Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Can someone just check these logs please

[Fixed] Hijackthis! Logs - Can someone just check these logs please posted in the Security & Safety forums; Well i am fixing a computer for a mate at work and it was absolutly riddled with virus and general rubbish. ive installed avg, spybot, adaware, registry booster 2 updated ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 07-14-2008
Bronze Member
  
Join Date: Sep 2007
Posts: 11
pc18 - See this Members User comments on their Profile page
Default Can someone just check these logs please
Well i am fixing a computer for a mate at work and it was absolutly riddled with virus and general rubbish. ive installed avg, spybot, adaware, registry booster 2 updated them all and they have removed hundreds of problems (i hope)

i just wanted someone to check these logs to verify the computer is problem free.

heres the logs

Deckard's System Scanner v20071014.68
Run by jade on 2008-07-14 17:01:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-07-14 16:01:08 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-14 17:02:36
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\APPS\HIDSERVICE\HidService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgam.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\APPS\Powercinema\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MyWebSearch\bar\7.bin\MWSOEMON.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
C:\Program Files\Common Files\Sony Shared\GMR\GMRMan.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\cidaemon.exe
F:\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = %s - Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {001EA8A7-3301-4D9A-9BE9-624A9C594759} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B9499 803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\7.bin\MWSBAR.DLL
O2 - BHO: (no name) - {0840B569-3CA9-46F3-87AF-356647BEDEAA} - C:\Program Files\Outlook Express\fony777444.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {4BCC8B61-F357-47F9-B3D5-79B26BF63152} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BndShell3 BHO Class - {8ABA9A9C-8791-4d61-8D5B-BCC9448EA573} - (no file)
O2 - BHO: BndDrive2 BHO Class - {8FB5B012-E8CB-46cd-B6D2-ED428FAE9043} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO - {9125F250-EB4F-49fe-AE17-C17665873A5C} - (no file)
O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - (no file)
O2 - BHO: 0 - {D115F4B9-6FBA-4C41-0DA2-F072352D76EF} - C:\Program Files\MSN Gaming Zone\quha325.dll (file missing)
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Starware Music UK Toolbar - {1962c5bc-e475-465b-823b-133e711bceb9} - (no file)
O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\7.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Machine Debug Mgr] mdn.exe
O4 - HKLM\..\Run: [close surf mail dupe] D:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Jump Kind.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Byte 32] D:\DOCUME~1\jade\APPLIC~1\DOESDU~1\intra cash user.exe
O4 - HKCU\..\Run: [My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\7.bin\m3IMPipe.exe"
O4 - HKCU\..\Run: [WinTouch] D:\Documents and Settings\jade\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] D:\Documents and Settings\jade\Application Data\Microsoft\Windows\bxkao.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm414YYGB
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: https://click.getmirar.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: https://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: https://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: https://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Filter: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - (no file)
O20 - Winlogon Notify: lurdkovj - C:\WINDOWS\system32\lurdkovj.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - C:\APPS\HIDSERVICE\HidService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: - C:\Program Files\MSN Gaming Zone\rteqe.html

--
End of file - 15416 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>

S0 BTKRNL (Bluetooth Protocol Stack) - c:\windows\system32\drivers\btkrnl.sys (file missing)
S2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys (file missing)
S2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys (file missing)
S3 {DEF85C80-216A-43ab-AF70-1665EDBE2780} - c:\windows\temp\3e9.tmp (file missing)
S3 JL2005 (JL2005A Camera) - c:\windows\system32\drivers\toywdm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>
R2 EPSONStatusAgent2 (EPSON Printer Status Agent2) - c:\program files\common files\epson\ebapi\sagent2.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Bidirectional Printer>
R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe

S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)>
S2 btwdins (Bluetooth Service) - c:\program files\widcomm\bluetooth software\bin\btwdins.exe (file missing)
S3 Autocomplete (AutoComplete Service) - c:\program files\acesoft\tracks eraser pro\delautocomp.exe <Not Verified; Acesoft; AUTOCOMP>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-14 17:00:09 258 --ah----- C:\WINDOWS\Tasks\ACE213A99195849D.job
2008-07-11 19:09:01 256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2007-04-14 18:49:21 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-14 and 2008-07-14 -----------------------------

2008-07-14 17:00:44 0 d-------- D:\Deckard
2008-07-14 16:48:38 0 d-------- C:\WINDOWS\pss
2008-07-11 17:06:07 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME
2008-07-11 16:31:41 5 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{9B970B97-1A69-4F18-AC42-58A970C01A4A}
2008-07-11 16:27:16 249856 --a------ C:\WINDOWS\system32\wnicapi.dll <Not Verified; Wireless Service; WNICAPI Dynamic Link Library>
2008-07-11 16:27:16 225280 --a------ C:\WINDOWS\system32\WlanApp.dll <Not Verified; ANI; WlanApp Dynamic Link Library>
2008-07-11 16:27:16 204800 --a------ C:\WINDOWS\system32\aIPH.dll <Not Verified; Alpha Networks Inc.; IPH Dynamic Link Library>
2008-07-11 16:27:15 1327189 --a------ C:\WINDOWS\system32\odSupp_M.dll <Not Verified; Funk Software, Inc.; Odyssey Supplicant Toolkit>
2008-07-11 16:27:15 49152 --a------ C:\WINDOWS\system32\JJAKEn.dll <Not Verified; ; JJAKEn Dynamic Link Library>
2008-07-11 16:27:15 49152 --a------ C:\WINDOWS\system32\AQCKGen.dll <Not Verified; Alpha Networks Inc.; AQuickKey Generator>
2008-07-11 16:27:15 667648 --a------ C:\WINDOWS\system32\ANIWZCS2.dll <Not Verified; Wireless Service; ANIWZCS Dynamic Link Library>
2008-07-11 16:27:15 45115 --a------ C:\WINDOWS\system32\ANICtl.dll <Not Verified; Alpha Networks Inc.; DevCtrl Dynamic Link Library>
2008-07-11 16:27:13 0 d-------- C:\Program Files\Acesoft
2008-07-11 16:26:55 36864 --a------ C:\WINDOWS\system32\ANIOApi.dll <Not Verified; Alpha Networks Inc.; ANIO Helper DLL API library>
2008-07-11 16:26:55 48128 --a------ C:\WINDOWS\system32\ANIO64.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
2008-07-11 16:26:55 28195 --a------ C:\WINDOWS\system32\ANIO.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
2008-07-11 16:26:54 11904 --a------ C:\WINDOWS\system32\anio4.sys <Not Verified; ANI; ANIO (NDIS4) Driver>
2008-07-11 16:26:54 0 d-------- C:\Program Files\ANI
2008-07-11 16:26:43 0 d-------- D:\Documents and Settings\All Users\Application Data\InstallShield
2008-07-11 16:26:39 2048 --a------ C:\WINDOWS\system32\drivers\rt73.bin
2008-07-11 16:26:39 162304 --a------ C:\WINDOWS\system32\drivers\rt52u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11a/b/g Wireless USB Adapters>
2008-07-11 16:26:39 247808 --a------ C:\WINDOWS\system32\drivers\rt25u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
2008-07-11 16:26:39 248320 --a------ C:\WINDOWS\system32\drivers\Dr71WU98.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-07-11 16:26:39 401536 --a------ C:\WINDOWS\system32\drivers\A3AB9x.sys <Not Verified; D-Link Corporation; D-Link Wireless Network adapter>
2008-07-11 16:26:39 2048 --a------ C:\WINDOWS\system\rt73.bin
2008-07-11 16:26:39 380288 --a------ C:\WINDOWS\system\rt619x.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11 Wireless Adapters>
2008-07-11 16:26:39 162304 --a------ C:\WINDOWS\system\rt52u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11a/b/g Wireless USB Adapters>
2008-07-11 16:26:39 8192 -ra------ C:\WINDOWS\system\rt2661.bin
2008-07-11 16:26:39 247808 --a------ C:\WINDOWS\system\rt25u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
2008-07-11 16:26:39 8192 -ra------ C:\WINDOWS\system\rt2561s.bin
2008-07-11 16:26:39 8192 -ra------ C:\WINDOWS\system\rt2561.bin
2008-07-11 16:26:39 248320 --a------ C:\WINDOWS\system\Dr71WU98.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-07-11 16:26:39 0 d-------- C:\Program Files\D-Link
2008-07-11 15:56:08 0 d-------- D:\Documents and Settings\jade\Application Data\Uniblue
2008-07-11 15:55:50 0 d-------- C:\Program Files\Uniblue
2008-07-11 15:51:04 0 d--h----- D:\$AVG8.VAULT$
2008-07-11 15:42:54 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-11 15:42:52 0 d-------- D:\Documents and Settings\All Users\Application Data\avg8
2008-07-11 15:42:52 0 d-------- C:\Program Files\AVG


-- Find3M Report ---------------------------------------------------------------

2008-07-14 16:45:49 0 d-------- C:\Program Files\Symantec
2008-07-14 16:45:49 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-07-14 16:43:08 0 d-------- C:\Program Files\Common Files
2008-07-11 17:59:31 0 d-------- D:\Documents and Settings\jade\Application Data\Doesdupenurb
2008-07-11 17:47:22 0 d-------- C:\Program Files\Words
2008-07-11 17:45:29 0 d-------- C:\Program Files\QdrPack
2008-07-11 17:45:27 0 d-------- C:\Program Files\QdrModule
2008-07-11 17:45:00 0 d-------- C:\Program Files\MSN Gaming Zone
2008-07-11 17:43:23 0 d-------- C:\Program Files\ISM2
2008-07-11 17:43:22 0 d-------- C:\Program Files\ISM
2008-07-11 17:43:21 0 d-------- C:\Program Files\InternetGameBox
2008-07-11 17:43:19 0 d-------- C:\Program Files\Instant Messenger Names
2008-07-11 17:43:15 0 d-------- C:\Program Files\Insider
2008-07-11 17:43:15 0 d-------- C:\Program Files\InetGet2
2008-07-11 17:40:44 0 d-------- C:\Program Files\Circle Developement
2008-07-11 17:40:44 0 d--h----- C:\Program Files\BHO
2008-07-11 17:16:56 0 d-------- C:\Program Files\Windows NT
2008-07-11 16:27:56 24976 --a------ C:\WINDOWS\twain_16.dll
2008-07-11 16:27:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-11 16:18:34 160256 --a------ C:\WINDOWS\system32\blackster.scr <Not Verified; Peter's Productions; Bugs!>
2008-07-11 16:16:46 0 d-------- C:\Program Files\Google
2008-07-11 16:07:03 0 d-------- D:\Documents and Settings\jade\Application Data\WinTouch
2008-07-11 16:06:20 0 d-------- D:\Documents and Settings\jade\Application Data\Sammsoft
2008-07-11 15:51:05 0 d-------- C:\Program Files\WinAble
2008-07-11 15:44:41 0 d-------- C:\Program Files\RcvSystem
2008-07-09 17:22:03 0 d-------- C:\Program Files\LimeWire
2008-06-02 21:07:01 0 d-------- C:\Program Files\Doesdupenurb


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{001EA8A7-3301-4D9A-9BE9-624A9C594759}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0840B569-3CA9-46F3-87AF-356647BEDEAA}]
C:\Program Files\Outlook Express\fony777444.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4BCC8B61-F357-47F9-B3D5-79B26BF63152}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8FB5B012-E8CB-46cd-B6D2-ED428FAE9043}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9125F250-EB4F-49fe-AE17-C17665873A5C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D115F4B9-6FBA-4C41-0DA2-F072352D76EF}]
C:\Program Files\MSN Gaming Zone\quha325.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [04/08/2004 15:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [04/08/2004 15:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [04/08/2004 15:00]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [02/08/2005 17:35]
"nwiz"="nwiz.exe" [02/08/2005 17:35 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [02/08/2005 17:35]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [07/01/2005 18:07 C:\WINDOWS\system32\HdAShCut.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [08/06/2005 17:55]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [04/03/2005 04:36]
"RTHDCPL"="RTHDCPL.EXE" [29/06/2005 14:25 C:\WINDOWS\RTHDCPL.EXE]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 19:43 C:\WINDOWS\ALCMTR.EXE]
"PCMService"="c:\Apps\Powercinema\PCMService.e xe" [11/05/2005 14:48]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [19/01/2006 12:40]
"My Web Search Bar"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\MWSBAR.DLL" [18/05/2007 21:57]
"MyWebSearch Email Plugin"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.e xe" [18/05/2007 21:57]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [24/09/2005 00:08]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [26/01/2004 11:38]
"CONNECTScheduler"="C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" [23/03/2006 02:00]
"EPSON Stylus C62 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\ 3\E_S10IC2.exe" [10/04/2002 04:04]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/08/2004 15:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27/04/2007 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [27/04/2007 11:25]
"Machine Debug Mgr"="mdn.exe" []
"close surf mail dupe"="D:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Jump Kind.exe" [14/07/2008 16:48]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [11/07/2008 16:59]
"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [14/04/2007 15:50]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\i suspm.exe" [16/06/2004 06:03]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [16/06/2004 06:03]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [19/01/2007 11:49]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\M SConfig.exe" [04/08/2004 15:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MyWebSearch Email Plugin"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.e xe" [18/05/2007 21:57]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]
"Byte 32"="D:\DOCUME~1\jade\APPLIC~1\DOESDU~1\intra cash user.exe" [02/06/2008 21:06]
"My Web Search Community Tools"="C:\Program Files\MyWebSearch\bar\7.bin\m3IMPipe.exe" [18/05/2007 21:57]
"WinTouch"="D:\Documents and Settings\jade\Application Data\WinTouch\WinTouch.exe" [13/10/2007 08:46]
"SfKg6w"="D:\Documents and Settings\jade\Application Data\Microsoft\Windows\bxkao.exe" []

D:\Documents and Settings\All Users\Start Menu\Programs\Startup\
CONNECTAUTrayApp.lnk - C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe [30/03/2006 06:33:38]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [24/09/2005 01:39:30]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\MSN Gaming Zone\rteqe.html
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lurdkovj]
lurdkovj.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vturr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ




-- Hosts -----------------------------------------------------------------------

127.0.0.1 services.google.com


-- End of Deckard's System Scanner: finished at 2008-07-14 17:03:19 ------------


Deckard's System Scanner v20071014.68
Run by jade on 2008-07-14 17:01:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-07-14 16:01:08 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-14 17:02:36
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\APPS\HIDSERVICE\HidService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgam.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\APPS\Powercinema\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MyWebSearch\bar\7.bin\MWSOEMON.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
C:\Program Files\Common Files\Sony Shared\GMR\GMRMan.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\cidaemon.exe
F:\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = %s - Google Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {001EA8A7-3301-4D9A-9BE9-624A9C594759} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B9499 803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\7.bin\MWSBAR.DLL
O2 - BHO: (no name) - {0840B569-3CA9-46F3-87AF-356647BEDEAA} - C:\Program Files\Outlook Express\fony777444.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {4BCC8B61-F357-47F9-B3D5-79B26BF63152} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BndShell3 BHO Class - {8ABA9A9C-8791-4d61-8D5B-BCC9448EA573} - (no file)
O2 - BHO: BndDrive2 BHO Class - {8FB5B012-E8CB-46cd-B6D2-ED428FAE9043} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO - {9125F250-EB4F-49fe-AE17-C17665873A5C} - (no file)
O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - (no file)
O2 - BHO: 0 - {D115F4B9-6FBA-4C41-0DA2-F072352D76EF} - C:\Program Files\MSN Gaming Zone\quha325.dll (file missing)
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Starware Music UK Toolbar - {1962c5bc-e475-465b-823b-133e711bceb9} - (no file)
O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\7.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Machine Debug Mgr] mdn.exe
O4 - HKLM\..\Run: [close surf mail dupe] D:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Jump Kind.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Byte 32] D:\DOCUME~1\jade\APPLIC~1\DOESDU~1\intra cash user.exe
O4 - HKCU\..\Run: [My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\7.bin\m3IMPipe.exe"
O4 - HKCU\..\Run: [WinTouch] D:\Documents and Settings\jade\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] D:\Documents and Settings\jade\Application Data\Microsoft\Windows\bxkao.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm414YYGB
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: https://click.getmirar.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: https://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: https://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: https://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Filter: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - (no file)
O20 - Winlogon Notify: lurdkovj - C:\WINDOWS\system32\lurdkovj.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - C:\APPS\HIDSERVICE\HidService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: - C:\Program Files\MSN Gaming Zone\rteqe.html

--
End of file - 15416 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>

S0 BTKRNL (Bluetooth Protocol Stack) - c:\windows\system32\drivers\btkrnl.sys (file missing)
S2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys (file missing)
S2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys (file missing)
S3 {DEF85C80-216A-43ab-AF70-1665EDBE2780} - c:\windows\temp\3e9.tmp (file missing)
S3 JL2005 (JL2005A Camera) - c:\windows\system32\drivers\toywdm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>
R2 EPSONStatusAgent2 (EPSON Printer Status Agent2) - c:\program files\common files\epson\ebapi\sagent2.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Bidirectional Printer>
R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe

S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)>
S2 btwdins (Bluetooth Service) - c:\program files\widcomm\bluetooth software\bin\btwdins.exe (file missing)
S3 Autocomplete (AutoComplete Service) - c:\program files\acesoft\tracks eraser pro\delautocomp.exe <Not Verified; Acesoft; AUTOCOMP>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-14 17:00:09 258 --ah----- C:\WINDOWS\Tasks\ACE213A99195849D.job
2008-07-11 19:09:01 256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2007-04-14 18:49:21 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-14 and 2008-07-14 -----------------------------

2008-07-14 17:00:44 0 d-------- D:\Deckard
2008-07-14 16:48:38 0 d-------- C:\WINDOWS\pss
2008-07-11 17:06:07 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME
2008-07-11 16:31:41 5 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{9B970B97-1A69-4F18-AC42-58A970C01A4A}
2008-07-11 16:27:16 249856 --a------ C:\WINDOWS\system32\wnicapi.dll <Not Verified; Wireless Service; WNICAPI Dynamic Link Library>
2008-07-11 16:27:16 225280 --a------ C:\WINDOWS\system32\WlanApp.dll <Not Verified; ANI; WlanApp Dynamic Link Library>
2008-07-11 16:27:16 204800 --a------ C:\WINDOWS\system32\aIPH.dll <Not Verified; Alpha Networks Inc.; IPH Dynamic Link Library>
2008-07-11 16:27:15 1327189 --a------ C:\WINDOWS\system32\odSupp_M.dll <Not Verified; Funk Software, Inc.; Odyssey Supplicant Toolkit>
2008-07-11 16:27:15 49152 --a------ C:\WINDOWS\system32\JJAKEn.dll <Not Verified; ; JJAKEn Dynamic Link Library>
2008-07-11 16:27:15 49152 --a------ C:\WINDOWS\system32\AQCKGen.dll <Not Verified; Alpha Networks Inc.; AQuickKey Generator>
2008-07-11 16:27:15 667648 --a------ C:\WINDOWS\system32\ANIWZCS2.dll <Not Verified; Wireless Service; ANIWZCS Dynamic Link Library>
2008-07-11 16:27:15 45115 --a------ C:\WINDOWS\system32\ANICtl.dll <Not Verified; Alpha Networks Inc.; DevCtrl Dynamic Link Library>
2008-07-11 16:27:13 0 d-------- C:\Program Files\Acesoft
2008-07-11 16:26:55 36864 --a------ C:\WINDOWS\system32\ANIOApi.dll <Not Verified; Alpha Networks Inc.; ANIO Helper DLL API library>
2008-07-11 16:26:55 48128 --a------ C:\WINDOWS\system32\ANIO64.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
2008-07-11 16:26:55 28195 --a------ C:\WINDOWS\system32\ANIO.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
2008-07-11 16:26:54 11904 --a------ C:\WINDOWS\system32\anio4.sys <Not Verified; ANI; ANIO (NDIS4) Driver>
2008-07-11 16:26:54 0 d-------- C:\Program Files\ANI
2008-07-11 16:26:43 0 d-------- D:\Documents and Settings\All Users\Application Data\InstallShield
2008-07-11 16:26:39 2048 --a------ C:\WINDOWS\system32\drivers\rt73.bin
2008-07-11 16:26:39 162304 --a------ C:\WINDOWS\system32\drivers\rt52u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11a/b/g Wireless USB Adapters>
2008-07-11 16:26:39 247808 --a------ C:\WINDOWS\system32\drivers\rt25u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
2008-07-11 16:26:39 248320 --a------ C:\WINDOWS\system32\drivers\Dr71WU98.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-07-11 16:26:39 401536 --a------ C:\WINDOWS\system32\drivers\A3AB9x.sys <Not Verified; D-Link Corporation; D-Link Wireless Network adapter>
2008-07-11 16:26:39 2048 --a------ C:\WINDOWS\system\rt73.bin
2008-07-11 16:26:39 380288 --a------ C:\WINDOWS\system\rt619x.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11 Wireless Adapters>
2008-07-11 16:26:39 162304 --a------ C:\WINDOWS\system\rt52u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11a/b/g Wireless USB Adapters>
2008-07-11 16:26:39 8192 -ra------ C:\WINDOWS\system\rt2661.bin
2008-07-11 16:26:39 247808 --a------ C:\WINDOWS\system\rt25u98.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
2008-07-11 16:26:39 8192 -ra------ C:\WINDOWS\system\rt2561s.bin
2008-07-11 16:26:39 8192 -ra------ C:\WINDOWS\system\rt2561.bin
2008-07-11 16:26:39 248320 --a------ C:\WINDOWS\system\Dr71WU98.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-07-11 16:26:39 0 d-------- C:\Program Files\D-Link
2008-07-11 15:56:08 0 d-------- D:\Documents and Settings\jade\Application Data\Uniblue
2008-07-11 15:55:50 0 d-------- C:\Program Files\Uniblue
2008-07-11 15:51:04 0 d--h----- D:\$AVG8.VAULT$
2008-07-11 15:42:54 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-11 15:42:52 0 d-------- D:\Documents and Settings\All Users\Application Data\avg8
2008-07-11 15:42:52 0 d-------- C:\Program Files\AVG


-- Find3M Report ---------------------------------------------------------------

2008-07-14 16:45:49 0 d-------- C:\Program Files\Symantec
2008-07-14 16:45:49 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-07-14 16:43:08 0 d-------- C:\Program Files\Common Files
2008-07-11 17:59:31 0 d-------- D:\Documents and Settings\jade\Application Data\Doesdupenurb
2008-07-11 17:47:22 0 d-------- C:\Program Files\Words
2008-07-11 17:45:29 0 d-------- C:\Program Files\QdrPack
2008-07-11 17:45:27 0 d-------- C:\Program Files\QdrModule
2008-07-11 17:45:00 0 d-------- C:\Program Files\MSN Gaming Zone
2008-07-11 17:43:23 0 d-------- C:\Program Files\ISM2
2008-07-11 17:43:22 0 d-------- C:\Program Files\ISM
2008-07-11 17:43:21 0 d-------- C:\Program Files\InternetGameBox
2008-07-11 17:43:19 0 d-------- C:\Program Files\Instant Messenger Names
2008-07-11 17:43:15 0 d-------- C:\Program Files\Insider
2008-07-11 17:43:15 0 d-------- C:\Program Files\InetGet2
2008-07-11 17:40:44 0 d-------- C:\Program Files\Circle Developement
2008-07-11 17:40:44 0 d--h----- C:\Program Files\BHO
2008-07-11 17:16:56 0 d-------- C:\Program Files\Windows NT
2008-07-11 16:27:56 24976 --a------ C:\WINDOWS\twain_16.dll
2008-07-11 16:27:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-11 16:18:34 160256 --a------ C:\WINDOWS\system32\blackster.scr <Not Verified; Peter's Productions; Bugs!>
2008-07-11 16:16:46 0 d-------- C:\Program Files\Google
2008-07-11 16:07:03 0 d-------- D:\Documents and Settings\jade\Application Data\WinTouch
2008-07-11 16:06:20 0 d-------- D:\Documents and Settings\jade\Application Data\Sammsoft
2008-07-11 15:51:05 0 d-------- C:\Program Files\WinAble
2008-07-11 15:44:41 0 d-------- C:\Program Files\RcvSystem
2008-07-09 17:22:03 0 d-------- C:\Program Files\LimeWire
2008-06-02 21:07:01 0 d-------- C:\Program Files\Doesdupenurb


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{001EA8A7-3301-4D9A-9BE9-624A9C594759}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0840B569-3CA9-46F3-87AF-356647BEDEAA}]
C:\Program Files\Outlook Express\fony777444.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4BCC8B61-F357-47F9-B3D5-79B26BF63152}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8FB5B012-E8CB-46cd-B6D2-ED428FAE9043}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9125F250-EB4F-49fe-AE17-C17665873A5C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D115F4B9-6FBA-4C41-0DA2-F072352D76EF}]
C:\Program Files\MSN Gaming Zone\quha325.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [04/08/2004 15:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [04/08/2004 15:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [04/08/2004 15:00]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [02/08/2005 17:35]
"nwiz"="nwiz.exe" [02/08/2005 17:35 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [02/08/2005 17:35]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [07/01/2005 18:07 C:\WINDOWS\system32\HdAShCut.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [08/06/2005 17:55]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [04/03/2005 04:36]
"RTHDCPL"="RTHDCPL.EXE" [29/06/2005 14:25 C:\WINDOWS\RTHDCPL.EXE]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 19:43 C:\WINDOWS\ALCMTR.EXE]
"PCMService"="c:\Apps\Powercinema\PCMService.e xe" [11/05/2005 14:48]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [19/01/2006 12:40]
"My Web Search Bar"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\MWSBAR.DLL" [18/05/2007 21:57]
"MyWebSearch Email Plugin"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.e xe" [18/05/2007 21:57]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [24/09/2005 00:08]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [26/01/2004 11:38]
"CONNECTScheduler"="C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" [23/03/2006 02:00]
"EPSON Stylus C62 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\ 3\E_S10IC2.exe" [10/04/2002 04:04]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/08/2004 15:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27/04/2007 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [27/04/2007 11:25]
"Machine Debug Mgr"="mdn.exe" []
"close surf mail dupe"="D:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Jump Kind.exe" [14/07/2008 16:48]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [11/07/2008 16:59]
"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [14/04/2007 15:50]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\i suspm.exe" [16/06/2004 06:03]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [16/06/2004 06:03]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [19/01/2007 11:49]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\M SConfig.exe" [04/08/2004 15:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MyWebSearch Email Plugin"="C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.e xe" [18/05/2007 21:57]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]
"Byte 32"="D:\DOCUME~1\jade\APPLIC~1\DOESDU~1\intra cash user.exe" [02/06/2008 21:06]
"My Web Search Community Tools"="C:\Program Files\MyWebSearch\bar\7.bin\m3IMPipe.exe" [18/05/2007 21:57]
"WinTouch"="D:\Documents and Settings\jade\Application Data\WinTouch\WinTouch.exe" [13/10/2007 08:46]
"SfKg6w"="D:\Documents and Settings\jade\Application Data\Microsoft\Windows\bxkao.exe" []

D:\Documents and Settings\All Users\Start Menu\Programs\Startup\
CONNECTAUTrayApp.lnk - C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe [30/03/2006 06:33:38]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [24/09/2005 01:39:30]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\MSN Gaming Zone\rteqe.html
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lurdkovj]
lurdkovj.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vturr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ




-- Hosts -----------------------------------------------------------------------

127.0.0.1 services.google.com


-- End of Deckard's System Scanner: finished at 2008-07-14 17:03:19 ------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:34, on 14/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
C:\Program Files\Common Files\Sony Shared\GMR\GMRMan.exe
C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\cidaemon.exe
F:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {001EA8A7-3301-4D9A-9BE9-624A9C594759} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B9499 803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\7.bin\MWSBAR.DLL
O2 - BHO: (no name) - {0840B569-3CA9-46F3-87AF-356647BEDEAA} - C:\Program Files\Outlook Express\fony777444.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {4BCC8B61-F357-47F9-B3D5-79B26BF63152} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BndShell3 BHO Class - {8ABA9A9C-8791-4d61-8D5B-BCC9448EA573} - (no file)
O2 - BHO: BndDrive2 BHO Class - {8FB5B012-E8CB-46cd-B6D2-ED428FAE9043} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO - {9125F250-EB4F-49fe-AE17-C17665873A5C} - (no file)
O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - (no file)
O2 - BHO: 0 - {D115F4B9-6FBA-4C41-0DA2-F072352D76EF} - C:\Program Files\MSN Gaming Zone\quha325.dll (file missing)
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Starware Music UK Toolbar - {1962c5bc-e475-465b-823b-133e711bceb9} - (no file)
O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\7.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Machine Debug Mgr] mdn.exe
O4 - HKLM\..\Run: [close surf mail dupe] D:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Jump Kind.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Byte 32] D:\DOCUME~1\jade\APPLIC~1\DOESDU~1\intra cash user.exe
O4 - HKCU\..\Run: [My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\7.bin\m3IMPipe.exe"
O4 - HKCU\..\Run: [WinTouch] D:\Documents and Settings\jade\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] D:\Documents and Settings\jade\Application Data\Microsoft\Windows\bxkao.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm414YYGB
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - (no file)
O20 - Winlogon Notify: lurdkovj - lurdkovj.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\rteqe.html

--
End of file - 13685 bytes



Thanks people
  #2  
Old 07-14-2008
Jelly Bean's Avatar
Moderation Team Leader
My PC
 
Join Date: Feb 2008
Location: Swansea
Posts: 5,916
PC Experience: I Try My Best.
Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page
Send a message via MSN to Jelly Bean Send a message via Yahoo to Jelly Bean Send a message via Skype™ to Jelly Bean
Default Re: Can someone just check these logs please
Hello and welcome to PC Help Forum.

I see Limewire listed there,could this be uninstalled and any other P2P software of similar origin?

Thankyou.



__________________
It is all in the hardware..........................................
Sources:
Microsoft Home Page /Seagate Home Page /Petri Home Page

PCHF Rules / Home Page / Prework /Windows Vista Home Page / XBOX360 / Test your Internet Speed
  #3  
Old 07-14-2008