Thank you for you time, miekiemoes!Here are the logs:
ComboFix 08-01-31.1 - hrvoje 2008-01-30 21:10:22.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.243 [GMT 1:00]
Running from: D:\Documents and Settings\hrvoje\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-31 )))))))))))))))))))))))))))))))
.
2008-01-26 12:05 . 2008-01-26 12:05 <DIR> d-------- D:\Program Files\Trend Micro
2008-01-26 00:47 . 2008-01-26 02:08 <DIR> d-------- D:\WINDOWS\BDOSCAN8
2008-01-26 00:26 . 2008-01-30 00:57 167,545 --a------ D:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-25 23:42 . 2008-01-30 00:26 <DIR> d-------- D:\Program Files\SUPERAntiSpyware
2008-01-25 23:42 . 2008-01-25 23:42 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\SUPERAntiSpyware.com
2008-01-25 23:42 . 2008-01-25 23:42 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-25 23:32 . 2008-01-25 23:32 <DIR> d-------- D:\WINDOWS\ERUNT
2008-01-25 21:57 . 2008-01-25 23:18 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-25 20:40 . 2008-01-25 20:40 <DIR> d-------- D:\Program Files\BitTorrent
2008-01-23 11:23 . 2008-01-23 11:23 <DIR> d-------- D:\Program Files\Lavasoft
2008-01-23 11:23 . 2008-01-23 11:23 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-23 11:22 . 2008-01-25 23:42 <DIR> d-------- D:\Program Files\Common Files\Wise Installation Wizard
2008-01-23 10:56 . 2008-01-23 10:56 <DIR> d-------- D:\Program Files\FileASSASSIN
2008-01-21 21:21 . 2005-09-23 07:29 626,688 --a------ D:\WINDOWS\system32\msvcr80.dll
2008-01-21 16:14 . 2006-10-26 19:56 32,592 --a------ D:\WINDOWS\system32\msonpmon.dll
2008-01-21 16:12 . 2008-01-21 16:12 <DIR> d-------- D:\Program Files\Microsoft Works
2008-01-21 16:11 . 2008-01-21 16:11 <DIR> d-------- D:\Program Files\MSBuild
2008-01-21 16:08 . 2008-01-21 16:08 <DIR> d-------- D:\Program Files\Microsoft.NET
2008-01-21 16:05 . 2008-01-21 16:05 <DIR> d-------- D:\Program Files\Microsoft Visual Studio 8
2008-01-21 16:04 . 2008-01-21 16:10 <DIR> d-------- D:\WINDOWS\SHELLNEW
2008-01-21 16:03 . 2008-01-21 16:15 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-21 16:02 . 2008-01-21 16:02 <DIR> dr-h----- D:\MSOCache
2008-01-21 00:09 . 2008-01-21 00:30 <DIR> d-a------ D:\Documents and Settings\All Users\Application Data\TEMP
2008-01-20 23:50 . 2008-01-21 00:18 3,262 --a------ D:\WINDOWS\system32\sex5.ico
2008-01-20 23:49 . 2008-01-21 00:17 3,262 --a------ D:\WINDOWS\system32\sex4.ico
2008-01-20 23:49 . 2008-01-21 00:17 3,262 --a------ D:\WINDOWS\system32\sex3.ico
2008-01-20 23:48 . 2008-01-21 00:16 3,262 --a------ D:\WINDOWS\system32\sex2.ico
2008-01-20 23:48 . 2008-01-21 00:19 3,262 --a------ D:\WINDOWS\system32\sex1.ico
2008-01-20 23:00 . 2008-01-20 23:00 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\Grisoft
2008-01-20 23:00 . 2007-05-30 13:10 10,872 --a------ D:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-20 22:09 . 2008-01-20 22:09 54,156 --ah----- D:\WINDOWS\QTFont.qfn
2008-01-20 22:09 . 2008-01-20 22:09 1,409 --a------ D:\WINDOWS\QTFont.for
2008-01-14 10:52 . 2008-01-14 11:36 <DIR> d-------- D:\Documents and Settings\hrvoje\.housecall6.6
2008-01-13 13:44 . 2008-01-13 13:44 86,144 --a------ D:\WINDOWS\system32\drivers\hidparsee.sys
2008-01-12 11:25 . 2008-01-12 11:25 <DIR> d-------- D:\Program Files\TVUPlayer
2008-01-10 11:04 . 2008-01-10 11:04 <DIR> d-------- D:\WINDOWS\Sun
2008-01-09 15:01 . 2008-01-09 15:01 53,248 --a------ D:\WINDOWS\bdoscandel.exe
2008-01-09 15:01 . 2008-01-09 15:01 453 --a------ D:\WINDOWS\bdoscandellang.ini
2008-01-07 14:21 . 2008-01-07 14:21 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\ATI
2008-01-07 14:18 . 2007-12-05 14:17 593,920 --------- D:\WINDOWS\system32\ati2sgag.exe
2008-01-07 14:17 . 2008-01-07 14:19 <DIR> d-------- D:\Program Files\ATI Technologies
2008-01-07 13:23 . 2008-01-07 13:23 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\ESET
2008-01-07 13:17 . 2008-01-07 13:17 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Avg7
2008-01-03 11:49 . 2008-01-25 22:59 101 --a------ D:\WINDOWS\WININIT.INI
2008-01-01 12:51 . 2008-01-01 12:51 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\ACD Systems
2008-01-01 12:47 . 2008-01-01 12:47 <DIR> d-------- D:\Program Files\Common Files\ACD Systems
2008-01-01 12:47 . 2008-01-01 12:47 <DIR> d-------- D:\Program Files\ACD Systems
2008-01-01 12:47 . 2008-01-01 12:47 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\ACD Systems
2008-01-01 12:44 . 2008-01-01 12:47 10,368 --a------ D:\WINDOWS\system32\drivers\pfc.sys
2007-12-29 12:30 . 2008-01-20 00:43 <DIR> d-------- D:\Program Files\eMule
2007-12-29 01:24 . 2007-12-29 12:25 <DIR> d-------- D:\Program Files\DC++
2007-12-26 12:57 . 2007-12-26 12:57 <DIR> d--hs---- D:\found.003
2007-12-21 08:21 . 2007-12-21 08:21 33,800 --a------ D:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 08:20 . 2007-12-21 08:20 30,216 --a------ D:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 . 2007-12-21 08:19 39,944 --a------ D:\WINDOWS\system32\drivers\eamon.sys
2007-12-20 16:51 . 2007-12-20 16:51 <DIR> d--hs---- D:\found.002
2007-12-18 21:13 . 2008-01-12 11:28 <DIR> d-------- D:\Program Files\TVAnts
2007-12-15 12:43 . 2007-12-15 12:43 1,158 --a------ D:\WINDOWS\mozver.dat
2007-12-14 11:32 . 2007-12-14 11:32 12,632 --a------ D:\WINDOWS\system32\lsdelete.exe
2007-12-13 22:23 . 2007-12-13 22:23 0 --a------ D:\WINDOWS\nsreg.dat
2007-12-11 13:29 . 2007-12-11 13:53 <DIR> d-------- D:\WINDOWS\system32\rserver30
2007-12-11 00:08 . 2008-01-07 13:46 <DIR> d----c--- D:\WINDOWS\system32\DRVSTORE
2007-12-11 00:07 . 2008-01-07 13:47 <DIR> d-------- D:\Program Files\RALINK
2007-12-10 00:47 . 2007-12-10 00:48 <DIR> d-------- D:\Program Files\Common Files\Adobe
2007-12-09 12:15 . 2008-01-13 13:43 <DIR> d-------- D:\Program Files\Webteh
2007-12-09 12:15 . 2008-01-13 13:46 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\BSplayer Pro
2007-12-09 12:15 . 2007-12-09 12:24 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\BSplayer
2007-12-09 12:12 . 2007-12-01 00:00 60,273 --a------ D:\WINDOWS\system32\pthreadGC2.dll
2007-12-08 07:50 . 2007-12-08 07:50 <DIR> d--hs---- D:\found.001
2007-12-07 18:22 . 2008-01-01 12:45 <DIR> d-------- D:\WINDOWS\Downloaded Installations
2007-12-07 18:22 . 2007-12-07 18:22 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\Sierra Wireless
2007-12-07 18:11 . 2007-08-24 18:26 183,312 --a------ D:\WINDOWS\system32\CoreAVCDecoder.ax
2007-12-07 17:29 . 2007-12-07 17:29 <DIR> d-------- D:\Documents and Settings\hrvoje\Application Data\Radmin
2007-12-06 17:00 . 2007-12-06 17:00 <DIR> d--hs---- D:\found.000
2007-12-05 04:05 . 2007-12-05 04:05 368,640 --a------ D:\WINDOWS\system32\ATIDEMGX.dll
2007-12-05 03:56 . 2007-12-05 03:56 147,456 --a------ D:\WINDOWS\system32\atipdlxx.dll
2007-12-05 03:55 . 2007-12-05 03:55 122,880 --a------ D:\WINDOWS\system32\Oemdspif.dll
2007-12-05 03:55 . 2007-12-05 03:55 122,880 --a------ D:\WINDOWS\system32\ati2evxx.dll
2007-12-05 03:55 . 2007-12-05 03:55 43,520 --a------ D:\WINDOWS\system32\ati2edxx.dll
2007-12-05 03:55 . 2007-12-05 03:55 26,112 --a------ D:\WINDOWS\system32\Ati2mdxx.exe
2007-12-05 03:54 . 2007-12-05 03:54 307,200 --a------ D:\WINDOWS\system32\atiiiexx.dll
2007-12-05 03:53 . 2007-12-05 03:53 495,616 --a------ D:\WINDOWS\system32\ati2evxx.exe
2007-12-05 03:53 . 2007-12-05 03:53 53,248 --a------ D:\WINDOWS\system32\ATIDDC.DLL
2007-12-05 03:48 . 2007-12-05 03:48 9,535,488 --a------ D:\WINDOWS\system32\atioglx2.dll
2007-12-05 03:33 . 2007-12-05 03:33 3,107,788 --a------ D:\WINDOWS\system32\ativvaxx.dat
2007-12-05 03:33 . 2007-12-05 03:33 3,107,788 --a------ D:\WINDOWS\system32\ativva5x.dat
2007-12-05 03:33 . 2007-12-05 03:33 887,724 --a------ D:\WINDOWS\system32\ativva6x.dat
2007-12-05 03:19 . 2007-12-05 03:19 5,435,392 --a------ D:\WINDOWS\system32\atioglxx.dll
2007-12-05 03:19 . 2007-12-05 03:19 385,024 --a------ D:\WINDOWS\system32\atikvmag.dll
2007-12-05 03:17 . 2007-12-05 03:17 17,408 --a------ D:\WINDOWS\system32\atitvo32.dll
2007-12-05 03:16 . 2007-12-05 03:16 49,152 --a------ D:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-05 03:14 . 2007-12-05 03:14 180,224 --a------ D:\WINDOWS\system32\atiok3x2.dll
2007-12-03 21:49 . 2001-08-17 14:02 9,600 --a------ D:\WINDOWS\system32\drivers\hidusb.sys
2007-12-03 21:49 . 2001-08-17 14:02 9,600 --a--c--- D:\WINDOWS\system32\dllcache\hidusb.sys
2007-12-03 12:42 . 2007-12-03 12:42 <DIR> d-------- D:\Program Files\KONAMI
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 21:48 --------- d-----w D:\Documents and Settings\hrvoje\Application Data\BitTorrent
2008-01-25 19:50 --------- d-----w D:\Documents and Settings\hrvoje\Application Data\BitTorrent DNA
2008-01-18 11:19 --------- d-----w D:\Program Files\Google
2008-01-07 13:19 --------- d-----w D:\Program Files\Common Files\InstallShield
2008-01-07 12:14 --------- d-----w D:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-06 15:28 --------- d-----w D:\Program Files\SopCast
2008-01-04 11:18 --------- d-----w D:\Program Files\Last.fm
2007-12-26 16:45 --------- d-----w D:\Documents and Settings\hrvoje\Application Data\SopCast
2007-12-14 10:23 --------- d-----w D:\Program Files\OpenOffice.org 2.3
2007-12-10 23:07 --------- d--h--w D:\Program Files\InstallShield Installation Information
2007-12-07 21:14 --------- d-----w D:\Documents and Settings\hrvoje\Application Data\OpenOffice.org2
2007-12-05 19:17 7,680 ----a-w D:\WINDOWS\system32\ff_vfw.dll
2007-12-05 05:26 2,782,208 ----a-w D:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-05 03:04 269,312 ----a-w D:\WINDOWS\system32\ati2dvag.dll
2007-12-05 02:44 3,175,584 ----a-w D:\WINDOWS\system32\ati3duag.dll
2007-12-05 02:33 1,640,192 ----a-w D:\WINDOWS\system32\ativvaxx.dll
2007-12-05 02:11 499,712 ----a-w D:\WINDOWS\system32\ati2cqag.dll
2007-12-01 14:00 --------- d-----w D:\Program Files\DAEMON Tools
2007-11-28 23:10 --------- d-----w D:\Documents and Settings\hrvoje\Application Data\Ahead
2007-11-12 23:57 218,624 ----a-w D:\WINDOWS\system32\uxtheme.dll
2007-11-10 00:22 499,712 ----a-w D:\WINDOWS\system32\msvcp71.dll
2007-11-10 00:22 348,160 ----a-w D:\WINDOWS\system32\msvcr71.dll
2007-11-08 00:10 107,888 ----a-w D:\WINDOWS\system32\CmdLineExt.dll
2007-10-29 22:35 1,287,680 ----a-w D:\WINDOWS\system32\quartz.dll
2007-10-27 16:40 222,720 ----a-w D:\WINDOWS\system32\wmasf.dll
2007-10-10 23:47 825,344 ----a-w D:\WINDOWS\system32\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"NBJ"="D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2006-09-15 13:27 2048000]
"MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [2007-09-20 06:50 1694208]
"SUPERAntiSpyware"="D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40 155648]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"StormCodec_Helper"="D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-11-26 19:30 97357]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 110592 D:\WINDOWS\system32\bthprops.cpl]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"egui"="D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 08:21 1443072]
"StartCCC"="D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"googletalk"="D:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 22:22 3739648]
"!AVG Anti-Spyware"="D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"GrooveMonitor"="D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []
D:\Documents and Settings\hrvoje\Start Menu\Programs\Startup\
Last.fm Helper.lnk - D:\Program Files\Last.fm\LastFMHelper.exe [2007-11-24 21:32:38 106496]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;D:\WINDOWS\system32\drivers\si3112r.sys [2003-02-24 12:21]
R0 SiWinAcc;SiWinAcc;D:\WINDOWS\system32\drivers\SiWinAcc.sys [2003-02-12 12:37]
R1 epfwtdir;epfwtdir;D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 hidparsee;hidparsee;D:\WINDOWS\system32\drivers\hidparsee.sys [2008-01-13 13:44]
S2 OSCO;Security Service;D:\WINDOWS\system32\svcd\svchost.exe []
S3 mirrorv3;mirrorv3;D:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 05:01]
S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20);D:\WINDOWS\system32\DRIVERS\swumx20.sys []
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-31 21:13:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Program Files\Last.fm\LastFMHelper.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2008-01-31 21:14:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-31 20:14:15
ComboFix2.txt 2008-01-25 23:15:42
.
2008-01-04 12:08:01 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:15:42, on 31.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Program Files\Last.fm\LastFMHelper.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\notepad.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.forum.hr/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [StormCodec_Helper] "D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [googletalk] D:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = D:\Program Files\Last.fm\LastFMHelper.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -
http://dl.tvunetworks.com/TVUAx.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitd...can8/oscan8.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{E4101BDD-0F34-4B82-9585-23301212D5F6}: NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Security Service (OSCO) - Unknown owner - D:\WINDOWS\system32\svcd\svchost.exe (file missing)
--
End of file - 7559 bytes
This topic is locked
Sign In
Create Account
