\Nick\Application Data\LimeWire
2007-09-29 08:24:16 32 --a------ C:\WINDOWS\go
2007-09-28 17:07:52 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-09-17 09:55:58 0 d-------- C:\Program Files\Common Files\InstallShield
2007-09-17 05:21:00 262144 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2007-09-17 05:21:00 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2007-09-16 06:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-16 06:22:26 0 d-------- C:\Program Files\AGEIA Technologies
2007-09-16 04:16:18 0 d-------- C:\Program Files\Warcraft III
2007-09-12 16:44:06 0 d-------- C:\Program Files\Call of Duty Game of the Year Edition
2007-09-12 16:42:29 0 d-------- C:\Program Files\Silkroad
2007-09-10 16:43:54 0 d-------- C:\Program Files\EA Sports
2007-09-08 17:53:12 0 dr-h----- C:\Documents and Settings\Nick\Application Data\SecuROM
2007-09-08 06:55:08 0 d-------- C:\Documents and Settings\Nick\Application Data\Adobe
2007-09-08 05:05:26 0 d-------- C:\Program Files\Common Files\Vbox
2007-09-08 05:05:20 0 d-------- C:\Program Files\Common Files\Adobe
2007-09-07 04:29:03 0 d-------- C:\Program Files\GameSpy Arcade
2007-09-05 15:36:00 0 d-------- C:\Program Files\Common Files\DirectX
2007-09-05 15:34:12 0 d-------- C:\Program Files\THQ
2007-09-05 04:13:03 0 d-------- C:\Program Files\BitTorrent
2007-09-03 02:38:40 0 d-------- C:\Program Files\Hide IP Platinum
2007-08-31 1714 0 d-------- C:\Documents and Settings\Nick\Application Data\dvdcss
2007-08-30 23:54:04 0 d-------- C:\Documents and Settings\Nick\Application Data\DivX
2007-08-30 15:04:13 0 d-------- C:\Program Files\PCFriendly
2007-08-30 15:04:13 0 d-------- C:\Program Files\InterActual
2007-08-30 03:35:57 0 d-------- C:\Documents and Settings\Nick\Application Data\BitTorrent
2007-08-30 02:05:14 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-08-27 17:26:27 0 d-------- C:\Program Files\Monolith Productions
2007-08-26 22:15:19 0 d-------- C:\Documents and Settings\Nick\Application Data\Talkback
2007-08-26 22:15:16 0 d-------- C:\Documents and Settings\Nick\Application Data\Mozilla
2007-08-25 02:28:16 0 d-------- C:\Program Files\TGTSoft
2007-08-25 02:07:45 0 d-------- C:\Program Files\PokerStars
2007-08-24 02:49:09 0 d-------- C:\Program Files\Deepblue7
2007-08-21 11:58:33 0 d-------- C:\Documents and Settings\Nick\Application Data\uTorrent
2007-08-21 00:52:20 0 d-------- C:\Program Files\Gpotato
2007-08-20 02:51:24 0 d-------- C:\Documents and Settings\Nick\Application Data\Media Player Classic
2007-08-19 00:49:15 0 d-------- C:\Program Files\STOPzilla!
2007-08-15 16:42:54 0 d-------- C:\Documents and Settings\Nick\Application Data\Ventrilo
2007-08-15 16:41:51 0 d-------- C:\Program Files\Ventrilo
2007-08-15 01:49:16 0 d-------- C:\Program Files\MobMapUpdater
2007-08-13 16:08:41 0 d-------- C:\Program Files\CoD RconTool
2007-08-12 19:59:41 0 d-------- C:\Documents and Settings\Nick\Application Data\Macromedia
2007-08-11 22:33:01 0 d-------- C:\Documents and Settings\Nick\Application Data\ieSpell
2007-08-11 22:32:16 0 d-------- C:\Program Files\ieSpell
2007-08-11 19:07:34 0 d-------- C:\Program Files\LimeWire
2007-08-11 19:07:18 0 d-------- C:\Program Files\Java
2007-07-31 04:00:57 4096 --a------ C:\WINDOWS\d3dx.dat
2007-07-22 01:25:10 62 --ahs---- C:\Documents and Settings\Nick\Application Data\desktop.ini
2007-07-22 00:42:36 0 -rahs---- C:\MSDOS.SYS
2007-07-22 00:42:36 0 -rahs---- C:\IO.SYS
2007-07-22 00:42:36 0 --a------ C:\CONFIG.SYS
2007-07-22 00:42:36 0 --a------ C:\AUTOEXEC.BAT
2007-07-22 00:39:49 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-07-19 17:22:56 77824 --a------ C:\WINDOWS\system32\PgmrX120.dll <Not Verified; ; PgmrX120 Module>
2007-07-19 17:22:56 163840 --a------ C:\WINDOWS\system32\Pgmr120.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [31/08/2006 10:47]
"nwiz"="nwiz.exe" [31/08/2006 10:47 C:\WINDOWS\system32\nwiz.exe]
"DXM6Patch_981116"="C:\WINDOWS\p_981116.exe" [30/11/1998 18:04]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"mtbhflryee"="c:\windows\system32\mtbhflryee.exe" [31/07/2007 20:13]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [29/06/2007 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [14/09/2007 10:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 13:00]
"ares"="C:\Program Files\Ares\Ares.exe" [16/07/2007 22:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nick^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Documents and Settings\Nick\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nick^Start Menu^Programs^Startup^Registration Ghost Recon Advanced Warfighter® 2.LNK]
path=C:\Documents and Settings\Nick\Start Menu\Programs\Startup\Registration Ghost Recon Advanced Warfighter® 2.LNK
backup=C:\WINDOWS\pss\Registration Ghost Recon Advanced Warfighter® 2.LNKStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
"C:\Program Files\Ares\Ares.exe" -h

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gainward]
C:\WINDOWS\TBPanel.exe /A

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mtbhflryee]
c:\windows\system32\mtbhflryee.exe mtbhflryee

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Alarm Clock]
C:\Program Files\PC Alarm Clock\pcalarmclock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7e73bc1-37e9-11dc-8e2b-806d6172696f}]
AutoRun\command- D:\Autorun.exe




-- End of Deckard's System Scanner: finished at 2007-10-09 1855 ------------
Attached Files
File Type: txt extra.txt (18.0 KB, 1 views)
WeNeedToTalk is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here