|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
04-15-2008, 07:59 PM
|
#1 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 2
OS: xp srvpk 2
|
No desktop
Hello. I have been infected with apparently a bunch of stuff. I can only access the internet (or anything) through safemode admin account. i have ran panda online and several other things. here's my scan log.
Deckard's System Scanner v20071014.68 Run by Administrator on 2008-04-15 21:53:48 Computer is in Safe Mode with Networking. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Failed to create restore point; computer is in safe mode. -- Last 5 Restore Point(s) -- 50: 2008-04-15 04:21:09 UTC - RP50 - Installed Ad-Aware 2007 49: 2008-04-14 03  53 UTC - RP49 - Last known good configuration48: 2008-04-14 03 50 UTC - RP48 - System Checkpoint47: 2008-04-14 03 50 UTC - RP47 - System Checkpoint46: 2008-04-14 03 50 UTC - RP46 - System Checkpoint-- First Restore Point -- 1: 2008-04-14 03 47 UTC - RP1 - Installed Digital Media Feature Pack for Windows Media Center 2005Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-04-15 21:54:50 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (6.00.2900.2180) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Administrator\Desktop\dss.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir...er=6.0&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {07A61EF8-E640-482A-B72D-7DC946F4CA51} - C:\WINDOWS\system32\ssqNGYOE.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {720C769D-4BCB-4D1D-BEA4-BF1B33D3C1FC} - C:\WINDOWS\system32\nnnkKEXN.dll O2 - BHO: (no name) - {A3317720-F4A1-4276-AE0E-0398AB860219} - C:\WINDOWS\system32\ddcDspmJ.dll (file missing) O2 - BHO: (no name) - {CF8029D8-3345-4446-A004-B7CCF7E0A9DC} - C:\WINDOWS\system32\urqRHbAT.dll (file missing) O2 - BHO: (no name) - {EEC73EA5-1367-49D1-93F4-CA1D8C22E9F9} - C:\WINDOWS\system32\mlJAqNEx.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [C-Media Echo Control] C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe O4 - HKCU\..\RunOnce: [SpybotDeletingB2768] command /c del "C:\WINDOWS\system32\nnnkJCVn.dll_old" O4 - HKCU\..\RunOnce: [SpybotDeletingD372] cmd /c del "C:\WINDOWS\system32\nnnkJCVn.dll_old" O4 - HKLM\..\Policies\Explorer\Run: [3Q4uhurjOd] C:\Documents and Settings\All Users\Application Data\jitodovm\rsbclgdc.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1205601736296 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1205602444468 O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O20 - Winlogon Notify: monln - C:\WINDOWS\system32\monln.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCore.exe O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\Common\CAVASpy\cavasm.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\RAXCO\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\RAXCO\PerfectDisk\PDEngine.exe -- End of file - 5620 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 Cavasm - c:\windows\system32\drivers\cavasm.sys <Not Verified; Comodo Inc.; Comodo Anti-Viruspyware> S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller> S3 cmuda3 (C-Media PCI Audio Interface) - c:\windows\system32\drivers\cmuda3.sys <Not Verified; C-Media Inc; C-Media Audio Driver (WDM)> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S2 Comodo Anti-Virus and Anti-Spyware Service - "c:\program files\comodo\common\cavaspy\cavasm.exe" <Not Verified; Comodo Inc.; Comodo Anti-Viruspyware> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-03-15 and 2008-04-15 ----------------------------- 2008-04-15 21:35:19 0 d-------- C:\Program Files\SpywareBlaster 2008-04-15 20:44:18 0 d---s---- C:\Documents and Settings\Administrator\UserData 2008-04-15 20:34:09 0 d-------- C:\Program Files\Panda Security 2008-04-15 20:03:57 106496 --a------ C:\WINDOWS\system32\gpydutkp.exe 2008-04-15 19:51:01 190620 --ahs---- C:\WINDOWS\system32\NXEKknnn.ini2 2008-04-15 19:50:58 273408 --a------ C:\WINDOWS\system32\nnnkKEXN.dll 2008-04-15 19:37:49 0 d-------- C:\VundoFix Backups 2008-04-15 18:51:27 186403 --ahs---- C:\WINDOWS\system32\TAbHRqru.ini2 2008-04-15 18:50:12 0 d-------- C:\Program Files\Enigma Software Group 2008-04-15 18:47:00 106496 --a------ C:\WINDOWS\system32\mrcpmzux.exe 2008-04-15 11:55:09 186925 --ahs---- C:\WINDOWS\system32\EOYGNqss.ini2 2008-04-15 11:50:57 102400 --a------ C:\WINDOWS\system32\lcnojqbs.exe 2008-04-14 23:21:11 0 d-------- C:\Program Files\Lavasoft 2008-04-14 23:21:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-14 23:20:36 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-04-14 23:14:08 0 d-------- C:\Program Files\RogueRemover FREE 2008-04-14 23:09:39 0 d-------- C:\Program Files\Yahoo! 2008-04-14 22:48:19 2640 --a------ C:\WINDOWS\system32\tmp.reg 2008-04-14 22:05:46 0 d-------- C:\Documents and Settings\mark\.housecall6.6 2008-04-14 19:00:34 73728 --a------ C:\WINDOWS\system32\CavEmLSP.dll <Not Verified; COMODO; Comodo AntiVirus.> 2008-04-14 18:59:54 102400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys <Not Verified; Comodo Inc.; Comodo Anti-Viruspyware> 2008-04-14 18:59:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo 2008-04-14 18:59:23 216576 --a------ C:\WINDOWS\system32\monln.dll <Not Verified; Comodo Inc.; Comodo Anti-Viruspyware> 2008-04-14 18:55:32 208896 --a------ C:\WINDOWS\CMDLIC.DLL <Not Verified; COMODO; COMODO BOClean - AntiMalware> 2008-04-14 18:55:26 0 d-------- C:\Documents and Settings\All Users\Application Data\BOC425 2008-04-14 18:55:19 0 d-------- C:\Program Files\Comodo 2008-04-14 18:52:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia 2008-04-14 18:52:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe 2008-04-14 18:51:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities 2008-04-14 18:50:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer 2008-04-14 18:48:53 0 d--hs---- C:\WINDOWS\CSC 2008-04-14 18:20:15 183308 --ahs---- C:\WINDOWS\system32\JmpsDcdd.ini2 2008-04-14 17:17:03 0 dr-h----- C:\Documents and Settings\Administrator\SendTo 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\Recent 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\PrintHood 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\NetHood 2008-04-14 17:17:03 0 d-------- C:\Documents and Settings\Administrator\My Documents 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\Local Settings 2008-04-14 17:17:03 0 d-------- C:\Documents and Settings\Administrator\Favorites 2008-04-14 17:17:03 0 d-------- C:\Documents and Settings\Administrator\Desktop 2008-04-14 17:17:03 0 d---s---- C:\Documents and Settings\Administrator\Cookies 2008-04-14 17:17:03 0 dr-h----- C:\Documents and Settings\Administrator\Application Data 2008-04-14 17:17:02 0 d--h----- C:\Documents and Settings\Administrator\Templates 2008-04-14 17:17:02 0 dr------- C:\Documents and Settings\Administrator\Start Menu 2008-04-14 17:17:02 2359296 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT 2008-04-14 01:42:00 0 d-------- C:\Documents and Settings\mark\Application Data\TmpRecentIcons 2008-04-14 00:13:51 102400 --a------ C:\WINDOWS\system32\gzmtyfur.exe 2008-04-13 23:32:30 179241 --ahs---- C:\WINDOWS\system32\nVCJknnn.ini2 2008-04-13 22:27:43 94208 --a------ C:\WINDOWS\system32\wnafozsf.exe 2008-04-13 22 37 345 --ahs---- C:\WINDOWS\system32\SsvvGfhk.ini22008-04-13 22:05:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-13 22:02:21 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-13 22:01:21 4096 --a------ C:\WINDOWS\system32taack.dat 2008-04-13 22:01:21 4096 --a------ C:\WINDOWS\system32ssvchost.com 2008-04-13 22:01:21 4096 --a------ C:\WINDOWS\system32hxiwlgpm.dat 2008-04-13 22:01:21 4096 --a------ C:\WINDOWS\system32bdn.com 2008-04-13 22:01:18 81920 --a------ C:\WINDOWS\spnkfwad.exe 2008-04-13 22:01:18 245760 --a------ C:\WINDOWS\nslbvxpgagr.dll 2008-04-13 22:01:15 94208 --a------ C:\WINDOWS\system32\jqnsnuxy.exe 2008-04-13 22:01:15 0 d-------- C:\Documents and Settings\All Users\Application Data\jitodovm 2008-04-13 22:01:12 38400 -----n--- C:\WINDOWS\system32\mlJAqNEx.dll 2008-04-09 23:29:02 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 5 2008-04-05 23:34:30 0 --a------ C:\WINDOWS\nsreg.dat 2008-04-05 23:34:28 0 d-------- C:\Documents and Settings\mark\Application Data\Mozilla 2008-03-26 18:48:58 36900 --ah----- C:\WINDOWS\system32\mlfcache.dat 2008-03-25 21:57:28 0 d-------- C:\Program Files\QuickTime 2008-03-25 21:57:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-25 21:41:36 0 d-------- C:\Documents and Settings\mark\Application Data\Apple Computer 2008-03-25 21:41:24 0 d-------- C:\Program Files\Safari 2008-03-25 21:41:16 0 d-------- C:\Program Files\Apple Software Update 2008-03-25 21:41:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-03-23 22:22:52 0 d-------- C:\Program Files\Common Files\Raxco 2008-03-23 22:22:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Raxco 2008-03-23 22:22:34 0 d-------- C:\Program Files\RAXCO 2008-03-22 13:52:17 38160 --a------ C:\WINDOWS\system32\LMRTREND.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System> 2008-03-22 13:52:16 182032 --a------ C:\WINDOWS\system32\dxtmsft3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System> 2008-03-22 13:52:14 63488 --a------ C:\WINDOWS\system32\unam4ie.exe <Not Verified; Microsoft Corporation; DirectShow> 2008-03-22 13:52:12 4608 --a------ C:\WINDOWS\system32\w95inf32.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95> 2008-03-22 13:52:12 2272 --a------ C:\WINDOWS\system32\w95inf16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95> 2008-03-22 13:52:12 10240 --a------ C:\WINDOWS\system32\vidx16.dll 2008-03-22 13:52:12 194320 --a------ C:\WINDOWS\system32\qcut.dll <Not Verified; Microsoft Corporation; DirectShow> 2008-03-22 13:52:10 73728 -----n--- C:\WINDOWS\system\CMedia.dll 2008-03-22 13:52:06 0 d-------- C:\Program Files\PCI Audio Applications 2008-03-22 13:51:49 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2008-03-22 13:51:44 0 d-------- C:\Program Files\C-Media 2008-03-22 13:48:52 28672 --a------ C:\WINDOWS\CmiPCIUninstall.exe <Not Verified; ; CmiUSBUninstall Application> 2008-03-22 13:48:48 32768 --a------ C:\WINDOWS\system32\UDAPROP3.DLL <Not Verified; C-Media Corporation; CMI8738/CMI9738/CMI9739 Audio Device> 2008-03-22 13:48:48 801280 --a------ C:\WINDOWS\system32\drivers\cmuda3.sys <Not Verified; C-Media Inc; C-Media Audio Driver (WDM)> 2008-03-22 13:48:48 36864 --a------ C:\WINDOWS\system32\CMUDA3.DLL <Not Verified; C-Media; C-Media cmuda.dll> 2008-03-22 13:48:48 233472 --a------ C:\WINDOWS\system32\CMRMDRV3.exe <Not Verified; ; CmiRemoveDriver Application> 2008-03-22 13:48:48 28672 --a------ C:\WINDOWS\system32\CMRMDRV3.DLL 2008-03-22 13:48:48 917504 --a------ C:\WINDOWS\system\CMDS3D3.DLL <Not Verified; C-Media Electronics Inc.; C-Media Cmids3d> 2008-03-22 13:48:48 0 d-------- C:\Program Files\C-Media PCI Audio 2008-03-19 18:26:35 0 d-------- C:\WINDOWS\Sun 2008-03-19 18:26:35 0 d-------- C:\Documents and Settings\mark\Application Data\Sun 2008-03-19 18:26:05 0 d-------- C:\Program Files\Java 2008-03-19 18:25:54 0 d-------- C:\Program Files\Common Files\Java 2008-03-15 12:33:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-03-15 12:24:30 0 d-------- C:\WINDOWS\system32\PreInstall 2008-03-15 12:24:29 0 d--h----- C:\WINDOWS\$hf_mig$ 2008-03-15 12:22:47 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2008-03-15 11:36:58 0 d-------- C:\Documents and Settings\mark\Application Data\Macromedia -- Find3M Report --------------------------------------------------------------- 2008-04-14 23:20:36 0 d-------- C:\Program Files\Common Files 2008-03-24 00:30:29 36932 --a------ C:\WINDOWS\cmijack.dat 2008-03-22 14:11:36 0 d-------- C:\Program Files\Google 2008-03-19 21:21:07 0 d-------- C:\Program Files\RGB 2008-03-15 15:10:18 0 d-------- C:\Program Files\Messenger 2008-03-14 21:16:13 0 d-------- C:\Program Files\Common Files\Adobe 2008-03-13 18:48:59 0 d-------- C:\Program Files\DVD Profiler 2008-03-13 00:32:47 0 d-------- C:\Program Files\CONEXANT 2008-03-13 00:29:50 0 d-------- C:\Program Files\Intel 2008-03-13 00:25:47 0 d-------- C:\Program Files\SigmaTel 2008-03-13 00:25:47 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-03-13 00:23:32 0 d-------- C:\Program Files\Dell 2008-03-13 00:00:37 0 d-------- C:\Program Files\microsoft frontpage 2008-03-13 00:00:16 0 -rahs---- C:\MSDOS.SYS 2008-03-13 00:00:16 0 -rahs---- C:\IO.SYS 2008-03-13 00:00:16 0 --a------ C:\CONFIG.SYS 2008-03-13 00:00:16 0 --a------ C:\AUTOEXEC.BAT 2008-03-12 23:58:46 0 d--h----- C:\Program Files\WindowsUpdate 2008-03-12 23:58:03 0 d-------- C:\Program Files\Common Files\MSSoap 2008-03-12 23:57:54 0 d-------- C:\Program Files\Movie Maker 2008-03-12 23:56:40 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-03-12 23:56:20 0 d-------- C:\Program Files\Online Services 2008-03-12 23:55:59 0 d-------- C:\Program Files\Windows Plus 2008-03-12 23:54:42 0 d-------- C:\Program Files\MSN Gaming Zone 2008-03-12 23:54:35 0 d-------- C:\Program Files\Windows NT 2008-03-12 23:46:17 0 d-------- C:\Program Files\Microsoft ActiveSync 2008-03-12 23:42:48 0 d-------- C:\Program Files\Microsoft.NET 2008-03-12 17:50:32 0 d-------- C:\Program Files\Common Files\ODBC 2008-03-12 17:50:30 0 d-------- C:\Program Files\Common Files\SpeechEngines 2008-03-12 17:50:11 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07A61EF8-E640-482A-B72D-7DC946F4CA51}] C:\WINDOWS\system32\ssqNGYOE.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{720C769D-4BCB-4D1D-BEA4-BF1B33D3C1FC}] 04/15/2008 07:51 PM 273408 --a------ C:\WINDOWS\system32\nnnkKEXN.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3317720-F4A1-4276-AE0E-0398AB860219}] C:\WINDOWS\system32\ddcDspmJ.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CF8029D8-3345-4446-A004-B7CCF7E0A9DC}] C:\WINDOWS\system32\urqRHbAT.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEC73EA5-1367-49D1-93F4-CA1D8C22E9F9}] 04/13/2008 10:01 PM 38400 --------- C:\WINDOWS\system32\mlJAqNEx.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [07/19/2005 07:09 PM] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [07/19/2005 07:06 PM] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [07/19/2005 07:10 PM] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM] "C-Media Mixer"="Mixer.exe" [07/12/2002 04:33 PM C:\WINDOWS\mixer.exe] "C-Media Echo Control"="C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe" [12/05/2001 04:47 PM] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/31/2008 11:13 PM] "BOC-425"="C:\PROGRA~1\Comodo\CBOClean\BOC425.exe" [11/26/2007 10:38 AM] "cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [04/14/2008 06:59 PM] "SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" [01/28/2008 11:43 AM] "SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [01/23/2008 03:47 PM] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce] "SpybotDeletingB2768"=command /c del "C:\WINDOWS\system32\nnnkJCVn.dll_old" "SpybotDeletingD372"=cmd /c del "C:\WINDOWS\system32\nnnkJCVn.dll_old" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] "3Q4uhurjOd"=C:\Documents and Settings\All Users\Application Data\jitodovm\rsbclgdc.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{EEC73EA5-1367-49D1-93F4-CA1D8C22E9F9}"= C:\WINDOWS\system32\mlJAqNEx.dll [04/13/2008 10:01 PM 38400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln] monln.dll 04/14/2008 06:59 PM 216576 C:\WINDOWS\system32\monln.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\nnnkKEXN [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ehTray"=C:\WINDOWS\ehome\ehtray.exe -- Hosts ----------------------------------------------------------------------- 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 8120 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-04-15 21:55:24 ------------ |
|
     
|
|
04-16-2008, 10:42 PM
|
#2 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 2
OS: xp srvpk 2
|
Re: No desktop
ran several other programs, ands now seem to have a functioning machine. regular logon, no flashing desktop, etc. just want to make sure it really is ok? Thanks
Deckard's System Scanner v20071014.68 Run by mark on 2008-04-17 00:38:33 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-04-17 00:38:52 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\WINDOWS\ehome\ehSched.exe C:\Program Files\RAXCO\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\RAXCO\PerfectDisk\PDEngine.exe C:\WINDOWS\system32\alg.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\mixer.exe C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe C:\Documents and Settings\mark\Desktop\backup\dss.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir...er=6.0&ar=home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {07A61EF8-E640-482A-B72D-7DC946F4CA51} - C:\WINDOWS\system32\ssqNGYOE.dll (file missing) O2 - BHO: (no name) - {A3317720-F4A1-4276-AE0E-0398AB860219} - C:\WINDOWS\system32\ddcDspmJ.dll (file missing) O2 - BHO: (no name) - {CF8029D8-3345-4446-A004-B7CCF7E0A9DC} - C:\WINDOWS\system32\urqRHbAT.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [C-Media Echo Control] C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [SpyClean] C:\Program Files\Netcom3 Cleaner\SpyClean.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1205601736296 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1205602444468 O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Media Center Receiver Service (ehRecvr) - Unknown owner - C:\WINDOWS\eHome\ehRecvr.exe O23 - Service: NetCom3 Service (Netcom3) - Unknown owner - C:\Program Files\Netcom3 Cleaner\PscMonitor.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\RAXCO\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\RAXCO\PerfectDisk\PDEngine.exe -- End of file - 4994 bytes -- Files created between 2008-03-17 and 2008-04-17 ----------------------------- 2008-04-16 21:13:54 23104 --a------ C:\WINDOWS\system32\svcprmpt.dll 2008-04-16 21:13:54 30976 --a------ C:\WINDOWS\rascntrl.dll 2008-04-16 21:05:15 0 d-------- C:\Program Files\CCleaner 2008-04-16 20:39:51 68096 --a------ C:\WINDOWS\zip.exe 2008-04-16 20:39:51 49152 --a------ C:\WINDOWS\VFind.exe 2008-04-16 20:39:51 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists> 2008-04-16 20:39:51 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller> 2008-04-16 20:39:51 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor> 2008-04-16 20:39:51 98816 --a------ C:\WINDOWS\sed.exe 2008-04-16 20:39:51 80412 --a------ C:\WINDOWS\grep.exe 2008-04-16 20:39:51 73728 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-04-16 20:24:38 24576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service> 2008-04-16 18:59:31 0 d-------- C:\Program Files\a-squared Anti-Malware 2008-04-16 18:44:14 0 d-------- C:\Program Files\a-squared HiJackFree 2008-04-16 18:33:52 0 d-------- C:\Program Files\Netcom3 Cleaner 2008-04-16 18:16:01 0 d-------- C:\Program Files\Trend Micro 2008-04-16 18:10:05 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun 2008-04-15 23:55:51 0 d-------- C:\WINDOWS\system32\appmgmt 2008-04-15 23:30:54 0 d-------- C:\WINDOWS\ERUNT 2008-04-15 21:35:19 0 d-------- C:\Program Files\SpywareBlaster 2008-04-15 20:44:18 0 d---s---- C:\Documents and Settings\Administrator\UserData 2008-04-15 20:34:09 0 d-------- C:\Program Files\Panda Security 2008-04-15 20:03:57 106496 --a------ C:\WINDOWS\system32\gpydutkp.exe 2008-04-15 19:37:49 0 d-------- C:\VundoFix Backups 2008-04-15 18:50:12 0 d-------- C:\Program Files\Enigma Software Group 2008-04-15 18:47:00 106496 --a------ C:\WINDOWS\system32\mrcpmzux.exe 2008-04-15 11:50:57 102400 --a------ C:\WINDOWS\system32\lcnojqbs.exe 2008-04-14 23:21:11 0 d-------- C:\Program Files\Lavasoft 2008-04-14 23:21:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-14 23:09:39 0 d-------- C:\Program Files\Yahoo! 2008-04-14 22:48:19 2640 --a------ C:\WINDOWS\system32\tmp.reg 2008-04-14 22:05:46 0 d-------- C:\Documents and Settings\mark\.housecall6.6 2008-04-14 18:59:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo 2008-04-14 18:59:23 216576 --a------ C:\WINDOWS\system32\monln.dll <Not Verified; Comodo Inc.; Comodo Anti-Viruspyware> 2008-04-14 18:55:32 208896 --a------ C:\WINDOWS\CMDLIC.DLL <Not Verified; COMODO; COMODO BOClean - AntiMalware> 2008-04-14 18:55:19 0 d-------- C:\Program Files\Comodo 2008-04-14 18:52:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia 2008-04-14 18:52:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe 2008-04-14 18:51:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities 2008-04-14 18:50:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer 2008-04-14 18:48:53 0 d--hs---- C:\WINDOWS\CSC 2008-04-14 17:17:03 0 dr-h----- C:\Documents and Settings\Administrator\SendTo 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\Recent 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\PrintHood 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\NetHood 2008-04-14 17:17:03 0 d-------- C:\Documents and Settings\Administrator\My Documents 2008-04-14 17:17:03 0 d--h----- C:\Documents and Settings\Administrator\Local Settings 2008-04-14 17:17:03 0 d-------- C:\Documents and Settings\Administrator\Favorites 2008-04-14 17:17:03 0 d-------- C:\Documents and Settings\Administrator\Desktop 2008-04-14 17:17:03 0 d---s---- C:\Documents and Settings\Administrator\Cookies 2008-04-14 17:17:03 0 dr-h----- C:\Documents and Settings\Administrator\Application Data 2008-04-14 17:17:03 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft 2008-04-14 17:17:02 0 d--h----- C:\Documents and Settings\Administrator\Templates 2008-04-14 17:17:02 0 dr------- C:\Documents and Settings\Administrator\Start Menu 2008-04-14 17:17:02 2359296 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT 2008-04-14 01:42:00 0 d-------- C:\Documents and Settings\mark\Application Data\TmpRecentIcons 2008-04-14 00:13:51 102400 --a------ C:\WINDOWS\system32\gzmtyfur.exe 2008-04-13 22:27:43 94208 --a------ C:\WINDOWS\system32\wnafozsf.exe 2008-04-13 22:05:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-13 22:02:21 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-13 22:01:15 94208 --a------ C:\WINDOWS\system32\jqnsnuxy.exe 2008-04-13 22:01:15 0 d-------- C:\Documents and Settings\All Users\Application Data\jitodovm 2008-04-09 23:29:02 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 5 2008-04-05 23:34:30 0 --a------ C:\WINDOWS\nsreg.dat 2008-04-05 23:34:28 0 d-------- C:\Documents and Settings\mark\Application Data\Mozilla 2008-03-26 18:48:58 36900 --ah----- C:\WINDOWS\system32\mlfcache.dat 2008-03-25 21:57:28 0 d-------- C:\Program Files\QuickTime 2008-03-25 21:57:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-25 21:41:36 0 d-------- C:\Documents and Settings\mark\Application Data\Apple Computer 2008-03-25 21:41:24 0 d-------- C:\Program Files\Safari 2008-03-25 21:41:16 0 d-------- C:\Program Files\Apple Software Update 2008-03-25 21:41:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-03-23 22:22:52 0 d-------- C:\Program Files\Common Files\Raxco 2008-03-23 22:22:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Raxco 2008-03-23 22:22:34 0 d-------- C:\Program Files\RAXCO 2008-03-22 13:52:17 38160 --a------ C:\WINDOWS\system32\LMRTREND.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System> 2008-03-22 13:52:16 182032 --a------ C:\WINDOWS\system32\dxtmsft3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System> 2008-03-22 13:52:14 63488 --a------ C:\WINDOWS\system32\unam4ie.exe <Not Verified; Microsoft Corporation; DirectShow> 2008-03-22 13:52:12 4608 --a------ C:\WINDOWS\system32\w95inf32.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95> 2008-03-22 13:52:12 2272 --a------ C:\WINDOWS\system32\w95inf16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95> 2008-03-22 13:52:12 10240 --a------ C:\WINDOWS\system32\vidx16.dll 2008-03-22 13:52:12 194320 --a------ C:\WINDOWS\system32\qcut.dll <Not Verified; Microsoft Corporation; DirectShow> 2008-03-22 13:52:10 73728 -----n--- C:\WINDOWS\system\CMedia.dll 2008-03-22 13:52:06 0 d-------- C:\Program Files\PCI Audio Applications 2008-03-22 13:51:49 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2008-03-22 13:51:44 0 d-------- C:\Program Files\C-Media 2008-03-22 13:48:52 28672 --a------ C:\WINDOWS\CmiPCIUninstall.exe <Not Verified; ; CmiUSBUninstall Application> 2008-03-22 13:48:48 32768 --a------ C:\WINDOWS\system32\UDAPROP3.DLL <Not Verified; C-Media Corporation; CMI8738/CMI9738/CMI9739 Audio Device> 2008-03-22 13:48:48 801280 --a------ C:\WINDOWS\system32\drivers\cmuda3.sys <Not Verified; C-Media Inc; C-Media Audio Driver (WDM)> 2008-03-22 13:48:48 36864 --a------ C:\WINDOWS\system32\CMUDA3.DLL <Not Verified; C-Media; C-Media cmuda.dll> 2008-03-22 13:48:48 233472 --a------ C:\WINDOWS\system32\CMRMDRV3.exe <Not Verified; ; CmiRemoveDriver Application> 2008-03-22 13:48:48 28672 --a------ C:\WINDOWS\system32\CMRMDRV3.DLL 2008-03-22 13:48:48 917504 --a------ C:\WINDOWS\system\CMDS3D3.DLL <Not Verified; C-Media Electronics Inc.; C-Media Cmids3d> 2008-03-22 13:48:48 0 d-------- C:\Program Files\C-Media PCI Audio 2008-03-19 18:26:35 0 d-------- C:\WINDOWS\Sun 2008-03-19 18:26:35 0 d-------- C:\Documents and Settings\mark\Application Data\Sun 2008-03-19 18:26:05 0 d-------- C:\Program Files\Java 2008-03-19 18:25:54 0 d-------- C:\Program Files\Common Files\Java -- Find3M Report --------------------------------------------------------------- 2008-04-16 21:02:30 0 d-------- C:\Program Files\Common Files 2008-03-24 00:30:29 36932 --a------ C:\WINDOWS\cmijack.dat 2008-03-22 14:11:36 0 d-------- C:\Program Files\Google 2008-03-19 21:21:07 0 d-------- C:\Program Files\RGB 2008-03-15 15:10:18 0 d-------- C:\Program Files\Messenger 2008-03-15 11:36:58 0 d-------- C:\Documents and Settings\mark\Application Data\Macromedia 2008-03-15 11:36:57 0 d-------- C:\Documents and Settings\mark\Application Data\Adobe 2008-03-14 21:16:13 0 d-------- C:\Program Files\Common Files\Adobe 2008-03-13 20:09:51 187 --a------ C:\Documents and Settings\mark\Application Data\G-Force Prefs (WindowsMediaPlayer).txt 2008-03-13 18:52:16 0 d-------- C:\Documents and Settings\mark\Application Data\DVD Profiler 2008-03-13 18:48:59 0 d-------- C:\Program Files\DVD Profiler 2008-03-13 00:32:47 0 d-------- C:\Program Files\CONEXANT 2008-03-13 00:29:50 0 d-------- C:\Program Files\Intel 2008-03-13 00:25:47 0 d-------- C:\Program Files\SigmaTel 2008-03-13 00:25:47 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-03-13 00:23:32 0 d-------- C:\Program Files\Dell 2008-03-13 00:16:25 0 d-------- C:\Documents and Settings\mark\Application Data\Identities 2008-03-13 00:00:37 0 d-------- C:\Program Files\microsoft frontpage 2008-03-13 00:00:16 0 -rahs---- C:\MSDOS.SYS 2008-03-13 00:00:16 0 -rahs---- C:\IO.SYS 2008-03-13 00:00:16 0 --a------ C:\CONFIG.SYS 2008-03-13 00:00:16 0 --a------ C:\AUTOEXEC.BAT 2008-03-12 23:58:46 0 d--h----- C:\Program Files\WindowsUpdate 2008-03-12 23:58:03 0 d-------- C:\Program Files\Common Files\MSSoap 2008-03-12 23:57:54 0 d-------- C:\Program Files\Movie Maker 2008-03-12 23:56:40 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-03-12 23:56:20 0 d-------- C:\Program Files\Online Services 2008-03-12 23:55:59 0 d-------- C:\Program Files\Windows Plus 2008-03-12 23:54:42 0 d-------- C:\Program Files\MSN Gaming Zone 2008-03-12 23:54:35 0 d-------- C:\Program Files\Windows NT 2008-03-12 23:46:17 0 d-------- C:\Program Files\Microsoft ActiveSync 2008-03-12 23:42:48 0 d-------- C:\Program Files\Microsoft.NET 2008-03-12 17:50:32 0 d-------- C:\Program Files\Common Files\ODBC 2008-03-12 17:50:30 0 d-------- C:\Program Files\Common Files\SpeechEngines 2008-03-12 17:50:11 62 --ahs---- C:\Documents and Settings\mark\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07A61EF8-E640-482A-B72D-7DC946F4CA51}] C:\WINDOWS\system32\ssqNGYOE.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3317720-F4A1-4276-AE0E-0398AB860219}] C:\WINDOWS\system32\ddcDspmJ.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CF8029D8-3345-4446-A004-B7CCF7E0A9DC}] C:\WINDOWS\system32\urqRHbAT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [07/19/2005 07:09 PM] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [07/19/2005 07:10 PM] "C-Media Mixer"="Mixer.exe" [07/12/2002 04:33 PM C:\WINDOWS\mixer.exe] "C-Media Echo Control"="C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe" [12/05/2001 04:47 PM] "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [04/11/2008 09:08 AM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpyClean"="C:\Program Files\Netcom3 Cleaner\SpyClean.exe" [03/11/2008 10:06 PM] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme "DisableRegistryTools"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=1 (0x1) "HideStartupScripts"=0 (0x0) -- End of Deckard's System Scanner: finished at 2008-04-17 00:39:27 ------------ |
|
|
|
|
| Thread Tools | |
|
|
