Jump to content

Someone want to look at this HiJackThis log?

Orpheus

By Orpheus
in Tech and Computers

 Share

Recommended Posts

Orpheus

Orpheus

Posted
Posted

I hid it, and I want to know what needs to be removed:

 

 

 

[hide=]Logfile of Trend Micro HijackThis v2.0.2

 

Scan saved at 5:49:08 PM, on 8/11/2008

 

Platform: Windows XP SP3 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

 

Boot mode: Normal

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\Windows Defender\MsMpEng[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\aawservice[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\ashServ[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

C:\WINDOWS\RTHDCPL[Caution: Executable File]

 

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]

 

C:\Program Files\Nero\Nero 7\InCD\NBHGui[Caution: Executable File]

 

C:\Program Files\Nero\Nero 7\InCD\InCD[Caution: Executable File]

 

C:\Program Files\ASUS\GamerOSD\GamerOSD[Caution: Executable File]

 

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: Executable File]

 

C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliType Pro\itype[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliPoint\ipoint[Caution: Executable File]

 

C:\Program Files\Java\jre1.6.0_06\bin\jusched[Caution: Executable File]

 

C:\WINDOWS\system32\RUNDLL32[Caution: Executable File]

 

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliType Pro\dpupdchk[Caution: Executable File]

 

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

C:\Program Files\Nero\Nero 7\InCD\InCDsrv[Caution: Executable File]

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File]

 

C:\Program Files\NVIDIA Corporation\nTune\nTuneService[Caution: Executable File]

 

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

C:\WINDOWS\system32\PnkBstrA[Caution: Executable File]

 

C:\WINDOWS\system32\PnkBstrB[Caution: Executable File]

 

C:\Program Files\CyberLink\Shared Files\RichVideo[Caution: Executable File]

 

C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE[Caution: Executable File]

 

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService[Caution: Executable File]

 

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: Executable File]

 

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

C:\WINDOWS\system32\wuauclt[Caution: Executable File]

 

C:\WINDOWS\system32\msiexec[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\Program Files\RivaTuner v2.09\RivaTuner[Caution: Executable File]

 

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw[Caution: Executable File]

 

\?\C:\WINDOWS\system32\WBEM\WMIADAP[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

C:\WINDOWS\system32\wuauclt[Caution: Executable File]

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1098640

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

 

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

 

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

 

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL[Caution: Executable File]

 

O4 - HKLM\..\Run: [Alcmtr] ALCMTR[Caution: Executable File]

 

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]"

 

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language[Caution: Executable File]"

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck[Caution: Executable File]

 

O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui[Caution: Executable File]

 

O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD[Caution: Executable File]

 

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD[Caution: Executable File]

 

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: Executable File]

 

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]" -hide

 

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype[Caution: Executable File]"

 

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint[Caution: Executable File]"

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched[Caution: Executable File]"

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

 

O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.09\RivaTuner[Caution: Executable File]" /S

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd[Caution: Executable File]" clear

 

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd[Caution: Executable File]" /automount

 

O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster[Caution: Executable File] /S

 

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20[Caution: Executable File]" -t (User 'SYSTEM')

 

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20[Caution: Executable File]" -t (User 'Default user')

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL[Caution: Executable File]/3000

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

 

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

 

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice[Caution: Executable File]

 

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: Executable File]

 

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService[Caution: Executable File]

 

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ[Caution: Executable File]

 

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: Executable File]

 

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: Executable File]

 

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: Executable File]

 

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv[Caution: Executable File]

 

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService[Caution: Executable File]

 

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService[Caution: Executable File]

 

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService[Caution: Executable File]

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA[Caution: Executable File]

 

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB[Caution: Executable File]

 

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo[Caution: Executable File]

 

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE[Caution: Executable File]

 

O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService[Caution: Executable File]

 

 

 

--[/hide]

I was going to eat hot dogs for dinner tonight. I think I will settle for cereal.

 

OPEN WIDE HERE COMES THE HELICOPTER.

Link to comment
Share on other sites
gonpost

gonpost

Posted
Posted
I hid it, and I want to know what needs to be removed:

 

 

 

[hide=]Logfile of Trend Micro HijackThis v2.0.2

 

Scan saved at 5:49:08 PM, on 8/11/2008

 

Platform: Windows XP SP3 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

 

Boot mode: Normal

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\Windows Defender\MsMpEng[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\aawservice[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\ashServ[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

C:\WINDOWS\RTHDCPL[Caution: Executable File]

 

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]

 

C:\Program Files\Nero\Nero 7\InCD\NBHGui[Caution: Executable File]

 

C:\Program Files\Nero\Nero 7\InCD\InCD[Caution: Executable File]

 

C:\Program Files\ASUS\GamerOSD\GamerOSD[Caution: Executable File]

 

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: Executable File]

 

C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliType Pro\itype[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliPoint\ipoint[Caution: Executable File]

 

C:\Program Files\Java\jre1.6.0_06\bin\jusched[Caution: Executable File]

 

C:\WINDOWS\system32\RUNDLL32[Caution: Executable File]

 

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliType Pro\dpupdchk[Caution: Executable File]

 

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

C:\Program Files\Nero\Nero 7\InCD\InCDsrv[Caution: Executable File]

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File]

 

C:\Program Files\NVIDIA Corporation\nTune\nTuneService[Caution: Executable File]

 

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

C:\WINDOWS\system32\PnkBstrA[Caution: Executable File]

 

C:\WINDOWS\system32\PnkBstrB[Caution: Executable File]

 

C:\Program Files\CyberLink\Shared Files\RichVideo[Caution: Executable File]

 

C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE[Caution: Executable File]

 

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService[Caution: Executable File]

 

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: Executable File]

 

C:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: Executable File]

 

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

C:\WINDOWS\system32\wuauclt[Caution: Executable File]

 

C:\WINDOWS\system32\msiexec[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\Program Files\RivaTuner v2.09\RivaTuner[Caution: Executable File]

 

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw[Caution: Executable File]

 

\?\C:\WINDOWS\system32\WBEM\WMIADAP[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

C:\WINDOWS\system32\wuauclt[Caution: Executable File]

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1098640

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

 

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

 

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

 

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL[Caution: Executable File]

 

O4 - HKLM\..\Run: [Alcmtr] ALCMTR[Caution: Executable File]

 

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]"

 

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language[Caution: Executable File]"

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck[Caution: Executable File]

 

O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui[Caution: Executable File]

 

O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD[Caution: Executable File]

 

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD[Caution: Executable File]

 

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: Executable File]

 

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]" -hide

 

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype[Caution: Executable File]"

 

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint[Caution: Executable File]"

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched[Caution: Executable File]"

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

 

O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.09\RivaTuner[Caution: Executable File]" /S

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd[Caution: Executable File]" clear

 

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd[Caution: Executable File]" /automount

 

O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster[Caution: Executable File] /S

 

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20[Caution: Executable File]" -t (User 'SYSTEM')

 

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20[Caution: Executable File]" -t (User 'Default user')

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL[Caution: Executable File]/3000

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

 

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

 

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice[Caution: Executable File]

 

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: Executable File]

 

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService[Caution: Executable File]

 

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ[Caution: Executable File]

 

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: Executable File]

 

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: Executable File]

 

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: Executable File]

 

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv[Caution: Executable File]

 

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService[Caution: Executable File]

 

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService[Caution: Executable File]

 

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService[Caution: Executable File]

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA[Caution: Executable File]

 

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB[Caution: Executable File]

 

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo[Caution: Executable File]

 

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE[Caution: Executable File]

 

O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService[Caution: Executable File]

 

 

 

--[/hide]

 

 

 

 

 

Something like that. Just look for the names....if you recognize it and want it, keep it. I just bolded some things which I was pretty sure you wouldn't need or looked somewhat fishy. Extra buttons are almost always fine to be deleted...

 

 

 

That's just my quick run-through. I wouldn't say any of that NEEDS to be deleted for sure, though. Maybe look up one or two of those EXEs.

Runescape Name: "unbug07"

sunsig6yg.png

Expand your mind.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept