|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
05-26-2008, 05:09 AM
|
#1 (permalink) |
|
Registered User
Join Date: May 2008
Posts: 1
OS: Eindows Xp professional SP2
|
I scanned and am posting a log file.I wanna know if anything is wrong
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:03:57 PM, on 5/26/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\GIGABYTE\GEST\gest.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\GIGABYTE\GEST\GSvr.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless 108G DWA-520] C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\JSWUtil\jswpsapi.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9348 bytes DDS result Deckard's System Scanner v20071014.68 Run by user on 2008-05-26 15:35:12 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 153: 2008-05-26 11:35:19 UTC - RP153 - Deckard's System Scanner Restore Point 152: 2008-05-25 15:24:56 UTC - RP152 - Installed Guitar Hero Explorer 151: 2008-05-25 05:30:43 UTC - RP151 - System Checkpoint 150: 2008-05-23 14:02:23 UTC - RP150 - Installed AuditionSEA 149: 2008-05-23 12:40:22 UTC - RP149 - Restore Operation -- First Restore Point -- 1: 2008-03-23 02:41:32 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as user.exe) ------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:36:48 PM, on 5/26/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\GIGABYTE\GEST\gest.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\System32\alg.exe C:\Program Files\GIGABYTE\GEST\GSvr.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\user\My Documents\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless 108G DWA-520] C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\JSWUtil\jswpsapi.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9598 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 vcdrom (Virtual CD-ROM Device Driver) - f:\downloads\vcdrom.sys <Not Verified; Microsoft Corporation; VirtualCdRom> R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver> R2 npkcrypt - c:\nexon\maplestory\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver> R3 npkcusb - c:\nexon\maplestory\npkcusb.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver> S0 sptd - c:\windows\system32\drivers\sptd.sys (file missing) S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing) S3 PciCon - d:\pcicon.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour> R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application> S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)> S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S3 jswpsapi (Jumpstart Wifi Protected Setup) - c:\program files\d-link\d-link wireless 108g dwa-520\jswutil\jswpsapi.exe <Not Verified; Atheros Communications, Inc.; JumpStart> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\1D7DE1284 Manufacturer: Microsoft Name: 1394 Net Adapter PNP Device ID: V1394\NIC1394\1D7DE1284 Service: NIC1394 -- Files created between 2008-04-26 and 2008-05-26 ----------------------------- 2008-05-26 15:25:55 0 d-------- C:\WINDOWS\LastGood 2008-05-26 15:25:28 0 d-------- C:\Program Files\Panda Security 2008-05-26 15:03:30 0 d-------- C:\Program Files\Trend Micro 2008-05-26 14:33:39 20480 --a------ C:\WINDOWS\system32\33a527d.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-26 14:33:39 20480 --a------ C:\WINDOWS\system32\207e0e2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Templates 2008-05-26 13:49:42 0 dr------- C:\Documents and Settings\Emergency\Start Menu 2008-05-26 13:49:42 0 dr-h----- C:\Documents and Settings\Emergency\SendTo 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Recent 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\PrintHood 2008-05-26 13:49:42 262144 --ah----- C:\Documents and Settings\Emergency\NTUSER.DAT 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\NetHood 2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\My Documents 2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Local Settings 2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\Favorites 2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\Desktop 2008-05-26 13:49:42 0 d---s---- C:\Documents and Settings\Emergency\Cookies 2008-05-26 13:49:42 0 dr-h----- C:\Documents and Settings\Emergency\Application Data 2008-05-26 13:49:42 0 d---s---- C:\Documents and Settings\Emergency\Application Data\Microsoft 2008-05-26 13:49:28 20480 --a------ C:\WINDOWS\system32\923e22.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-26 13:49:27 20480 --a------ C:\WINDOWS\system32\11c61dbf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-25 19:25:06 0 d-------- C:\Documents and Settings\user\Application Data\OnReally 2008-05-25 19:17:28 0 d-------- C:\Documents and Settings\user\Application Data\fretsonfire 2008-05-25 13:02:06 0 d-------- C:\Program Files\Common Files\xing shared 2008-05-25 13:01:53 0 d-------- C:\Program Files\Real 2008-05-25 13:01:50 0 d-------- C:\Program Files\Common Files\Real 2008-05-25 13:01:49 0 d-------- C:\Documents and Settings\user\Application Data\Real 2008-05-25 12:15:15 20480 --a------ C:\WINDOWS\system32\ed5e268.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-25 12:15:15 20480 --a------ C:\WINDOWS\system32\16333bfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-25 06:17:25 0 d-------- C:\OutputFolder 2008-05-25 06:16:45 129024 --a------ C:\WINDOWS\system32\AVERM.dll 2008-05-25 06:16:45 28672 --a------ C:\WINDOWS\system32\AVEQT.dll 2008-05-24 20:33:55 20480 --a------ C:\WINDOWS\system32\832e198.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-24 20:33:55 20480 --a------ C:\WINDOWS\system32\5a91b4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-23 18:39:01 20480 --a------ C:\WINDOWS\system32\68efec0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-23 18:39:01 20480 --a------ C:\WINDOWS\system32\26dcace.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-23 18:02:24 0 d-------- C:\Program Files\AuditionSEA 2008-05-23 13:19:32 1970176 --a------ C:\WINDOWS\system32\d3dx9.dll 2008-05-23 13:19:32 679936 --a------ C:\WINDOWS\system32\D3DX81ab.dll <Not Verified; Generated by JEDI; D3DX81> 2008-05-18 20:57:28 0 d-------- C:\Program Files\HGI 2008-05-18 20:30:28 0 d-------- C:\Program Files\PDM 2008-05-16 18:12:59 0 d-------- C:\Documents and Settings\user\Application Data\iWin 2008-05-15 16:25:29 0 d-------- C:\Program Files\DivX 2008-05-13 00:11:17 0 d-------- C:\Documents and Settings\user\dwhelper 2008-05-07 22:08:57 0 d-------- C:\Perl 2008-05-04 06:12:10 0 d-------- C:\Program Files\QuickTime 2008-05-03 12:10:29 0 d-------- C:\Documents and Settings\user\Application Data\PlayFirst 2008-05-03 12:10:29 0 d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst 2008-05-03 12:01:47 0 d-------- C:\Documents and Settings\All Users\Application Data\HipSoft 2008-05-03 11:11:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Fugazo 2008-05-03 11:10:46 0 d-------- C:\Documents and Settings\user\Application Data\Sony 2008-05-03 11:09:31 0 d-------- C:\Documents and Settings\user\Application Data\Publish Providers 2008-05-03 11:09:31 0 d-------- C:\Documents and Settings\user\Application Data\NetMedia Providers 2008-05-03 11:07:18 0 d-------- C:\Program Files\Vstplugins 2008-05-03 10:50:52 0 d-------- C:\Documents and Settings\user\Application Data\Ludia 2008-05-03 10:50:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Ludia 2008-05-03 10:39:43 0 d-------- C:\Program Files\ReflexiveArcade 2008-05-02 21  21 0 d-------- C:\Program Files\BannedStory2008-05-02 20:57:23 0 d-------- C:\Program Files\Common Files\Adobe AIR 2008-05-02 20:29:58 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-05-02 20:26:33 0 d-------- C:\Program Files\Bonjour 2008-05-02 20:19:27 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2008-05-02 19:34:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-05-02 19:34:51 0 d-------- C:\Program Files\Common Files\Adobe 2008-05-02 02:36:48 0 d-------- C:\Documents and Settings\user\Application Data\LimeWire 2008-05-01 14:42:02 3284 --a------ C:\WINDOWS\system32\ANIWZCS{A86F4CB7-03CA-4D51-A949-5EC22D238565} 2008-04-30 21:44:44 0 d-------- C:\Documents and Settings\user\Application Data\Download Manager -- Find3M Report --------------------------------------------------------------- 2008-05-26 15:25:29 2656 --a------ C:\WINDOWS\mozver.dat 2008-05-26 15:02:14 0 d-------- C:\Documents and Settings\user\Application Data\DMCache 2008-05-26 15:00:14 5 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{A86F4CB7-03CA-4D51-A949-5EC22D238565} 2008-05-26 14:59:48 0 d-------- C:\Program Files\Steam 2008-05-25 13:02:06 0 d-------- C:\Program Files\Common Files 2008-05-23 21:16:11 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME 2008-05-23 18:02:23 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-23 13:35:53 0 d-------- C:\Documents and Settings\user\Application Data\IDM 2008-05-22 19:34:37 0 d-------- C:\Documents and Settings\user\Application Data\MegauploadToolbar 2008-05-21 03:01:00 0 d-------- C:\Program Files\Microsoft Silverlight 2008-05-19 23:51:32 0 d-------- C:\Program Files\Etisalat USB 2008-05-17 17:39:31 0 d-------- C:\Program Files\Internet Download Manager 2008-05-16 12:03:05 0 d-------- C:\Documents and Settings\user\Application Data\Adobe 2008-04-21 15:28:35 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE 2008-04-15 18:42:16 0 d-------- C:\Documents and Settings\user\Application Data\TVU Networks 2008-04-15 17:23:37 0 d-------- C:\Documents and Settings\user\Application Data\TypingMaster7 2008-04-14 18:10:34 0 d-------- C:\Documents and Settings\user\Application Data\DAEMON Tools 2008-04-14 17:19:01 0 d-------- C:\Program Files\MegauploadToolbar 2008-04-14 16:04:04 0 d-------- C:\Documents and Settings\user\Application Data\Aston 2008-04-14 16:04:03 0 --a------ C:\Program Files\AstonWriteTest.txt 2008-04-14 00:29:46 0 d-------- C:\Program Files\Cucusoft 2008-04-13 18:33:56 0 d-------- C:\Documents and Settings\user\Application Data\Uniblue 2008-04-13 18:33:50 0 d-------- C:\Program Files\Uniblue 2008-04-13 18:24:53 0 d-------- C:\Program Files\Kaspersky Lab 2008-04-13 00:44:06 0 d-------- C:\Program Files\AVG 2008-04-12 15:26:09 0 d-------- C:\Program Files\NeroInstall.bak 2008-04-12 15:25:40 0 d-------- C:\Documents and Settings\user\Application Data\Nero 2008-04-12 15:24:45 0 d-------- C:\Program Files\Common Files\Nero 2008-04-12 15:24:02 0 d-------- C:\Program Files\Nero 2008-04-11 17:52:15 0 d-------- C:\Documents and Settings\user\Application Data\Nexon 2008-04-11 17:51:26 0 d-------- C:\Program Files\Common Files\INCA Shared 2008-04-06 22:34:45 0 d-------- C:\Documents and Settings\user\Application Data\CyberLink 2008-04-06 18:53:37 0 d-------- C:\Program Files\Stardock 2008-04-06 16:40:31 0 d-------- C:\Program Files\Enterbrain 2008-04-06 16:40:19 0 d-------- C:\Program Files\Common Files\Enterbrain 2008-04-06 15:39:25 0 d-------- C:\Program Files\MSXML 4.0 2008-04-06 15:33:59 0 d-------- C:\Program Files\Windows Media Connect 2 2008-04-04 23:56:25 0 d-------- C:\Documents and Settings\user\Application Data\Ahead 2008-04-04 23:48:20 0 d-------- C:\Program Files\CyberLink 2008-04-04 21:35:58 3247781 --a------ C:\WINDOWS\system32\Naruto 2.scr <Not Verified; Axialis Software; Axialis Screen Saver Producer> 2008-04-04 21:34:00 3320224 --a------ C:\WINDOWS\system32\Naruto 1.scr <Not Verified; Axialis Software; Axialis Screen Saver Producer> 2008-04-04 21:15:32 4096 --a------ C:\WINDOWS\d3dx.dat 2008-04-04 17 05 0 d-------- C:\Program Files\Windows Live2008-04-04 17:04:52 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2008-04-03 21:42:02 0 d-------- C:\Program Files\New Folder 2008-03-24 06:44:48 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-23 06:46:25 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-03-23 06:33:48 0 -rahs---- C:\MSDOS.SYS 2008-03-23 06:33:48 0 -rahs---- C:\IO.SYS 2008-03-23 06:33:48 0 --a------ C:\CONFIG.SYS 2008-03-23 06:33:48 0 --a------ C:\AUTOEXEC.BAT 2008-03-23 06:31:13 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-03-22 22:24:50 62 --ahs---- C:\Documents and Settings\user\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GEST"="C:\Program Files\GIGABYTE\GEST\RUN.exe" [12/14/2007 11:46 PM] "RTHDCPL"="RTHDCPL.EXE" [09/19/2007 02:14 PM C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [05/03/2005 02:43 PM C:\WINDOWS\Alcmtr.exe] "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [03/20/2007 10:36 AM] "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [08/29/2007 12:55 PM] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM] "nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [01/19/2007 11:49 PM] "D-Link D-Link Wireless 108G DWA-520"="C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe" [08/30/2007 02:15 AM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 PM] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/23/2006 03:10 PM] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [12/05/2006 10:55 PM] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [02/28/2008 09:59 AM] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [02/18/2008 04:29 PM] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [02/08/2008 06:36 PM] "RemoteControl8"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" [02/18/2008 06:33 PM] "PDVD8LanguageShortcut"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" [12/14/2007 11:36 AM] "BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" [11/14/2007 11:10 PM] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/25/2008 01:01 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/04/2008 09:46 PM] "Steam"="C:\Program Files\Steam\Steam.exe" [04/06/2008 03:58 PM] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [07/27/2007 04:00 PM] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM] "IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [05/16/2008 08:45 PM] C:\Documents and Settings\user\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [10/26/2006 8:24:54 PM] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"=0 (0x0) "NoMovingBands"=0 (0x0) "NoCloseDragDropBands"=0 (0x0) "NoSetTaskbar"=0 (0x0) "NoToolbarsOnTaskbar"=0 (0x0) "NoSaveSettings"=0 (0x0) "NoActiveDesktop"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9a5ed-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b28c-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b497-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b5ae-2269-11dd-9ddd-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcae7-1443-11dd-a7f6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcbdf-1443-11dd-a7f6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcdbd-1443-11dd-a7f6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{131195ca-24ee-11dd-9ddf-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13119fd0-24ee-11dd-9ddf-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ba5acd7-267b-11dd-b653-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d3976-1da2-11dd-9ddb-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d4edb-1da2-11dd-9ddb-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d50ee-1da2-11dd-9ddb-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3544b959-13b5-11dd-a7f5-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3544b964-13b5-11dd-a7f5-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3aa07e5a-19d1-11dd-9dd3-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ae0784a-0f96-11dd-a7f1-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ae07969-0f96-11dd-a7f1-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bcd39ac-0fcc-11dd-a7f4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bcd39dc-0fcc-11dd-a7f4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d94ebc8-07cb-11dd-a7d4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d94ebc9-07cb-11dd-a7d4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54fa3086-0a17-11dd-a7e6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54fa32c5-0a17-11dd-a7e6-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69706efc-f86b-11dc-a7b3-001d7d04d8e5}] AutoRun\command- I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fb5826d-1940-11dd-9dd1-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c66b0a4-0ae5-11dd-a7e8-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8294e17a-1c1d-11dd-9dd7-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8294ed1f-1c1d-11dd-9dd7-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8bd110ac-0edb-11dd-a7ed-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855d38-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855d3d-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855f4d-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e856053-0ed8-11dd-a7ec-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99366c6c-15e6-11dd-a7fb-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99366c72-15e6-11dd-a7fb-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e368266-15dc-11dd-a7fa-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e368271-15dc-11dd-a7fa-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a307dab5-15e7-11dd-a7fc-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3211ffd-0f9b-11dd-a7f3-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b03a3a12-2416-11dd-9dde-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b03a3dae-2416-11dd-9dde-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbf8edf3-1ce7-11dd-9dd9-001cf0d203d8}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a6649-176a-11dd-a800-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a6723-176a-11dd-a800-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a7279-176a-11dd-a800-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d83c6984-0a2e-11dd-a7e7-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1817829-f947-11dc-a7ae-001d7d04d8e5}] AutoRun\command- I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e181782b-f947-11dc-a7ae-001d7d04d8e5}] AutoRun\command- I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0af9e70-0a0e-11dd-a7e4-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f66bf963-1aa0-11dd-9dd5-001d7d04d8e5}] AutoRun\command- H:\AutoRun.exe *Newly Created Service* - RKPAVPROC -- End of Deckard's System Scanner: finished at 2008-05-26 15:37:22 ------------ Last edited by amateur; 05-26-2008 at 07:07 AM. Reason: merged posts to keep the 0 reply status |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
| Thread Tools | |
|
|
