|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
04-26-2008, 06:44 PM
|
#1 (permalink) |
|
Registered User
Join Date: Oct 2006
Posts: 23
OS: Win XP
|
Receiving bounced e-mails
I am receiving 100's of bounced e-mails per day which don't knowingly come from me. I suspect I'm infected with malware. I have gone through the 5-step process and here are the logs:
Deckard's System Scanner v20071014.68 Run by B L Green on 2008-04-27 02:07:37 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 59: 2008-04-27 01:07:41 UTC - RP407 - Deckard's System Scanner Restore Point 58: 2008-04-25 23:21:04 UTC - RP406 - Installed Java(TM) 6 Update 5 57: 2008-04-24 20:52:09 UTC - RP405 - System Checkpoint 56: 2008-04-22 21:05:53 UTC - RP404 - System Checkpoint 55: 2008-04-16 21:02:42 UTC - RP403 - System Checkpoint -- First Restore Point -- 1: 2008-01-26 00:08:58 UTC - RP349 - Installed Java(TM) 6 Update 3 Performed disk cleanup. -- HijackThis (run as B L Green.exe) ------------------------------------------- Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-04-27 02:08:45 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\explorer.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ASUS\Asus Probe\AsusProb.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe C:\Program Files\Grisoft\AVG Free\avgamsvr.exe C:\Program Files\Grisoft\AVG Free\avgupsvc.exe C:\Program Files\Grisoft\AVG Free\avgemc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Photodex\ProShowGold\scsiaccess.exe C:\Program Files\SiteAdvisor\6253\SAService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\B L Green\Desktop\dss(2).exe C:\HJT\B L Green.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/...arch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.com/customize/ie/...arch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ie/...arch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} () - http://office.microsoft.com/templates/ieawsdc.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} () - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} () - http://chat.yahoo.com/cab/yuplapp.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} () - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\scsiaccess.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 10772 bytes -- HijackThis Fixed Entries (C:\HJT\backups\) ---------------------------------- backup-20070813-015023-242 O17 - HKLM\System\CCS\Services\Tcpip\..\{92725CA4-EB9F-4D9F-A925-35A0777C829D}: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-274 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-452 O17 - HKLM\System\CS1\Services\Tcpip\..\{3F83C410-81EB-4141-92E7-26AAB2794BCE}: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-462 O17 - HKLM\System\CCS\Services\Tcpip\..\{5E1B177A-36EF-464D-A1BA-B4F623746683}: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-541 O17 - HKLM\System\CS2\Services\Tcpip\..\{3F83C410-81EB-4141-92E7-26AAB2794BCE}: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-545 O17 - HKLM\System\CCS\Services\Tcpip\..\{3F83C410-81EB-4141-92E7-26AAB2794BCE}: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-637 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 backup-20070813-015023-740 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 AsIO - c:\windows\system32\drivers\asio.sys R1 aslm75 - c:\windows\system32\drivers\aslm75.sys R2 ASInsHelp - c:\windows\system32\drivers\asinshelp32.sys R3 SNPSTD3 (USB PC Camera (SNPSTD3)) - c:\windows\system32\drivers\snpstd3.sys <Not Verified; ; PC Camera driver> S3 Asushwio - c:\windows\system32\drivers\asushwio.sys S3 catchme - c:\docume~1\blgree~1\locals~1\temp\catchme.sys (file missing) S3 OVT511Plus (Dual Mode USB Camera Plus) - c:\windows\system32\drivers\omcamvid.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; > R2 ScsiAccess - c:\program files\photodex\proshowgold\scsiaccess.exe -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: PCI Memory Controller Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00 Manufacturer: Name: PCI Memory Controller PNP Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: SM Bus Controller Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09 Manufacturer: Name: SM Bus Controller PNP Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: RAID Controller Device ID: PCI\VEN_1095&DEV_3114&SUBSYS_81671043&REV_02\4&13699180&0&5048 Manufacturer: Name: RAID Controller PNP Device ID: PCI\VEN_1095&DEV_3114&SUBSYS_81671043&REV_02\4&13699180&0&5048 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Other PCI Bridge Device Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50 Manufacturer: Name: Other PCI Bridge Device PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50 Service: -- Scheduled Tasks ------------------------------------------------------------- 2007-12-17 03:01:31 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2008-03-27 and 2008-04-27 ----------------------------- 2008-04-27 01:44:34 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-27 01:44:28 0 d-------- C:\Program Files\SpywareBlaster 2008-04-27 00:38:38 0 d-------- C:\WINDOWS\LastGood 2008-04-27 00:37:57 0 d-------- C:\Program Files\Panda Security 2008-04-27 00  20 0 dr-h----- C:\Documents and Settings\B L Green\Recent2008-04-20 22:50:39 0 d-------- C:\Program Files\Common Files\xing shared 2008-04-12 00:05:49 0 dr------- C:\Documents and Settings\LocalService\Favorites 2008-04-12 00:05:00 0 d-------- C:\Documents and Settings\LocalService\Application Data\Mozilla 2008-04-08 01:42:26 0 dr------- C:\WINDOWS\AsDmiHtm -- Find3M Report --------------------------------------------------------------- 2008-04-27 01:56:23 0 d-------- C:\Documents and Settings\B L Green\Application Data\MailWasherPro 2008-04-27 00:37:59 3900 --a------ C:\WINDOWS\mozver.dat 2008-04-26 00:23:22 0 d-------- C:\Program Files\Java 2008-04-20 22:50:39 0 d-------- C:\Program Files\Common Files 2008-04-20 22:50:31 0 d-------- C:\Program Files\Common Files\Real 2008-04-05 02:14:27 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-03-12 02:25:52 0 d-------- C:\Documents and Settings\B L Green\Application Data\Sibelius Software 2008-03-12 02:23:50 0 d-------- C:\Program Files\Sibelius Software 2008-03-08 01:36:41 0 d-------- C:\Documents and Settings\B L Green\Application Data\ZoomBrowser EX 2008-02-10 21:57:50 3445 --a------ C:\WINDOWS\unins000.dat 2008-02-10 21:56:14 691545 --a------ C:\WINDOWS\unins000.exe -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [15/11/2004 11:20 C:\WINDOWS\SOUNDMAN.EXE] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [09/03/2006 16:29] "nwiz"="nwiz.exe" [01/06/2006 17:22 C:\WINDOWS\system32\nwiz.exe] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [20/04/2008 22:47] "WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [30/06/2000 06:59] "Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [03/07/2000 02:48] "Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [30/06/2000 00:00] "ASUS Probe"="C:\Program Files\ASUS\Asus Probe\AsusProb.exe" [06/12/2002 16:07] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [12/01/2006 16:40] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [09/03/2006 16:29] "FixCamera"="C:\WINDOWS\FixCamera.exe" [06/12/2005 13:08] "tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [04/11/2005 15:05] "snpstd3"="C:\WINDOWS\vsnpstd3.exe" [05/09/2005 15:55] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [14/06/2006 16:24] "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [02/10/2006 20:09] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/02/2008 00:13] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [13/03/2008 23:11] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [20/04/2008 22:50] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [21/04/2006 17:03] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 13:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [23/06/2007 02:20] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [27/03/2007 15:22] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [01/01/2006 04:30:11] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [21/01/2000 09:15:54] Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [30/06/2000 00:15:10] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoDispAppearancePage"=0 (0x0) "NoColorChoice"=0 (0x0) "NoSizeChoice"=0 (0x0) "NoDispBackgroundPage"=0 (0x0) "NoDispScrSavPage"=0 (0x0) "NoDispCPL"=0 (0x0) "NoVisualStyleChoice"=0 (0x0) "NoDispSettingsPage"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktopChanges"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSaveSettings"=0 (0x0) "NoThemesTab"=0 (0x0) *Newly Created Service* - RKPAVPROC -- Hosts ----------------------------------------------------------------------- 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 7966 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-04-27 02:09:43 ------------
__________________
AlexUK Last edited by AlexUK : 04-26-2008 at 06:49 PM. Reason: addit attachment |
|
     
|
|
| Thread Tools | |
|
|
