Custom Search
Join the PC homebuilding revolution! Read the all-new, FREE 200-page online guide: How to Build Your Own PC!
NOTE: Using robot software to mass-download the site degrades the server and is prohibited. See here for more.
Find The PC Guide helpful? Please consider a donation to The PC Guide Tip Jar. Visa/MC/Paypal accepted.
Results 1 to 6 of 6

Thread: new processors

  1. 09-02-2008, 09:35 AM #1
    MaSaM
    MaSaM is offline Geek Adept
    Join Date
    Feb 2005
    Posts
    90

    new processors

    i was overseas just came back it seams that my bro missed my pc upmso i ran combofix but there seem to be strange processes identified as opened by the system not by windows user in the task managerhere are the logs

    ComboFix 08-08-31.01 - Asim 2008-09-01 20:42:09.11 - NTFSx86 MINIMAL
    Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.595 [GMT 2:00]
    Running from: C:\Documents and Settings\Asim\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Asim\Application Data\macromedia\Flash Player\#SharedObjects\TNTD6GD4\bin.clearspring.com
    C:\Documents and Settings\Asim\Application Data\macromedia\Flash Player\#SharedObjects\TNTD6GD4\bin.clearspring.com \clearspring.sol
    C:\Documents and Settings\Asim\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin .clearspring.com
    C:\Documents and Settings\Asim\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin .clearspring.com\settings.sol
    .
    ---- Previous Run -------
    .
    C:\Program Files\FunWebProducts
    C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.h tml
    C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.h tml
    C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn. html
    C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn. html
    C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn .html
    C:\Program Files\internet explorer\msimg32.dll
    C:\Program Files\MyWebSearch
    C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
    C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
    C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
    C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
    C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
    C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
    C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
    C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
    C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
    C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
    C:\Program Files\MyWebSearch\bar\Cache\000987B2
    C:\Program Files\MyWebSearch\bar\Cache\00099A8E.bin
    C:\Program Files\MyWebSearch\bar\Cache\0009A3F4.bin
    C:\Program Files\MyWebSearch\bar\Cache\0009AE35.bin
    C:\Program Files\MyWebSearch\bar\Cache\0009B886.bin
    C:\Program Files\MyWebSearch\bar\Cache\0009C0A4.bin
    C:\Program Files\MyWebSearch\bar\Cache\000AD7E1.bin
    C:\Program Files\MyWebSearch\bar\Cache\000ADB4C.bin
    C:\Program Files\MyWebSearch\bar\Cache\000AE425.bin
    C:\Program Files\MyWebSearch\bar\Cache\000AEA4F.bin
    C:\Program Files\MyWebSearch\bar\Cache\000AEE57.bin
    C:\Program Files\MyWebSearch\bar\Cache\000AF348
    C:\Program Files\MyWebSearch\bar\Cache\files.ini
    C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
    C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
    C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
    C:\Program Files\MyWebSearch\bar\History\search3
    C:\Program Files\MyWebSearch\bar\icons\CM.ICO
    C:\Program Files\MyWebSearch\bar\icons\MFC.ICO
    C:\Program Files\MyWebSearch\bar\icons\PSS.ICO
    C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
    C:\Program Files\MyWebSearch\bar\icons\WB.ICO
    C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
    C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
    C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
    C:\WINDOWS\system32\f3PSSavr.scr

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_MYWEBSEARCHSERVICE
    -------\Service_MyWebSearchService


    ((((((((((((((((((((((((( Files Created from 2008-08-01 to 2008-09-01 )))))))))))))))))))))))))))))))
    .

    2008-08-10 21:10 . 2008-08-10 21:10 <DIR> d-------- C:\Program Files\iPod
    2008-08-10 21:09 . 2008-08-10 21:09 <DIR> d-------- C:\Program Files\Bonjour
    2008-08-10 19:28 . 2008-08-10 19:28 <DIR> d-------- C:\Program Files\Safari
    2008-08-10 18:41 . 2008-08-10 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2008-08-08 04:04 . 2008-08-10 16:22 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-08-08 04:04 . 2008-08-08 04:04 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-08-07 16:40 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe
    2008-08-07 16:39 . 2008-08-07 16:39 <DIR> d-------- C:\Program Files\Jamdat
    2008-08-07 11:52 . 2008-08-07 11:53 <DIR> d-------- C:\WINDOWS\FG
    2008-08-02 19:02 . 2008-08-07 14:03 <DIR> d-------- C:\Keygen

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2008-09-01 20:48 --------- d-----w C:\Program Files\Common Files\Akamai
    2008-09-01 18:33 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-01 13:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-08-10 19:14 --------- d-----w C:\Program Files\Apple Software Update
    2008-08-02 09:46 --------- d-----w C:\Documents and Settings\Asim\Application Data\Azureus
    2008-08-01 14:54 --------- d-----w C:\Program Files\Google
    2008-07-26 13:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-07-23 00:41 25,043 ----a-w C:\WINDOWS\system32\drivers\FG.SYS
    2008-07-23 00:00 --------- d-----w C:\Program Files\Spb Software House
    2008-07-17 00:21 --------- d-----w C:\Documents and Settings\Asim\Application Data\Datalayer
    2008-07-13 09:43 --------- d-----w C:\Program Files\EchoStar
    2008-07-12 14:44 --------- d-----w C:\Program Files\BearShare
    2008-07-12 11:41 --------- d-----w C:\Program Files\Save
    2008-07-09 22:15 --------- d-----w C:\Program Files\Common Files\MainConcept
    2008-07-09 22:10 --------- d-----w C:\Documents and Settings\Asim\Application Data\NSeries
    2008-07-09 22:10 --------- d-----w C:\Documents and Settings\Asim\Application Data\Nokia
    2008-07-09 22:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
    2008-07-09 22:03 --------- d-----w C:\Program Files\SimpleCenter
    2008-07-09 22:03 --------- d-----w C:\Program Files\Nokia
    2008-07-09 22:03 --------- d-----w C:\Program Files\Common Files\Nokia
    2008-07-09 22:03 --------- d-----w C:\Program Files\Common Files\i4j_jres
    2008-07-09 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
    2008-07-09 22:00 --------- d-----w C:\Program Files\PC Connectivity Solution
    2008-07-09 22:00 --------- d-----w C:\Program Files\DIFX
    2008-07-09 16:43 --------- d-----w C:\Documents and Settings\Asim\Application Data\Skype
    2008-07-08 10:30 --------- d-----w C:\Program Files\MDM
    2007-11-17 20:51 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    .
    Reply With Quote Reply With Quote
  2. 09-02-2008, 09:37 AM #2
    MaSaM
    MaSaM is offline Geek Adept
    Join Date
    Feb 2005
    Posts
    90
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2008-06-07 23:50 68856]
    "H/PC Connection Agent"="D:\progs\Microsoft ActiveSync4.1\wcescomm.exe" [2006-11-13 13:39 1289000]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "nod32kui"="D:\progs\Nod32\AV\nod32kui.exe" [2008-03-15 13:40 949376]
    "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
    "QuickTime Task"="D:\progs\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
    "iTunesHelper"="E:\Programs\itunes7.6\iTunesHelper .exe" [2008-07-30 10:47 289064]
    "SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 577536 C:\WINDOWS\soundman.exe]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Internet Keyboard.lnk - C:\Program Files\SAMSUNG\Samsung Internet Keyboard\MMKbd.exe [2005-06-09 00:37:50 1126400]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSACM.CEGSM"= mobilev.acm
    "msacm.ac3filter"= ac3filter.acm

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
    backup=C:\WINDOWS\pss\AutoCAD Startup Accelerator.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
    backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Firewall Client Connectivity Monitor.LNK]
    backup=C:\WINDOWS\pss\Firewall Client Connectivity Monitor.LNKCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Metacafe.lnk]
    backup=C:\WINDOWS\pss\Metacafe.lnkCommon Startup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avpa
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Firewall auto setup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealPlayer
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmcService
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sound-card-recorder
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Task Manager
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo Messengger

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    --a------ 2004-05-23 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
    --a--c--- 2004-08-22 17:05 81920 D:\Programs\D-Tools\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
    --a------ 2004-08-24 12:30 986624 C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    --a--c--- 2002-09-12 19:13 1101824 C:\Program Files\Ahead\InCD\InCD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2008-07-30 10:47 289064 E:\Programs\itunes7.6\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-08-04 01:06 1667584 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
    --a------ 2007-05-09 08:57 3084288 C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC2CALL]
    --a--c--- 2006-11-02 19:35 241664 D:\progs\PC2Call\PC2Call.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
    --a--c--- 2004-08-17 15:04 148992 D:\progs\Nokia\NOKIAP~1\TRAYAP~1.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a--c--- 2008-05-27 10:50 413696 D:\progs\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sclauncher]
    --a------ 2007-01-30 10:40 94208 C:\Program Files\SimpleCenter\bin\win\sclauncher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2006-10-12 03:10 49263 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2008-04-22 14:11 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
    --a------ 2006-08-25 14:45 803184 C:\Program Files\Save\Save.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    --a------ 2007-08-30 17:43 4670704 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationA gent]
    --a------ 2004-05-23 14:00 110592 C:\WINDOWS\system32\bthprops.cpl

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "btwdins"=2 (0x2)
    "SmcService"=2 (0x2)
    "usnjsvc"=3 (0x3)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "D:\\progs\\DAP\\DAP.exe"=
    "D:\\progs\\PC2Call\\PC2Call.exe"=
    "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "D:\\progs\\TVUPlayer\\TVUPlayer.exe"=
    "D:\\progs\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "D:\\25 to life\\Arablionz.com.25.to.life.by.Aly_hosny.4ALZ\\ TTL.exe"=
    "D:\\games\\Steam\\steamapps\\masam87\\counter-strike\\hl.exe"=
    "D:\\progs\\Azureus\\Azureus.exe"=
    "D:\progs\Microsoft ActiveSync4.1\rapimgr.exe"= D:\progs\Microsoft ActiveSync4.1\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "D:\progs\Microsoft ActiveSync4.1\wcescomm.exe"= D:\progs\Microsoft ActiveSync4.1\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "D:\progs\Microsoft ActiveSync4.1\WCESMgr.exe"= D:\progs\Microsoft ActiveSync4.1\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "C:\\Program Files\\SimpleCenter\\Home Media Server.exe"=
    "D:\\games\\Eidos\\Pyro Studios\\Commandos Strike Force\\CommXPC.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "E:\\Programs\\itunes7.6\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
    "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
    "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
    "500:UDP"= 500:UDP:@xpsp2res.dll,-22017
    "9420:TCP"= 9420:TCP:Akamai Network Manager
    "5000:UDP"= 5000:UDP:Akamai Network Manager
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\system32\DRIVERS\bsstor.sys [2002-06-06 01:07]
    R1 FG;FG;C:\WINDOWS\SYSTEM32\DRIVERS\FG.SYS [2008-07-23 02:41]
    R2 Akamai;Akamai;C:\WINDOWS\System32\svchost.exe [2004-05-23 14:00]
    R2 IEGLicSrv;Bentley License Client;C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe [2006-07-14 07:44]
    S3 jnv4_mib;jnv4_mib;C:\DOCUME~1\Asim\LOCALS~1\Temp\j nv4_mib.sys []
    S3 PIXMCV;JVC Communication PIX-MCV Driver;C:\WINDOWS\system32\Drivers\pixmcvc.sys [2003-12-05 15:39]
    S3 PIXMCVA;JVC PIX-MCV Audio Capture;C:\WINDOWS\system32\Drivers\pixmcva.sys [2003-12-05 15:39]
    S3 PIXMCVV;JVC PIX-MCV Video Capture;C:\WINDOWS\system32\Drivers\pixmcvv.sys [2003-12-05 15:39]
    S3 RT2400;RT2400 Wireless Driver;C:\WINDOWS\system32\DRIVERS\RT2400.sys [2003-10-08 13:14]
    S3 w550bus;Sony Ericsson W550 driver (WDM);C:\WINDOWS\system32\DRIVERS\w550bus.sys [2005-07-15 15:47]
    S4 BsUDF;InCD UDF Driver;C:\WINDOWS\system32\drivers\BsUDF.sys [2002-09-13 14:35]
    Reply With Quote Reply With Quote
  3. 09-02-2008, 09:38 AM #3
    MaSaM
    MaSaM is offline Geek Adept
    Join Date
    Feb 2005
    Posts
    90
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0495aede-f136-11dc-8953-0020ed52d029}]
    \Shell\AutoRun\command - G:\xn1i9x.com
    \Shell\explore\Command - G:\xn1i9x.com
    \Shell\open\Command - G:\xn1i9x.com

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{236cf4f0-7b0c-11db-8596-8000600fe800}]
    \Shell\Auto\command - boot.exe
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{2841cba5-527d-11dc-87d0-ce234fafd524}]
    \Shell\AutoRun\command - I:\ntde1ect.com
    \Shell\explore\Command - I:\ntde1ect.com
    \Shell\open\Command - I:\ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{2ee04a44-702d-11dc-87f1-0020ed52d029}]
    \Shell\AutoRun\command - ntde1ect.com
    \Shell\explore\Command - ntde1ect.com
    \Shell\open\Command - ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{41d292dc-f4c4-11da-844b-c3a7f44dde13}]
    \Shell\AutoRun\command - G:\SSCVIHOST.exe
    \Shell\Open\command - G:\SSCVIHOST.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{51c79556-d28b-11dc-88fc-0020ed52d029}]
    \Shell\AutoRun\command - mwtkwro.exe
    \Shell\explore\Command - mwtkwro.exe
    \Shell\open\Command - mwtkwro.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{55565873-d40e-11dc-8901-001060a49557}]
    \Shell\AutoRun\command - G:\usdeiect.com
    \Shell\explore\Command - G:\usdeiect.com
    \Shell\open\Command - G:\usdeiect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5a986365-908b-11dc-8849-0020ed52d029}]
    \Shell\AutoRun\command - H:\ntde1ect.com
    \Shell\explore\Command - H:\ntde1ect.com
    \Shell\open\Command - H:\ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{601c8cfd-07a8-11dc-8705-aea3deddfa10}]
    \Shell\Auto\command - sky.exe
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sky.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{60636256-4d78-11dc-87c4-97bacd86d08e}]
    \Shell\AutoRun\command - G:\ntde1ect.com
    \Shell\explore\Command - G:\ntde1ect.com
    Reply With Quote Reply With Quote
  4. 09-02-2008, 09:40 AM #4
    MaSaM
    MaSaM is offline Geek Adept
    Join Date
    Feb 2005
    Posts
    90
    this is thi hjt log after runing reg booster and nod32 a/v and rebooting :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:38:08 PM, on 9/2/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe
    D:\progs\Nod32\AV\nod32krn.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UTSCSI.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    D:\progs\Nod32\AV\nod32kui.exe
    E:\Programs\itunes7.6\iTunesHelper.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    D:\progs\Microsoft ActiveSync4.1\wcescomm.exe
    C:\Program Files\SAMSUNG\Samsung Internet Keyboard\MMKbd.exe
    D:\progs\MICROS~1.1\rapimgr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Documents and Settings\Asim\Desktop\HiJackThis.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\s wg.dll
    O2 - BHO: AL2Spy Class - {DC200356-0864-4F66-8964-5D43A19300F5} - C:\WINDOWS\AUTOLO~1\AL2DLL.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "D:\progs\Nod32\AV\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\progs\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "E:\Programs\itunes7.6\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\progs\Microsoft ActiveSync4.1\wcescomm.exe"
    O4 - Global Startup: Internet Keyboard.lnk = ?
    O8 - Extra context menu item: &Clean Traces - D:\progs\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - D:\progs\DAP\dapextie.htm
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZKman000
    O8 - Extra context menu item: Download &all with DAP - D:\progs\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\progs\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\progs\MICROS~1.1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\progs\MICROS~1.1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\progs\MICROS~1.1\INetRepl.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by118w.bay118.mail.live.com/m...s/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1163111350343
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driver...sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1205428184171
    O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/W...gPublisher.exe
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - - (no file)
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Bentley License Client (IEGLicSrv) - Bentley Systems Inc. - C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\progs\Nod32\AV\nod32krn.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Usbest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE

    --
    End of file - 8123 bytes
    Reply With Quote Reply With Quote
  5. 09-02-2008, 09:59 AM #5
    MaSaM
    MaSaM is offline Geek Adept
    Join Date
    Feb 2005
    Posts
    90
    this is nod 32 shortened ...i removed the files that couldnt be opened is shown in the note at thend of the log

    Scan performed at: 9/2/2008 5:00:43 AM
    Scanning Log
    NOD32 version 3405 (20080901) NT
    Operating memory - is OK

    Date: 2.9.2008 Time: 05:00:49
    Anti-Stealth technology is enabled.
    Scanned disks, folders and files: C:; D:; E:

    C:\Documents and Settings\Asim\Desktop\backups\backup-20080521-173740-959.dll - Win32/Adware.Virtumonde application - unable to clean - quarantined - deleted
    C:\Documents and Settings\Asim\Desktop\backups\backup-20080521-180909-532.dll - Win32/Adware.Virtumonde application - unable to clean - quarantined - deleted
    C:\Documents and Settings\Asim\Desktop\backups\backup-20080522-111524-594.dll - Win32/Adware.Virtumonde application - unable to clean - quarantined - deleted
    C:\QooBox\Quarantine\C\Program Files\NetProject\sbmdl.dll.vir - probably a variant of Win32/TrojanDownloader.Obfuscated trojan - unable to clean - quarantined - deleted

    Number of scanned files: 80724
    Number of threats found: 4
    Number of files cleaned: 4
    Time of completion: 05:23:02 Total scanning time: 1333 sec (00:22:13)

    Notes:
    [4] File cannot be opened. It may be in use by another application or operating system.
    Reply With Quote Reply With Quote
  6. 09-02-2008, 10:00 AM #6
    MaSaM
    MaSaM is offline Geek Adept
    Join Date
    Feb 2005
    Posts
    90
    this is uniblue registry booster2 log

    Scanning Date 9/1/2008 11:11:55 PM
    Entries Found 129
    Entries Deleted 129
    Entries HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\FileExts\.avi\OpenWithList
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\FileExts\.divx\OpenWithList
    HKEY_CURRENT_USER\Software\microsoft\windows\curre ntVersion\explorer\fileexts\.meta
    HKEY_CURRENT_USER\Software\microsoft\windows\curre ntVersion\explorer\fileexts\.nth
    HKEY_CURRENT_USER\Software\microsoft\windows\curre ntVersion\explorer\fileexts\.p3t
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\FileExts\.rar\OpenWithList
    HKEY_CURRENT_USER\Software\microsoft\windows\curre ntVersion\explorer\fileexts\.sfk
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\FileExts\.torrent\OpenWithList
    Software\Microsoft\Windows\CurrentVersion\Explorer \FileExts\.wave\OpenWithProgids
    HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1\CLS ID
    HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler.1\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar.1\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.htmlmenu\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager\ CLSID
    HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager. 1\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager\ CLSID
    HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager. 1\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutt on\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutt on.1\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.popswattersetting scontrol\CLSID
    HKEY_CLASSES_ROOT\funwebproducts.popswattersetting scontrol.1\CLSID
    HKEY_CLASSES_ROOT\mywebsearch.htmlpanel\CLSID
    HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1\CLSID
    HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplu gin\CLSID
    HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplu gin.1\CLSID
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugi n\CLSID
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugi n.1\CLSID
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin \CLSID
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin .1\CLSID
    HKEY_CLASSES_ROOT\screensavercontrol.screensaverin staller\CLSID
    HKEY_CLASSES_ROOT\screensavercontrol.screensaverin staller.1\CLSID
    HKEY_CLASSES_ROOT\CLSID\{22D6F312-B0F6-11D0-94AB-0080C74C7E95}\LocalServer32
    HKEY_CLASSES_ROOT\CLSID\{24cdf6ea-0b88-4d7a-aaf0-2048f90c2e1c}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{2c079982-25c8-4edf-9840-21d863a4716c}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{39A2C2A6-4778-11D2-9BDB-204C4F4F5020}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{39A2C2A9-4778-11D2-9BDB-204C4F4F5020}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{5bdb98cc-b3f5-4d33-9a91-cbc986bea087}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{63338267-37c4-44cf-8e46-756fbe9c8fdc}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{7312c0a0-a397-4a19-b432-9ac90c4466af}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{80EE9910-D470-4AED-AC5D-987046FDB574}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{847B4DF5-4B61-11D2-9BDB-204C4F4F5020}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{8bb882d5-de37-4630-84e9-cc4bd7c44cb1}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{aa9c1a1e-b91a-424e-9e27-3f1967b707f1}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{aef7e664-dc9b-48b2-8b35-5422d3f08c77}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{b4774192-c038-4350-986d-1bd91c20379a}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{d4704c9e-adbf-411a-9ef2-87feb99ccf69}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{e73e119c-be36-4693-8a47-88c16829008c}\TypeLib
    HKEY_CLASSES_ROOT\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32
    HKEY_CLASSES_ROOT\TypeLib\{04F33289-C1B6-4FF9-97D5-E74FB157E7C8}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{0AF768AC-4FBD-4914-B847-F4E13C984926}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{2F93D606-28F9-4B2D-A024-2DDEE124B542}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{4B0AB3E1-80F1-11CF-86B4-444553540000}\CS\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{9E93C96F-CF0D-43F6-8BA8-B807A3370712}\1.b\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{C1D8C091-AC66-4159-B738-E70A12B983A4}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{D6995525-B33A-4980-A106-9DF58570CC66}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0\win32
    HKEY_CLASSES_ROOT\TypeLib\{FF93E02F-0AC1-4F7E-A9AF-D929CDF5C230}\1.0\HELPDIR
    HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}\TypeLib
    HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}\TypeLib
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\*
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\*
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\*
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\*
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\ComDlg32\OpenSaveMRU\rar
    HKEY_CURRENT_USER\Software\SpeedBit\Download Accelerator\FileList\{078CFA7B-7B5E-43f0-A0AA-9D7986D5EB01}
    HKEY_CURRENT_USER\Software\SpeedBit\Download Accelerator\FileList\{540A459F-839C-4c20-901F-A49EE7211A5B}
    HKEY_CURRENT_USER\Software\SpeedBit\Download Accelerator\FileList\{DF3A84D0-B311-415b-8CB8-CB0CE406003F}
    HKEY_LOCAL_MACHINE\Software\Fun Web Products
    HKEY_LOCAL_MACHINE\Software\Fun Web Products
    HKEY_LOCAL_MACHINE\Software\Fun Web Products\ScreenSaver
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media\WMSDK\sources
    HKEY_LOCAL_MACHINE\Software\swearware
    C:\Documents and Settings\Asim\Recent\Canary_Islands.lnk
    C:\Documents and Settings\Asim\Recent\Canary_Islands_675.1409.lnk
    C:\Documents and Settings\Asim\Recent\Easyusetools_for Keygen.lnk
    C:\Documents and Settings\Asim\Recent\Easyusetool_for_Keygen.lnk
    C:\Documents and Settings\Asim\Recent\ind-tp22.lnk
    C:\Documents and Settings\Asim\Recent\ind-tp23.lnk
    C:\Documents and Settings\Asim\Recent\ind-tp24.lnk
    C:\Documents and Settings\Asim\Recent\ind-tp25.lnk
    C:\Documents and Settings\Asim\Recent\ind-tp26.lnk
    C:\Documents and Settings\Asim\Recent\ind-tt6ppc (2).lnk
    C:\Documents and Settings\Asim\Recent\ind-tt6ppc (3).lnk
    C:\Documents and Settings\Asim\Recent\ind-tt6ppc (4).lnk
    C:\Documents and Settings\Asim\Recent\ind-tt6ppc (5).lnk
    C:\Documents and Settings\Asim\Recent\ind-tt6ppc (6).lnk
    C:\Documents and Settings\Asim\Recent\ind-tt6ppc.lnk
    C:\Documents and Settings\Asim\Recent\insert_meta_from_Map_here.lnk
    C:\Documents and Settings\Asim\Recent\Jessica Alba's Sexiest Photos! [40 Pics].lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part08.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part09.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part10.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part11.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part12.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part13.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part14.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part15.lnk
    C:\Documents and Settings\Asim\Recent\north_america675[1].part16.lnk
    C:\Documents and Settings\Asim\Recent\ns068-069 [mininova].lnk
    C:\Documents and Settings\Asim\Recent\password.lnk
    C:\Documents and Settings\Asim\Recent\traffic.lnk
    C:\Documents and Settings\Asim\Recent\TTN7 (2).lnk
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules