Thread: Swizzer 8 bk driving me crazy.
View Single Post
Old 02-10-2007, 10:14 PM   #4 (permalink)
rextobadownstai
Registered User
 
Join Date: Feb 2007
Posts: 10
OS: XP


ComboScan results, Thanks
ComboScan v20070210.12 run by allofus on 2007-02-10 at 23:07:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis log (run as allofus.com) ------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:08:16 PM, on 2/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\allofus\Desktop\comboscan.exe
C:\DOCUME~1\allofus\LOCALS~1\Temp\~djkdulg.tmp\allofus.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.majorgeeks.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00C0A1F2-D492-4DBA-A8E2-76CB1B791724} (TNPLDownloader Control) - https://dtwx2.accuweather.com/tnpl_a...Downloader.cab
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/co...rolLite_EN.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase7617.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/din...2.1.0.0.67.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1143688737046
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1158107028640
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../installer.exe
O16 - DPF: {F10C33E8-4EC0-4369-B365-730450CF5A09} (CPlayFirstDDTumsControl Object) - http://www.gamehouse.com/games/DinerDash.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/a...pv2.0.0.9.cab?
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


-- HijackThis Fixed Entries (C:\Program Files\HJT\hijackthis\backups\) ----------

backup-20070210-222311-244 O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
backup-20070210-222311-254 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070210-222311-337 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070210-222311-429 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://proxy:8080
backup-20070210-222311-864 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - unable to read value
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

3 Afc (PPdus ASPI Shell) - system32\drivers\Afc.sys
1 Avg7Core (AVG7 Kernel) - \SystemRoot\System32\Drivers\avg7core.sys
1 Avg7RsW (AVG7 Wrap Driver) - \SystemRoot\System32\Drivers\avg7rsw.sys
1 Avg7RsXP (AVG7 Resident Driver XP) - \SystemRoot\System32\Drivers\avg7rsxp.sys
1 AvgClean (AVG7 Clean Driver) - \SystemRoot\System32\Drivers\avgclean.sys
3 CCDECODE (Closed Caption Decoder) - system32\DRIVERS\CCDECODE.sys
3 cmuda (C-Media WDM Audio Interface) - system32\drivers\cmuda.sys
3 DUBE100 (D-Link DUB-E100 USB 2.0 to Fast Ethernet Adapter) - System32\DRIVERS\DUBE100.sys
3 ENTECH - \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys
0 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - System32\DRIVERS\gagp30kx.sys
3 HidUsb (Microsoft HID Class Driver) - system32\DRIVERS\hidusb.sys
3 JL2005 (JL2005A Camera) - System32\Drivers\toywdm.sys
1 kbdhid (Keyboard HID Driver) - system32\DRIVERS\kbdhid.sys
3 mouhid (Mouse HID Driver) - System32\DRIVERS\mouhid.sys
3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - system32\drivers\MSTEE.sys
3 NABTSFEC (NABTS/FEC VBI Codec) - system32\DRIVERS\NABTSFEC.sys
3 NdisIP (Microsoft TV/Video Connection) - system32\DRIVERS\NdisIP.sys
0 PCIIde - System32\DRIVERS\pciide.sys
3 SiS315 - system32\DRIVERS\sisgrp.sys
1 SiSkp - system32\DRIVERS\srvkp.sys
3 SISNIC (SiS PCI Fast Ethernet Adapter Driver) - System32\DRIVERS\sisnic.sys
0 SiSRaid - system32\DRIVERS\SiSRaid.sys
3 SLIP (BDA Slip De-Framer) - system32\DRIVERS\SLIP.sys
3 sonypvs1 (Sony Digital Imaging Video2) - system32\DRIVERS\sonypvs1.sys
0 sptd - System32\Drivers\sptd.sys
3 streamip (BDA IPSink) - system32\DRIVERS\StreamIP.sys
3 usbaudio (USB Audio Driver (WDM)) - system32\drivers\usbaudio.sys
3 usbccgp (Microsoft USB Generic Parent Driver) - system32\DRIVERS\usbccgp.sys
3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - System32\DRIVERS\usbehci.sys
3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - System32\DRIVERS\usbohci.sys
3 usbscan (USB Scanner Driver) - system32\DRIVERS\usbscan.sys
3 usbser (Motorola USB Modem Driver) - system32\DRIVERS\usbser.sys
3 usbsermpt (Motorola USB Modem Driver for MPT) - system32\DRIVERS\usbsermpt.sys
3 USBSTOR (USB Mass Storage Driver) - system32\DRIVERS\USBSTOR.SYS
3 WpdUsb - system32\DRIVERS\wpdusb.sys
3 WSTCODEC (World Standard Teletext Codec) - system32\DRIVERS\WSTCODEC.SYS
0 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - system32\DRIVERS\WudfPf.sys
3 WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - system32\DRIVERS\wudfrd.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3 Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
2 Avg7Alrt (AVG7 Alert Manager Server) - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
2 Avg7UpdSvc (AVG7 Update Service) - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
3 IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
2 MDM (Machine Debug Manager) - "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
2 UleadBurningHelper (Ulead Burning Helper) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
2 WinDefend (Windows Defender) - "C:\Program Files\Windows Defender\MsMpEng.exe"
3 WMPNetworkSvc (Windows Media Player Network Sharing Service) - "C:\Program Files\Windows Media Player\WMPNetwk.exe"
2 WudfSvc (Windows Driver Foundation - User-mode Driver Framework) - %SystemRoot%\system32\svchost.exe -k WudfServiceGroup


-- Scheduled Tasks --------------------------------------------------------------

2007-02-10 23:00:00 272 --ah----- C:\WINDOWS\Tasks\A071C02791C27543.job<A071C0~1.JOB>


-- Files created between 2007-01-10 and 2007-02-10 ------------------------------

2007-02-10 20:59:05 0 d-------- C:\Hoster
2007-02-10 18:57:10 0 d-------- C:\Program Files\HJT
2007-02-10 18:32:18 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-02-10 14:47:09 1048576 --ah----- C:\Documents and Settings\Administrator.AHOTROOP\NTUSER.DAT
2007-02-10 14:00:47 0 --a------ C:\WINDOWS\system32\SBRC.dat
2007-02-10 14:00:47 0 --a------ C:\WINDOWS\system32\SBFC.dat
2007-02-10 13:42:23 11254 --a------ C:\WINDOWS\system32\locate.com
2007-02-10 12:48:08 1048576 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-02-10 11:46:31 0 d-------- C:\Spyware Tools<SPYWAR~1>
2007-02-10 11:23:49 0 d-------- C:\Program Files\CCleaner
2007-02-10 10:58:37 6029312 --a------ C:\Documents and Settings\allofus\ntuser.dat
2007-02-10 10:58:36 786432 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2007-02-09 20:40:29 0 d-------- C:\Program Files\RegScrubXP<REGSCR~1>
2007-02-08 23:01:08 0 d-------- C:\Documents and Settings\allofus\.housecall6.6<HOUSEC~1.6>
2007-02-08 18:27:05 0 d-------- C:\Program Files\InterActual<INTERA~1>
2007-02-06 22:48:01 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-02-06 22:12:44 0 d-------- C:\Program Files\Lavalys
2007-02-06 21:25:59 49152 --a------ C:\WINDOWS\InstFunc.exe<Unsigned: n/a>
2007-02-06 21:25:59 12288 --a------ C:\WINDOWS\InstFunc.dll<Unsigned: Silicon Integrated Systems Corporation>
2007-01-27 13:56:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-01-25 13:09:49 0 d-------- C:\WINDOWS\HASBRO
2007-01-25 13:08:19 0 d-------- C:\HASBRO
2007-01-25 10:54:47 0 dr-h----- C:\$VAULT$.AVG
2007-01-23 04:34:14 9728 --a------ C:\WINDOWS\system32\SiSPIns2.dll<Signed: Silicon Integrated Systems Corporation>
2007-01-12 20:39:13 0 d-------- C:\Documents and Settings\allofus\Application Data\AutoDWG
2007-01-12 07:51:31 0 d-------- C:\Program Files\Virtools


-- Find3M Report ----------------------------------------------------------------

2007-02-10 21:51:28 0 d-------- C:\Program Files\Java
2007-02-10 19:08:51 0 d-------- C:\Program Files\WS_FTP Pro<WS_FTP~1>
2007-02-10 19:08:46 0 d-------- C:\Program Files\WinUHA
2007-02-10 19:08:33 0 d-------- C:\Program Files\Windows Defender<WINDOW~4>
2007-02-10 19:05:42 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-10 19:05:29 0 d-------- C:\Program Files\PowerISO
2007-02-10 08:46:18 0 d-------- C:\Program Files\Rugrats Activity Challenge<RUGRAT~1>
2007-02-09 22:57:49 0 d-------- C:\Documents and Settings\allofus\Application Data\AVG7
2007-02-01 21:09:21 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-01 20:38:37 0 d-------- C:\Documents and Settings\allofus\Application Data\AdobeUM
2007-01-29 10:50:11 0 d-------- C:\Documents and Settings\allofus\Application Data\PlayFirst<PLAYFI~1>
2007-01-25 10:41:30 27776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys<Unsigned: GRISOFT, s.r.o.>
2007-01-25 10:41:29 18432 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys<Unsigned: GRISOFT, s.r.o.>
2007-01-25 10:41:29 839936 --a------ C:\WINDOWS\system32\drivers\avg7core.sys<Unsigned: GRISOFT, s.r.o.>
2007-01-23 04:56:04 16896 --a------ C:\WINDOWS\system32\drivers\srvkp.sys<Signed: Silicon Integrated Systems Corporation>
2007-01-23 04:55:58 1571001 --a------ C:\WINDOWS\system32\sisgl.dll<Signed: Silicon Integrated Systems Corporation>
2007-01-23 04:39:46 3514368 --a------ C:\WINDOWS\system32\sisgrv.dll<Signed: Silicon Integrated Systems Corporation>
2007-01-23 04:35:20 317952 --a------ C:\WINDOWS\system32\drivers\sisgrp.sys<Signed: Silicon Integrated Systems Corporation>
2007-01-23 04:32:56 172032 --a------ C:\WINDOWS\system32\SiSInst.dll<Signed: Silicon Integrated Systems Corporation>
2007-01-23 04:32:44 258048 --a------ C:\WINDOWS\system32\SiSParse.dll<Signed: Silicon Integrated Systems Corporation>
2007-01-23 04:32:26 49152 --a------ C:\WINDOWS\system32\SiSBase.dll<Signed: Silicon Integrated Systems Corporation>
2007-01-14 12:37:13 0 d-------- C:\Program Files\sz8028
2007-01-12 20:24:24 0 d-------- C:\Documents and Settings\allofus\Application Data\LimeWire
2006-12-26 21:00:46 0 d-------- C:\Documents and Settings\allofus\Application Data\Azureus
2006-12-26 15:33:40 0 d-------- C:\Program Files\Miuchiz
2006-12-26 11:56:33 1112 --a------ C:\Documents and Settings\allofus\Application Data\ViewerApp.dat<VIEWER~1.DAT>
2006-12-25 14:53:43 0 d-------- C:\Program Files\MGA Games<MGAGAM~1>
2006-12-25 14:07:28 0 d-------- C:\Documents and Settings\allofus\Application Data\Arcsoft
2006-12-25 14:01:13 0 d-------- C:\Program Files\Common Files\ArcSoft
2006-12-25 14:00:45 0 d-------- C:\Program Files\ArcSoft
2006-12-25 13:57:18 0 d-------- C:\Program Files\JL2005A
2006-12-17 11:21:49 0 d-------- C:\Program Files\Grisoft
2006-12-17 10:38:38 0 d-------- C:\Documents and Settings\allofus\Application Data\BitRoll
2006-12-17 10:38:23 0 d-------- C:\Program Files\Remotefreehope<REMOTE~1>
2006-12-06 20:25:43 4184 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys<Unsigned: n/a>
2006-12-06 20:25:43 8 -r-hs---- C:\WINDOWS\system32\DECD777876.sys<DECD77~1.SYS><Unsigned: n/a>
2006-12-05 20:28:12 100 --a------ C:\AUTOEXEC.BAT


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"WeatherEye"="C:\\Program Files\\TheWeatherNetwork\\WeatherEye\\WeatherEye"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"UVS10 Preload"="C:\\Program Files\\Ulead Systems\\Ulead VideoStudio 10\\uvPL.exe"
"SiSPower"="Rundll32.exe SiSPower.dll,ModeAgent"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of ComboScan: finished at 2007-02-10 at 23:08:50 -------------------------
Attached Files
File Type: txt Supplementary.txt (14.5 KB, 1 views)
rextobadownstai is offline