|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
05-26-2008, 04:09 AM
|
#1 (permalink) |
|
Registered User
Join Date: May 2008
Posts: 1
OS: Eindows Xp professional SP2
|
I scanned and am posting a log file.I wanna know if anything is wrong
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:03:57 PM, on 5/26/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\GIGABYTE\GEST\gest.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\GIGABYTE\GEST\GSvr.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless 108G DWA-520] C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\JSWUtil\jswpsapi.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9348 bytes DDS result Deckard's System Scanner v20071014.68 Run by user on 2008-05-26 15:35:12 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 153: 2008-05-26 11:35:19 UTC - RP153 - Deckard's System Scanner Restore Point 152: 2008-05-25 15:24:56 UTC - RP152 - Installed Guitar Hero Explorer 151: 2008-05-25 05:30:43 UTC - RP151 - System Checkpoint 150: 2008-05-23 14:02:23 UTC - RP150 - Installed AuditionSEA 149: 2008-05-23 12:40:22 UTC - RP149 - Restore Operation -- First Restore Point -- 1: 2008-03-23 02:41:32 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as user.exe) ------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:36:48 PM, on 5/26/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\GIGABYTE\GEST\gest.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\System32\alg.exe C:\Program Files\GIGABYTE\GEST\GSvr.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\user\My Documents\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless 108G DWA-520] C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\JSWUtil\jswpsapi.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9598 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 vcdrom (Virtual CD-ROM Device Driver) - f:\downloads\vcdrom.sys <Not Verified; Microsoft Corporation; VirtualCdRom> R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver> R2 npkcrypt - c:\nexon\maplestory\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver> R3 npkcusb - c:\nexon\maplestory\npkcusb.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver> S0 sptd - c:\windows\system32\drivers\sptd.sys (file missing) S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing) S3 PciCon - d:\pcicon.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour> R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application> S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)> S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S3 jswpsapi (Jumpstart Wifi Protected Setup) - c:\program files\d-link\d-link wireless 108g dwa-520\jswutil\jswpsapi.exe <Not Verified; Atheros Communications, Inc.; JumpStart> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\1D7DE1284 Manufacturer: Microsoft Name: 1394 Net Adapter PNP Device ID: V1394\NIC1394\1D7DE1284 Service: NIC1394 -- Files created between 2008-04-26 and 2008-05-26 ----------------------------- 2008-05-26 15:25:55 0 d-------- C:\WINDOWS\LastGood 2008-05-26 15:25:28 0 d-------- C:\Program Files\Panda Security 2008-05-26 15:03:30 0 d-------- C:\Program Files\Trend Micro 2008-05-26 14:33:39 20480 --a------ C:\WINDOWS\system32\33a527d.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-26 14:33:39 20480 --a------ C:\WINDOWS\system32\207e0e2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Templates 2008-05-26 13:49:42 0 dr------- C:\Documents and Settings\Emergency\Start Menu 2008-05-26 13:49:42 0 dr-h----- C:\Documents and Settings\Emergency\SendTo 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Recent 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\PrintHood 2008-05-26 13:49:42 262144 --ah----- C:\Documents and Settings\Emergency\NTUSER.DAT 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\NetHood 2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\My Documents 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Local Settings 2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\Favorites 2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\Desktop 2008-05-26 13:49:42 0 d---s---- C:\Documents and Settings\Emergency\Cookies 2008-05-26 13:49:42 0 dr-h----- C:\Documents and Settings\Emergency\Application Data 2008-05-26 13:49:42 0 d---s---- C:\Documents and Settings\Emergency\Application Data\Microsoft 2008-05-26 13:49:28 20480 --a------ C:\WINDOWS\system32\923e22.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-26 13:49:27 20480 --a------ C:\WINDOWS\system32\11c61dbf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-25 19:25:06 0 d-------- C:\Documents and Settings\user\Application Data\OnReally 2008-05-25 19:17:28 0 d-------- C:\Documents and Settings\user\Application Data\fretsonfire 2008-05-25 13:02:06 0 d-------- C:\Program Files\Common Files\xing shared 2008-05-25 13:01:53 0 d-------- C:\Program Files\Real 2008-05-25 13:01:50 0 d-------- C:\Program Files\Common Files\Real 2008-05-25 13:01:49 0 d-------- C:\Documents and Settings\user\Application Data\Real 2008-05-25 12:15:15 20480 --a------ C:\WINDOWS\system32\ed5e268.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-25 12:15:15 20480 --a------ C:\WINDOWS\system32\16333bfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-25 06:17:25 0 d-------- C:\OutputFolder 2008-05-25 06:16:45 129024 --a------ C:\WINDOWS\system32\AVERM.dll 2008-05-25 06:16:45 28672 --a------ C:\WINDOWS\system32\AVEQT.dll 2008-05-24 20:33:55 20480 --a------ C:\WINDOWS\system32\832e198.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-24 20:33:55 20480 --a------ C:\WINDOWS\system32\5a91b4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-23 18:39:01 20480 --a------ C:\WINDOWS\system32\68efec0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-23 18:39:01 20480 --a------ C:\WINDOWS\system32\26dcace.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-23 18:02:24 0 d-------- C:\Program Files\AuditionSEA 2008-05-23 13:19:32 1970176 --a------ C:\WINDOWS\system32\d3dx9.dll 2008-05-23 13:19:32 679936 --a------ C:\WINDOWS\system32\D3DX81ab.dll <Not Verified; Generated by JEDI; D3DX81> 2008-05-18 20:57:28 0 d-------- C:\Program Files\HGI 2008-05-18 20:30:28 0 d-------- C:\Program Files\PDM 2008-05-16 18:12:59 0 d-------- C:\Documents and Settings\user\Application Data\iWin 2008-05-15 16:25:29 0 d-------- C:\Program Files\DivX 2008-05-13 00:11:17 0 d-------- C:\Documents and Settings\user\dwhelper 2008-05-07 22:08:57 0 d-------- C:\Perl 2008-05-04 06:12:10 0 d-------- C:\Program Files\QuickTime 2008-05-03 12:10:29 0 d-------- C:\Documents and Settings\user\Application Data\PlayFirst 2008-05-03 12:10:29 0 d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst 2008-05-03 12:01:47 0 d-------- C:\Documents and Settings\All Users\Application Data\HipSoft 2008-05-03 11:11:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Fugazo 2008-05-03 11:10:46 0 d-------- C:\Documents and Settings\user\Application Data\Sony 2008-05-03 11:09:31 0 d-------- C:\Documents and Settings\user\Application Data\Publish Providers 2008-05-03 11:09:31 0 d-------- C:\Documents and Settings\user\Application Data\NetMedia Providers 2008-05-03 11:07:18 0 d-------- C:\Program Files\Vstplugins 2008-05-03 10:50:52 0 d-------- C:\Documents and Settings\user\Application Data\Ludia 2008-05-03 10:50:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Ludia 2008-05-03 10:39:43 0 d-------- C:\Program Files\ReflexiveArcade 2008-05-02 21  21 0 d-------- C:\Program Files\BannedStory2008-05-02 20:57:23 0 d-------- C:\Program Files\Common Files\Adobe AIR 2008-05-02 20:29:58 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-05-02 20:26:33 0 d-------- C:\Program Files\Bonjour 2008-05-02 20:19:27 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2008-05-02 19:34:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-05-02 19:34:51 0 d-------- C:\Program Files\Common Files\Adobe 2008-05-02 02:36:48 0 d-------- C:\Documents and Settings\user\Application Data\LimeWire 2008-05-01 14:42:02 3284 --a------ C:\WINDOWS\system32\ANIWZCS{A86F4CB7-03CA-4D51-A949-5EC22D238565} 2008-04-30 21:44:44 0 d-------- C:\Documents and Settings\user\Application Data\Download Manager -- Find3M Report --------------------------------------------------------------- 2008-05-26 15:25:29 2656 --a------ C:\WINDOWS\mozver.dat 2008-05-26 15:02:14 0 d-------- C:\Documents and Settings\user\Application Data\DMCache 2008-05-26 15:00:14 5 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{A86F4CB7-03CA-4D51-A949-5EC22D238565} 2008-05-26 14:59:48 0 d-------- C:\Program Files\Steam 2008-05-25 13:02:06 0 d-------- C:\Program Files\Common Files 2008-05-23 21:16:11 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME 2008-05-23 18:02:23 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-23 13:35:53 0 d-------- C:\Documents and Settings\user\Application Data\IDM 2008-05-22 19:34:37 0 d-------- C:\Documents and Settings\user\Application Data\MegauploadToolbar 2008-05-21 03:01:00 0 d-------- C:\Program Files\Microsoft Silverlight 2008-05-19 23:51:32 0 d-------- C:\Program Files\Etisalat USB 2008-05-17 17:39:31 0 d-------- C:\Program Files\Internet Download Manager 2008-05-16 12:03:05 0 d-------- C:\Documents and Settings\user\Application Data\Adobe 2008-04-21 15:28:35 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE 2008-04-15 18:42:16 0 d-------- C:\Documents and Settings\user\Application Data\TVU Networks 2008-04-15 17:23:37 0 d-------- C:\Documents and Settings\user\Application Data\TypingMaster7 2008-04-14 18:10:34 0 d-------- C:\Documents and Settings\user\Application Data\DAEMON Tools 2008-04-14 17:19:01 0 d-------- C:\Program Files\MegauploadToolbar 2008-04-14 16:04:04 0 d-------- C:\Documents and Settings\user\Application Data\Aston 2008-04-14 16:04:03 0 --a------ C:\Program Files\AstonWriteTest.txt 2008-04-14 00:29:46 0 d-------- C:\Program Files\Cucusoft 2008-04-13 18:33:56 0 d-------- C:\Documents and Settings\user\Application Data\Uniblue 2008-04-13 18:33:50 0 d-------- C:\Program Files\Uniblue 2008-04-13 18:24:53 0 d-------- C:\Program Files\Kaspersky Lab 2008-04-13 00:44:06 0 d-------- C:\Program Files\AVG 2008-04-12 15:26:09 0 d-------- C:\Program Files\NeroInstall.bak 2008-04-12 15:25:40 0 d-------- C:\Documents and Settings\user\Application Data\Nero 2008-04-12 15:24:45 0 d-------- C:\Program Files\Common Files\Nero 2008-04-12 15:24:02 0 d-------- C:\Program Files\Nero 2008-04-11 17:52:15 0 d-------- C:\Documents and Settings\user\Application Data\Nexon 2008-04-11 17:51:26 0 d-------- C:\Program Files\Common Files\INCA Shared 2008-04-06 22:34:45 0 d-------- C:\Documents and Settings\user\Application Data\CyberLink 2008-04-06 18:53:37 0 d-------- C:\Program Files\Stardock 2008-04-06 16:40:31 0 d-------- C:\Program Files\Enterbrain 2008-04-06 16:40:19 0 d-------- C:\Program Files\Common Files\Enterbrain 2008-04-06 15:39:25 0 d-------- C:\Program Files\MSXML 4.0 2008-04-06 15:33:59 0 d-------- C:\Program Files\Windows Media Connect 2 2008-04-04 23:56:25 0 d-------- C:\Documents and Settings\user\Application Data\Ahead 2008-04-04 23:48:20 0 d-------- C:\Program Files\CyberLink 2008-04-04 21:35:58 3247781 --a------ C:\WINDOWS\system32\Naruto 2.scr <Not Verified; Axialis Software; Axialis Screen Saver Producer> 2008-04-04 21:34:00 3320224 --a------ C:\WINDOWS\system32\Naruto 1.scr <Not Verified; Axialis Software; Axialis Screen Saver Producer> 2008-04-04 21:15:32 4096 --a------ C:\WINDOWS\d3dx.dat 2008-04-04 17 05 0 d-------- C:\Program Files\Windows Live2008-04-04 17:04:52 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2008-04-03 21:42:02 0 d-------- C:\Program Files\New Folder 2008-03-24 06:44:48 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-23 06:46:25 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-03-23 06:33:48 0 -rahs---- C:\MSDOS.SYS 2008-03-23 06:33:48 0 -rahs---- C:\IO.SYS 2008-03-23 06:33:48 0 --a------ C:\CONFIG.SYS 2008-03-23 06:33:48 0 --a------ C:\AUTOEXEC.BAT 2008-03-23 06:31:13 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-03-22 22:24:50 62 --ahs---- C:\Documents and Settings\user\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GEST"="C:\Program Files\GIGABYTE\GEST\RUN.exe" [12/14/2007 11:46 PM] "RTHDCPL"="RTHDCPL.EXE" [09/19/2007 02:14 PM C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [05/03/2005 02:43 PM C:\WINDOWS\Alcmtr.exe] "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [03/20/2007 10:36 AM] "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [08/29/2007 12:55 PM] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM] "nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [01/19/2007 11:49 PM] "D-Link D-Link Wireless 108G DWA-520"="C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe" [08/30/2007 02:15 AM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 PM] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/23/2006 03:10 PM] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [12/05/2006 10:55 PM] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [02/28/2008 09:59 AM] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [02/18/2008 04:29 PM] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [02/08/2008 06:36 PM] "RemoteControl8"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" [02/18/2008 06:33 PM] "PDVD8LanguageShortcut"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" [12/14/2007 11:36 AM] "BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" [11/14/2007 11:10 PM] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/25/2008 01:01 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/04/2008 09:46 PM] "Steam"="C:\Program Files\Steam\Steam.exe" [04/06/2008 03:58 PM] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [07/27/2007 04:00 PM] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM] "IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [05/16/2008 08:45 PM] C:\Documents and Settings\user\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [10/26/2006 8:24:54 PM] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"=0 (0x0) "NoMovingBands"=0 (0x0) "NoCloseDragDropBands"=0 (0x0) "NoSetTaskbar"=0 (0x0) "NoToolbarsOnTaskbar"=0 (0x0) "NoSaveSettings"=0 (0x0) "NoActiveDesktop"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9a5ed-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b28c-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b497-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b5ae-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcae7-1443-11dd-a7f6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcbdf-1443-11dd-a7f6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcdbd-1443-11dd-a7f6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{131195ca-24ee-11dd-9ddf-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13119fd0-24ee-11dd-9ddf-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ba5acd7-267b-11dd-b653-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d3976-1da2-11dd-9ddb-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d4edb-1da2-11dd-9ddb-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d50ee-1da2-11dd-9ddb-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3544b959-13b5-11dd-a7f5-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3544b964-13b5-11dd-a7f5-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3aa07e5a-19d1-11dd-9dd3-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ae0784a-0f96-11dd-a7f1-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ae07969-0f96-11dd-a7f1-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bcd39ac-0fcc-11dd-a7f4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bcd39dc-0fcc-11dd-a7f4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d94ebc8-07cb-11dd-a7d4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d94ebc9-07cb-11dd-a7d4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54fa3086-0a17-11dd-a7e6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54fa32c5-0a17-11dd-a7e6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69706efc-f86b-11dc-a7b3-001d7d04d8e5}] AutoRun\command- I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fb5826d-1940-11dd-9dd1-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c66b0a4-0ae5-11dd-a7e8-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8294e17a-1c1d-11dd-9dd7-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8294ed1f-1c1d-11dd-9dd7-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8bd110ac-0edb-11dd-a7ed-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855d38-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855d3d-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855f4d-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e856053-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99366c6c-15e6-11dd-a7fb-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99366c72-15e6-11dd-a7fb-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e368266-15dc-11dd-a7fa-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e368271-15dc-11dd-a7fa-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a307dab5-15e7-11dd-a7fc-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3211ffd-0f9b-11dd-a7f3-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b03a3a12-2416-11dd-9dde-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b03a3dae-2416-11dd-9dde-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbf8edf3-1ce7-11dd-9dd9-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a6649-176a-11dd-a800-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a6723-176a-11dd-a800-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a7279-176a-11dd-a800-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d83c6984-0a2e-11dd-a7e7-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1817829-f947-11dc-a7ae-001d7d04d8e5}] AutoRun\command- I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e181782b-f947-11dc-a7ae-001d7d04d8e5}] AutoRun\command- I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0af9e70-0a0e-11dd-a7e4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f66bf963-1aa0-11dd-9dd5-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe *Newly Created Service* - RKPAVPROC -- End of Deckard's System Scanner: finished at 2008-05-26 15:37:22 ------------ Last edited by amateur; 05-26-2008 at 06:07 AM. Reason: merged posts to keep the 0 reply status |
|
     |
| Sponsored Links |
| Thread Tools | |
|
|
