Thread: Help needed - 2 annoying iexplore.exe tasks...
View Single Post
Old 05-04-2007, 02:41 AM   #3 (permalink)
nbamaniac
Registered User
 
Join Date: Apr 2007
Location: Zamboanga City, Philippines
Posts: 14
OS: Windows XP Professional


EEK! Re: Help needed - 2 annoying iexplore.exe tasks...
.. Hi ..

.. I followed ur instructions and obtained the ff:..



Deckard's System Scanner v20070426.43
Run by Administrator on 2007-05-04 at 16:22:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
42: 2007-05-04 08:22:23 UTC - RP42 - Deckard's System Scanner Restore Point
41: 2007-05-04 01:49:09 UTC - RP41 - System Checkpoint
40: 2007-05-02 01:05:38 UTC - RP40 - System Checkpoint
39: 2007-04-30 17:21:00 UTC - RP39 - System Checkpoint
38: 2007-04-29 03:33:40 UTC - RP38 - Installed Neverwinter Nights Platinum Edition


-- First Restore Point --
1: 2007-04-06 09:27:51 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 4:23:59 PM, on 5/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\DAEMON Tools\daemon.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\CHIKKA~1\CHIKKA~1.4\CHIKKA~2.EXE
C:\Essential drivers\dss.exe
C:\PROGRA~1\HIJACK~1\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MapiPoll] C:\DOCUME~1\LOCALS~1\APPLIC~1\BODYME~1\Bend atom type.exe
O4 - HKCU\..\Run: [Chikka] C:\Program Files\Chikka Messenger\Chikka v.4\\ChikkaLauncher.exe
O4 - Startup: Neverwinter Nights_ Platinum Edition Registration.lnk = C:\NeverwinterNights\NWN\ereg\ATR1.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Program Files\cFosSpeed\spd.exe" -service (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface>
R2 StreamDispatcher - c:\windows\system32\drivers\strmdisp.sys <Not Verified; Conexant Systems; Conexant Stream Dispatcher>
R3 HSF_DP - c:\windows\system32\drivers\hsf_dp.sys <Not Verified; Conexant Systems; SoftK56>
R3 HSFHWBS2 - c:\windows\system32\drivers\hsfhwbs2.sys <Not Verified; Conexant Systems; SoftK56>
R3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys <Not Verified; Conexant Systems; SoftK56>

S3 RivaTuner32 - c:\program files\rivatuner v2.0 final release\rivatuner32.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper (TM) Disk Defragmenter>


-- Scheduled Tasks -------------------------------------------------------------

2007-05-04 16:00:02 288 --ah----- C:\WINDOWS\Tasks\AE5186DE92AA04CA.job


-- Files created between 2007-04-04 and 2007-05-04 -----------------------------

2007-05-04 12:51:45 0 d-------- C:\Documents and Settings\LocalService\Application Data\BODYMEMOSCR
2007-05-04 12:29:16 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-04-30 15:30:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft Games
2007-04-30 15:29:09 0 d-------- C:\Program Files\GameSpy Arcade
2007-04-30 15:12:43 0 d-------- C:\Program Files\Microsoft Games
2007-04-29 12:02:26 0 d-------- C:\Documents and Settings\Administrator\Application Data\Leadertech
2007-04-29 11:22:47 0 d-------- C:\NeverwinterNights
2007-04-26 23:38:23 0 d-------- C:\Program Files\Download Manager
2007-04-26 23:37:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\IGN_DLM
2007-04-25 22:56:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Flaw Rdr Coal Dart
2007-04-25 22:55:25 0 d-------- C:\Program Files\BODYMEMOSCR
2007-04-25 22:55:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\BODYMEMOSCR
2007-04-25 22:55:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\NetPumper
2007-04-25 22:54:57 0 d-------- C:\Program Files\NetPumper
2007-04-25 15:10:58 0 d-------- C:\logs
2007-04-25 15:10:52 0 d-------- C:\Documents and Settings\Administrator\ChikkaDefault
2007-04-25 15:10:33 0 d-------- C:\Program Files\Chikka Messenger
2007-04-25 08:20:47 0 d-------- C:\Program Files\Sierra On-Line
2007-04-25 08:20:45 0 d-------- C:\Sierra
2007-04-24 20:38:44 0 d-------- C:\Program Files\Infogrames Interactive
2007-04-24 19:22:53 0 --a------ C:\WINDOWS\PowerReg.dat
2007-04-24 11:42:15 0 d-------- C:\Documents and Settings\Administrator\Application Data\Hamachi
2007-04-24 11:41:26 0 d-------- C:\Program Files\Hamachi
2007-04-23 20:18:06 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-04-23 19:17:32 0 d-------- C:\WINDOWS\nview
2007-04-23 18:33:29 1216512 --a------ C:\Program Files\starcraft.exe <Not Verified; Blizzard Entertainment; StarCraft>
2007-04-23 18:24:08 967 --a------ C:\WINDOWS\ScUnin.pif
2007-04-23 18:24:08 35382 --a------ C:\WINDOWS\scunin.dat
2007-04-23 18:24:07 94208 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2007-04-23 18:19:07 0 d-------- C:\Program Files\Starcraft
2007-04-23 12:00:22 0 d-------- C:\Program Files\MagicISO
2007-04-22 12:31:07 4096 --a------ C:\WINDOWS\d3dx.dat
2007-04-22 12:14:54 0 d-------- C:\Program Files\Lionhead Studios Ltd
2007-04-18 11:51:10 0 d-------- C:\Program Files\Ubisoft
2007-04-17 22:01:07 0 d-------- C:\Program Files\mIRC
2007-04-14 21:12:11 0 d-------- C:\Program Files\Visual Boy Advance
2007-04-13 10:27:16 0 d-------- C:\WINDOWS\.jagex_cache_32
2007-04-13 10:26:57 0 d-------- C:\WINDOWS\Sun
2007-04-13 10:26:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2007-04-13 09:11:10 153751 --a------ C:\WINDOWS\system32\drivers\dump_wmimmc.sys
2007-04-13 09:10:34 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2007-04-13 08:49:52 0 d-------- C:\Program Files\Mobius
2007-04-12 23:20:10 0 d-------- C:\Program Files\cFosSpeed
2007-04-12 18:26:29 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-04-12 08:16:57 0 d-------- C:\Valve
2007-04-12 08:15:59 0 d-------- C:\Program Files\DAEMON Tools
2007-04-12 08:13:03 646392 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-04-12 07:38:40 20480 --a------ C:\WINDOWS\system32\wbload.dll
2007-04-12 07:38:39 36864 --a------ C:\WINDOWS\system32\wbsys.dll <Not Verified; Stardock.Net, Inc; WindowBlinds 4.x for x86 machines>
2007-04-12 07:38:37 0 d-------- C:\Program Files\Stardock
2007-04-11 23:29:32 0 d-------- C:\Program Files\RivaTuner v2.0 Final Release
2007-04-11 21:05:48 1744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-04-11 19:47:45 1632 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-04-11 19:47:32 0 d-------- C:\Program Files\Project64 1.6
2007-04-10 10:16:48 0 d-------- C:\Program Files\Nvidia
2007-04-09 20:18:26 0 d--hs---- C:\Diskeeper
2007-04-09 13:58:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
2007-04-09 13:56:00 0 d-------- C:\Program Files\Diskeeper Corporation
2007-04-08 08:15:46 0 d-------- C:\Program Files\Eusing Free Registry Cleaner
2007-04-08 08:15:26 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-04-08 03:00:50 0 d-------- C:\WINDOWS\system32\PreInstall
2007-04-07 13:30:00 0 d--h----- C:\WINDOWS\$hf_mig$
2007-04-07 13:28:23 0 d-------- C:\WINDOWS\pss
2007-04-07 13:22:38 20480 --a------ C:\WINDOWS\system32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-07 11:38:51 0 d-------- C:\Program Files\Alwil Software
2007-04-07 11:05:17 0 d-------- C:\Documents and Settings\Administrator\Application Data\Help
2007-04-07 11:00:15 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-04-07 10:58:20 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2007-04-07 10:57:02 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-04-07 10:56:56 0 d-------- C:\WINDOWS\Prefetch
2007-04-07 10:56:55 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-04-07 10:45:24 0 d-------- C:\WINDOWS\peernet
2007-04-07 10:45:23 0 d-------- C:\WINDOWS\provisioning
2007-04-07 10:41:35 0 d-------- C:\WINDOWS\ServicePackFiles
2007-04-07 10:32:28 0 d-------- C:\WINDOWS\EHome
2007-04-07 10:03:22 592 --a------ C:\WINDOWS\chgkey.vbs
2007-04-07 09:58:37 0 d-------- C:\Program Files\Setup
2007-04-07 09:56:24 0 d-------- C:\Program Files\WinAce
2007-04-07 09:35:31 0 d-------- C:\Documents and Settings\Administrator\Shared
2007-04-07 09:35:23 0 d-------- C:\Documents and Settings\Administrator\Incomplete
2007-04-07 00:53:28 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-07 00:53:25 0 dr------- C:\Program Files
2007-04-07 00:53:25 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-07 00:53:02 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-04-07 00:53:02 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-04-07 00:53:02 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-04-07 00:53:02 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-04-07 00:53:02 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-04-07 00:53:02 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-04-07 00:53:02 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-04-07 00:53:02 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-04-07 00:53:02 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-04-07 00:53:02 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-04-07 00:53:02 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-04-07 00:53:02 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-04-07 00:53:02 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-04-07 00:53:02 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-04-07 00:53:02 0 dr------- C:\Documents and Settings\All Users\Documents
2007-04-07 00:53:02 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-04-07 00:52:46 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-04-07 00:52:46 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-04-07 00:52:46 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-04-07 00:52:46 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-04-07 00:38:25 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-04-07 00:38:25 0 d-------- C:\WINDOWS\system32\CatRoot
2007-04-07 00:38:05 0 d-------- C:\Documents and Settings
2007-04-07 00:33:14 0 d-------- C:\WINDOWS
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\WinSxS
2007-04-07 00:33:14 0 dr------- C:\WINDOWS\Web
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\twain_32
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\wins
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\wbem
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\usmt
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\spool
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\ShellExt
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\Setup
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\ras
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\oobe
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\npp
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\mui
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\inetsrv
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\IME
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\icsxml
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\ias
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\export
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\drivers
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-07 00:33:14 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\dhcp
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\config
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\3076
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\2052
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1054
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1042
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1041
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1037
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1033
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1031
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1028
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system32\1025
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\system
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\security
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Resources
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\repair
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\mui
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\msapps
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\msagent
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Media
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\java
2007-04-07 00:33:14 0 d--h----- C:\WINDOWS\inf
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\ime
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Help
2007-04-07 00:33:14 0 dr--s---- C:\WINDOWS\Fonts
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Driver Cache
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Debug
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Cursors
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Connection Wizard
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\Config
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\AppPatch
2007-04-07 00:33:14 0 d-------- C:\WINDOWS\addins
2007-04-06 23:32:20 0 d-------- C:\Documents and Settings\Administrator\Application Data\BearShare
2007-04-06 21:26:53 0 d-------- C:\Program Files\Java
2007-04-06 21:16:05 0 d-------- C:\Program Files\Common Files\Java
2007-04-06 21:13:33 0 d-------- C:\Program Files\LimeWire
2007-04-06 21:09:42 0 d-------- C:\Documents and Settings\Administrator\.limewire
2007-04-06 20:54:53 0 d-------- C:\Program Files\Winamp
2007-04-06 20:42:43 0 d-------- C:\Program Files\BearShare Applications
2007-04-06 20:30:06 0 d-------- C:\NVIDIA
2007-04-06 20:24:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2007-04-06 20:24:46 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-04-06 20:24:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-04-06 20:24:36 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-04-06 20:17:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-04-06 19:53:11 0 d-------- C:\Program Files\Combined Community Codec Pack
2007-04-06 19:50:26 0 d-------- C:\WINDOWS\RegisteredPackages
2007-04-06 19:48:53 0 d-------- C:\DIRECTX 9.0c
2007-04-06 19:47:11 0 d-------- C:\Downloads
2007-04-06 19:47:02 0 d-------- C:\Program Files\BitComet
2007-04-06 19:28:43 0 dr-h----- C:\Documents and Settings\Administrator\Application Data\yahoo!
2007-04-06 19:16:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-04-06 19:10:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\Google
2007-04-06 19:10:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-04-06 19:09:20 0 d-------- C:\Program Files\Google
2007-04-06 18:24:34 0 d-------- C:\Essential drivers
2007-04-06 18:19:31 0 d-------- C:\Documents and Settings\All Users\Application Data\yahoo!
2007-04-06 18:11:11 0 d--hs---- C:\Documents and Settings\Administrator\UserData
2007-04-06 1815 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-04-06 18:05:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-04-06 18:05:46 0 d-------- C:\Program Files\Yahoo!
2007-04-06 17:54:05 0 d-------- C:\Program Files\CONEXANT
2007-04-06 17:53:20 57344 --a------ C:\WINDOWS\system32\mdmxsdk.dll <Not Verified; Conexant; Diagnostic Interface>
2007-04-06 17:53:20 12074 --a------ C:\WINDOWS\system32\hsfinst.dll <Not Verified; Conexant Systems; SoftK56>
2007-04-06 17:53:20 33548 --a------ C:\WINDOWS\system32\drivers\strmdisp.sys <Not Verified; Conexant Systems; Conexant Stream Dispatcher>
2007-04-06 17:53:20 9855 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface>
2007-04-06 17:53:20 4608 --a------ C:\WINDOWS\system32\carpserv.exe <Not Verified; Conexant Systems; Conexant carpserv>
2007-04-06 17:53:20 51200 --a------ C:\WINDOWS\system32\carpdll.dll <Not Verified; Conexant Systems; Conexant CARPDLL>
2007-04-06 17:53:19 160083 --a------ C:\WINDOWS\system32\drivers\HSFHWBS2.sys <Not Verified; Conexant Systems; SoftK56>
2007-04-06 17:53:19 1171488 --a------ C:\WINDOWS\system32\drivers\HSF_DP.sys <Not Verified; Conexant Systems; SoftK56>
2007-04-06 17:53:19 591536 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys <Not Verified; Conexant Systems; SoftK56>
2007-04-06 17:53:15 0 d-------- C:\Program Files\UIU
2007-04-06 17:52:41 49152 -----n--- C:\WINDOWS\remvess.exe
2007-04-06 17:52:41 0 d-------- C:\WINDOWS\options
2007-04-06 17:52:41 163840 -----n--- C:\WINDOWS\essspk.exe <Not Verified; ; ESSSPK Application>
2007-04-06 17:52:34 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-04-06 17:52:32 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-06 17:49:40 0 d-------- C:\Program Files\Canon
2007-04-06 17:45:40 36864 --a------ C:\WINDOWS\system32\CNMCP3Y.EXE
2007-04-06 17:45:40 0 d--h----- C:\BJPrinter
2007-04-06 17:43:56 208947 --a------ C:\WINDOWS\system32\UnAudioNT.dll
2007-04-06 17:43:55 0 d-------- C:\Program Files\VIA Technologies, Inc
2007-04-06 17:43:28 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-06 17:43:02 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2007-04-06 17:40:30 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-04-06 17:35:19 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-04-06 17:32:06 0 d-------- C:\WINDOWS\ShellNew
2007-04-06 17:32:01 0 d-------- C:\Program Files\Common Files\L&H
2007-04-06 17:27:33 0 d--hs---- C:\WINDOWS\Installer
2007-04-06 17:27:30 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-04-06 17:27:17 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-04-06 17:27:17 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-04-06 17:27:17 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-04-06 17:27:17 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-04-06 17:27:17 3145728 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-04-06 17:27:17 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-04-06 17:27:17 0 dr------- C:\Documents and Settings\Administrator\My Documents
2007-04-06 17:27:17 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-04-06 17:27:17 0 dr------- C:\Documents and Settings\Administrator\Favorites
2007-04-06 17:27:17 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-04-06 17:27:17 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2007-04-06 17:27:17 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-04-06 17:27:00 0 d-------- C:\WINDOWS\LogFiles
2007-04-06 17:25:51 0 d--hs---- C:\System Volume Information
2007-04-06 17:25:50 786432 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-04-06 17:25:50 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-04-06 17:25:50 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-04-06 17:25:50 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-04-06 17:25:50 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-04-06 17:25:49 786432 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-04-06 17:25:49 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-04-06 17:25:49 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-04-06 17:25:49 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-04-06 17:25:49 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-04-06 17:21:25 0 d-------- C:\WINDOWS\system32\xircom
2007-04-06 17:21:25 0 d-------- C:\Program Files\microsoft frontpage
2007-04-06 17:21:04 233472 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-04-06 17:20:56 0 -rahs---- C:\MSDOS.SYS
2007-04-06 17:20:56 0 -rahs---- C:\IO.SYS
2007-04-06 17:20:56 0 --a------ C:\CONFIG.SYS
2007-04-06 17:20:56 0 --a------ C:\AUTOEXEC.BAT
2007-04-06 17:19:39 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-04-06 17:19:27 0 dr------- C:\WINDOWS\Offline Web Pages
2007-04-06 17:19:27 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-06 17:19:00 0 d-------- C:\WINDOWS\srchasst
2007-04-06 17:18:52 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-06 17:18:51 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-06 17:18:37 0 d-------- C:\Program Files\Movie Maker
2007-04-06 17:18:09 0 d-------- C:\WINDOWS\system32\Restore
2007-04-06 17:18:04 0 d-------- C:\WINDOWS\PCHEALTH
2007-04-06 17:17:57 0 d---s---- C:\WINDOWS\Tasks
2007-04-06 17:17:54 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-06 17:17:12 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-06 17:16:55 0 d-------- C:\WINDOWS\Registration
2007-04-06 17:16:47 0 d--h----- C:\Program Files\WindowsUpdate
2007-04-06 17:16:47 0 d-------- C:\Program Files\Online Services
2007-04-06 17:16:36 0 d-------- C:\Program Files\Messenger
2007-04-06 17:16:25 0 d-------- C:\Program Files\MSN Gaming Zone
2007-04-06 17:16:15 0 d-------- C:\Program Files\Windows NT
2007-04-06 17:16:04 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-06 17:16:02 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2007-04-07 00:53:02 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2007-04-06 19:47:12 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll <Not Verified; BitComet; BitComet BCTP Helper>
2007-02-13 18:55:40 224256 --a------ C:\WINDOWS\system32\AutoFAT.exe <Not Verified; Diskeeper Corporation.; Diskeeper Corporation. Diskeeper (NT5 AutoFAT component 20070209)>
2007-02-13 18:55:32 185344 --a------ C:\WINDOWS\system32\AutoNTFS.exe <Not Verified; Diskeeper Corporation.; Diskeeper Corporation. Diskeeper (NT5 AutoNTFS component 20070209)>


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} C:\Program Files\Yahoo!\Common\yiesrvc.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar1.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"CARPService"="carpserv.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"cFosSpeed"="C:\\Program Files\\cFosSpeed\\cFosSpeed.exe"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"BitComet"="\"C:\\Program Files\\BitComet\\BitComet.exe\" /tray"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"MapiPoll"="C:\\DOCUME~1\\LOCALS~1\\APPLIC~1\\BODYME~1\\Bend atom type.exe"
"Chikka"="C:\\Program Files\\Chikka Messenger\\Chikka v.4\\\\ChikkaLauncher.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="wbsys.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
"path"="C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\PowerReg Scheduler.exe"
"backup"="C:\\WINDOWS\\pss\\PowerReg Scheduler.exeStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\PowerReg Scheduler.exe"
"item"="PowerReg Scheduler"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
"backup"="C:\\WINDOWS\\pss\\WinZip Quick Pick.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\WinZip\\WZQKPICK.EXE "
"item"="WinZip Quick Pick"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgcc"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COALDARTEXITTONS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wait Gram"
"hkey"="HKLM"
"command"="C:\\Documents and Settings\\All Users\\Application Data\\Flaw Rdr Coal Dart\\Wait Gram.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DLM"
"hkey"="HKCU"
"command"="C:\\Program Files\\Download Manager\\DLM.exe /windowsstart /startifwork"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapiPoll]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Bend atom type"
"hkey"="HKCU"
"command"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\BODYME~1\\Bend atom type.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetPumper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NetPumperIEProxy"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\NetPumper\\NetPumperIEProxy.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="C:\\Valve\\Steam\\Steam.exe -silent"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c84dc3d1-e459-11db-8a88-806d6172696f}]
Shell\AutoRun\command D:\RoNsetup.exe /autorun

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cde24a41-f18c-11db-8109-000e2e802d90}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe FS6519.dll.vbs

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd349752-e88a-11db-80fe-000e2e802d90}]
Shell\AutoRun\command E:\autorun.exe


-- Hosts -----------------------------------------------------------------------

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

60 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2007-05-04 at 16:28:43 ---------


.. Tnx 4 d help..
Attached Files
File Type: txt extra.txt (7.7 KB, 1 views)
nbamaniac is offline