Tech Support banner

Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
5 Posts
Discussion Starter #1
Sorry, the extra.txt did not pop up after I ran DSS.

Deckard's System Scanner v20071014.68
Run by Justin on 2007-11-25 21:14:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 81% (more than 75%).
Total Physical Memory: 224 MiB (512 MiB recommended).
System Drive C: has 2.78 GiB (less than 15%) free.


-- HijackThis (run as Justin.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:14:11 PM, on 11/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
C:\Program Files\Common Files\AOL\1143825502\ee\AOLSoftware.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Justin\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Justin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {03C3F85C-33EF-1042-EC6B-192312BBC79B} - C:\WINDOWS\system32\tjjngwsg.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {11E65333-9880-E724-82FD-B069358C8BCB} - C:\WINDOWS\system32\ayqntj.dll (file missing)
O2 - BHO: ShopGuide Class - {3CB0CF42-DA54-47d2-8999-23928A2DEA42} - c:\program files\ShopGuide\shpguide9b.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7E8DB7F3-2C67-23E2-1483-2027528EEEBF} - C:\WINDOWS\system32\mwnjun.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {D11FB0F3-7930-25E1-13A3-72F2CE2615BE} - C:\WINDOWS\system32\wolsuxs.dll
O2 - BHO: (no name) - {DF17B4FB-2D33-74B9-13A3-72F2CE2615BE} - C:\WINDOWS\system32\wolsuxs.dll
O2 - BHO: (no name) - {FEBE7D48-B780-B10B-A838-BB5E651A65B0} - C:\WINDOWS\system32\hnwxz.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StarSkin] C:\PROGRAM FILES\ROCKET DIVISION SOFTWARE\STARSKIN\STARSKIN.EXE -H
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1143825502\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKCU\..\Run: [zqlgzkf] C:\WINDOWS\zqlgzkf.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Wsjwjj] C:\WINDOWS\system32\RSS~1.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Wsjwjj] C:\WINDOWS\system32\RSS~1.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ¼¥°¡À̵å - {EC9679F6-42B7-4593-9E1C-AF421066C123} - http://www.shop-guide.co.kr (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://www.gamescampus.com/xiah/luncher/GamesCampus.cab
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15.cab
O16 - DPF: {21FDDE58-51A6-402A-8040-39DA033DC196} (Pull0PlayerX Control) - http://image.pullbbang.com/newTop/Pull0Control.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120606045939
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {7606693A-C18D-4567-AF85-6194FF70761E} (GomWeb Control) - http://app.ipop.co.kr/gom/GomWeb.cab
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} (MagicLockOCX Control) - http://www.diodeo.com/ActiveDiodeoPlayer.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B8C4B31D-6DCE-4DF0-BF73-44686849F67D} (PDRInst1 Class) - http://imgcdn.pandora.tv/pan_img/p3player/package/pdrinst.cab
O16 - DPF: {BCA935CA-7E41-4F73-BA9C-FAB4393DBAC0} (MADanalCtrl Control) - http://www.csafer.net/ActiveX/MAStreamCtrl.cab
O16 - DPF: {BD6BB450-7C69-43B8-96F3-689CAE57AB51} (SBSWebPlayer Class) - http://netv.sbs.co.kr/object/player/SBSWebPlayer.cab
O16 - DPF: {BD6F8792-B90E-4431-B0AB-08CF414E9D35} (DamoimBGMPlayerX Control) - http://bgm.iple.com/Cab/SMMusicPlayerX.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} (PcubeSet Class) - http://imgcdn.pandora.tv/pan_img/p3player/package/p3Instal.cab
O16 - DPF: {EACD6BE5-C0EE-4909-9B71-B2807C8A245C} (JukeOn Login Control) - http://dl.jukeon.co.kr/jukeon/jukeon2/2005122201/jukeonax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{61314217-FED6-456A-AC63-75BAAF5F9355}: NameServer = 68.105.28.11,68.105.29.11
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA2FA797-2AE7-46C0-BB44-A7BCA6F772A2}: NameServer = 65.32.5.74,65.32.5.75
O17 - HKLM\System\CS1\Services\Tcpip\..\{61314217-FED6-456A-AC63-75BAAF5F9355}: NameServer = 68.105.28.11,68.105.29.11
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: spool32.dll C:\WINDOWS\system32\scanregw.dll C:\WINDOWS\system32\spool32.dll
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - Unknown owner - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - Unknown owner - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: WUSB54GSv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 13080 bytes

-- Files created between 2007-10-25 and 2007-11-25 -----------------------------

2007-11-25 21:11:36 0 d-------- C:\Program Files\Trend Micro
2007-11-25 20:36:16 0 d-------- C:\Program Files\MSXML 6.0
2007-11-25 20:10:35 0 d-------- C:\Program Files\SpywareBlaster
2007-11-25 17:55:35 81 --a------ C:\WINDOWS\system32\pfdnnt_actions.sys
2007-11-25 17:55:35 8704 --a------ C:\WINDOWS\system32\pfdnnt.exe <Not Verified; Panda Software International; Panda Anti-malware>
2007-11-25 17:38:07 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-11-25 17:38:00 0 d-------- C:\WINDOWS\LastGood
2007-11-25 15:35:13 0 d-------- C:\Program Files\Softnyx
2007-11-25 12:35:00 0 d-------- C:\Program Files\Rakion
2007-11-24 12:51:31 0 d-------- C:\Mgame
2007-11-22 20:05:25 0 d-------- C:\WINDOWS\.jagex_cache_32
2007-11-21 20:19:43 0 d-------- C:\Documents and Settings\LocalService\Application Data\MEGAUPLOADTOOLBAR
2007-11-21 20:19:10 0 dr------- C:\Documents and Settings\LocalService\Favorites
2007-11-20 20:45:04 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-11-20 19:05:54 414272 --a------ C:\WINDOWS\system32\DivXc32f.dll <Not Verified; Hacked with Joy !; DivX ;-) MPEG-4 Video Codec>
2007-11-20 19:05:54 414272 --a------ C:\WINDOWS\system32\DivXc32.dll <Not Verified; Hacked with Joy !; DivX ;-) MPEG-4 Video Codec>
2007-11-20 19:05:47 626688 --a------ C:\WINDOWS\system32\xvid.dll
2007-11-20 19:00:11 724992 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-11-20 19:00:09 0 d-------- C:\Program Files\EO Video
2007-11-20 18:57:22 3082 --a------ C:\WINDOWS\system32\affv208325p1now.sys
2007-11-20 14:49:14 0 d--hs---- C:\FOUND.114
2007-11-20 11:02:16 0 d--hs---- C:\FOUND.113
2007-11-19 13:23:18 237568 --a------ C:\WINDOWS\system32\lame_enc.dll
2007-11-17 16:18:24 0 d--hs---- C:\FOUND.112
2007-11-10 17:29:01 0 d-------- C:\Documents and Settings\Justin\Application Data\GetRightToGo
2007-11-06 05:54:50 0 d--hs---- C:\FOUND.111
2007-11-05 19:11:28 200704 --a------ C:\WINDOWS\system32\p3evwms.dll <Not Verified; Einsdigital; P3EINS VoD WMT Splitter>
2007-10-27 22:46:32 0 d--hs---- C:\FOUND.110
2007-10-27 18:34:58 0 d--hs---- C:\FOUND.109


-- Find3M Report ---------------------------------------------------------------

2007-11-05 19:11:06 528384 --a------ C:\WINDOWS\system32\p3xv.dll <Not Verified; peeringportal; peeringportal p3xv>
2007-11-05 19:11:06 147456 --a------ C:\WINDOWS\system32\p3evf1.dll <Not Verified; Einsdigital; P3EINS VoD Sourcer>
2007-11-05 19:11:06 196608 --a------ C:\WINDOWS\system32\jukeon_v.exe <Not Verified; Einsdigital; P3EINS VoD Server>
2007-11-05 19:11:06 92216 --a------ C:\WINDOWS\system32\bass.dll <Not Verified; Un4seen Developments; >
2007-11-05 19:11:04 147456 --a------ C:\WINDOWS\system32\proghelp.dll <Not Verified; Microsoft Corporation; Windows Media Device Manager>
2007-11-05 19:11:04 450560 --a------ C:\WINDOWS\system32\p3evweb.dll <Not Verified; ; p3evctrl Module>
2007-11-05 19:11:04 782336 --a------ C:\WINDOWS\system32\p3evctrl.dll <Not Verified; Einsdigital; P3EINS VoD Control>
2007-11-05 19:11:04 360448 --a------ C:\WINDOWS\system32\p3edweb.dll <Not Verified; ; P3EDCtrl Module>
2007-11-05 19:11:04 135168 --a------ C:\WINDOWS\system32\p3edf1.dll <Not Verified; Neowiz Corporation.; p3edf1>
2007-11-05 19:11:04 491520 --a------ C:\WINDOWS\system32\mp3lib.dll
2007-11-05 19:11:04 36864 --a------ C:\WINDOWS\system32\MAMACExtract.dll
2007-10-19 15:41:02 1536000 -ra------ C:\WINDOWS\system32\ClubBox.exe <Not Verified; Nowcom, Co. LTD.; CLUBBOX File Transfer Manager V2>
2007-09-30 13:02:34 0 d-------- C:\Documents and Settings\Justin\Application Data\FaxCtr
2007-09-28 17:00:28 0 d-------- C:\Program Files\Lexmark Fax Solutions
2007-09-28 16:59:56 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-09-28 16:57:56 0 d-------- C:\Program Files\Lexmark 3500-4500 Series


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03C3F85C-33EF-1042-EC6B-192312BBC79B}]
C:\WINDOWS\system32\tjjngwsg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11E65333-9880-E724-82FD-B069358C8BCB}]
C:\WINDOWS\system32\ayqntj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3CB0CF42-DA54-47d2-8999-23928A2DEA42}]
11/19/2007 09:22 AM 172592 --a------ c:\program files\ShopGuide\shpguide9b.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E8DB7F3-2C67-23E2-1483-2027528EEEBF}]
07/25/2006 01:27 PM 139264 --a------ C:\WINDOWS\system32\mwnjun.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D11FB0F3-7930-25E1-13A3-72F2CE2615BE}]
12/26/2006 01:42 PM 57344 --a------ C:\WINDOWS\system32\wolsuxs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF17B4FB-2D33-74B9-13A3-72F2CE2615BE}]
12/26/2006 01:42 PM 57344 --a------ C:\WINDOWS\system32\wolsuxs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FEBE7D48-B780-B10B-A838-BB5E651A65B0}]
C:\WINDOWS\system32\hnwxz.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [10/31/2003 07:42 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"ClubBox"="" []
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 05:00 AM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/04/2004 05:00 AM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 05:00 AM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 05:00 AM]
"StarSkin"="C:\PROGRAM FILES\ROCKET DIVISION SOFTWARE\STARSKIN\STARSKIN.exe" []
"SoundMan"="SOUNDMAN.EXE" [03/01/2006 04:22 PM C:\WINDOWS\soundman.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [10/25/2007 09:11 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/23/2006 03:45 PM]
"HostManager"="C:\Program Files\Common Files\AOL\1143825502\ee\AOLSoftware.exe" [05/09/2006 08:24 PM]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [05/07/2007 01:07 PM]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [03/05/2007 07:40 AM]
"FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" [05/07/2007 01:10 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zqlgzkf"="C:\WINDOWS\zqlgzkf.exe" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [05/24/2006 02:31 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [10/04/2007 10:20 AM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/29/2006 07:54 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Wsjwjj"=C:\WINDOWS\system32\RSS~1.EXE
"Uoei"="C:\WINDOWS\system32\YSTEM~1\dexplore.exe" -vt ndrv
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 3:05:56 PM]
Run Nintendo Wi-Fi USB Connector Registration Tool.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe [4/7/2007 11:35:46 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=spool32.dll C:\WINDOWS\system32\scanregw.dll C:\WINDOWS\system32\spool32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rewardnet shpsvTÿ œš‘| ¸ úþ ôþ ôþ üþ ?›‘|ØÀ—|ëš‘|D @< ÿÿðý€*% j (ù¹ (þ �*% ¤ÿ¸ ÿÿÿÿøþ øþ ¸€*% -¸DllRegisterServer pÿ î�|p‘|ÿÿÿÿm‘|æ€|  ö€| < Pú °þ xª àÿ î�|ðš‘|ÿÿÿÿëš‘| ›‘| ¸ �ÿ ¤ÿ ˜ÿ Þ*€|˜ÿ ð*€| ¸


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cf8d6b8-b195-11db-ba2d-00016ca41eda}]
AutoRun\command- F:\Setup.exe -auto

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b48bdee-92d7-11da-b8ee-00016ca41eda}]
AutoRun\command- F:\Data\StubStub.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89c1e26e-ca58-11da-b928-00016ca41eda}]
AutoRun\command- F:\Data\StubStub.exe

*Newly Created Service* - GTNDIS5



-- End of Deckard's System Scanner: finished at 2007-11-25 21:14:34 ------------
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top