Was infected with a virus earlier today, did a virus boot scan it found a malware, remove it but i think i still have traces of it cause when i check msconfig i have 2 funny dll names starting up at system startup. Heres my log
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-15 19:23:48
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTXFISPI.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Fraps\fraps.exe
C:\Program Files\KWorld Multimedia\PVR-TV 7131 Utilities\P3XRCtl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Francis\Desktop\dss.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {37B32357-7366-429F-9397-F6E7D2163568} - C:\WINDOWS\system32\khfFVpmL.dll
O2 - BHO: (no name) - {57A52E74-004C-464B-96CC-4DFE5366EA02} - C:\WINDOWS\system32\pmnmjJYS.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: {1d8f90f0-e26f-d81b-13c4-03f05cbb4f1b} - {b1f4bbc5-0f30-4c31-b18d-f62e0f09f8d1} - C:\WINDOWS\system32\pqsmewpi.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [BM3317a4a8] Rundll32.exe "C:\WINDOWS\system32\cewxyaer.dll",s
O4 - HKLM\..\Run: [30249734] rundll32.exe "C:\WINDOWS\system32\nabuygde.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - Global Startup: Remote Control.lnk = C:\Program Files\KWorld Multimedia\PVR-TV 7131 Utilities\P3XRCtl.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker Beta - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker Beta\BPGame.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{EE4A1B6A-96FD-4E80-9F9D-DC91F401689E}: NameServer = 68.87.76.178,68.87.66.196
O20 - Winlogon Notify: pmnmjJYS - C:\WINDOWS\system32\pmnmjJYS.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 6053 bytes
-- Files created between 2008-05-15 and 2008-06-15 -----------------------------
2008-06-15 19:17:50 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-06-15 19:17:49 0 d-------- C:\Program Files\SpywareBlaster
2008-06-15 19:15:22 0 d-------- C:\WINDOWS\LastGood
2008-06-15 19:15:00 0 d-------- C:\Program Files\Panda Security
2008-06-15 19:10:53 81408 --a------ C:\WINDOWS\system32\nabuygde.dll
2008-06-15 19:07:53 99840 --a------ C:\WINDOWS\system32\pqsmewpi.dll
2008-06-15 19:05:33 90112 --a------ C:\WINDOWS\system32\cewxyaer.dll
2008-06-15 19:00:25 683565 --ahs---- C:\WINDOWS\system32\LmpVFfhk.ini2
2008-06-15 19:00:20 322560 --a------ C:\WINDOWS\system32\khfFVpmL.dll
2008-06-15 15:53:04 25088 --a------ C:\WINDOWS\system32\nnnoOFYP.dll
2008-06-15 15:50:20 99840 --a------ C:\WINDOWS\system32\kuuulbkg.dll
2008-06-15 15:48:12 81408 --a------ C:\WINDOWS\system32\nbunasxm.dll
2008-06-15 15:48:03 90112 --a------ C:\WINDOWS\system32\egtjisuh.dll
2008-06-15 15:47:20 707684 --ahs---- C:\WINDOWS\system32\hQstCMoq.ini2
2008-06-15 15:42:21 25088 --a------ C:\WINDOWS\system32\geBRIaYQ.dll
2008-06-15 15:41:44 25088 --a------ C:\WINDOWS\system32\pmnmjJYS.dll
2008-06-15 13:12:33 0 d-------- C:\Documents and Settings\Francis\Application Data\Publish Providers
2008-06-15 13:12:33 0 d-------- C:\Documents and Settings\Francis\Application Data\NetMedia Providers
2008-06-15 13:08:56 0 d-------- C:\Documents and Settings\Francis\Application Data\Sony
2008-06-15 13:07:29 0 d-------- C:\Program Files\Sony Setup
2008-06-15 08:41:55 0 d-------- C:\Program Files\Codemasters
2008-06-13 12:22:11 0 dr-h----- C:\Documents and Settings\Francis\Recent
2008-06-13 12:21:13 0 d-------- C:\Program Files\CCleaner
2008-06-10 14:25:05 0 d-------- C:\Program Files\Bodog Poker Beta
2008-06-07 04:25:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Codemasters
2008-06-07 04:23:02 0 d-------- C:\Program Files\OpenAL
2008-05-26 14:30:34 0 d-------- C:\WINDOWS\CSC
2008-05-25 23:15:13 0 dr-h----- C:\Documents and Settings\Francis\Application Data\SecuROM
2008-05-25 19:49:46 0 d-------- C:\Program Files\Full Tilt Poker
2008-05-25 19:32:52 0 d-------- C:\Program Files\CarbonPoker
2008-05-25 19:28:59 0 d-------- C:\Documents and Settings\Francis\Application Data\Microgaming
2008-05-22 13:47:11 0 d-------- C:\Program Files\MTA San Andreas
2008-05-21 13:39:56 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-05-21 13:37:10 593920 --a------ C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-05-21 13:36:54 0 d-------- C:\Program Files\ATI Technologies
2008-05-21 13:36:25 0 d-------- C:\ATI
2008-05-20 17:40:13 0 d-------- C:\Program Files\Rockstar Games
2008-05-18 12:01:28 0 d-------- C:\WINDOWS\San Andreas Mod Installer
2008-05-18 12:01:28 0 d-------- C:\Program Files\San Andreas Mod Installer
-- Find3M Report ---------------------------------------------------------------
2008-06-15 18:50:24 0 d-------- C:\Program Files\Guild Wars
2008-06-15 08:41:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-15 08:41:22 0 d-------- C:\Documents and Settings\Francis\Application Data\IGN_DLM
2008-06-14 14:02:23 0 d-------- C:\Program Files\Steam
2008-06-14 13:57:54 0 d-------- C:\Program Files\Cake Poker
2008-06-14 00:04:18 0 d-------- C:\Program Files\PokerStars
2008-06-10 13:27:30 0 d-------- C:\Documents and Settings\Francis\Application Data\LimeWire
2008-05-21 13:39:56 0 d-------- C:\Documents and Settings\Francis\Application Data\ATI
2008-05-21 13:35:15 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-21 13:30:36 0 d-------- C:\Program Files\Ray Adams
2008-05-11 12:39:25 0 d-------- C:\Program Files\BitComet
2008-05-07 14:06:42 0 d-------- C:\Documents and Settings\Francis\Application Data\Touchstone
2008-05-07 06:07:42 0 d-------- C:\Documents and Settings\Francis\Application Data\Leadertech
2008-05-07 05:56:05 0 d-------- C:\Program Files\Common Files
2008-05-04 16:03:34 669184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-05-04 15:54:03 0 d-------- C:\Program Files\Electronic Arts
2008-05-04 04:37:17 0 d-------- C:\Program Files\Bodog Poker
2008-05-03 05:02:45 0 d-------- C:\Documents and Settings\Francis\Application Data\Sun
2008-05-03 03:01:23 0 d-------- C:\Program Files\Java
2008-05-03 03:00:20 0 d-------- C:\Program Files\Common Files\Java
2008-05-03 02:58:52 0 d-------- C:\Program Files\LimeWire
2008-05-01 06:44:17 0 d-------- C:\Program Files\RivaTuner v2.09
2008-04-28 13:58:52 0 d-------- C:\Program Files\Logitech
2008-04-28 13:58:52 0 d-------- C:\Program Files\Common Files\Logitech
2008-04-23 14:58:31 0 d-------- C:\Program Files\Messenger
2008-04-23 14:58:22 0 d-------- C:\Program Files\Movie Maker
2008-04-23 14:56:36 0 d-------- C:\Program Files\Windows NT
2008-04-22 18:57:34 0 d-------- C:\Program Files\EA SPORTS
2008-04-22 17:28:21 0 d-------- C:\Documents and Settings\Francis\Application Data\AdobeUM
2008-04-22 17:27:43 0 d-------- C:\Documents and Settings\Francis\Application Data\Adobe
2008-04-22 17:26:55 0 d-------- C:\Program Files\Activision
2008-04-22 17:26:23 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-22 17:22:19 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-04-22 17:20:31 0 d-------- C:\Documents and Settings\Francis\Application Data\DAEMON Tools
2008-04-22 11:08:53 0 d-------- C:\Documents and Settings\Francis\Application Data\DivX
2008-04-22 09:39:25 0 d-------- C:\Program Files\DivX
2008-04-21 19:08:33 0 d-------- C:\Program Files\Viewpoint
2008-04-21 18:05:17 0 d-------- C:\Documents and Settings\Francis\Application Data\Aim
2008-04-21 18:05:16 0 d-------- C:\Program Files\AIM
2008-04-21 18:04:23 0 d-------- C:\Program Files\AOD
2008-04-20 14:55:43 0 d-------- C:\Program Files\Common Files\NSV
2008-04-19 20:17:42 0 d-------- C:\Program Files\America's Army
2008-04-19 19:19:08 0 d-------- C:\Program Files\America's Army Server Manager
2008-04-19 12:16:52 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-19 11:50:59 0 d-------- C:\Program Files\Realtek
2008-04-19 11:50:57 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-04-19 11:23:27 0 d-------- C:\Documents and Settings\Francis\Application Data\atitray
2008-04-19 11:09:13 0 d-------- C:\Program Files\Driver Cleaner Pro
2008-04-19 11:05:00 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-04-19 09:41:40 0 d-------- C:\Program Files\HD Tune
2008-04-19 07:57:57 0 d-------- C:\Program Files\Download Manager
2008-04-19 07:53:18 0 d-------- C:\Program Files\EA GAMES
2008-04-19 06:47:09 0 d-------- C:\Program Files\Ace Utilities
2008-04-19 06:33:41 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-18 17:38:48 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-04-18 17:22:59 0 d-------- C:\Program Files\Sierra Online
2008-04-18 17:22:22 0 d-------- C:\Documents and Settings\Francis\Application Data\InstallShield
2008-04-18 16:57:37 0 d-------- C:\Program Files\NEC DISPLAY SOLUTIONS
2008-04-18 16:56:22 0 d-------- C:\Documents and Settings\Francis\Application Data\WinRAR
2008-04-18 16:53:50 0 d-------- C:\Documents and Settings\Francis\Application Data\Winamp
2008-04-18 16:51:42 0 --a----c- C:\WINDOWS\ativpsrm.bin
2008-04-18 16:36:32 0 d-------- C:\Documents and Settings\Francis\Application Data\Macromedia
2008-04-18 16:34:27 0 d-------- C:\Program Files\Winamp
2008-04-18 16:23:34 0 d-------- C:\Program Files\MSXML 6.0
2008-04-18 16:22:47 0 d-------- C:\Program Files\MSXML 4.0
2008-04-18 16:21:35 0 --a----c- C:\WINDOWS\nsreg.dat
2008-04-18 16:21:34 0 d-------- C:\Documents and Settings\Francis\Application Data\Mozilla
2008-04-18 16:20:53 0 d-------- C:\Program Files\KWorld Multimedia
2008-04-18 16:19:47 0 d-------- C:\Program Files\Alwil Software
2008-04-18 16:13:34 0 d-------- C:\Program Files\DIFX
2008-04-18 16:11:40 0 d-------- C:\Program Files\Creative
2008-04-18 16:11:09 0 d-------- C:\Documents and Settings\Francis\Application Data\Creative
2008-04-18 16:05:52 0 d-------- C:\Documents and Settings\Francis\Application Data\Identities
2008-04-18 16:03:04 0 d-------- C:\Program Files\microsoft frontpage
2008-04-18 16:02:54 0 -rahs---- C:\MSDOS.SYS
2008-04-18 16:02:54 0 -rahs---- C:\IO.SYS
2008-04-18 16:02:54 0 --a------ C:\CONFIG.SYS
2008-04-18 16:02:54 0 --a------ C:\AUTOEXEC.BAT
2008-04-18 16:02:05 0 d--h----- C:\Program Files\WindowsUpdate
2008-04-18 16:01:33 0 d-------- C:\Program Files\Common Files\MSSoap
2008-04-18 16:00:56 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-18 16:00:51 0 d-------- C:\Program Files\Online Services
2008-04-18 16:00:49 0 d-------- C:\Program Files\Windows Media Connect 2
2008-04-18 16:00:44 0 d-------- C:\Program Files\MSN Gaming Zone
2008-04-18 08:57:32 0 d-------- C:\Program Files\Common Files\ODBC
2008-04-18 08:57:29 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-04-18 08:57:16 62 --ahs---- C:\Documents and Settings\Francis\Application Data\desktop.ini
2008-03-31 14:25:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-31 14:25:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-31 14:25:46 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-03-31 14:25:46 831488 --a------ C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 14:25:46 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-21 13:30:08 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 13:28:54 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-03-21 13:28:54 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-03-21 13:28:20 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{37B32357-7366-429F-9397-F6E7D2163568}]
06/15/2008 07:00 PM 322560 --a------ C:\WINDOWS\system32\khfFVpmL.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{57A52E74-004C-464B-96CC-4DFE5366EA02}]
06/15/2008 03:41 PM 25088 --a------ C:\WINDOWS\system32\pmnmjJYS.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b1f4bbc5-0f30-4c31-b18d-f62e0f09f8d1}]
06/15/2008 07:07 PM 99840 --a------ C:\WINDOWS\system32\pqsmewpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [07/13/2006 02:11 PM]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [11/04/2005 06:07 PM]
"CTHelper"="CTHELPER.EXE" [05/23/2006 09:20 PM C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [05/23/2006 09:20 PM C:\WINDOWS\system32\CTXFIHLP.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 04:19 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [01/21/2008 12:17 PM]
"BM3317a4a8"="C:\WINDOWS\system32\cewxyaer.dll" [06/15/2008 07:05 PM]
"30249734"="C:\WINDOWS\system32\nabuygde.dll" [06/15/2008 07:10 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 05:42 AM]
"Fraps"="C:\FRAPS\FRAPS.EXE" [01/14/2008 05:18 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Remote Control.lnk - C:\Program Files\KWorld Multimedia\PVR-TV 7131 Utilities\P3XRCtl.exe [4/18/2008 4:20:16 PM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57A52E74-004C-464B-96CC-4DFE5366EA02}"= C:\WINDOWS\system32\pmnmjJYS.dll [06/15/2008 03:41 PM 25088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnmjJYS]
pmnmjJYS.dll 06/15/2008 03:41 PM 25088 C:\WINDOWS\system32\pmnmjJYS.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\khfFVpmL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\30249734]
rundll32.exe "C:\WINDOWS\system32\nbunasxm.dll",b
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM3317a4a8]
Rundll32.exe "C:\WINDOWS\system32\egtjisuh.dll",s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
-- End of Deckard's System Scanner: finished at 2008-06-15 19:24:51 ------------
Moderators Message
Please be considerate of the fact that the people helping you are
all volunteers, and in many cases usually have a job, and a limited amount of time to help, and therefore can only do so much. If no one has replied to your thread within
72hrs after you posted, please reply in your thread with the words
BUMP, please to move it forward.
DO NOT Bump the thread unless
72 hours has passed. We work from oldest to newest posts so your wait will be longer if you bump it forward before the 72 hours is up. We look for 0 reply, or 1 reply threads to respond to.
Early bump posts will be deleted.
