Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Cannot burn cds/dvds Cannot burn cds/dvds
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 08-21-2007, 06:46 AM   #1 (permalink)
Registered User
 
Join Date: Aug 2007
Posts: 1
OS: XP Media Center Edition with SP2


Evil Cannot burn cds/dvds
Good day, I cannot burn cds nor dvds with my burner. It usually work perfectly but I think I might have a virus or spyware. It reads both cds and dvds and rip from cds. I have never tried to rip from dvds. My computer is a Toshiba Satellite bought February 2007. The OS is XP Media Center Edition with SP2. My burner is a Pioneer DVD RW DVR-K16A. I did a system restore and the burner worked fine but I lost a software that I cannot get again, therefore I would rather not do a system restore. Thank you.

Kindly see below the DSS scan results and the Panda Log.

Deckard's System Scanner v20070819.64
Run by Kirk on 2007-08-20 22:42:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
124: 2007-08-21 06:43:10 UTC - RP190 - Deckard's System Scanner Restore Point
123: 2007-08-20 19:28:02 UTC - RP189 - Software Distribution Service 3.0
122: 2007-08-20 17:43:46 UTC - RP188 - System Checkpoint
121: 2007-08-19 08:59:24 UTC - RP187 - Software Distribution Service 3.0
120: 2007-08-18 20:04:50 UTC - RP186 - System Checkpoint


-- First Restore Point --
1: 2007-05-23 06:57:58 UTC - RP67 - Software Distribution Service 2.0


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-08-20 22:49:17
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16512)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\AT&T\Communication Manager\ATTCM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\avg\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\avg\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Kirk\Local Settings\Temporary Internet Files\Content.IE5\4VIQ17N6\dss[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/advanced_search?hl=en
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\6.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\6.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\7.bin\MWSBAR.DLL (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\7.bin\MWSBAR.DLL (file missing)
O4 - HKEY_LOCAL_MACHINE\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKEY_LOCAL_MACHINE\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [!AVG Anti-Spyware] "C:\avg\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/re...s/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1181772816781
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} () - http://download.abacast.com/download...basetup162.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{C6BA862C-69BD-4DD0-A138-55CEFB1B4731}: NameServer = 66.209.10.202 66.102.163.232
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: sockspy.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - "C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - "C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: NMIndexingService - Unknown owner - "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - "C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe"
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - "C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - "C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service


-- File Associations -----------------------------------------------------------

.chm - Compiled Help Module - DefaultIcon - unable to read value
.chm - Compiled Help Module - shell\open\command - unable to read value


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 KR10N - c:\windows\system32\drivers\kr10n.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
R1 bdftdif (BitDefender Firewall TDI Filter) - c:\program files\common files\softwin\bitdefender firewall\bdftdif.sys <Not Verified; Softwin SRL; BitDefender 10>
R1 bdpredir - c:\program files\softwin\bitdefender10\bdpredir.sys <Not Verified; Softwin SRL; BitDefender 10>
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.9.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
R3 Bdfndisf (BitDefender Firewall NDIS Filter Service) - c:\windows\system32\drivers\bdfndisf.sys <Not Verified; Softwin SRL; BitDefender 10>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 TVALD (Toshiba Mobile PC Service) - c:\windows\system32\drivers\nbsmi.sys <Not Verified; Toshiba Corporation; Toshiba Notebook PC SMI Service>
R3 Tvs (TOSHIBA Virtual Sound with SRS technologies) - c:\windows\system32\drivers\tvs.sys <Not Verified; TOSHIBA Corporation; Audio Filter>

S3 SNPSTD3 (USB PC Camera (SNPSTD3)) - c:\windows\system32\drivers\snpstd3.sys <Not Verified; ; PC Camera driver>
S3 SVRPEDRV - c:\sysprep\pedrv.sys (file missing)
S3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
R2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
R2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe
R2 TAPPSRV (TOSHIBA Application Service) - "c:\program files\toshiba\toshiba applet\tappsrv.exe" <Not Verified; TOSHIBA Corp.; TOSHIBA TAPPSRV>

S4 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
S4 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-07-20 and 2007-08-20 -----------------------------

2007-08-20 22:39:43 0 d-------- C:\Documents and Settings\Kirk\Application Data\Grisoft
2007-08-20 22:29:15 0 d-------- C:\SpywareBlaster
2007-08-20 13:27:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-08-20 13:27:43 0 d-------- C:\avg
2007-08-20 13:14:14 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-08-20 13:14:12 0 d-------- C:\WINDOWS\LastGood
2007-08-17 1103 0 d-------- C:\Documents and Settings\Kirk\Application Data\MSNInstaller
2007-08-17 09:04:32 0 d-------- C:\Documents and Settings\Saint\Application Data\ArcSoft
2007-08-17 09:01:47 0 d-------- C:\New Folder
2007-08-17 09:01:26 0 d-------- C:\Documents and Settings\Kirk\Application Data\InstallShield
2007-08-17 09:01:00 0 d-------- C:\My Downloads
2007-08-17 08:58:53 0 d-------- C:\WINDOWS\system32\MAGIX
2007-08-17 04:03:44 0 d-------- C:\Program Files\MSXML 6.0
2007-08-17 03:32:23 0 d-------- C:\Documents and Settings\Kirk\Application Data\FunWebProducts
2007-08-17 02:43:52 0 d-------- C:\Program Files\FunWebProducts
2007-08-16 11:15:33 0 d-------- C:\Program Files\Nick Jr. Arcade
2007-08-15 06:49:21 0 d-------- C:\nero crack
2007-08-14 18:40:59 0 d-------- C:\Documents and Settings\Saint\Application Data\Skype
2007-08-14 11:58:30 0 d-------- C:\PanDVD
2007-08-08 22:48:37 0 d-------- C:\Documents and Settings\Saint\Application Data\vlc
2007-08-07 00:49:00 0 d-------- C:\Documents and Settings\Saint\Application Data\Macromedia
2007-08-07 00:28:55 0 d-------- C:\Documents and Settings\Saint\Application Data\AT&T
2007-08-07 00:28:18 0 d-------- C:\Documents and Settings\Saint\Application Data\Google
2007-08-06 07:24:07 0 d-------- C:\zzzzzkk
2007-08-05 21:02:31 0 d-------- C:\Documents and Settings\Saint\Application Data\InterVideo
2007-08-05 11:50:24 0 d-------- C:\Documents and Settings\Saint\Application Data\Bitdefender


-- Find3M Report ---------------------------------------------------------------

2007-08-20 22:51:19 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-08-20 17:15:00 0 d-------- C:\Program Files\MSN Messenger
2007-08-20 15:45:38 0 d-------- C:\Program Files\Common Files\aolshare
2007-08-20 06:36:57 0 d-------- C:\Documents and Settings\Kirk\Application Data\dvdcss
2007-08-17 09:02:05 0 d-------- C:\Documents and Settings\Kirk\Application Data\U3
2007-08-17 09:01:59 0 d-------- C:\Program Files\QuickTime
2007-08-17 09:01:56 0 d-------- C:\Program Files\Common Files\Real
2007-08-17 09:01:26 0 d-------- C:\Program Files\Avanquest update
2007-08-17 09:01:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-17 09:01:20 0 d-------- C:\Documents and Settings\Kirk\Application Data\Real
2007-08-17 09:01:10 0 d-------- C:\Program Files\Common Files
2007-08-17 08:58:56 0 d-------- C:\Program Files\Common Files\MAGIX Shared
2007-08-15 08:43:42 0 d-------- C:\Documents and Settings\Kirk\Application Data\Skype
2007-07-18 22:46:10 0 d-------- C:\Documents and Settings\Kirk\Application Data\TransRender
2007-07-03 19:25:52 0 d-------- C:\Documents and Settings\Kirk\Application Data\ArcSoft
2007-06-26 13:07:42 0 d-------- C:\Documents and Settings\Kirk\Application Data\Help
2007-06-24 10:08:35 0 d-------- C:\Program Files\ArcSoft
2007-06-23 10:25:07 50 -----n--- C:\AUTOEXEC.BAT
2007-06-23 10:24:46 0 d-------- C:\Program Files\Common Files\muvee Technologies
2007-06-23 10:24:08 0 d-------- C:\Program Files\muvee Technologies


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [04/02/2007 04:48 PM]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [03/26/2007 03:49 PM]
"!AVG Anti-Spyware"="C:\avg\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 01:25 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 04:00 AM]
"MyWebSearch Email Plugin"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2/15/2006 8:31:42 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GlobeTrotter Mobility Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GlobeTrotter Mobility Manager.lnk
backup=C:\WINDOWS\pss\GlobeTrotter Mobility Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
backup=C:\WINDOWS\pss\Service Manager.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AT&T Communication Manager]
"C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\DLACTRLW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCall Internet Phone]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
C:\Program Files\ltmoh\Ltmoh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
regsvr32 /s mqrt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch]
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinger]
c:\toshiba\ivp\ism\pinger.exe /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
C:\WINDOWS\vsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TDispVol]
TDispVol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFncKy]
TFncKy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THotkey]
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
TPSMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs]
C:\Program Files\Toshiba\Tvs\TvsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SQLWriter"=3 (0x3)
"SQLBrowser"=2 (0x2)
"NBService"=3 (0x3)
"MSSQLServerADHelper"=3 (0x3)
"MSSQL$SQLEXPRESS"=2 (0x2)
"gusvc"=3 (0x3)
"CFSvcs"=2 (0x2)
"AOL TopSpeedMonitor"=2 (0x2)
"AOL ACS"=2 (0x2)
"GtDetectSc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\LaunchU3.exe -a

*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD



-- End of Deckard's System Scanner: finished at 2007-08-20 22:54:15 ------------




PANDA LOG:


Incident Status Location

Potentially unwanted tool:application/funweb Not disinfected c:\program files\FunWebProducts
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\uninstall\MyWebSearch bar Uninstall
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@atdmt[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@azjmp[1].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@cdfreaks[1].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@club.cdfreaks[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@overture[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@realmedia[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@tribalfusion[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Kirk\Cookies\kirk@xiti[1].txt
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Documents and Settings\Kirk\Local Settings\Temporary Internet Files\Content.IE5\BTNQ4NGI\ZwinkyInitialSetup1.0.0.15-3[1].cab[f3initialsetup1.0.0.15-3.inf]
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Documents and Settings\Kirk\Local Settings\Temporary Internet Files\Content.IE5\BTNQ4NGI\ZwinkyInitialSetup1.0.0.15-3[1].cab[f3Setup1.exe]
Adware:Adware/FlashTrack Not disinfected C:\Documents and Settings\Kirk\Local Settings\Temporary Internet Files\Content.IE5\R1LLSCAN\channels_02[1].gif
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Saint\Cookies\saint@ad.yieldmanager[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Saint\Cookies\saint@adrevolver[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Saint\Cookies\saint@ads.pointroll[2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Saint\Cookies\saint@adtech[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Saint\Cookies\saint@atdmt[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Saint\Cookies\saint@azjmp[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Saint\Cookies\saint@bluestreak[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Saint\Cookies\saint@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Saint\Cookies\saint@doubleclick[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Saint\Cookies\saint@errorsafe[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Saint\Cookies\saint@fastclick[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Saint\Cookies\saint@media.adrevolver[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Saint\Cookies\saint@mediaplex[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Saint\Cookies\saint@perf.overture[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Saint\Cookies\saint@realmedia[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Saint\Cookies\saint@statcounter[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Saint\Cookies\saint@tribalfusion[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Saint\Cookies\saint@www.errorsafe[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Saint\Cookies\saint@zedo[1].txt
Adware:Adware/IST Not disinfected C:\IT Ebooks & Info\Dot Net\dotnet unleashed [WYZO].zip[WyzoSetup.exe][²ÜÇ\InetLoad.dll]
Attached Files
File Type: txt extra.txt (24.3 KB, 0 views)
starststar is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 01:14 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82