| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 93928 | 2008-10-07 00:16:00 | Epic HijackThis log! | wratterus (105) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 710246 | 2008-10-07 00:16:00 | All I can say is.... wow! Also cleaned out over 4 GB of temp files from this machine, most of which seemed to be porn. :yuck: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:50:57, on 07/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spyware Terminator\SpywareTerminator.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by blueyonder O2 - BHO: (no name) - {0019D721-FF9F-4C93-8D6B-51A64C90C948} - (no file) O2 - BHO: (no name) - {0046D768-5616-4F58-AB48-78DE4C16D9B0} - (no file) O2 - BHO: (no name) - {0305E5FC-4D74-45FB-8AD3-62B94A9A2C57} - (no file) O2 - BHO: (no name) - {0353E853-FC6F-4465-83D7-FD941E2B24E6} - (no file) O2 - BHO: (no name) - {0428EE60-20DD-4BAA-84DA-E738DA864D21} - (no file) O2 - BHO: (no name) - {04546F6F-FFE6-4EA2-B138-5B37AF467729} - (no file) O2 - BHO: (no name) - {046B2749-38B0-4E6C-9FBC-FDFAF9F75A44} - (no file) O2 - BHO: (no name) - {058A9369-39E8-48D8-B6C1-5C0B495E81A8} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {07125B82-31B0-4EAF-B54A-9AE2AD9D0D3B} - (no file) O2 - BHO: (no name) - {08CFA9E4-5974-4DB6-B92A-EF5A155A4870} - (no file) O2 - BHO: (no name) - {091F7788-2D64-4776-B18E-CFC39CE8B015} - (no file) O2 - BHO: (no name) - {09CBD14D-76B0-46A2-9C0E-BF141A7F382F} - (no file) O2 - BHO: (no name) - {0F7F4E6B-C4BA-49E7-86B8-CF2EBCEF982C} - (no file) O2 - BHO: (no name) - {0FDBD15F-8FA4-4F2D-88CE-4CAABCDB2260} - (no file) O2 - BHO: (no name) - {10698063-9463-484C-BEF2-3BF854802540} - (no file) O2 - BHO: (no name) - {10B17DD3-20FA-4D6C-8EBE-0CFB32136361} - (no file) O2 - BHO: (no name) - {10E1E52C-8B76-4EBD-BDEF-6114A82A4715} - (no file) O2 - BHO: (no name) - {1460AE17-CAFE-49EE-BD1C-6A17A199C3A2} - (no file) O2 - BHO: (no name) - {182762DC-8DB0-4678-A7B6-D023DD5A93D8} - (no file) O2 - BHO: (no name) - {18709458-CF2C-4635-AA38-1ECDF5A076E0} - (no file) O2 - BHO: (no name) - {18D1BAAF-8D63-4774-AA76-9630AA87D3E9} - (no file) O2 - BHO: (no name) - {1A6BD4FB-D1A5-4077-BF9E-30DBDAEE6D2C} - (no file) O2 - BHO: (no name) - {1CA67B4E-6D53-4350-A7F2-B9589A18CE8F} - (no file) O2 - BHO: (no name) - {21D9898C-AB11-4A2E-9127-1EB13E4B7EE6} - (no file) O2 - BHO: (no name) - {2325109C-F882-4C12-8CFD-17F566215CD0} - (no file) O2 - BHO: (no name) - {23FA495B-4A8B-40C3-9BF7-72A757565D88} - (no file) O2 - BHO: (no name) - {2421CA97-FEEF-4380-AB04-F92BA6F81775} - (no file) O2 - BHO: (no name) - {25C7ADB3-2BFB-4C05-823D-C731305D7F8A} - (no file) O2 - BHO: (no name) - {25EA689D-981C-496F-8C8E-EA00B7E5A0DB} - (no file) O2 - BHO: (no name) - {2604BF96-0E22-40FA-B21E-B9B59F0E3FE3} - (no file) O2 - BHO: (no name) - {26F60064-07D5-4C03-BA30-AED1E81ED21A} - (no file) O2 - BHO: (no name) - {28243136-381E-4A6A-8174-7A8AF2A4EFD4} - (no file) O2 - BHO: (no name) - {2A99643D-2E5A-4D61-B7C1-AC3B2FA018FB} - (no file) O2 - BHO: (no name) - {2D891F59-2B0A-4C9D-8936-612ACA6DA874} - (no file) O2 - BHO: (no name) - {2DE88355-394B-49BE-9F07-9BC5E91C76A5} - (no file) O2 - BHO: (no name) - {2ED5EB1A-CF8A-4DB9-AB45-4052F7572B31} - (no file) O2 - BHO: (no name) - {340CC24B-F712-4A04-85ED-32A6AFC4E283} - (no file) O2 - BHO: (no name) - {343F8FBE-73D5-47C4-8BD7-B0C361CB2B3F} - (no file) O2 - BHO: (no name) - {34C78A4C-4517-48FC-BB51-C687ED66EE5F} - (no file) O2 - BHO: (no name) - {36396BAD-BD87-46C0-BF7B-5CFB1DE6FC63} - (no file) O2 - BHO: (no name) - {37965837-3C12-4F78-AB3E-76ADD6286192} - (no file) O2 - BHO: (no name) - {386D4C42-039C-4804-9910-C99B682E3A6F} - (no file) O2 - BHO: (no name) - {3A104336-CEF9-4B2C-8F1C-899F21AE2C50} - (no file) O2 - BHO: (no name) - {3B1C6FF9-B793-4ED4-B8A8-60561C15305A} - (no file) O2 - BHO: (no name) - {3BDB4F1B-AABE-4F88-AFF8-268DEB493B54} - (no file) O2 - BHO: (no name) - {3CE5AFBA-A001-484F-B8FF-C8E2A4954D17} - (no file) O2 - BHO: (no name) - {3DA9555D-DFFF-44DC-941C-598A3784930A} - (no file) O2 - BHO: (no name) - {42E1F037-E017-455B-8677-A6664BAFA6D4} - (no file) O2 - BHO: (no name) - {43E345B4-7C59-440D-B5C0-4401910C1DAA} - (no file) O2 - BHO: (no name) - {45C821E9-5988-4113-AF6F-B6465EBE3FF0} - (no file) O2 - BHO: (no name) - {466140F6-0A2A-4EEE-B359-01B3B19668A1} - (no file) O2 - BHO: (no name) - {46BCABB4-97A6-43C0-8CE7-7B7D7F3F724C} - (no file) O2 - BHO: (no name) - {49088694-EFBF-46F2-950A-061D8113F415} - (no file) O2 - BHO: (no name) - {49EBA95B-68F5-44D9-872A-69A0405E8906} - (no file) O2 - BHO: (no name) - {4AB768C1-ED1A-4EC1-B455-2C37ACF7B051} - (no file) O2 - BHO: (no name) - {4FBE54A6-DA5E-4697-9672-1607DE3CD7D2} - (no file) O2 - BHO: (no name) - {50740027-0E00-4831-848E-C0A5D946CFA3} - (no file) O2 - BHO: (no name) - {50ACEC4C-FF59-4282-A1D2-83032606E831} - (no file) O2 - BHO: (no name) - {55185D47-4FCF-4306-9818-98F08E6663A3} - (no file) O2 - BHO: (no name) - {557A1062-82F4-4D15-914C-A177C327ED72} - (no file) O2 - BHO: (no name) - {55D1CC04-79E4-4E31-B470-BD77D66E1F43} - (no file) O2 - BHO: (no name) - {56041B4E-CCA2-4161-9B55-F71134121213} - (no file) O2 - BHO: (no name) - {5C008E34-4817-47DF-90C9-24F135D4C766} - (no file) O2 - BHO: 209789 helper - {5C78E2DB-5AFC-4A3B-9B9F-6AF136562E6F} - (no file) O2 - BHO: (no name) - {5D06B3F3-A871-48AF-8A7A-11F5A4C4A589} - (no file) O2 - BHO: (no name) - {5D1A84F8-E9EA-42AA-8B8A-40D288DAC96C} - (no file) O2 - BHO: (no name) - {5D3F4B48-78F3-4CE0-B648-583972449764} - (no file) O2 - BHO: (no name) - {5D8674D4-768E-4BDC-BB92-57F481D1AFB5} - (no file) O2 - BHO: (no name) - {5E84B511-2A0C-4F09-9D33-AC1CAECAE5B5} - (no file) O2 - BHO: (no name) - {60A7D44F-6450-4AA5-9914-578B201E8F44} - (no file) O2 - BHO: (no name) - {62A928D9-B323-41C9-8605-B5A88E83D305} - (no file) O2 - BHO: (no name) - {65415080-C77F-4957-92E7-ACA0D05B4330} - (no file) O2 - BHO: (no name) - {65A5C3A8-0701-42FC-9CBC-2EBE16B6EE1E} - (no file) O2 - BHO: (no name) - {6633F781-5AB2-407A-8FA8-C53FEE52DBC4} - (no file) O2 - BHO: (no name) - {66751CEB-C219-42D3-8189-7EAFE2C708DE} - (no file) O2 - BHO: (no name) - {69F859EC-B9F7-4481-A9D1-E96581032A6B} - (no file) O2 - BHO: (no name) - {6A204A2F-BC01-4305-B72B-7CBDCA7380A1} - (no file) O2 - BHO: (no name) - {6AD2122F-BAEF-4590-8C90-4999204F293C} - (no file) O2 - BHO: (no name) - {6C054E92-8D9C-4161-AC28-D825E92350DC} - (no file) O2 - BHO: (no name) - {6EC2299A-E8DE-41A4-990C-FDF1ED7132EA} - (no file) O2 - BHO: (no name) - {6EDF8F47-386D-409B-9D55-6E036E25BC9B} - (no file) O2 - BHO: (no name) - {6F82063A-B667-4DC3-A12A-C893CE2A5C79} - (no file) O2 - BHO: (no name) - {714178D6-65A2-4BC0-A965-D12CD6DE0714} - (no file) O2 - BHO: (no name) - {740D89EE-8BBE-4809-A02A-9ACD51B9174F} - (no file) O2 - BHO: (no name) - {758591F2-F846-43D3-BC69-47602B958E19} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {77D3A5B4-CFD1-4046-8909-7CD99A68311F} - (no file) O2 - BHO: (no name) - {796CDBBD-F406-4B1A-8037-A6CC03AFBD51} - (no file) O2 - BHO: (no name) - {79FA7FC5-182D-421B-9A23-EE217A6984B9} - (no file) O2 - BHO: (no name) - {7E120705-DD71-412F-9F23-1A47D26DF550} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {7EC6C8F5-ABFD-4CB4-B0BF-C3C4CC4FA00B} - (no file) O2 - BHO: (no name) - {8104C8C5-C365-4CAF-8395-674D51D7D73C} - (no file) O2 - BHO: (no name) - {826A5ED9-1316-4EFD-87F8-AA400C5D551A} - (no file) O2 - BHO: (no name) - {83B47CA0-32ED-412A-98DE-EC57E8F31548} - (no file) O2 - BHO: (no name) - {855ACBC8-EF4D-42A0-BB61-022E6DFB60D9} - (no file) O2 - BHO: (no name) - {869E9C3F-653C-40CF-8A95-B9961255790F} - (no file) O2 - BHO: (no name) - {86B7193B-215B-4AD2-B0BE-436430ABE761} - (no file) O2 - BHO: (no name) - {86F97A4E-914E-45AA-AD95-C5CD4E8CC9E2} - (no file) O2 - BHO: (no name) - {87E57775-4621-4D0C-850F-413150F326B9} - (no file) O2 - BHO: (no name) - {88E21E13-2F48-4DC2-89F8-F7836091E672} - (no file) O2 - BHO: (no name) - {89FAC39B-4F25-4ACA-B07F-3564A1ECC615} - (no file) O2 - BHO: (no name) - {8AD541C1-CE06-47C6-99C0-BA5FF96F3292} - (no file) O2 - BHO: (no name) - {8CCE5C0E-0152-414D-8E94-C3F1091BC100} - (no file) O2 - BHO: (no name) - {8D21E4E0-5F54-4FDD-B7F7-D85D8060AB75} - (no file) O2 - BHO: (no name) - {8D987865-7DDE-4646-9209-22C3D7666E3E} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {930B1808-5B57-4218-B5B2-1B695F6C92AB} - (no file) O2 - BHO: (no name) - {9318A117-6FB5-4690-ADA8-1BA2015202B2} - (no file) O2 - BHO: (no name) - {98FAA070-1470-458B-8C04-6EB8E935CC05} - (no file) O2 - BHO: (no name) - {9B0F9737-31C2-4054-AF15-B64A5C4A610E} - (no file) O2 - BHO: (no name) - {A381B52D-B6BA-45E3-8B2D-B59B73CA34FB} - (no file) O2 - BHO: (no name) - {A5127462-C7A2-40A8-90C7-4BCFD7B10ED8} - (no file) O2 - BHO: (no name) - {A6FD43D7-1548-4C11-9FBC-09E2251F32B2} - (no file) O2 - BHO: {a31d893e-c375-ab6a-3254-7378b550227a} - {a722055b-8737-4523-a6ba-573ce398d13a} - (no file) O2 - BHO: (no name) - {AD48B886-E7B2-4173-B4A3-17F3A8ECE0C8} - (no file) O2 - BHO: {2f24e9f0-b1f1-78f8-f234-7a6ef46d47da} - {ad74d64f-e6a7-432f-8f87-1f1b0f9e42f2} - (no file) O2 - BHO: (no name) - {AEEA938D-0430-4E02-81EB-C247BC57766E} - (no file) O2 - BHO: (no name) - {B2D37290-4B17-4B19-8C7A-063FCBCDB8F0} - (no file) O2 - BHO: (no name) - {B513498F-08DB-48AD-A145-EE381D3C6C17} - (no file) O2 - BHO: (no name) - {B60D5DFF-3D44-4A29-AA8D-D2692AAF044C} - (no file) O2 - BHO: (no name) - {B61DECDA-031E-4F71-9919-A957B1761A7B} - (no file) O2 - BHO: (no name) - {B6BE30DB-E007-46A1-B089-DC8546A4F0A2} - (no file) O2 - BHO: (no name) - {B90DADD0-37BC-46AE-B3A8-3C01370F2ED9} - (no file) O2 - BHO: (no name) - {B90EF561-79A4-4CF8-B181-A98510F079EC} - (no file) O2 - BHO: (no name) - {BA57174A-82B4-4EDD-A603-EDAEEF144E07} - (no file) O2 - BHO: (no name) - {BB3D5894-DC00-433B-9AC3-6D330282D8E8} - (no file) O2 - BHO: (no name) - {BB43F40A-E869-4F28-924C-8AA3E995E19D} - (no file) O2 - BHO: (no name) - {BC66AC1C-A4A3-4360-BC1A-25277A910DB1} - (no file) O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {BDDA9538-4717-4B0B-B483-10EDD2F9D9BF} - (no file) O2 - BHO: (no name) - {C16B8140-D8B2-45AC-8DA9-27F2EEBC854B} - (no file) O2 - BHO: (no name) - {C1D6B313-085C-4057-AE1F-0B59613839D1} - (no file) O2 - BHO: (no name) - {C236FBA5-FD02-4508-988E-42B3B850F8D7} - (no file) O2 - BHO: (no name) - {C42CC7C9-4ACF-4396-B9A9-BE0F849717FE} - (no file) O2 - BHO: (no name) - {C62CFFE0-D47E-4462-B9A1-2D3856DA5806} - (no file) O2 - BHO: (no name) - {C8603626-8017-4BDF-98D2-DCC285E0FBDE} - (no file) O2 - BHO: (no name) - {CA47CE53-18D0-4EC4-9AB3-5518CF24938F} - (no file) O2 - BHO: (no name) - {CA6EAE7D-7933-4561-8785-6DD62B9734CB} - (no file) O2 - BHO: (no name) - {CC57990A-2C16-4EC8-AB09-7429EEA8909E} - (no file) O2 - BHO: (no name) - {CD60B268-8B13-4D6C-87ED-63B16A27147E} - (no file) O2 - BHO: (no name) - {CE89C5D6-D86D-4820-9B0E-9A60FF0BCD16} - (no file) O2 - BHO: (no name) - {D09560DC-A566-4ED8-92B0-D98D46F1BD33} - (no file) O2 - BHO: {6a55b428-cb25-b09b-77e4-6727175dee3d} - {d3eed571-7276-4e77-b90b-52bc824b55a6} - C:\WINDOWS\system32\afkqudmw.dll O2 - BHO: (no name) - {D4545411-8A47-42CB-A788-93FC8265905B} - (no file) O2 - BHO: (no name) - {D4BDCEB6-02DA-4E70-8F65-0B062613AD1F} - (no file) O2 - BHO: (no name) - {D97E43A6-B3E6-4CAE-A20C-C94DC4D9C877} - (no file) O2 - BHO: (no name) - {E0E5643C-66DE-460D-9C03-7581CE606A23} - (no file) O2 - BHO: (no name) - {E19CFDC7-2AE5-4A3C-9052-BBEA6AC24FE9} - (no file) O2 - BHO: (no name) - {E4B281F5-767E-4AA6-9CA4-6BC7F22A962D} - (no file) O2 - BHO: (no name) - {E5E2CE96-4799-4917-A020-F0F814101404} - (no file) O2 - BHO: (no name) - {E644DF45-C95B-4243-8B34-FCAEE9EAF170} - (no file) O2 - BHO: (no name) - {E7C4DDFC-8209-4527-BFCB-0A805AA14D94} - (no file) O2 - BHO: (no name) - {EABFB153-23E7-42B8-9EC1-4730ADB16BB0} - (no file) O2 - BHO: (no name) - {EB570F31-1A70-4FDA-9F68-CCBA01F873E1} - (no file) O2 - BHO: (no name) - {EB8FBF21-863E-4C66-9A10-7D357F5CCA18} - (no file) O2 - BHO: (no name) - {EC9A6A32-2EC7-4BE8-9896-BDA361FEE057} - (no file) O2 - BHO: (no name) - {EEB3FF37-E6AF-44E9-9A30-BC4F2B79A6C4} - (no file) O2 - BHO: (no name) - {EF709511-A150-4DEB-B120-64FDDC0752CD} - (no file) O2 - BHO: (no name) - {F1244183-3E33-45AA-9C4D-91073653E2F4} - (no file) O2 - BHO: (no name) - {F2307F60-4ED0-46E2-A5BA-2DD89D4118CA} - (no file) O2 - BHO: (no name) - {F25FE0E5-0064-4071-9AD9-3C7503B8E2B3} - (no file) O2 - BHO: (no name) - {F531DDD4-893E-4117-9FDA-6C3A231E8D1D} - (no file) O2 - BHO: (no name) - {F6281BCD-7910-4075-9C9A-22DFA2D011F5} - (no file) O2 - BHO: (no name) - {F78996E3-9739-4A8E-9470-5F01067218A7} - (no file) O2 - BHO: (no name) - {F8AE6BC2-310A-4DE1-A1AE-58A764C3BACF} - (no file) O2 - BHO: (no name) - {F966F126-19F5-4566-8159-A7810952449A} - (no file) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O2 - BHO: (no name) - {FE9CD1D8-9ADA-44D5-9CB6-7664DF9E1C90} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [BMb309dc43] Rundll32.exe "C:\WINDOWS\system32\sycifavl.dll",s O4 - HKLM\..\Run: [b03aefdf] rundll32.exe "C:\WINDOWS\system32\pafeelad.dll",b O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [Eyeball Chat] "C:\PROGRA~1\Eyeball\EYEBAL~1\EyeballChat.exe" -min O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: KODAK Picture Transfer Software.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-nz\msntabres.dll.mui/229?8de9c1f14f3c4220a93843002d4a55b5 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-nz\msntabres.dll.mui/230?8de9c1f14f3c4220a93843002d4a55b5 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - a1540.g.akamai.net O17 - HKLM\System\CCS\Services\Tcpip\..\{0C79612B-FB63-4093-B923-AFE51CA1A83B}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{3ACF56CB-5D8B-4A27-B921-5BC917199C32}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{69B12B8A-BF3E-4A49-BCFF-AC0F092FB916}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{739D8D0B-D1A7-49BE-AD5B-5FBBC0AF0976}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{91B5823C-29DB-427E-B332-D54D85D465B9}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{98C0EC3B-C695-473F-9DC0-36BCE1069392}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{F71921AE-D7D4-4276-8BAD-CCE93070912F}: NameServer = 85.255.114.85,85.255.112.25 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.85 85.255.112.25 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.85 85.255.112.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.85 85.255.112.25 O20 - Winlogon Notify: tqwfwiea - C:\WINDOWS\SYSTEM32\tqwfwiea.dll O20 - Winlogon Notify: tttbvfkq - C:\WINDOWS\SYSTEM32\tttbvfkq.dll O20 - Winlogon Notify: uihkxsyx - C:\WINDOWS\SYSTEM32\uihkxsyx.dll O20 - Winlogon Notify: vvuxdxla - C:\WINDOWS\SYSTEM32\vvuxdxla.dll O20 - Winlogon Notify: wousclnp - C:\WINDOWS\SYSTEM32\wousclnp.dll O20 - Winlogon Notify: ynfdqvpv - C:\WINDOWS\SYSTEM32\ynfdqvpv.dll O20 - Winlogon Notify: yoowimfh - C:\WINDOWS\SYSTEM32\yoowimfh.dll O20 - Winlogon Notify: __c0015304 - __c0015304.dat (file missing) O20 - Winlogon Notify: __c001941B - __c001941B.dat (file missing) O20 - Winlogon Notify: __c002021C - __c002021C.dat (file missing) O20 - Winlogon Notify: __c0048D22 - __c0048D22.dat (file missing) O20 - Winlogon Notify: __c004AEBC - __c004AEBC.dat (file missing) O20 - Winlogon Notify: __c004F139 - __c004F139.dat (file missing) O20 - Winlogon Notify: __c005ECDE - __c005ECDE.dat (file missing) O20 - Winlogon Notify: __c00647B8 - __c00647B8.dat (file missing) O20 - Winlogon Notify: __c0068BE4 - __c0068BE4.dat (file missing) O20 - Winlogon Notify: __c0070651 - __c0070651.dat (file missing) O20 - Winlogon Notify: __c0070707 - __c0070707.dat (file missing) O20 - Winlogon Notify: __c00781 - __c00781.dat (file missing) O20 - Winlogon Notify: __c007CAC2 - __c007CAC2.dat (file missing) O20 - Winlogon Notify: __c00818BE - __c00818BE.dat (file missing) O20 - Winlogon Notify: __c0086F48 - __c0086F48.dat (file missing) O20 - Winlogon Notify: __c0098590 - __c0098590.dat (file missing) O20 - Winlogon Notify: __c009C3A0 - __c009C3A0.dat (file missing) O20 - Winlogon Notify: __c009CCF4 - __c009CCF4.dat (file missing) O20 - Winlogon Notify: __c009D24D - __c009D24D.dat (file missing) O20 - Winlogon Notify: __c00B9E10 - __c00B9E10.dat (file missing) O20 - Winlogon Notify: __c00BC48E - __c00BC48E.dat (file missing) O20 - Winlogon Notify: __c00C5FA4 - __c00C5FA4.dat (file missing) O20 - Winlogon Notify: __c00D1DD1 - __c00D1DD1.dat (file missing) O20 - Winlogon Notify: __c00E66B1 - __c00E66B1.dat (file missing) O20 - Winlogon Notify: __c00E8FB9 - __c00E8FB9.dat (file missing) O20 - Winlogon Notify: __c00EB498 - __c00EB498.dat (file missing) O20 - Winlogon Notify: __c00F0D61 - __c00F0D61.dat (file missing) O20 - Winlogon Notify: __c00F99E4 - __c00F99E4.dat (file missing) O20 - Winlogon Notify: __c00FC603 - __c00FC603.dat (file missing) O22 - SharedTaskScheduler: hyperproduction - {9d19a1a9-3cdf-4f15-a5ca-ea3905febded} - (no file) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 22175 bytes And here's a list of all the hidden/system files in system32. :eek: Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\The User>cd c:\windows\system32 C:\WINDOWS\system32>dir /ash Volume in drive C has no label. Volume Serial Number is B03A-EF70 Directory of C:\WINDOWS\system32 15/05/2008 22:35 1,539,258 arptmavl.ini 08/04/2008 23:18 792,339 cbmtyaau.ini 06/04/2008 22:34 826,379 cyctryiv.ini 07/10/2008 12:19 1,010,683 daleefap.ini 10/03/2008 15:03 <DIR> dllcache 22/04/2008 18:49 1,540,857 egokgktp.ini 09/04/2008 23:42 810,313 emsogfym.ini 17/04/2008 20:20 1,524,344 ewlasfkj.ini 28/04/2008 20:44 1,483,937 fkftrydf.ini 13/04/2008 21:34 849,184 hkbyynqs.ini 23/04/2008 21:37 1,541,269 hkckpcog.ini 19/05/2008 23:31 1,651,405 igfwgtgt.ini 17/04/2008 02:06 1,570,223 ioxjpvbu.ini 09/05/2008 23:50 1,497,118 lrxcaupc.ini 07/10/2008 12:25 378,441 lUvxIRqr.ini 07/10/2008 12:25 378,441 lUvxIRqr.ini2 13/05/2008 20:41 1,494,602 mcojqesu.ini 07/05/2008 00:30 1,475,884 mdhvpjwo.ini 06/05/2008 01:02 1,484,726 oovroldl.ini 10/04/2008 19:21 810,613 ouwwnbif.ini 03/04/2008 18:31 700,415 ptiyswnd.ini 26/04/2008 00:56 1,508,531 pyglgueu.ini 19/05/2008 23:33 1,481,742 qksgclfq.ini 12/05/2008 19:33 1,217,068 roisabey.ini 18/05/2008 15:59 1,467,128 sjwxguwj.ini 04/04/2008 21:35 762,476 solxgrth.ini 09/04/2008 23:52 810,493 tbqlwmuj.ini 16/04/2008 20:09 849,640 uasfcyap.ini 01/05/2008 23:00 1,483,339 uwogluob.ini 21/05/2008 00:10 1,490,750 wbmnqcni.ini 04/05/2008 01:05 1,484,477 wrypjglf.ini 13/05/2008 20:41 1,252,019 xnpyyvkc.ini 15/04/2008 20:07 849,391 yopkxlue.ini 27/04/2008 19:27 1,508,652 yposscpp.ini 33 File(s) 39,526,137 bytes 1 Dir(s) 49,139,331,072 bytes free |
wratterus (105) | ||
| 710247 | 2008-10-07 00:23:00 | Nice one... you going to confront them about the dangers of porn sites? Or just tell them to use S&D and CCleaner more? Blame the teenage son I think (if there is one). Not that adults are any better. |
Thebananamonkey (7741) | ||
| 710248 | 2008-10-07 00:27:00 | Nice one... you going to confront them about the dangers of porn sites? Or just tell them to use S&D and CCleaner more? Blame the teenage son I think (if there is one). Not that adults are any better. :lol: All of the above. ;) |
wratterus (105) | ||
| 710249 | 2008-10-07 00:36:00 | That has to be a record... 22KB Edit: Didn't think there'd be NO hidden files in \system32... but it turns out I'm wrong :D C:\Users\LOL>cd c:\windows\system32 C:\Windows\System32>dir /ash Volume in drive C is Windows Vista Volume Serial Number is B0B9-1203 Directory of C:\Windows\System32 03/11/2006 01:56 a.m. 82 desktop.ini 1 File(s) 82 bytes 0 Dir(s) 184,174,981,120 bytes free It is Vista though not XP. |
jwil1 (65) | ||
| 710250 | 2008-10-07 00:45:00 | :D In XP, dllcache should be there but nothing else. Occasionally some software will put files in there, I think that's where sony hides their rootkits. :p |
wratterus (105) | ||
| 1 | |||||