Thread: I Keep Getting Redirected
View Single Post
Old 12-06-2007, 05:31 PM   #4 (permalink)
10FootPianist
Registered User
 
Join Date: Dec 2007
Posts: 20
OS: Windows XP Professional SP2


Re: I Keep Getting Redirected
Username "Zeeshan" - 12/06/2007 19:14:05 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdyys.exe"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.116.86 85.255.112.82" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{3C696142-D7D8-4DA4-B44D-B18A1D835780}
"nameserver"="85.255.116.86,85.255.112.82" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{475DE4B7-801B-4877-8702-B2CD28D7EF66}
"nameserver"="85.255.116.86,85.255.112.82" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{475DE4B7-801B-4877-8702-B2CD28D7EF66}
"DhcpNameServer"="85.255.116.86,85.255.112.82" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{4FA72A5C-BBEE-4653-8DF0-D29FD20BE3BE}
"DhcpNameServer"="85.255.116.86,85.255.112.82" <Value cleared.

Successfully flushed the DNS Resolver Cache.
System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
"UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\" -H"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"Acrobat Assistant 8.0"="\"C:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\""
"Adobe_ID0EYTHM"="C:\\PROGRA~1\\COMMON~1\\Adobe\\ADOBEV~1\\Server\\bin\\VERSIO~2.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"uTorrent"="\"C:\\Program Files\\uTorrent\\uTorrent.exe\""
"Aim6"=""
"PeerGuardian"="C:\\Program Files\\PeerGuardian2\\pg2.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


Deckard's System Scanner v20071014.68
Run by Zeeshan on 2007-12-06 19:20:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
49: 2007-12-07 00:20:36 UTC - RP49 - Deckard's System Scanner Restore Point
48: 2007-12-02 05:02:13 UTC - RP48 - Installed Unreal Tournament 3
47: 2007-12-02 02:48:24 UTC - RP47 - System Checkpoint
46: 2007-11-23 00:32:22 UTC - RP46 - Installed QuickTime
45: 2007-11-18 00:28:07 UTC - RP45 - Installed Kaplan Essential Review - Writing and Vocabulary


-- First Restore Point --
1: 2007-10-07 19:51:03 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Zeeshan.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:23:58 PM, on 12/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Zeeshan\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Zeeshan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8118;socks=localhost:9050
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files\Vidalia Bundle\Tor\tor.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 9053 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 libusb0 (LibUsb-Win32 - Kernel Driver, Version 0.1.10.1) - c:\windows\system32\drivers\libusb0.sys
R3 pgfilter - c:\program files\peerguardian2\pgfilter.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 libusbd (LibUsb-Win32 - Daemon, Version 0.1.10.1) - system32\libusbd-nt.exe <Not Verified; http://libusb-win32.sourceforge.net; LibUsb-Win32>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
R2 tor (Tor Win32 Service) - "c:\program files\vidalia bundle\tor\tor.exe" --nt-service -f "c:\documents and settings\zeeshan\application data\vidalia\torrc" controlport 9051
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: nVidia WDM Video Capture (universal)
Device ID: DISPLAY\NVCAP\5&1C54517E&0&CA000002&01&00
Manufacturer: nVidia
Name: nVidia WDM Video Capture (universal)
PNP Device ID: DISPLAY\NVCAP\5&1C54517E&0&CA000002&01&00
Service: nvcap


-- Scheduled Tasks -------------------------------------------------------------

2007-12-04 10:01:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-11-06 and 2007-12-06 -----------------------------

2007-12-06 19:23:50 0 d-------- C:\Program Files\Trend Micro
2007-12-02 00:14:01 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\InstallShield Installation Information
2007-12-02 00:03:25 0 d-------- C:\Program Files\Unreal Tournament 3
2007-12-01 21:04:22 0 d-------- C:\Program Files\Portal
2007-11-24 10:55:49 0 d-------- C:\Program Files\LD-Anime
2007-11-22 20:13:31 0 d-------- C:\Program Files\Common Files\xing shared
2007-11-22 20:01:50 0 d-------- C:\Program Files\TI Emulators
2007-11-22 20:01:42 0 d-------- C:\Documents and Settings\Zeeshan\WINDOWS
2007-11-22 20:01:34 0 d-------- C:\Program Files\Precalculus An Internet Approach
2007-11-22 19:34:51 1756 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-11-22 19:32:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-22 19:31:25 0 d-------- C:\Program Files\Apple Software Update
2007-11-22 19:31:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-21 20:38:58 0 d-------- C:\Program Files\Graphmatica
2007-11-21 20:35:45 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Design Science
2007-11-21 20:35:32 0 d-------- C:\Program Files\MathType
2007-11-21 11:02:28 0 d-------- C:\Program Files\Process Explorer
2007-11-17 19:25:23 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2007-11-17 19:25:19 28672 --a------ C:\WINDOWS\system32\qttask.exe
2007-11-17 19:24:40 0 d-------- C:\Program Files\Kap.ACTr
2007-11-11 19:50:40 0 d-------- C:\Program Files\Media Player Classic
2007-11-11 19:47:38 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Media Player Classic
2007-11-11 11:19:06 0 d-------- C:\Program Files\Kap.SATr
2007-11-11 10:32:16 0 d-------- C:\WINDOWS\network diagnostic
2007-11-11 10:26:54 0 d---s---- C:\Documents and Settings\Zeeshan\UserData
2007-11-10 12:46:37 0 d-------- C:\Program Files\Web Publish


-- Find3M Report ---------------------------------------------------------------

2007-12-06 19:24:29 0 d-------- C:\Program Files\PeerGuardian2
2007-12-06 19:14:20 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\uTorrent
2007-12-02 13:22:11 1460 --a------ C:\WINDOWS\mozver.dat
2007-12-02 13:21:00 0 d-------- C:\Program Files\DivX
2007-11-27 18:35:25 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\LimeWire
2007-11-22 20:18:54 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Real
2007-11-22 20:13:31 0 d-------- C:\Program Files\Common Files
2007-11-22 20:13:26 0 d-------- C:\Program Files\Common Files\Real
2007-11-22 20:01:34 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-22 19:32:58 0 d-------- C:\Program Files\QuickTime
2007-11-11 12:30:02 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Adobe
2007-10-31 12:58:09 0 d-------- C:\Program Files\Real
2007-10-28 11:10:54 0 d-------- C:\Program Files\Alcohol Soft
2007-10-27 17:47:48 0 d-------- C:\Program Files\HarvEX
2007-10-27 14:14:15 0 d-------- C:\Program Files\Chankast Alpha
2007-10-27 14:11:49 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\.myibay
2007-10-24 19:42:18 0 d-------- C:\Program Files\PSX 1.9
2007-10-21 18:01:37 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-10-21 14:50:58 0 d-------- C:\Program Files\Common Files\DirectX
2007-10-21 12:49:19 0 d-------- C:\Program Files\Common Files\Adobe
2007-10-21 12:46:56 0 d-------- C:\Program Files\Common Files\Control Panels
2007-10-21 12:11:54 0 d-------- C:\Program Files\Bonjour
2007-10-21 12:07:28 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-10-20 14:40:13 0 d-------- C:\Program Files\LibUSB-Win32-0.1.10.1
2007-10-19 15:35:20 0 d-------- C:\Program Files\GameSpy Arcade
2007-10-18 22:38:20 0 d-------- C:\Program Files\AGEIA Technologies
2007-10-18 22:37:59 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-18 18:39:22 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Vidalia
2007-10-17 16:15:12 0 d-------- C:\Program Files\Media Converter SA Edition
2007-10-14 21:32:50 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\ArcSoft
2007-10-14 21:30:28 0 d-------- C:\Program Files\ArcSoft
2007-10-14 13:39:57 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Google
2007-10-13 19:44:26 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Apple Computer
2007-10-12 20:11:28 0 d-------- C:\Program Files\uTorrent
2007-10-12 17:55:58 0 d-------- C:\Program Files\Microsoft Works
2007-10-12 17:55:49 0 d-------- C:\Program Files\MSBuild
2007-10-12 15:40:36 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2007-10-12 14:38:43 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-11 21:19:16 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\tor
2007-10-11 18:29:51 0 d-------- C:\Program Files\Vidalia Bundle
2007-10-10 20:13:05 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Sun
2007-10-10 17:13:08 0 d-------- C:\Program Files\MSN Messenger
2007-10-10 15:41:57 0 d-------- C:\Program Files\Google
2007-10-09 15:25:42 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Viewpoint
2007-10-08 20:07:05 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\TVU Networks
2007-10-08 17:00:20 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\vlc
2007-10-08 16:59:47 0 d-------- C:\Program Files\VideoLAN
2007-10-08 16:34:59 0 d-------- C:\Program Files\Wiley
2007-10-08 16:29:39 0 d-------- C:\Program Files\Windows Media Connect 2
2007-10-07 16:24:49 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\WinRAR
2007-10-07 16:10:12 0 d-------- C:\Program Files\Java
2007-10-07 15:58:29 0 d-------- C:\Program Files\LimeWire
2007-10-07 15:57:44 0 d-------- C:\Program Files\Common Files\Java
2007-10-07 15:56:53 0 d-------- C:\Program Files\PowerISO
2007-10-07 15:53:02 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\acccore
2007-10-07 15:52:48 0 d-------- C:\Program Files\AIM6
2007-10-07 15:52:26 0 d-------- C:\Program Files\Viewpoint
2007-10-07 15:52:09 0 d-------- C:\Program Files\Common Files\AOL
2007-10-07 15:38:23 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Thinstall
2007-10-07 15:22:48 0 d-------- C:\Program Files\Messenger
2007-10-07 15:18:50 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Macromedia
2007-10-07 15:14:34 0 --a------ C:\WINDOWS\nsreg.dat
2007-10-07 15:14:31 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Mozilla
2007-10-07 15:02:59 0 d-------- C:\Program Files\Common Files\InstallShield
2007-10-07 15:02:46 0 d-------- C:\Program Files\Object Desktop
2007-10-07 14:58:14 0 d-------- C:\Program Files\Analog Devices
2007-10-07 14:55:29 0 d-------- C:\Program Files\CONEXANT
2007-10-07 14:50:51 0 d-------- C:\Documents and Settings\Zeeshan\Application Data\Identities
2007-10-07 14:46:48 0 d-------- C:\Program Files\microsoft frontpage
2007-10-07 14:46:26 0 -rahs---- C:\MSDOS.SYS
2007-10-07 14:46:26 0 -rahs---- C:\IO.SYS
2007-10-07 14:46:26 0 --a------ C:\CONFIG.SYS
2007-10-07 14:46:26 0 --a------ C:\AUTOEXEC.BAT
2007-10-07 14:45:06 0 d--h----- C:\Program Files\WindowsUpdate
2007-10-07 14:44:13 0 d-------- C:\Program Files\Common Files\MSSoap
2007-10-07 14:44:04 0 d-------- C:\Program Files\Movie Maker
2007-10-07 14:43:16 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-10-07 14:42:54 0 d-------- C:\Program Files\Online Services
2007-10-07 14:42:46 0 d-------- C:\Program Files\MSN Gaming Zone
2007-10-07 14:42:36 0 d-------- C:\Program Files\Windows NT
2007-10-07 10:38:10 0 d-------- C:\Program Files\Common Files\ODBC
2007-10-07 10:38:07 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-10-07 10:37:40 62 --ahs---- C:\Documents and Settings\Zeeshan\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 01:42 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [07/16/2005 05:09 PM]
"nwiz"="nwiz.exe" [07/16/2005 05:09 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [07/16/2005 05:09 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 12:11 AM]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [10/12/2007 03:40 PM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/26/2006 11:47 PM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [05/10/2007 09:46 PM]
"@"="" []
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [03/20/2007 03:40 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [10/19/2007 08:16 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [11/22/2007 08:12 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/07/2007 03:11 PM]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [10/07/2007 03:40 PM]
"Aim6"="" []
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [09/18/2005 05:40 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [11/20/2006 9:30:54 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll 12/20/2001 09:34 PM 24576 C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command- G:\FrameworkCheck.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
AutoRun\command- H:\Autorun.exe




-- End of Deckard's System Scanner: finished at 2007-12-06 19:25:01 ------------
Attached Files
File Type: txt extra.txt (20.9 KB, 0 views)
__________________
If a fan gives off cool air when spun in one direction, then it only makes perfect sense that if spun in the opposite direction, it would give off heat.
10FootPianist is offline