Tech Support Forum banner
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
1 Posts
I scanned and am posting a log file.I wanna know if anything is wrong

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:03:57 PM, on 5/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\GIGABYTE\GEST\gest.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\GIGABYTE\GEST\GSvr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless 108G DWA-520] C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\JSWUtil\jswpsapi.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9348 bytes

DDS result
Deckard's System Scanner v20071014.68
Run by user on 2008-05-26 15:35:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
153: 2008-05-26 11:35:19 UTC - RP153 - Deckard's System Scanner Restore Point
152: 2008-05-25 15:24:56 UTC - RP152 - Installed Guitar Hero Explorer
151: 2008-05-25 05:30:43 UTC - RP151 - System Checkpoint
150: 2008-05-23 14:02:23 UTC - RP150 - Installed AuditionSEA
149: 2008-05-23 12:40:22 UTC - RP149 - Restore Operation


-- First Restore Point --
1: 2008-03-23 02:41:32 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:36:48 PM, on 5/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\GIGABYTE\GEST\gest.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\GIGABYTE\GEST\GSvr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\user\My Documents\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless 108G DWA-520] C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\JSWUtil\jswpsapi.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9598 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 vcdrom (Virtual CD-ROM Device Driver) - f:\downloads\vcdrom.sys <Not Verified; Microsoft Corporation; VirtualCdRom>
R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
R2 npkcrypt - c:\nexon\maplestory\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>
R3 npkcusb - c:\nexon\maplestory\npkcusb.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>

S0 sptd - c:\windows\system32\drivers\sptd.sys (file missing)
S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)
S3 PciCon - d:\pcicon.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>

S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 jswpsapi (Jumpstart Wifi Protected Setup) - c:\program files\d-link\d-link wireless 108g dwa-520\jswutil\jswpsapi.exe <Not Verified; Atheros Communications, Inc.; JumpStart>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\1D7DE1284
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\1D7DE1284
Service: NIC1394


-- Files created between 2008-04-26 and 2008-05-26 -----------------------------

2008-05-26 15:25:55 0 d-------- C:\WINDOWS\LastGood
2008-05-26 15:25:28 0 d-------- C:\Program Files\Panda Security
2008-05-26 15:03:30 0 d-------- C:\Program Files\Trend Micro
2008-05-26 14:33:39 20480 --a------ C:\WINDOWS\system32\33a527d.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-26 14:33:39 20480 --a------ C:\WINDOWS\system32\207e0e2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Templates
2008-05-26 13:49:42 0 dr------- C:\Documents and Settings\Emergency\Start Menu
2008-05-26 13:49:42 0 dr-h----- C:\Documents and Settings\Emergency\SendTo
2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Recent
2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\PrintHood
2008-05-26 13:49:42 262144 --ah----- C:\Documents and Settings\Emergency\NTUSER.DAT
2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\NetHood
2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\My Documents
2008-05-26 13:49:42 0 d--h----- C:\Documents and Settings\Emergency\Local Settings
2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\Favorites
2008-05-26 13:49:42 0 d-------- C:\Documents and Settings\Emergency\Desktop
2008-05-26 13:49:42 0 d---s---- C:\Documents and Settings\Emergency\Cookies
2008-05-26 13:49:42 0 dr-h----- C:\Documents and Settings\Emergency\Application Data
2008-05-26 13:49:42 0 d---s---- C:\Documents and Settings\Emergency\Application Data\Microsoft
2008-05-26 13:49:28 20480 --a------ C:\WINDOWS\system32\923e22.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-26 13:49:27 20480 --a------ C:\WINDOWS\system32\11c61dbf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-25 19:25:06 0 d-------- C:\Documents and Settings\user\Application Data\OnReally
2008-05-25 19:17:28 0 d-------- C:\Documents and Settings\user\Application Data\fretsonfire
2008-05-25 13:02:06 0 d-------- C:\Program Files\Common Files\xing shared
2008-05-25 13:01:53 0 d-------- C:\Program Files\Real
2008-05-25 13:01:50 0 d-------- C:\Program Files\Common Files\Real
2008-05-25 13:01:49 0 d-------- C:\Documents and Settings\user\Application Data\Real
2008-05-25 12:15:15 20480 --a------ C:\WINDOWS\system32\ed5e268.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-25 12:15:15 20480 --a------ C:\WINDOWS\system32\16333bfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-25 06:17:25 0 d-------- C:\OutputFolder
2008-05-25 06:16:45 129024 --a------ C:\WINDOWS\system32\AVERM.dll
2008-05-25 06:16:45 28672 --a------ C:\WINDOWS\system32\AVEQT.dll
2008-05-24 20:33:55 20480 --a------ C:\WINDOWS\system32\832e198.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-24 20:33:55 20480 --a------ C:\WINDOWS\system32\5a91b4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-23 18:39:01 20480 --a------ C:\WINDOWS\system32\68efec0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-23 18:39:01 20480 --a------ C:\WINDOWS\system32\26dcace.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-23 18:02:24 0 d-------- C:\Program Files\AuditionSEA
2008-05-23 13:19:32 1970176 --a------ C:\WINDOWS\system32\d3dx9.dll
2008-05-23 13:19:32 679936 --a------ C:\WINDOWS\system32\D3DX81ab.dll <Not Verified; Generated by JEDI; D3DX81>
2008-05-18 20:57:28 0 d-------- C:\Program Files\HGI
2008-05-18 20:30:28 0 d-------- C:\Program Files\PDM
2008-05-16 18:12:59 0 d-------- C:\Documents and Settings\user\Application Data\iWin
2008-05-15 16:25:29 0 d-------- C:\Program Files\DivX
2008-05-13 00:11:17 0 d-------- C:\Documents and Settings\user\dwhelper
2008-05-07 22:08:57 0 d-------- C:\Perl
2008-05-04 06:12:10 0 d-------- C:\Program Files\QuickTime
2008-05-03 12:10:29 0 d-------- C:\Documents and Settings\user\Application Data\PlayFirst
2008-05-03 12:10:29 0 d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-05-03 12:01:47 0 d-------- C:\Documents and Settings\All Users\Application Data\HipSoft
2008-05-03 11:11:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Fugazo
2008-05-03 11:10:46 0 d-------- C:\Documents and Settings\user\Application Data\Sony
2008-05-03 11:09:31 0 d-------- C:\Documents and Settings\user\Application Data\Publish Providers
2008-05-03 11:09:31 0 d-------- C:\Documents and Settings\user\Application Data\NetMedia Providers
2008-05-03 11:07:18 0 d-------- C:\Program Files\Vstplugins
2008-05-03 10:50:52 0 d-------- C:\Documents and Settings\user\Application Data\Ludia
2008-05-03 10:50:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Ludia
2008-05-03 10:39:43 0 d-------- C:\Program Files\ReflexiveArcade
2008-05-02 21:06:21 0 d-------- C:\Program Files\BannedStory
2008-05-02 20:57:23 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-05-02 20:29:58 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-02 20:26:33 0 d-------- C:\Program Files\Bonjour
2008-05-02 20:19:27 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-02 19:34:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-02 19:34:51 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-02 02:36:48 0 d-------- C:\Documents and Settings\user\Application Data\LimeWire
2008-05-01 14:42:02 3284 --a------ C:\WINDOWS\system32\ANIWZCS{A86F4CB7-03CA-4D51-A949-5EC22D238565}
2008-04-30 21:44:44 0 d-------- C:\Documents and Settings\user\Application Data\Download Manager


-- Find3M Report ---------------------------------------------------------------

2008-05-26 15:25:29 2656 --a------ C:\WINDOWS\mozver.dat
2008-05-26 15:02:14 0 d-------- C:\Documents and Settings\user\Application Data\DMCache
2008-05-26 15:00:14 5 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{A86F4CB7-03CA-4D51-A949-5EC22D238565}
2008-05-26 14:59:48 0 d-------- C:\Program Files\Steam
2008-05-25 13:02:06 0 d-------- C:\Program Files\Common Files
2008-05-23 21:16:11 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME
2008-05-23 18:02:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-23 13:35:53 0 d-------- C:\Documents and Settings\user\Application Data\IDM
2008-05-22 19:34:37 0 d-------- C:\Documents and Settings\user\Application Data\MegauploadToolbar
2008-05-21 03:01:00 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-19 23:51:32 0 d-------- C:\Program Files\Etisalat USB
2008-05-17 17:39:31 0 d-------- C:\Program Files\Internet Download Manager
2008-05-16 12:03:05 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2008-04-21 15:28:35 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-04-15 18:42:16 0 d-------- C:\Documents and Settings\user\Application Data\TVU Networks
2008-04-15 17:23:37 0 d-------- C:\Documents and Settings\user\Application Data\TypingMaster7
2008-04-14 18:10:34 0 d-------- C:\Documents and Settings\user\Application Data\DAEMON Tools
2008-04-14 17:19:01 0 d-------- C:\Program Files\MegauploadToolbar
2008-04-14 16:04:04 0 d-------- C:\Documents and Settings\user\Application Data\Aston
2008-04-14 16:04:03 0 --a------ C:\Program Files\AstonWriteTest.txt
2008-04-14 00:29:46 0 d-------- C:\Program Files\Cucusoft
2008-04-13 18:33:56 0 d-------- C:\Documents and Settings\user\Application Data\Uniblue
2008-04-13 18:33:50 0 d-------- C:\Program Files\Uniblue
2008-04-13 18:24:53 0 d-------- C:\Program Files\Kaspersky Lab
2008-04-13 00:44:06 0 d-------- C:\Program Files\AVG
2008-04-12 15:26:09 0 d-------- C:\Program Files\NeroInstall.bak
2008-04-12 15:25:40 0 d-------- C:\Documents and Settings\user\Application Data\Nero
2008-04-12 15:24:45 0 d-------- C:\Program Files\Common Files\Nero
2008-04-12 15:24:02 0 d-------- C:\Program Files\Nero
2008-04-11 17:52:15 0 d-------- C:\Documents and Settings\user\Application Data\Nexon
2008-04-11 17:51:26 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-04-06 22:34:45 0 d-------- C:\Documents and Settings\user\Application Data\CyberLink
2008-04-06 18:53:37 0 d-------- C:\Program Files\Stardock
2008-04-06 16:40:31 0 d-------- C:\Program Files\Enterbrain
2008-04-06 16:40:19 0 d-------- C:\Program Files\Common Files\Enterbrain
2008-04-06 15:39:25 0 d-------- C:\Program Files\MSXML 4.0
2008-04-06 15:33:59 0 d-------- C:\Program Files\Windows Media Connect 2
2008-04-04 23:56:25 0 d-------- C:\Documents and Settings\user\Application Data\Ahead
2008-04-04 23:48:20 0 d-------- C:\Program Files\CyberLink
2008-04-04 21:35:58 3247781 --a------ C:\WINDOWS\system32\Naruto 2.scr <Not Verified; Axialis Software; Axialis Screen Saver Producer>
2008-04-04 21:34:00 3320224 --a------ C:\WINDOWS\system32\Naruto 1.scr <Not Verified; Axialis Software; Axialis Screen Saver Producer>
2008-04-04 21:15:32 4096 --a------ C:\WINDOWS\d3dx.dat
2008-04-04 17:06:05 0 d-------- C:\Program Files\Windows Live
2008-04-04 17:04:52 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-03 21:42:02 0 d-------- C:\Program Files\New Folder
2008-03-24 06:44:48 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-23 06:46:25 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-03-23 06:33:48 0 -rahs---- C:\MSDOS.SYS
2008-03-23 06:33:48 0 -rahs---- C:\IO.SYS
2008-03-23 06:33:48 0 --a------ C:\CONFIG.SYS
2008-03-23 06:33:48 0 --a------ C:\AUTOEXEC.BAT
2008-03-23 06:31:13 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-22 22:24:50 62 --ahs---- C:\Documents and Settings\user\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="C:\Program Files\GIGABYTE\GEST\RUN.exe" [12/14/2007 11:46 PM]
"RTHDCPL"="RTHDCPL.EXE" [09/19/2007 02:14 PM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 02:43 PM C:\WINDOWS\Alcmtr.exe]
"JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [03/20/2007 10:36 AM]
"36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [08/29/2007 12:55 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [01/19/2007 11:49 PM]
"D-Link D-Link Wireless 108G DWA-520"="C:\Program Files\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe" [08/30/2007 02:15 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 PM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/23/2006 03:10 PM]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [12/05/2006 10:55 PM]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [02/28/2008 09:59 AM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [02/18/2008 04:29 PM]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [02/08/2008 06:36 PM]
"RemoteControl8"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" [02/18/2008 06:33 PM]
"PDVD8LanguageShortcut"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" [12/14/2007 11:36 AM]
"BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" [11/14/2007 11:10 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/25/2008 01:01 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/04/2008 09:46 PM]
"Steam"="C:\Program Files\Steam\Steam.exe" [04/06/2008 03:58 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [07/27/2007 04:00 PM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [05/16/2008 08:45 PM]

C:\Documents and Settings\user\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [10/26/2006 8:24:54 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBandCustomize"=0 (0x0)
"NoMovingBands"=0 (0x0)
"NoCloseDragDropBands"=0 (0x0)
"NoSetTaskbar"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoSaveSettings"=0 (0x0)
"NoActiveDesktop"=0 (0x0)


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9a5ed-2269-11dd-9ddd-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b28c-2269-11dd-9ddd-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b497-2269-11dd-9ddd-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b9b5ae-2269-11dd-9ddd-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcae7-1443-11dd-a7f6-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcbdf-1443-11dd-a7f6-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cadcdbd-1443-11dd-a7f6-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{131195ca-24ee-11dd-9ddf-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13119fd0-24ee-11dd-9ddf-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ba5acd7-267b-11dd-b653-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d3976-1da2-11dd-9ddb-001cf0d203d8}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d4edb-1da2-11dd-9ddb-001cf0d203d8}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{353d50ee-1da2-11dd-9ddb-001cf0d203d8}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3544b959-13b5-11dd-a7f5-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3544b964-13b5-11dd-a7f5-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3aa07e5a-19d1-11dd-9dd3-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ae0784a-0f96-11dd-a7f1-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ae07969-0f96-11dd-a7f1-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bcd39ac-0fcc-11dd-a7f4-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bcd39dc-0fcc-11dd-a7f4-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d94ebc8-07cb-11dd-a7d4-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d94ebc9-07cb-11dd-a7d4-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54fa3086-0a17-11dd-a7e6-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54fa32c5-0a17-11dd-a7e6-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69706efc-f86b-11dc-a7b3-001d7d04d8e5}]
AutoRun\command- I:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fb5826d-1940-11dd-9dd1-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c66b0a4-0ae5-11dd-a7e8-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8294e17a-1c1d-11dd-9dd7-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8294ed1f-1c1d-11dd-9dd7-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8bd110ac-0edb-11dd-a7ed-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855d38-0ed8-11dd-a7ec-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855d3d-0ed8-11dd-a7ec-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e855f4d-0ed8-11dd-a7ec-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e856053-0ed8-11dd-a7ec-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99366c6c-15e6-11dd-a7fb-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99366c72-15e6-11dd-a7fb-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e368266-15dc-11dd-a7fa-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e368271-15dc-11dd-a7fa-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a307dab5-15e7-11dd-a7fc-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3211ffd-0f9b-11dd-a7f3-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b03a3a12-2416-11dd-9dde-001cf0d203d8}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b03a3dae-2416-11dd-9dde-001cf0d203d8}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbf8edf3-1ce7-11dd-9dd9-001cf0d203d8}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a6649-176a-11dd-a800-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a6723-176a-11dd-a800-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d37a7279-176a-11dd-a800-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d83c6984-0a2e-11dd-a7e7-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1817829-f947-11dc-a7ae-001d7d04d8e5}]
AutoRun\command- I:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e181782b-f947-11dc-a7ae-001d7d04d8e5}]
AutoRun\command- I:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0af9e70-0a0e-11dd-a7e4-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f66bf963-1aa0-11dd-9dd5-001d7d04d8e5}]
AutoRun\command- H:\AutoRun.exe

*Newly Created Service* - RKPAVPROC



-- End of Deckard's System Scanner: finished at 2008-05-26 15:37:22 ------------
 

Attachments

1 - 1 of 1 Posts
Status
Not open for further replies.
Top