|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
Thread Tools |
09-23-2007, 05:56 PM
|
#1 (permalink) |
|
Registered User
Join Date: Sep 2007
Posts: 15
OS: Windows XP SP2
|
RUNDLL problems on start up :(:( please helppppp
Hi guys,
I am a newbie here.. my problems are two rundll problems that pop up on start up The first one is: C:\WINDOWS\system32\slwkueph.dll and the second one is: C:\WINDOWS\system32\pcuddyhy.dll   I use Windows XP Professional Service Pack 2 on Intel Core 2 Duo 1.8GHz My pc is really new ( 3-4 months) and I really don't know why this is happening also I don't know if this is related to it but my AVG always detects trojan horses in my temporary files (2-3 per day!!!) I ran HiJackThis and this is the log: Logfile of HijackThis v1.99.1 Scan saved at 5:21:30 PM, on 9/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\utorrent.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://evaspage.hardxcore.org/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: 76.23.146.157 bankofamerica.com O1 - Hosts: 76.23.146.157 www.bankofamerica.com O1 - Hosts: 76.23.146.157 sitekey.bankofamerica.com O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [pas_check] C:\Program Files\SystemDoctor 2006 Free\pasmon.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\pcuddyhy.dll",forkonce O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\waekbvpv.dll",sitypnow O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [manager] "C:\Windows\System32\drivers\setup\manager.exe" O4 - HKCU\..\Run: [mschkdsk.exe] C:\WINDOWS\system32\mschkdsk.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\wnvelyse.exe (file missing) O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe Now because I don't understand a word from this could someone explain me in English what should I do? Thank you in advance...  |
|
     |
|
09-25-2007, 07:27 AM
|
#2 (permalink) |
|
Manager, Security Center, TSF Academy; Analyst, Security Team
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 25,377
OS: 2000 Pro; XP Pro; XP Home
|
Re: RUNDLL problems on start up :(:( please helppppp
Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.
Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix. It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence. I need more information before continuing, please. --------------------------------------------------------------------------------------------- You are using an outdated version of HijackThis. Please uninstall from Add/Remove programs, and delete your current version. Next, download HijackThis to your desktop Alternate link This program will help us determine if there are any spyware/malware on your computer. Double-click on the file you just downloaded. Click on the "Unzip" button to install. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis Upon install, HijackThis should open for you. Should it not open, navigate to C:\Program Files\Trend Micro\HijackThis and double click on HijackThis.exe 1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'. 2. If you don't get the intro screen, just hit Scan and then click on Save log. 3. Do not post that log, instead, do this next: --------------------------------------------------------------------------------------------- Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
What DSS will do:
---------------------------------------------------------------------------------------------
__________________
Practice Safe Surfing Because what you don't know, CAN hurt you.  Our help is voluntary, but this site needs donations to operate.
Please consider Donating to the Forum. Please do not ask for help via Private Message. Ask in the forums, so all may gain from the experience. |
|
|
|
|
09-25-2007, 01:20 PM
|
#3 (permalink) | |
|
Registered User
Join Date: Sep 2007
Posts: 15
OS: Windows XP SP2
|
Re: RUNDLL problems on start up :(:( please helppppp
Quote:
but I thought that this thread will stay postless forever Never been more glad to be wrong :D Anyway I installed the new version of HiJackThis and I downloaded DSS. But before I attach extra.txt to my post there is something I wanna ask: you said there will be two files main.txt and extra.txt now you also said I ought to select all and paste it in extra.txt so I am a little confused about what exactly I have to post... I am sorry for being so stupid  |
|
|
|
|
|
09-25-2007, 02:05 PM
|
#4 (permalink) |
|
Manager, Security Center, TSF Academy; Analyst, Security Team
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 25,377
OS: 2000 Pro; XP Pro; XP Home
|
Re: RUNDLL problems on start up :(:( please helppppp
It's ok, better to ask questions if you're unsure.
What I'd like is the content of main.txt copied and pasted into your next reply, and extra.txt attached.
__________________
Practice Safe Surfing Because what you don't know, CAN hurt you. Our help is voluntary, but this site needs donations to operate.
Please consider Donating to the Forum. Please do not ask for help via Private Message. Ask in the forums, so all may gain from the experience. |
|
|
|
|
09-25-2007, 02:25 PM
|
#5 (permalink) | |
|
Registered User
Join Date: Sep 2007
Posts: 15
OS: Windows XP SP2
|
Re: RUNDLL problems on start up :(:( please helppppp
Quote:
well thanks :D *jumps on the bed* hehe Anyways here is the content from main.txt: Deckard's System Scanner v20070905.67 Run by Eva on 2007-09-25 23:11:52 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 36: 2007-09-25 21:11:58 UTC - RP123 - Deckard's System Scanner Restore Point 35: 2007-09-24 20:44:28 UTC - RP122 - Removed TMPGEnc MPEG Editor 2.0 34: 2007-09-24 18:54:26 UTC - RP121 - Installed TMPGEnc MPEG Editor 2.0 33: 2007-09-24 04:17:48 UTC - RP120 - Removed Mapsoft MediaSizer 32: 2007-09-24 04:15:35 UTC - RP119 - Installed Mapsoft MediaSizer -- First Restore Point -- 1: 2007-09-01 12:10:26 UTC - RP88 - Installed Microsoft SQL Server Desktop Engine Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Eva.exe) ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:12:44 PM, on 9/25/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\utorrent.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Eva\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Eva.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://evaspage.hardxcore.org/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: 76.23.146.157 bankofamerica.com O1 - Hosts: 76.23.146.157 www.bankofamerica.com O1 - Hosts: 76.23.146.157 sitekey.bankofamerica.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089C3471-1E83-4EBE-9336-213C5D61EEA7} - C:\WINDOWS\system32\vrxrundr.dll O2 - BHO: (no name) - {1CB9B81A-835D-490C-9EC9-3837B3D48F2c} - C:\WINDOWS\system32\vrxrundr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {81E176A2-FDC6-4369-9883-72B59754976c} - C:\WINDOWS\system32\vrxrundr.dll O2 - BHO: (no name) - {8A61098D-612B-4EF2-943D-64E920684061} - C:\WINDOWS\system32\pmnomll.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A8614D42-DB74-4418-BEE1-50F78B5F053F} - C:\WINDOWS\system32\mllji.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - C:\WINDOWS\system32\kxucfpla.dll (file missing) O2 - BHO: (no name) - {F91D1971-7FE1-4C88-9CA8-98BF9D17C2E6} - C:\WINDOWS\system32\mllji.dll O2 - BHO: (no name) - {FCD03E4C-4612-4A1D-ABAD-404E1721A296} - C:\WINDOWS\system32\vrxrundr.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [pas_check] C:\Program Files\SystemDoctor 2006 Free\pasmon.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\pcuddyhy.dll",forkonce O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [manager] "C:\Windows\System32\drivers\setup\manager.exe" O4 - HKCU\..\Run: [mschkdsk.exe] C:\WINDOWS\system32\mschkdsk.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll O20 - Winlogon Notify: pmnomll - C:\WINDOWS\SYSTEM32\pmnomll.dll O20 - Winlogon Notify: winnmj32 - winnmj32.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\wnvelyse.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O24 - Desktop Component 0: (no name) - http://i102.piczo.com/view/3/3/x/w/a...00_86049_4.jpg O24 - Desktop Component 2: (no name) - http://evaspage.hardxcore.org/ -- End of file - 10250 bytes -- File Associations ----------------------------------------------------------- .txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70 .txt - txtfile - shell\open\command - "C:\Program Files\e\e.exe" "%1" -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 RecAgent - c:\windows\system32\drivers\recagent.sys <Not Verified; ; Modem> R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu> R3 Mtlmnt5 - c:\windows\system32\drivers\mtlmnt5.sys <Not Verified; ; Modem> R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> R3 Slntamr (SmartLink AMR_PCI Driver) - c:\windows\system32\drivers\slntamr.sys <Not Verified; ; Modem> R3 SlWdmSup - c:\windows\system32\drivers\slwdmsup.sys <Not Verified; ; Modem> S3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys (file missing) S3 Mtlstrm - c:\windows\system32\drivers\mtlstrm.sys <Not Verified; ; Modem> S3 PAC207 (SoC PC-Camer@) - c:\windows\system32\drivers\pfc027.sys S3 SlNtHal - c:\windows\system32\drivers\slnthal.sys <Not Verified; ; Modem> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service> R2 SLService (SmartLinkService) - slserv.exe <Not Verified; ; Modem> R2 STI Simulator - c:\windows\system32\pastisvc.exe R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S2 DomainService - c:\windows\system32\wnvelyse.exe /service (file missing) S3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" (file missing) S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_01\4&38D2602C&0&00E1 Manufacturer: Realtek Semiconductor Corp. Name: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_01\4&38D2602C&0&00E1 Service: RTL8023xp -- Scheduled Tasks ------------------------------------------------------------- 2007-09-20 16:09:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2007-08-25 and 2007-09-25 ----------------------------- 2007-09-25 22:29:37 0 d--hs---- C:\Documents and Settings\Eva\Recent 2007-09-25 22:08:35 0 d-------- C:\Program Files\Trend Micro 2007-09-25 21:49:27 82964 --a------ C:\WINDOWS\system32\vafgjovb.dll 2007-09-25 21:40:20 75284 --a------ C:\WINDOWS\system32\fxnysdct.exe <Not Verified; ; DDC> 2007-09-25 19:35:28 82964 -----n--- C:\WINDOWS\system32\oqruilpk.dll 2007-09-25 19:32:24 75284 --a------ C:\WINDOWS\system32\kcqeugpb.exe <Not Verified; ; DDC> 2007-09-25 18:48:02 75284 --a------ C:\WINDOWS\system32\avssrbmd.exe <Not Verified; ; DDC> 2007-09-25 18:46:48 82964 --a------ C:\WINDOWS\system32\uhmekxqc.dll 2007-09-25 18:44:50 0 d-------- C:\Program Files\Total Video Converter 2007-09-25 18:44:27 75284 --a------ C:\WINDOWS\system32\haitufhj.exe <Not Verified; ; DDC> 2007-09-25 15:58:14 0 d-------- C:\Documents and Settings\Ane\Incomplete 2007-09-25 15:57:35 0 d-------- C:\Documents and Settings\Ane\Application Data\LimeWire 2007-09-25 15:52:14 0 d--hs---- C:\Documents and Settings\Ane\Recent 2007-09-25 10:26:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities 2007-09-25 10:07:40 75284 --a------ C:\WINDOWS\system32\uucprqvo.exe <Not Verified; ; DDC> 2007-09-25 09:28:38 0 d-------- C:\Documents and Settings\Ane\Application Data\uTorrent 2007-09-25 09:25:43 0 d-------- C:\Documents and Settings\Ane\Application Data\Macromedia 2007-09-25 09:25:19 75284 --a------ C:\WINDOWS\system32\yhxytyjl.exe <Not Verified; ; DDC> 2007-09-25 09:21:44 75284 --a------ C:\WINDOWS\system32\fsjdwlih.exe 2007-09-25 09:19:50 75284 --a------ C:\WINDOWS\system32\yxbhwjat.exe <Not Verified; ; DDC> 2007-09-25 09:16:54 75284 --a------ C:\WINDOWS\system32\oekkrpfy.exe <Not Verified; ; DDC> 2007-09-25 05:36:35 0 d-------- C:\Documents and Settings\Ane\Application Data\Mozilla 2007-09-25 05:29:04 0 d-------- C:\Documents and Settings\Ane\Application Data\e 2007-09-25 04:45:38 121876 --a------ C:\WINDOWS\system32\xyteukme.dll 2007-09-25 04:43:02 75284 --a------ C:\WINDOWS\system32\hseehart.exe <Not Verified; ; DDC> 2007-09-25 04:40:46 0 d-------- C:\Documents and Settings\Ane\Application Data\Adobe 2007-09-25 04:40:35 0 d-------- C:\Documents and Settings\Ane\Application Data\AVG7 2007-09-25 04:40:02 0 d-------- C:\Documents and Settings\Ane\Application Data\Identities 2007-09-25 04:39:28 0 dr-h----- C:\Documents and Settings\Ane\SendTo 2007-09-25 04:39:28 0 d--h----- C:\Documents and Settings\Ane\PrintHood 2007-09-25 04:39:28 0 d--h----- C:\Documents and Settings\Ane\NetHood 2007-09-25 04:39:28 0 d---s---- C:\Documents and Settings\Ane\My Documents 2007-09-25 04:39:28 0 d--h----- C:\Documents and Settings\Ane\Local Settings 2007-09-25 04:39:28 0 d---s---- C:\Documents and Settings\Ane\Favorites 2007-09-25 04:39:28 0 d-------- C:\Documents and Settings\Ane\Desktop 2007-09-25 04:39:28 0 d--hs---- C:\Documents and Settings\Ane\Cookies 2007-09-25 04:39:28 0 d--h----- C:\Documents and Settings\Ane\Application Data 2007-09-25 04:39:28 0 d---s---- C:\Documents and Settings\Ane\Application Data\Microsoft 2007-09-25 04:39:27 0 d--h----- C:\Documents and Settings\Ane\Templates 2007-09-25 04:39:27 0 dr------- C:\Documents and Settings\Ane\Start Menu 2007-09-25 04:39:27 1572864 --ah----- C:\Documents and Settings\Ane\NTUSER.DAT 2007-09-25 04:22:40 82964 --a------ C:\WINDOWS\system32\dfljgwbn.dll 2007-09-25 04:16:42 121876 --a------ C:\WINDOWS\system32\qgauratf.dll 2007-09-25 04:16:40 75284 --a------ C:\WINDOWS\system32\gfubyjrq.exe <Not Verified; ; DDC> 2007-09-25 04:13:43 75284 --a------ C:\WINDOWS\system32\fqwujnuq.exe <Not Verified; ; DDC> 2007-09-25 04:12:56 75284 --a------ C:\WINDOWS\system32\dlrqvybp.exe 2007-09-25 04:12:06 75284 --a------ C:\WINDOWS\system32\llojyfpc.exe 2007-09-25 04:11:39 82964 --a------ C:\WINDOWS\system32\dyyuille.dll 2007-09-25 04:11:37 75284 --a------ C:\WINDOWS\system32\kguxpkjt.exe 2007-09-25 04:11:06 75284 --a------ C:\WINDOWS\system32\chkapkvy.exe 2007-09-25 04:10:54 75284 --a------ C:\WINDOWS\system32\snmwfvfr.exe 2007-09-25 04:10:33 75284 --a------ C:\WINDOWS\system32\nfkyscee.exe 2007-09-25 04:09:55 121876 --a------ C:\WINDOWS\system32\kbkltuie.dll 2007-09-25 04:09:54 75284 --a------ C:\WINDOWS\system32\rbtmfuef.exe 2007-09-25 04:05:20 82964 --a------ C:\WINDOWS\system32\qwrbnulm.dll 2007-09-25 04:02:31 75284 --a------ C:\WINDOWS\system32\cpslqxmq.exe 2007-09-25 03:59:49 75284 --a------ C:\WINDOWS\system32\dcjvnacq.exe 2007-09-25 03:55:33 75284 --a------ C:\WINDOWS\system32\lyqfqbhh.exe 2007-09-25 03:54:16 75284 --a------ C:\WINDOWS\system32\tggxirrr.exe 2007-09-25 02:37:40 121876 --a------ C:\WINDOWS\system32\klxojvod.dll 2007-09-25 02:34:40 82964 --a------ C:\WINDOWS\system32\fqwtxttn.dll 2007-09-25 02:34:08 82964 --a------ C:\WINDOWS\system32\cybxhmmg.dll 2007-09-25 02:31:17 75284 --a------ C:\WINDOWS\system32\inpgibjn.exe <Not Verified; ; DDC> 2007-09-25 02:28:54 75284 --a------ C:\WINDOWS\system32\enwqwkxy.exe 2007-09-24 23:45:56 75284 --a------ C:\WINDOWS\system32\elhxifdj.exe 2007-09-24 22:57:47 82964 --a------ C:\WINDOWS\system32\nbiooqlv.dll 2007-09-24 22:53:37 0 d-------- C:\Documents and Settings\Eva\Application Data\AVSMedia 2007-09-24 22:53:31 0 d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2007-09-24 22:50:01 0 d-------- C:\Program Files\Common Files\AVSMedia 2007-09-24 22:49:39 139264 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-09-24 22:49:39 413760 --a------ C:\WINDOWS\system32\mpg4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec> 2007-09-24 22:49:39 261632 --a------ C:\WINDOWS\system32\mcdvd_32.dll <Not Verified; MainConcept; MainConcept DV Codec "2.0.4> 2007-09-24 22:49:39 638976 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivXNetworks, Inc.; DivX Video for Windows Codec> 2007-09-24 22:49:14 75284 --a------ C:\WINDOWS\system32\kmsdfqlw.exe <Not Verified; ; DDC> 2007-09-24 22:42:55 0 d-------- C:\Documents and Settings\Eva\Application Data\LEAPS 2007-09-24 22:42:50 0 d-------- C:\Documents and Settings\Eva\Application Data\Pegasys Inc 2007-09-24 22:41:01 75284 --a------ C:\WINDOWS\system32\tdxlcjfc.exe <Not Verified; ; DDC> 2007-09-24 22:38:00 75284 --a------ C:\WINDOWS\system32\epmhaijv.exe <Not Verified; ; DDC> 2007-09-24 21:29:30 82964 --a------ C:\WINDOWS\system32\bfhygutu.dll 2007-09-24 21:26:51 75284 --a------ C:\WINDOWS\system32\pprhtanx.exe 2007-09-24 21:11:42 75284 --a------ C:\WINDOWS\system32\gdfltftm.exe 2007-09-24 20:19:40 0 d-------- C:\Program Files\RADVideo 2007-09-24 20:14:14 82964 --a------ C:\WINDOWS\system32\cinhhifd.dll 2007-09-24 20:05:14 75284 --a------ C:\WINDOWS\system32\tikmcdht.exe <Not Verified; ; DDC> 2007-09-24 20:02:15 75284 --a------ C:\WINDOWS\system32\olivhauf.exe <Not Verified; ; DDC> 2007-09-24 15:43:48 82964 --a------ C:\WINDOWS\system32\uwqchodt.dll 2007-09-24 15:38:02 75284 --a------ C:\WINDOWS\system32\yheinqmh.exe 2007-09-24 14:34:23 0 d-------- C:\Documents and Settings\Angrobelt\Application Data\EverMap 2007-09-24 14:13:54 75284 --a------ C:\WINDOWS\system32\fqnaydxv.exe <Not Verified; ; DDC> 2007-09-24 14:09:44 82964 --a------ C:\WINDOWS\system32\qxicsnuj.dll 2007-09-24 14  57 75284 --a------ C:\WINDOWS\system32\gxlfcnye.exe2007-09-24 09:28:24 0 d-------- C:\Documents and Settings\Eva\Application Data\EverMap 2007-09-24 09:22:56 82964 --a------ C:\WINDOWS\system32\ysjymhsg.dll 2007-09-24 09:20:29 75284 --a------ C:\WINDOWS\system32\vsgobtll.exe <Not Verified; ; DDC> 2007-09-24 01:57:46 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-09-24 01:57:38 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2007-09-24 01:43:25 75284 --a------ C:\WINDOWS\system32\xtwvlpii.exe <Not Verified; ; DDC> 2007-09-24 01:39:50 75284 --a------ C:\WINDOWS\system32\ebgairxx.exe <Not Verified; ; DDC> 2007-09-24 01:11:51 75284 --a------ C:\WINDOWS\system32\jfljjcca.exe <Not Verified; ; DDC> 2007-09-24 01:08:54 75284 --a------ C:\WINDOWS\system32\ufwbptml.exe <Not Verified; ; DDC> 2007-09-24 00:47:39 75284 --a------ C:\WINDOWS\system32\lkcwuvge.exe <Not Verified; ; DDC> 2007-09-24 00:45:30 0 d---s---- C:\Program Files\VDownloader 2007-09-24 00:44:08 0 d-------- C:\Program Files\MagicISO 2007-09-23 23:51:14 75284 --a------ C:\WINDOWS\system32\mdnlupfs.exe <Not Verified; ; DDC> 2007-09-23 22:01:06 82964 --a------ C:\WINDOWS\system32\iwhtwlgx.dll 2007-09-23 21:52:22 75284 --a------ C:\WINDOWS\system32\axecknhp.exe 2007-09-23 21:33:37 75284 --a------ C:\WINDOWS\system32\fblbcamq.exe 2007-09-23 21:25:23 0 d-------- C:\Program Files\KeepV Converter 2007-09-23 19:31:08 82964 --a------ C:\WINDOWS\system32\jnrltqwm.dll 2007-09-23 19:25:32 75284 --a------ C:\WINDOWS\system32\ihemaera.exe <Not Verified; ; DDC> 2007-09-23 18:21:27 0 d-------- C:\Program Files\PowerISO 2007-09-23 17:43:05 75284 --a------ C:\WINDOWS\system32\pwychmob.exe <Not Verified; ; DDC> 2007-09-23 17:37:03 75284 --a------ C:\WINDOWS\system32\mqihiqhf.exe <Not Verified; ; DDC> 2007-09-23 16:32:29 75284 --a------ C:\WINDOWS\system32\tdeckroj.exe <Not Verified; ; DDC> 2007-09-23 12:03:13 121364 --a------ C:\WINDOWS\system32\biiujofb.dll 2007-09-23 12:00:13 82964 --a------ C:\WINDOWS\system32\slwkueph.dll 2007-09-23 11:57:32 75284 --a------ C:\WINDOWS\system32\fjpqdhso.exe 2007-09-23 01:03:31 121364 --a------ C:\WINDOWS\system32\xhgguptj.dll 2007-09-23 01:03:28 75284 --a------ C:\WINDOWS\system32\obfeupgx.exe <Not Verified; ; DDC> 2007-09-23 00:48:51 75284 --a------ C:\WINDOWS\system32\smiibcsp.exe 2007-09-23 00:45:53 75284 --a------ C:\WINDOWS\system32\xajeneov.exe 2007-09-22 23:20:31 75284 --a------ C:\WINDOWS\system32\thurhcyg.exe <Not Verified; ; DDC> 2007-09-22 20:43:46 75284 --a------ C:\WINDOWS\system32\kbmajhmx.exe 2007-09-22 15:07:11 82964 --a------ C:\WINDOWS\system32\ojkqmdxy.dll 2007-09-22 15:07:01 121364 --a------ C:\WINDOWS\system32\fnocgrkq.dll 2007-09-22 15:04:24 75284 --a------ C:\WINDOWS\system32\gntphwlg.exe <Not Verified; ; DDC> 2007-09-22 01:33:59 75284 --a------ C:\WINDOWS\system32\yxqdojgu.exe <Not Verified; ; DDC> 2007-09-21 20:40:58 75284 --a------ C:\WINDOWS\system32\qyifeysy.exe 2007-09-21 20:33:12 75284 --a------ C:\WINDOWS\system32\ggeddops.exe 2007-09-21 19:58:36 82964 --a------ C:\WINDOWS\system32\ipirubdh.dll 2007-09-21 19:55:50 75284 --a------ C:\WINDOWS\system32\axerlueg.exe <Not Verified; ; DDC> 2007-09-21 19:10:31 82964 --a------ C:\WINDOWS\system32\qrnxevvf.dll 2007-09-21 19:01:43 75284 --a------ C:\WINDOWS\system32\sxfroefk.exe 2007-09-21 17 04 75284 --a------ C:\WINDOWS\system32\rycwhgmo.exe2007-09-21 16:51:45 75284 --a------ C:\WINDOWS\system32\lvlcbydn.exe 2007-09-21 00:04:03 82964 --a------ C:\WINDOWS\system32\sblootkt.dll 2007-09-20 23:55:11 75284 --a------ C:\WINDOWS\system32\vuodesjt.exe <Not Verified; ; DDC> 2007-09-20 22:35:08 82964 --a------ C:\WINDOWS\system32\kbctrdxu.dll 2007-09-20 22:33:10 75284 --a------ C:\WINDOWS\system32\tqqkivns.exe <Not Verified; ; DDC> 2007-09-20 22:29:21 75284 --a------ C:\WINDOWS\system32\gvmsldnk.exe 2007-09-20 22:19:02 75284 --a------ C:\WINDOWS\system32\pvreyoit.exe <Not Verified; ; DDC> 2007-09-20 21:55:42 82964 --a------ C:\WINDOWS\system32\xvciawqf.dll 2007-09-20 21:47:10 75284 --a------ C:\WINDOWS\system32\lwbhpjkj.exe 2007-09-20 20:13:52 0 d-------- C:\Documents and Settings\Eva\Application Data\STOIK 2007-09-20 20:12:16 0 d-------- C:\Program Files\STOIK Imaging 2007-09-20 17:26:49 75284 --a------ C:\WINDOWS\system32\bqwiuvsh.exe 2007-09-19 20:40:23 265797 --a------ C:\WINDOWS\system32\pdvcodec.dll <Not Verified; Matsushita Electric Industrial Co., Ltd.; Panasonic DV CODEC> 2007-09-19 20:14:14 75284 --a------ C:\WINDOWS\system32\iqmkrusv.exe <Not Verified; ; DDC> 2007-09-19 19:05:24 75284 --a------ C:\WINDOWS\system32\nwtyddvg.exe <Not Verified; ; DDC> 2007-09-19 09:32:58 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla 2007-09-19 09:32:38 0 d--h----- C:\Documents and Settings\Administrator\Templates 2007-09-19 09:32:38 0 dr------- C:\Documents and Settings\Administrator\Start Menu 2007-09-19 09:32:38 0 dr-h----- C:\Documents and Settings\Administrator\SendTo 2007-09-19 09:32:38 0 d--h----- C:\Documents and Settings\Administrator\Recent 2007-09-19 09:32:38 0 d--h----- C:\Documents and Settings\Administrator\PrintHood 2007-09-19 09:32:38 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT 2007-09-19 09:32:38 0 d--h----- C:\Documents and Settings\Administrator\NetHood 2007-09-19 09:32:38 0 d-------- C:\Documents and Settings\Administrator\My Documents 2007-09-19 09:32:38 0 d--h----- C:\Documents and Settings\Administrator\Local Settings 2007-09-19 09:32:38 0 d-------- C:\Documents and Settings\Administrator\Favorites 2007-09-19 09:32:38 0 d-------- C:\Documents and Settings\Administrator\Desktop 2007-09-19 09:32:38 0 d--hs---- C:\Documents and Settings\Administrator\Cookies 2007-09-19 09:32:38 0 dr-h----- C:\Documents and Settings\Administrator\Application Data 2007-09-19 09:32:38 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft 2007-09-18 22:00:06 75284 --a------ C:\WINDOWS\system32\lpegpipn.exe 2007-09-18 20:20:35 75284 --a------ C:\WINDOWS\system32\yjyepnmt.exe <Not Verified; ; DDC> 2007-09-18 10:05:27 75284 --a------ C:\WINDOWS\system32\uainabah.exe <Not Verified; ; DDC> 2007-09-18 10:02:30 75284 --a------ C:\WINDOWS\system32\qqmxfhge.exe <Not Verified; ; DDC> 2007-09-18 09:03:34 75284 --a------ C:\WINDOWS\system32\gqyorvic.exe <Not Verified; ; DDC> 2007-09-17 22:03:04 121364 --a------ C:\WINDOWS\system32\iktjuiap.dll 2007-09-17 22:00:03 75284 --a------ C:\WINDOWS\system32\sbpvpbva.exe 2007-09-17 21:57:05 75284 --a------ C:\WINDOWS\system32\mvlljbjh.exe 2007-09-17 21:56:44 75284 --a------ C:\WINDOWS\system32\okjyihxb.exe 2007-09-17 21:50:03 75284 --a------ C:\WINDOWS\system32\hmvbhxbu.exe 2007-09-17 20:34:00 75284 --a------ C:\WINDOWS\system32\aloydwwf.exe 2007-09-17 20:13:14 75284 --a------ C:\WINDOWS\system32\utrurmwb.exe <Not Verified; ; DDC> 2007-09-17 19:56:18 75284 --a------ C:\WINDOWS\system32\xigclfox.exe 2007-09-17 19:48:41 75284 --a------ C:\WINDOWS\system32\lchnxrgr.exe 2007-09-17 19:17:35 75284 --a------ C:\WINDOWS\system32\fqgaibpk.exe 2007-09-17 19:04:44 75284 --a------ C:\WINDOWS\system32\tepofyco.exe 2007-09-17 19:01:44 75284 --a------ C:\WINDOWS\system32\sxvcysfh.exe 2007-09-17 15:12:47 75284 --a------ C:\WINDOWS\system32\sjrfiogc.exe 2007-09-17 14:48:16 75284 --a------ C:\WINDOWS\system32\pvlaxwkc.exe <Not Verified; ; DDC> 2007-09-17 04:23:54 75284 --a------ C:\WINDOWS\system32\syyancew.exe 2007-09-17 04:23:05 75284 --a------ C:\WINDOWS\system32\rngqmbdj.exe 2007-09-17 04:20:42 75284 --a------ C:\WINDOWS\system32\truiirva.exe <Not Verified; ; DDC> 2007-09-16 23:34:23 121364 --a------ C:\WINDOWS\system32\yjfiafel.dll 2007-09-16 23:25:53 75284 --a------ C:\WINDOWS\system32\pysxierw.exe <Not Verified; ; DDC> 2007-09-16 23:18:45 121364 --a------ C:\WINDOWS\system32\xwvlmfht.dll 2007-09-16 23:15:58 75284 --a------ C:\WINDOWS\system32\mrawcktx.exe <Not Verified; ; DDC> 2007-09-16 23:01:25 121364 --a------ C:\WINDOWS\system32\qlukdttn.dll 2007-09-16 23:01:22 75284 --a------ C:\WINDOWS\system32\yoexcwii.exe <Not Verified; ; DDC> 2007-09-16 22:45:23 70656 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec> 2007-09-16 22:45:23 394240 --a------ C:\WINDOWS\system32\Smab.dll 2007-09-16 22:45:23 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec> 2007-09-16 22:45:23 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)> 2007-09-16 22:45:23 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll 2007-09-16 22:45:23 318976 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5> 2007-09-16 22:45:23 66560 --a------ C:\WINDOWS\MOTA113.exe 2007-09-16 22:45:22 217073 --a------ C:\WINDOWS\meta4.exe 2007-09-16 22:45:22 0 d-------- C:\Program Files\AviSynth 2.5 2007-09-16 20:43:28 75284 --a------ C:\WINDOWS\system32\cnydrtmo.exe 2007-09-16 20:32:20 121364 --a------ C:\WINDOWS\system32\vrxrundr.dll 2007-09-16 20:29:36 75284 --a------ C:\WINDOWS\system32\yohuabdc.exe <Not Verified; ; DDC> 2007-09-16 17:52:52 121364 --a------ C:\WINDOWS\system32\skhivdqk.dll 2007-09-16 17:47:04 75284 --a------ C:\WINDOWS\system32\ycxbkjdr.exe <Not Verified; ; DDC> 2007-09-16 17:18:01 121364 --a------ C:\WINDOWS\system32\weqqikpn.dll 2007-09-16 17:15:07 75284 --a------ C:\WINDOWS\system32\buujiqlm.exe <Not Verified; ; DDC> 2007-09-16 10:25:10 121364 --a------ C:\WINDOWS\system32\goblgkat.dll 2007-09-16 10:22:10 75284 --a------ C:\WINDOWS\system32\qvfmuxxo.exe 2007-09-16 10:19:11 75284 --a------ C:\WINDOWS\system32\djdikxbu.exe 2007-09-16 10:18:03 75284 --a------ C:\WINDOWS\system32\ffmmhwmu.exe <Not Verified; ; DDC> 2007-09-16 02:51:07 0 d-------- C:\Program Files\Jitbit 2007-09-16 02:38:15 75284 --a------ C:\WINDOWS\system32\uxseruay.exe 2007-09-16 00:09:15 75284 --a------ C:\WINDOWS\system32\heruvdho.exe <Not Verified; ; DDC> 2007-09-15 20:22:48 75284 --a------ C:\WINDOWS\system32\owtxstsk.exe 2007-09-15 19:45:46 0 d-------- C:\Program Files\Sytexis Software 2007-09-15 19:18:35 0 d-------- C:\Program Files\WMR11 2007-09-15 18:42:21 75284 --a------ C:\WINDOWS\system32\vrvxkrua.exe 2007-09-15 13:36:02 121364 --a------ C:\WINDOWS\system32\gyuxfvae.dll 2007-09-15 13:30:02 75284 --a------ C:\WINDOWS\system32\hqrrmncc.exe <Not Verified; ; DDC> 2007-09-15 11:35:58 75284 --a------ C:\WINDOWS\system32\pijqoqxe.exe 2007-09-15 09:27:46 121364 --a------ C:\WINDOWS\system32\peesroid.dll 2007-09-15 09:19:13 75284 --a------ C:\WINDOWS\system32\iuhfnpro.exe <Not Verified; ; DDC> 2007-09-15 00:55:06 75284 --a------ C:\WINDOWS\system32\hekoflic.exe 2007-09-14 22:16:25 75284 --a------ C:\WINDOWS\system32\hxlbssts.exe 2007-09-14 18:29:05 75284 --a------ C:\WINDOWS\system32\bvkwaovo.exe 2007-09-14 18:26:05 75284 --a------ C:\WINDOWS\system32\aoqjdwif.exe <Not Verified; ; DDC> 2007-09-14 14:01:17 75284 --a------ C:\WINDOWS\system32\spyhvbno.exe 2007-09-14 13:30:02 75284 --a------ C:\WINDOWS\system32\ewkibctf.exe <Not Verified; ; DDC> 2007-09-14 13:27:04 75284 --a------ C:\WINDOWS\system32\gjnfkmyi.exe <Not Verified; ; DDC> 2007-09-14 06:47:13 75284 --a------ C:\WINDOWS\system32\gjjcwlst.exe <Not Verified; ; DDC> 2007-09-14 06:44:20 75284 --a------ C:\WINDOWS\system32\dcclcgvs.exe <Not Verified; ; DDC> 2007-09-14 06:33:58 75284 --a------ C:\WINDOWS\system32\rguewxdo.exe <Not Verified; ; DDC> 2007-09-13 22:28:14 0 d-------- C:\Program Files\AVI to MPEG Converter 2007-09-13 22:03:46 75284 --a------ C:\WINDOWS\system32\ymprwxhc.exe 2007-09-13 22:00:38 5120 --a------ C:\WINDOWS\system\vdsvrlnk.dll <Not Verified; ; VirtualDub> 2007-09-13 22:00:37 7168 --a------ C:\WINDOWS\system\vdremote.dll <Not Verified; ; VirtualDub> 2007-09-13 18:36:46 0 d-------- C:\Program Files\Lavasoft 2007-09-13 18:36:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-09-13 18:36:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-09-13 13:19:02 75284 --a------ C:\WINDOWS\system32\hetbaxsh.exe <Not Verified; ; DDC> 2007-09-12 22:08:06 75284 --a------ C:\WINDOWS\system32\nbntobwi.exe 2007-09-11 22:09:44 75284 --a------ C:\WINDOWS\system32\gidiyejw.exe <Not Verified; ; DDC> 2007-09-11 22 45 75284 --a------ C:\WINDOWS\system32\yokmdjaq.exe <Not Verified; ; DDC>2007-09-11 19:02:45 75284 --a------ C:\WINDOWS\system32\iyovnbfh.exe 2007-09-11 17:02:42 75284 --a------ C:\WINDOWS\system32\tinwajgu.exe <Not Verified; ; DDC> 2007-09-11 14:40:10 75284 --a------ C:\WINDOWS\system32\ygysykcb.exe 2007-09-11 14:37:11 75284 --a------ C:\WINDOWS\system32\nsvqdvxn.exe 2007-09-10 20:48:25 75284 --a------ C:\WINDOWS\system32\qkwllowt.exe <Not Verified; ; DDC> 2007-09-10 15:44:50 75284 --a------ C:\WINDOWS\system32\aqvfhcmu.exe 2007-09-10 15:41:51 75284 --a------ C:\WINDOWS\system32\fcrytfft.exe 2007-09-10 13:47:36 75284 --a------ C:\WINDOWS\system32\tdjmvwgd.exe <Not Verified; ; DDC> 2007-09-10 13:44:38 75284 --a------ C:\WINDOWS\system32\klsnxlmy.exe <Not Verified; ; DDC> 2007-09-09 22:33:34 75284 --a------ C:\WINDOWS\system32\bbubfocl.exe <Not Verified; ; DDC> 2007-09-09 20:57:24 75284 --a------ C:\WINDOWS\system32\spnerqgc.exe 2007-09-09 20:17:29 121876 --a------ C:\WINDOWS\system32\batjshiw.dll 2007-09-09 20:05:22 75284 --a------ C:\WINDOWS\system32\moelsmgi.exe <Not Verified; ; DDC> 2007-09-09 20:02:21 75284 --a------ C:\WINDOWS\system32\rkcsfgbq.exe <Not Verified; ; DDC> 2007-09-09 17:26:32 121876 --a------ C:\WINDOWS\system32\orbrvyne.dll 2007-09-09 17:17:45 75284 --a------ C:\WINDOWS\system32\uknlcrmh.exe 2007-09-09 15:37:38 121876 --a------ C:\WINDOWS\system32\kdswdfmk.dll 2007-09-09 15:31:38 75284 --a------ C:\WINDOWS\system32\wiruxvaw.exe <Not Verified; ; DDC> 2007-09-09 14:32:05 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2007-09-09 14:32:05 47360 --a------ C:\Documents and Settings\Eva\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2007-09-09 14:32:04 0 d-------- C:\Documents and Settings\Eva\Application Data\Vso 2007-09-09 14:32:02 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)> 2007-09-09 14:32:02 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)> 2007-09-09 14:32:02 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)> 2007-09-09 14:31:59 0 d-------- C:\Program Files\VSO 2007-09-09 02:32:04 0 d-------- C:\Program Files\WinAVI Video Converter 2007-09-09 00:08:41 75284 --a------ C:\WINDOWS\system32\tbvxbabe.exe <Not Verified; ; DDC> 2007-09-08 20:04:58 121876 --a------ C:\WINDOWS\system32\bpaxdonv.dll 2007-09-08 19:56:13 75284 --a------ C:\WINDOWS\system32\wjsnotsy.exe 2007-09-08 17:58:46 75284 --a------ C:\WINDOWS\system32\tnghshlb.exe <Not Verified; ; DDC> 2007-09-08 17:55:33 75284 --a------ C:\WINDOWS\system32\dwjtdjtw.exe <Not Verified; ; DDC> 2007-09-08 13:18:32 121876 --a------ C:\WINDOWS\system32\vamtnolm.dll 2007-09-08 13:15:43 75284 --a------ C:\WINDOWS\system32\veacnwbb.exe 2007-09-08 11:22:35 0 d--hs---- C:\Documents and Settings\Angrobelt\Recent 2007-09-08 11:14:11 121876 --a------ C:\WINDOWS\system32\ksmhpjrh.dll 2007-09-08 11:14:09 75284 --a------ C:\WINDOWS\system32\xpheneer.exe <Not Verified; ; DDC> 2007-09-08 00:20:26 121876 --a------ C:\WINDOWS\system32\opbxcrww.dll 2007-09-08 00:08:48 75284 --a------ C:\WINDOWS\system32\tueyfjsj.exe <Not Verified; ; DDC> 2007-09-07 13:04:18 75284 --a------ C:\WINDOWS\system32\imovypgu.exe 2007-09-07 13:01:19 75284 --a------ C:\WINDOWS\system32\unoihnqv.exe 2007-09-06 22:16:56 120852 --a------ C:\WINDOWS\system32\xwfhgvoq.dll 2007-09-06 22:04:56 75284 --a------ C:\WINDOWS\system32\cemllhyd.exe 2007-09-06 22:01:58 75284 --a------ C:\WINDOWS\system32\uovxdnak.exe 2007-09-06 21:57:45 75284 --a------ C:\WINDOWS\system32\keoitbxo.exe <Not Verified; ; DDC> 2007-09-06 21:57:08 75284 --a------ C:\WINDOWS\system32\llhijmtn.exe 2007-09-06 21:14:10 75284 --a------ C:\WINDOWS\system32\qffppmnf.exe <Not Verified; ; DDC> 2007-09-06 21:11:11 75284 --a------ C:\WINDOWS\system32\bgucdury.exe <Not Verified; ; DDC> 2007-09-06 13:50:58 75284 --a------ C:\WINDOWS\system32\pmdihowt.exe 2007-09-06 06:49:58 75284 --a------ C:\WINDOWS\system32\qodfsldl.exe <Not Verified; ; DDC> 2007-09-06 06:47:00 75284 --a------ C:\WINDOWS\system32\abahqxwl.exe <Not Verified; ; DDC> 2007-09-05 17:40:45 75284 --a------ C:\WINDOWS\system32\oecglxwa.exe 2007-09-05 13:25:55 75284 --a------ C:\WINDOWS\system32\kgdgkopi.exe <Not Verified; ; DDC> 2007-09-04 23:55:44 75284 --a------ C:\WINDOWS\system32\ocddpvsx.exe 2007-09-04 20:29:12 75284 --a------ C:\WINDOWS\system32\gbuyuhyd.exe <Not Verified; ; DDC> 2007-09-04 19 23 75284 --a------ C:\WINDOWS\system32\etlxmaeu.exe2007-09-04 17:50:33 75284 --a------ C:\WINDOWS\system32\socvokox.exe <Not Verified; ; DDC> 2007-09-04 16:22:02 0 d-------- C:\Documents and Settings\Eva\Application Data\Reallusion 2007-09-03 17:47:50 75284 --a------ C:\WINDOWS\system32\kmsbhvmh.exe <Not Verified; ; DDC> 2007-09-03 00:03:26 75 -r-hs---- C:\WINDOWS\FFSSET.BIN 2007-09-03 00:03:18 0 d-------- C:\Program Files\Reallusion 2007-09-02 13:54:05 75284 --a------ C:\WINDOWS\system32\ctkyjbym.exe <Not Verified; ; DDC> 2007-09-01 18:08:07 0 d-------- C:\Program Files\QuickTime 2007-09-01 17:35:45 0 d-------- C:\Documents and Settings\Eva\Incomplete 2007-09-01 17:35:33 0 d-------- C:\Documents and Settings\Eva\Application Data\LimeWire 2007-09-01 17:35:20 0 d-------- C:\Program Files\LimeWire 2007-09-01 16:32:39 0 d-------- C:\Program Files\Apple Software Update 2007-09-01 16:32:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-09-01 14:17:48 0 d-------- C:\Documents and Settings\Eva\Application Data\Publish Providers 2007-09-01 14:11:49 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2007-09-01 14:10:37 0 d-------- C:\Program Files\Microsoft SQL Server 2007-09-01 14:08:11 0 d-------- C:\Program Files\Sony 2007-09-01 14:04:29 120852 --a------ C:\WINDOWS\system32\dchholqi.dll 2007-09-01 13:55:29 75284 --a------ C:\WINDOWS\system32\rwyhknck.exe <Not Verified; ; DDC> 2007-09-01 13:53:56 0 d-------- C:\Program Files\Sony Setup 2007-08-30 18:13:20 0 d-------- C:\Documents and Settings\Angrobelt\Application Data\Ahead 2007-08-25 15:50:35 442368 -ra------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6> -- Find3M Report --------------------------------------------------------------- 2007-09-25 23:13:08 665767 ---hs---- C:\WINDOWS\system32\ijllm.ini2 2007-09-25 23:12:53 0 d-------- C:\Documents and Settings\Eva\Application Data\uTorrent 2007-09-25 21:40:20 650601 ---hs---- C:\WINDOWS\system32\ijllm.bak2 2007-09-24 22:50:01 0 d-------- C:\Program Files\Common Files 2007-09-24 06:15:35 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-09-24 06:11:12 0 d-------- C:\Documents and Settings\Eva\Application Data\AVG7 2007-09-24 02:04:15 0 d-------- C:\Documents and Settings\Eva\Application Data\Adobe 2007-09-24 01:52:28 0 d-------- C:\Program Files\Common Files\Adobe 2007-09-24 00:02:11 0 d-------- C:\Program Files\Java 2007-09-22 20:41:36 646256 ---hs---- C:\WINDOWS\system32\ijllm.bak1 2007-09-13 19:04:06 0 d-------- C:\Program Files\Common Files\Companion Wizard 2007-09-13 16:29:23 0 d-------- C:\Program Files\Safari 2007-09-09 14:32:09 34 --a------ C:\Documents and Settings\Eva\Application Data\pcouffin.log 2007-09-09 14:32:05 1144 --a------ C:\Documents and Settings\Eva\Application Data\pcouffin.inf 2007-09-09 14:32:05 7887 --a------ C:\Documents and Settings\Eva\Application Data\pcouffin.cat 2007-09-05 00:41:51 55128 --ah----- C:\WINDOWS\system32\mlfcache.dat 2007-08-31 12:38:26 0 d-------- C:\Program Files\IconTweaker 2007-08-30 20:57:49 0 d-------- C:\Program Files\Windows Media Connect 2 2007-08-30 20:56:59 0 d-------- C:\Program Files\Flock 2007-08-30 20:56:58 0 d-------- C:\Documents and Settings\Eva\Application Data\Flock 2007-08-18 13:17:07 0 d-------- C:\Documents and Settings\Eva\Application Data\EPSON 2007-08-18 11:31:55 0 d-------- C:\Documents and Settings\Eva\Application Data\Leadertech 2007-08-13 12:18:32 0 d-------- C:\Program Files\ffdshow 2007-07-10 21:03:04 60273 --a------ C:\WINDOWS\system32\pthreadGC2.dll <Not Verified; Open Source Software community project; > 2007-07-10 21:03:04 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-06-29 10 23 124436 --a------ C:\WINDOWS\system32\qcqdetwa.dll2007-06-28 09:05:59 124436 --a------ C:\WINDOWS\system32\btgyhgku.dll 2007-06-27 14:29:57 1 --a------ C:\WINDOWS\system32\SysDVDtoAVI.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{089C3471-1E83-4EBE-9336-213C5D61EEA7}] 09/16/2007 08:32 PM 121364 --a------ C:\WINDOWS\system32\vrxrundr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1CB9B81A-835D-490C-9EC9-3837B3D48F2c}] 09/16/2007 08:32 PM 121364 --a------ C:\WINDOWS\system32\vrxrundr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{81E176A2-FDC6-4369-9883-72B59754976c}] 09/16/2007 08:32 PM 121364 --a------ C:\WINDOWS\system32\vrxrundr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8A61098D-612B-4EF2-943D-64E920684061}] 06/11/2007 07:55 PM 33302 --a------ C:\WINDOWS\system32\pmnomll.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8614D42-DB74-4418-BEE1-50F78B5F053F}] 06/11/2007 08:05 PM 263220 ---hs---- C:\WINDOWS\system32\mllji.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1}] C:\WINDOWS\system32\kxucfpla.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F91D1971-7FE1-4C88-9CA8-98BF9D17C2E6}] 06/11/2007 08:05 PM 263220 ---hs---- C:\WINDOWS\system32\mllji.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FCD03E4C-4612-4A1D-ABAD-404E1721A296}] 09/16/2007 08:32 PM 121364 --a------ C:\WINDOWS\system32\vrxrundr.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [03/23/2006 06:17 AM] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [03/23/2006 06:13 AM] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [03/23/2006 06:17 AM] "RTHDCPL"="RTHDCPL.EXE" [06/28/2006 08:54 AM C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [05/16/2006 12:04 PM C:\WINDOWS\SkyTel.exe] "Alcmtr"="ALCMTR.EXE" [05/03/2005 12:43 PM C:\WINDOWS\Alcmtr.exe] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/13/2007 09:40 PM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 03:40 PM] "pas_check"="C:\Program Files\SystemDoctor 2006 Free\pasmon.exe" [] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 11:09 AM] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM] "SystemOptimizer"="C:\WINDOWS\system32\pcuddyhy.dll" [] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 06:24 AM] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [08/07/2007 02:05 AM] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [10/22/2006 11:24 PM] "@"="" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 06:24 PM] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [11/16/2006 07:04 PM] "manager"="C:\Windows\System32\drivers\setup\manager.exe" [] "mschkdsk.exe"="C:\WINDOWS\system32\mschkdsk.exe" [] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [12:00:00 AM] Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [10/23/2006 12:01:50 AM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{8A61098D-612B-4EF2-943D-64E920684061}"= C:\WINDOWS\system32\pmnomll.dll [06/11/2007 07:55 PM 33302] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mllji] C:\WINDOWS\system32\mllji.dll 06/11/2007 08:05 PM 263220 C:\WINDOWS\system32\mllji.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnomll] pmnomll.dll 06/11/2007 07:55 PM 33302 C:\WINDOWS\system32\pmnomll.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winnmj32] winnmj32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{gracutni-fjqb-bykh-sjhf-hcxivuvcattb}] C:\WINDOWS\raova.exe -- Hosts ----------------------------------------------------------------------- 76.23.146.157 bankofamerica.com 76.23.146.157 www.bankofamerica.com 76.23.146.157 sitekey.bankofamerica.com -- End of Deckard's System Scanner: finished at 2007-09-25 23:13:37 ------------ ------------------- that's it. They look like some bunch of hieroglyphics if you ask me LOL I attached the extra.txt file ;) Once again thanksss- You can't imagine how frustrating it is to see all those RUNDLL ughhh  and this is a little bit off topic but some other strange things happen...for example sometimes I can't start some programs (Photoshop, msn, Nero etc.) and when I restart the PC everything is OK. But only if I restart....and I always get that systemdoctorcheck or sth like that and winantiviruspro.com on My IE7 (sometimes and Firefox) starting out all by itself :S:S I know there must be some viruses - I just don't know how serious is it and if I'd have to reinstall windows :(:( Last edited by Eva0607 : 09-25-2007 at 02:29 PM. |
|
|
|
|
