MyCity » Ambulanta -> Arhiva Ambulante » Problemi sa Generic host-om.

Problemi sa Generic host-om.

Napisano na dan: 31.1.2009

Strana:
1
2

Problemi sa Generic host-om.

Sledeća strana

Pagination

Odgovori

Strana:
1
2

taz_trippin Poslao: 31 Jan 2009 09:29 Idi na vrh
offline taz_trippin Građanin Pridružio: 02 Mar 2006 Poruke: 108 Gde živiš: Nis	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz. Procitao sam sve topice na forumu koji imaju slicne probleme, probao sve savete i nista. Sve po starom. Naime, kada ukljucim racunar i pri koriscenju interneta, javlja se Generic Host Error. Win u details govori da je rec o programu gg.exe, kojeg nikako ne mogu da se resim. Evo loga: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:19:11, on 31.1.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UTSCSI.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = daemon-search.com/startpage R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [MbWzdFPAP-EXL540] F:\PdtGuide.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [HService] c:\WINDOWS\msservice.exe O4 - HKLM\..\Run: [Sys32] c:\WINDOWS\Sys32.exe O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe O4 - HKLM\..\Run: [MS service] C:\WINDOWS\system32\w32serv.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ctfmon.exe] C:\WINDOWS\gg.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{009A194D-0C02-4EE0-93D4-2E57DF01E4D8}: NameServer = 212.200.191.166,212.200.190.166 O17 - HKLM\System\CS1\Services\Tcpip\..\{009A194D-0C02-4EE0-93D4-2E57DF01E4D8}: NameServer = 212.200.191.166,212.200.190.166 O17 - HKLM\System\CS3\Services\Tcpip\..\{009A194D-0C02-4EE0-93D4-2E57DF01E4D8}: NameServer = 212.200.191.166,212.200.190.166 O17 - HKLM\System\CS4\Services\Tcpip\..\{009A194D-0C02-4EE0-93D4-2E57DF01E4D8}: NameServer = 212.200.191.166,212.200.190.166 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: USBest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE -- End of file - 7176 bytes Hvala unapred.

Profil

helen1 Poslao: 31 Jan 2009 11:09 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advance Mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte Resident Tea-Timer Zatvorite Spybot S&D Restartujte kompjuter. - Zatim skinuti program sa ovog linka na Desktop. - Pokrenuti ga dvoklikom i ispratiti uputstva. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. --------------------------------- * Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana. * Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu. * U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ---------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

taz_trippin Poslao: 31 Jan 2009 16:58 Idi na vrh
offline taz_trippin Građanin Pridružio: 02 Mar 2006 Poruke: 108 Gde živiš: Nis	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-21.04 - COPY HOUSE 2009-01-31 16:53:09.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.555 [GMT 1:00] Running from: c:\documents and settings\COPY HOUSE\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning enabled (Outdated) * Created a new restore point . - REDUCED FUNCTIONALITY MODE - . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini E:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-12-28 to 2009-01-31 ))))))))))))))))))))))))))))))) . 2009-01-31 09:18 . 2009-01-31 09:18 <DIR> d-------- c:\program files\Trend Micro 2009-01-24 18:18 . 2009-01-24 18:18 25 --a------ c:\windows\cdplayer.ini 2009-01-24 18:17 . 2009-01-24 18:17 <DIR> d-------- c:\program files\Real 2009-01-24 18:17 . 2009-01-24 18:17 <DIR> d-------- c:\program files\Common Files\xing shared 2009-01-21 16:36 . 2006-12-29 00:31 19,569 --a------ c:\windows\000001_.tmp 2009-01-17 14:40 . 2009-01-17 14:40 <DIR> d-------- c:\windows\system32\drivers\Avg 2009-01-17 14:40 . 2009-01-17 14:40 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys 2009-01-17 14:40 . 2009-01-17 14:40 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys 2009-01-17 14:40 . 2009-01-17 14:40 10,520 --a------ c:\windows\system32\avgrsstx.dll 2009-01-17 13:55 . 2009-01-28 15:44 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\AVGTOOLBAR 2009-01-17 13:54 . 2007-07-06 08:44 65,607 -r-hs---- c:\windows\gg.exe 2009-01-17 13:54 . 2007-07-06 08:44 65,607 -r-hs---- C:\gg.exe 2009-01-15 16:21 . 2009-01-15 16:21 <DIR> d-------- c:\program files\Alwil Software 2009-01-14 18:58 . 2009-01-14 18:58 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\Robin Crusoe 2009-01-12 10:01 . 2009-01-26 16:51 <DIR> d-------- c:\program files\True Sword 5 2009-01-12 10:01 . 2009-01-12 10:01 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\True Sword 2009-01-12 09:32 . 2009-01-15 18:08 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2009-01-12 09:32 . 2009-01-15 18:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-10 14:41 . 2008-04-14 01:12 221,184 --a------ c:\windows\system32\wmpns.dll 2009-01-10 14:19 . 2009-01-10 14:19 <DIR> d-------- c:\windows\system32\scripting 2009-01-10 14:19 . 2009-01-10 14:19 <DIR> d-------- c:\windows\system32\en 2009-01-10 14:19 . 2009-01-10 14:19 <DIR> d-------- c:\windows\system32\bits 2009-01-10 14:19 . 2009-01-10 14:19 <DIR> d-------- c:\windows\l2schemas 2009-01-10 14:16 . 2009-01-10 14:20 <DIR> d-------- c:\windows\ServicePackFiles 2009-01-10 13:55 . 2008-04-14 01:12 1,737,856 --------- c:\windows\system32\mtxparhd.dll 2009-01-10 13:54 . 2008-04-14 01:11 1,888,992 --------- c:\windows\system32\ati3duag.dll 2009-01-09 15:02 . 2009-01-14 20:00 <DIR> d-------- c:\program files\RegCure 2009-01-09 12:08 . 2009-01-24 18:17 <DIR> d-------- c:\program files\Common Files\Real 2009-01-03 14:22 . 2009-01-03 14:22 <DIR> d-------- c:\windows\system32\QuickTime 2009-01-03 14:22 . 2009-01-03 14:22 <DIR> d-------- c:\program files\QuickTime 2009-01-03 14:22 . 1999-11-10 12:05 86,016 --a------ c:\windows\unvise32qt.exe 2009-01-03 14:22 . 2009-01-31 14:50 54,156 --ah----- c:\windows\QTFont.qfn 2009-01-03 14:22 . 2009-01-03 14:22 1,409 --a------ c:\windows\QTFont.for 2009-01-03 14:21 . 2009-01-03 14:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\QuickTime 2009-01-03 14:03 . 2009-01-03 14:02 737,280 --a------ c:\windows\iun6002.exe 2008-12-30 08:51 . 2008-12-30 08:51 614,400 --a------ c:\windows\system32\HCPSMng.exe 2008-12-30 08:51 . 2008-12-30 08:51 294,912 --a------ c:\windows\system32\HCPSTool.dll 2008-12-30 08:51 . 2008-12-30 08:51 73,728 --a------ c:\windows\system32\HCPS98Tool.dll 2008-12-30 08:51 . 2008-12-30 08:51 49,152 --a------ c:\windows\system32\HCPSST.dll 2008-12-27 18:10 . 2004-08-04 00:56 159,232 --a------ c:\windows\system32\ptpusd.dll 2008-12-27 18:10 . 2001-08-17 22:36 5,632 --a------ c:\windows\system32\ptpusb.dll 2008-12-25 17:53 . 2008-12-25 17:53 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\OpenOffice.org 2008-12-25 17:51 . 2008-12-25 17:51 <DIR> d-------- c:\program files\JRE 2008-12-25 17:50 . 2008-12-25 17:50 <DIR> d-------- c:\program files\OpenOffice.org 3 2008-12-24 07:32 . 2008-12-24 07:31 183,112 --a------ c:\windows\system32\PnkBstrB.exe 2008-12-24 07:32 . 2008-12-24 07:32 138,184 --a------ c:\windows\system32\drivers\PnkBstrK.sys 2008-12-24 07:32 . 2008-10-22 05:27 63,040 --a------ c:\windows\system32\PnkBstrA.exe 2008-12-24 07:29 . 2008-12-24 07:29 <DIR> d-------- c:\windows\system32\LogFiles 2008-12-24 07:29 . 2008-12-24 07:29 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\Leadertech 2008-12-24 07:13 . 2008-12-24 07:13 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\DAEMON Tools 2008-12-24 07:13 . 2008-12-24 07:13 717,296 --a------ c:\windows\system32\drivers\sptd.sys 2008-12-19 07:07 . 2008-12-19 07:06 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-13 15:53 . 2008-12-13 15:53 <DIR> d-------- c:\program files\uTorrent 2008-12-13 15:53 . 2009-01-27 20:26 <DIR> d-------- c:\documents and settings\COPY HOUSE\Application Data\uTorrent . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-31 12:08 --------- d-----w c:\program files\Mozilla Thunderbird 2009-01-24 17:17 499,712 ----a-w c:\windows\system32\msvcp71.dll 2009-01-24 11:39 1,682 --sha-w c:\windows\system32\KGyGaAvL.sys 2009-01-20 09:13 --------- d-----w c:\documents and settings\COPY HOUSE\Application Data\U3 2009-01-17 13:40 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-01-09 11:08 348,160 ----a-w c:\windows\system32\msvcr71.dll 2008-12-25 16:47 --------- d-----w c:\program files\OpenOffice.org 2.3 2008-12-25 16:46 --------- d-----w c:\documents and settings\COPY HOUSE\Application Data\OpenOffice.org2 2008-12-24 07:01 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-19 06:06 --------- d-----w c:\program files\Java 2008-12-05 19:31 --------- d-----w c:\program files\Winamp 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 01:00 666,112 ----a-w c:\windows\system32\wininet.dll 2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll 2008-05-28 16:03 166 ---ha-w c:\documents and settings\COPY HOUSE\hpothb07.dat 2008-05-24 09:24 183 ---ha-w c:\documents and settings\All Users\Application Data\hpothb07.dat 2007-07-06 07:44 65,607 --sh--r c:\windows\gg.exe 2008-06-21 11:08 56 --sh--r c:\windows\system32\C51EAF9955.sys 2008-04-14 00:11 157,951 --sha-r c:\windows\system32\cnfdewr.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "WinSys2"="c:\windows\system32\winsys2.exe" [2006-04-29 208896] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-19 136600] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136] "Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "JobHisInit"="c:\program files\RDS\RMClient\JobHisInit.exe" [2006-06-21 151552] "MplSetUp"="c:\program files\RDS\RMClient\MplSetUp.exe" [2005-06-01 40960] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-03 98304] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-17 1261336] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-24 185872] "MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 169984] "RTHDCPL"="RTHDCPL.EXE" [2007-05-10 c:\windows\RTHDCPL.exe] "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\system32\narrator.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=G [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:_program files_corel_cor3c] --a------ 2003-11-18 08:38 139264 c:\program files\Corel\Corel Graphics 12\Programs\CorUpd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] -r-hs---- 2007-07-06 08:44 65607 c:\windows\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] --------- 2008-07-07 09:42 2156368 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2003-12-13 01:50 33792 c:\program files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5493:TCP"= 5493:TCP:oqehbm R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1/17/2009 2:40:44 PM 97928] R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [1/17/2009 2:40:34 PM 875288] R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [1/17/2009 2:40:33 PM 231704] R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1/17/2009 2:40:48 PM 76040] S3 DFE528TX;D-Link DFE-528TX PCI Adapter;c:\windows\system32\drivers\DLKRTL.SYS [9/25/2008 12:26:40 PM 45568] S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?] S4 tnpexiyf;Windows Task;c:\windows\system32\svchost.exe -k netsvcs [7/27/2007 1:00:00 PM 14336] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs tnpexiyf [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C] \Shell\AutoRun\command - C:\gg.exe 0o \Shell\explore\Command - C:\gg.exe 0e \Shell\open\Command - C:\gg.exe 0o [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\gg.exe 0o \Shell\explore\Command - E:\gg.exe 0e \Shell\open\Command - E:\gg.exe 0o [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00fb7e62-936a-11dd-8f72-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00fb7e6b-936a-11dd-8f72-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00fb7e6d-936a-11dd-8f72-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00fb7e6e-936a-11dd-8f72-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00fb7e70-936a-11dd-8f72-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0167aa54-06c7-11dd-8ea7-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0167aa63-06c7-11dd-8ea7-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0167aa64-06c7-11dd-8ea7-001d926e3623}] \Shell\AutoRun\command - g:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - g:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0170d532-d263-11dd-8fc9-002191d46857}] \Shell\AutoRun\command - F:\ \Shell\open\Command - rundll32.exe .\\fbdes.dll,InstallM [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0170d539-d263-11dd-8fc9-002191d46857}] \Shell\AutoRun\command - F:\ \Shell\open\Command - rundll32.exe .\\olecnv3f.dll,InstallM [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02c66ddf-5fa7-11dd-8f28-001d926e3623}] \Shell\AutoRun\command - ln9.exe \Shell\explore\Command - ln9.exe \Shell\open\Command - ln9.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02c66de0-5fa7-11dd-8f28-001d926e3623}] \Shell\AutoRun\command - ln9.exe \Shell\explore\Command - ln9.exe \Shell\open\Command - ln9.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07c696d9-15bf-11dd-8ebd-001d926e3623}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07c696da-15bf-11dd-8ebd-001d926e3623}] \Shell\AutoRun\command - F:\b.com \Shell\explore\Command - F:\b.com \Shell\open\Command - F:\b.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0809ac64-4a5c-11dd-8f0d-001d926e3623}] \Shell\Auto\command - F:\AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0809ac68-4a5c-11dd-8f0d-001d926e3623}] \shell\explore\command - F:\explorer.exe \shell\open\Command - F:\explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0809ac76-4a5c-11dd-8f0d-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08838a96-9c2e-11dd-8f80-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08838a99-9c2e-11dd-8f80-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08838a9d-9c2e-11dd-8f80-002191d46857}] \Shell\Auto\command - F:\Config.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08a92ac0-0650-11dd-8ea6-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a739b6d-9695-11dd-8f78-002191d46857}] \Shell\Auto\command - Config.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b7a7b6a-0e2e-11dd-8eb5-001d926e3623}] \Shell\AutoRun\command - F:\PdtGuide.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b7a7b6b-0e2e-11dd-8eb5-001d926e3623}] \Shell\AutoRun\command - g:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - g:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0de672f4-c043-11dd-8faf-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0de672f7-c043-11dd-8faf-002191d46857}] \Shell\Auto\command - Autorun.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e91510d-10fe-11dd-8eb8-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fb29c5b-20c0-11dd-8ecc-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fb29c69-20c0-11dd-8ecc-001d926e3623}] \Shell\AutoRun\command - F:\ \Shell\open\Command - rundll32.exe .\\d3tx9_29.dll,InstallM [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ffc65ab-6db7-11dd-8f39-001d926e3623}] \shell\explore\Command - boot.exe \shell\open\Command - boot.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ffc65ae-6db7-11dd-8f39-001d926e3623}] \Shell\1\Command - autorun.pif \Shell\2\Command - autorun.pif \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10c320b3-57b3-11dd-8f1d-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10c320c4-57b3-11dd-8f1d-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{125d9e4e-9a84-11dd-8f7d-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{125d9e51-9a84-11dd-8f7d-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{125d9e56-9a84-11dd-8f7d-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{125d9e57-9a84-11dd-8f7d-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1429c44e-7f10-11dd-8f52-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14f93f24-102b-11dd-8eb7-001d926e3623}] \Shell\AutoRun\command - F:\ntde1ect.com \Shell\explore\Command - F:\ntde1ect.com \Shell\open\Command - F:\ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15b6b1d2-9518-11dd-8f75-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15b6b1d7-9518-11dd-8f75-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15b6b1d9-9518-11dd-8f75-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{175295d7-8b97-11dd-8f64-002191d46857}] \Shell\AutoRun\command - F:\6x8be16.cmd \Shell\explore\Command - F:\6x8be16.cmd \Shell\open\Command - F:\6x8be16.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{175295eb-8b97-11dd-8f64-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee08-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee09-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee0a-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee0b-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee0c-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee0e-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ad6ee10-904e-11dd-8f6a-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cb2f509-b6f3-11dd-8fa3-002191d46857}] \Shell\Auto\command - F:\Config.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ee0b09c-2c0f-11dd-8edb-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f542811-39d7-11dd-8ef9-001d926e3623}] \Shell\AutoRun\command - G:\USBNB.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ffe37ce-e468-11dd-8ff7-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ffe37cf-e468-11dd-8ff7-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ffe37d2-e468-11dd-8ff7-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20952ac8-65ef-11dd-8f30-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca18c2-e5f7-11dd-8ffc-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca18c6-e5f7-11dd-8ffc-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca18c7-e5f7-11dd-8ffc-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca1add-e5f7-11dd-8ffc-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca1ae0-e5f7-11dd-8ffc-002191d46857}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca1ae3-e5f7-11dd-8ffc-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{215155c7-798c-11dd-8f4c-001d926e3623}] \Shell\AutoRun\command - F:\ \Shell\open\Command - rundll32.exe .\\hppamnn0.dll,InstallM [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{215155c8-798c-11dd-8f4c-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d763e-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d7641-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d7643-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d7645-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d764c-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d7654-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d7658-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d765f-3069-11dd-8ee8-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{226d766a-3069-11dd-8ee8-001d926e3623}] \Shell\Auto\command - AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{236aad36-eebd-11dd-900c-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{236aad38-eebd-11dd-900c-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{236aad40-eebd-11dd-900c-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{236aad47-eebd-11dd-900c-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdc2-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdc3-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdc9-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdca-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdd0-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdd2-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{240acdd3-2bb2-11dd-8eda-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24b8d23e-0222-11dd-8e9c-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24dc0901-e2de-11dd-8fed-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24dc0903-e2de-11dd-8fed-002191d46857}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{262a0935-c397-11dd-8fb4-002191d46857}] \Shell\Auto\command - F:\MicrosoftPowerPoint.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{269c9d08-98f7-11dd-8f7a-002191d46857}] \Shell\AutoRun\command - F:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{269c9d0c-98f7-11dd-8f7a-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{269c9d0d-98f7-11dd-8f7a-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{269c9d12-98f7-11dd-8f7a-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{269c9d14-98f7-11dd-8f7a-002191d46857}] \Shell\Auto\command - F:\AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26faae20-3907-11dd-8ef8-001d926e3623}] \Shell\Auto\command - F:\AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26faae37-3907-11dd-8ef8-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26faae3f-3907-11dd-8ef8-001d926e3623}] \Shell\AutoRun\command - oufddh.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27259154-9a13-11dd-8f7c-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2741e17e-056c-11dd-8ea4-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28f46140-2c90-11dd-8edf-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a3bcc52-bb82-11dd-8faa-002191d46857}] \Shell\AutoRun\command - F:\39lpji.com \Shell\explore\Command - F:\39lpji.com \Shell\open\Command - F:\39lpji.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aac0ac4-aa3f-11dd-8f91-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2afc67fd-ed09-11dd-900a-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2afc680e-ed09-11dd-900a-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2afc6819-ed09-11dd-900a-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c1dca1a-82e8-11dd-8f57-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\reg32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\reg32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c1dca1b-82e8-11dd-8f57-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c741a21-7a58-11dd-8f4d-001d926e3623}] \Shell\AutoRun\command - F:\d6fagcs8.cmd \Shell\explore\Command - F:\d6fagcs8.cmd \Shell\open\Command - F:\d6fagcs8.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c741a29-7a58-11dd-8f4d-001d926e3623}] \Shell\AutoRun\command - semo2x.exe \Shell\explore\Command - semo2x.exe \Shell\open\Command - semo2x.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c920a72-b0a5-11dd-8f9b-002191d46857}] \Shell\AutoRun\command - g.com \Shell\explore\Command - g.com \Shell\open\Command - g.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fe8e909-e84a-11dd-9002-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fe8e9de-e84a-11dd-9002-001d926e3623}] \Shell\AutoRun\command - F:\ \Shell\open\Command - rundll32.exe .\\tapip.dll,InstallM [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fe8e9e3-e84a-11dd-9002-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fe8e9e6-e84a-11dd-9002-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fe8e9ed-e84a-11dd-9002-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30204519-69c7-11dd-8f35-001d926e3623}] \Shell\AutoRun\command - Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\sys.exe a \Shell\explore\Command - Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\sys.exe e \Shell\open\Command - Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\sys.exe o [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30916055-9f46-11dd-8f83-002191d46857}] \Shell\auto\command - Knight.exe open \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open \Shell\explore\command - Knight.exe open \Shell\find\command - Knight.exe open \Shell\install\command - Knight.exe open \Shell\open\command - Knight.exe open [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30916056-9f46-11dd-8f83-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32ab3838-6f3f-11dd-8f3c-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32ab3843-6f3f-11dd-8f3c-001d926e3623}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32d275f7-6838-11dd-8f32-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32d27606-6838-11dd-8f32-001d926e3623}] \Shell\AutoRun\command - F:\h1dwg20.exe \Shell\explore\Command - F:\h1dwg20.exe \Shell\open\Command - F:\h1dwg20.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32d27608-6838-11dd-8f32-001d926e3623}] \Shell\AutoRun\command - F:\PStart.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32d2760d-6838-11dd-8f32-001d926e3623}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3602e38d-b2f4-11dd-8f9e-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3602e397-b2f4-11dd-8f9e-002191d46857}] \Shell\AutoRun\command - F:\ \Shell\open\Command - rundll32.exe .\\secpnoc_ssp.dll,InstallM [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36b366ee-1a6c-11dd-8ec2-001d926e3623}] \Shell\AutoRun\command - F:\jiwsxh39.exe \Shell\explore\Command - F:\jiwsxh39.exe \Shell\open\Command - F:\jiwsxh39.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36b366f2-1a6c-11dd-8ec2-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37650c9f-a412-11dd-8f8a-002191d46857}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37650ca3-a412-11dd-8f8a-002191d46857}] \Shell\AutoRun\command - F:\podcastready.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37650ca4-a412-11dd-8f8a-002191d46857}] \Shell\AutoRun\command - F:\8ng8w.com \Shell\explore\Command - F:\8ng8w.com \Shell\open\Command - F:\8ng8w.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{386f76b8-32e0-11dd-8eed-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a4a239e-bddc-11dd-8fad-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a4a23a1-bddc-11dd-8fad-002191d46857}] \Shell\AutoRun\command - F:\uxkktr.cmd \Shell\explore\Command - F:\uxkktr.cmd \Shell\open\Command - F:\uxkktr.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a667310-7b10-11dd-8f4e-001d926e3623}] \Shell\AutoRun\command - F:\t1ypkh.exe \Shell\explore\Command - F:\t1ypkh.exe \Shell\open\Command - F:\t1ypkh.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a94487d-70ea-11dd-8f3e-001d926e3623}] \Shell\AutoRun\command - F:\oufddh.exe \Shell\explore\Command - F:\oufddh.exe \Shell\open\Command - F:\oufddh.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a944888-70ea-11dd-8f3e-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c04ea5d-99b9-11dd-8f7b-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e293d52-6a9e-11dd-8f36-001d926e3623}] \Shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e293d5c-6a9e-11dd-8f36-001d926e3623}] \Shell\Auto\command - Config.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ed06068-75be-11dd-8f46-001d926e3623}] \Shell\Auto\command - AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f0ea5ad-cb42-11dd-8fbe-002191d46857}] \Shell\Auto\command - AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ffff2b4-aef8-11dd-8f98-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ffff2ba-aef8-11dd-8f98-002191d46857}] \Shell\AutoRun\command - H:\whi.com \Shell\explore\Command - H:\whi.com \Shell\open\Command - H:\whi.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ffff2be-aef8-11dd-8f98-002191d46857}] \Shell\AutoRun\command - g:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - g:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ffff2c2-aef8-11dd-8f98-002191d46857}] \Shell\AutoRun\command - F:\g.com \Shell\explore\Command - F:\g.com \Shell\open\Command - F:\g.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ffff2cc-aef8-11dd-8f98-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41315905-2568-11dd-8ed1-001d926e3623}] \Shell\AutoRun\command - F:\h6o0re.cmd \Shell\explore\Command - F:\h6o0re.cmd \Shell\open\Command - F:\h6o0re.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41315909-2568-11dd-8ed1-001d926e3623}] \Shell\AutoRun\command - F:\ntde1ect.com \Shell\explore\Command - F:\ntde1ect.com \Shell\open\Command - F:\ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4131590e-2568-11dd-8ed1-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{431dc1b6-abca-11dd-8f94-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4345f906-b4a2-11dd-8fa0-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4363b7e0-1b5d-11dd-8ec5-001d926e3623}] \Shell\AutoRun\command - 8ng8w.com \Shell\explore\Command - 8ng8w.com \Shell\open\Command - 8ng8w.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4363b7e5-1b5d-11dd-8ec5-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4385055a-d336-11dd-8fca-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43b3052a-9143-11dd-8f6f-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43b3052b-9143-11dd-8f6f-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43b3052f-9143-11dd-8f6f-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44207a27-e79d-11dd-8fff-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44207a29-e79d-11dd-8fff-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44207a2d-e79d-11dd-8fff-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44207a4c-e79d-11dd-8fff-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44207a4f-e79d-11dd-8fff-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{451bbe03-1cc6-11dd-8ec8-001d926e3623}] \Shell\AutoRun\command - F:\h1dwg20.exe \Shell\explore\Command - F:\h1dwg20.exe \Shell\open\Command - F:\h1dwg20.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{452f2b41-cda5-11dd-8fc1-002191d46857}] \Shell\Auto\command - F:\AdobeR.exe e \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{456b6f98-e7df-11dd-9001-001d926e3623}] \Shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{456b6f99-e7df-11dd-9001-001d926e3623}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45f62f70-a02c-11dd-8f85-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45f63243-a02c-11dd-8f85-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45f63249-a02c-11dd-8f85-002191d46857}] \Shell\AutoRun\command - F:\info.exe \Shell\open\command - F:\info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45f6324a-a02c-11dd-8f85-002191d46857}] \Shell\AutoRun\command - info.exe \Shell\open\command - info.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{460b57af-cc07-11dd-8fbf-002191d46857}] \Shell\AutoRun\command - F:\ntde1ect.com \Shell\explore\Command - F:\ntde1ect.com \Shell\open\Command - F:\ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{460b57f7-cc07-11dd-8fbf-002191d46857}] \Shell\AutoRun\command - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{460b5802-cc07-11dd-8fbf-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46597a3e-0f74-11dd-8eb6-001d926e3623}] \Shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46597a40-0f74-11dd-8eb6-001d926e3623}] \Shell\AutoRun\command - G:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{470b5cae-1617-11dd-8ebe-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{498fea2d-2d3d-11dd-8ee4-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{498feb00-2d3d-11dd-8ee4-001d926e3623}] \Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{498feb01-2d3d-11dd-8ee4-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{498feb04-2d3d-11dd-8ee4-001d926e3623}] \Shell\Auto\command - F:\auto.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{498feb07-2d3d-11dd-8ee4-001d926e3623}] \Shell\auto\command - F:\Knight.exe open \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open \Shell\explore\command - F:\Knight.exe open \Shell\find\command - F:\Knight.exe open \Shell\install\command - F:\Knight.exe open \Shell\open\command - F:\Knight.exe open [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c6aa700-a265-11dd-8f88-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ccb4a8d-3132-11dd-8ee9-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ccb4a8f-3132-11dd-8ee9-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ccb4a99-3132-11dd-8ee9-001d926e3623}] \Shell\AutoRun\command - d.cmd \Shell\explore\Command - d.cmd \Shell\open\Command - d.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ccb4a9f-3132-11dd-8ee9-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d67b4e7-bd11-11dd-8fac-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d67b4ea-bd11-11dd-8fac-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\USB-Helper.exe \Shell\open\command - f:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\USB-Helper.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d67b4ee-bd11-11dd-8fac-002191d46857}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dac9aa9-5ebe-11dd-8f27-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f60afd9-ccda-11dd-8fc0-002191d46857}] \Shell\AutoRun\command - F:\iqe68o.bat \Shell\explore\Command - F:\iqe68o.bat \Shell\open\Command - F:\iqe68o.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{508075be-7d79-11dd-8f50-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{508075c3-7d79-11dd-8f50-001d926e3623}] \Shell\AutoRun\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe \Shell\open\command - f:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{510f797b-33c1-11dd

Profil

helen1 Poslao: 31 Jan 2009 17:08 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prikaci mi log uz poruku, posto ovako ne moze ceo da stane.

Profil

taz_trippin Poslao: 02 Feb 2009 09:36 Idi na vrh
offline taz_trippin Građanin Pridružio: 02 Mar 2006 Poruke: 108 Gde živiš: Nis	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvini sto ovako sporo, radi se o racunaru na poslu a, hvala bogu, nedeljom ne radimo mycity.rs/must-login.png

Profil

helen1 Poslao: 02 Feb 2009 13:37 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! - Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

taz_trippin Poslao: 02 Feb 2009 14:13 Idi na vrh
offline taz_trippin Građanin Pridružio: 02 Mar 2006 Poruke: 108 Gde živiš: Nis	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Eh, to je mali problem. Racunar je u radnji (fotokopirnica) i dnevno kroz njga prodje jedno 40-60 fleshica Mogu ja da ubacim moje, ali mislim da necesh naci na njima nishta (moj racunar u komercijali je ok, nema takvih problema).

Profil

helen1 Poslao: 02 Feb 2009 14:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! taz_trippin ::Eh, to je mali problem. Racunar je u radnji (fotokopirnica) i dnevno kroz njga prodje jedno 40-60 fleshica Mogu ja da ubacim moje, ali mislim da necesh naci na njima nishta (moj racunar u komercijali je ok, nema takvih problema). E, vidis, u tome i jeste problem. Zato sto ti je komp zarazen u meni do sad ne vidjenom obliku preko tih flesheva. Odgovor sa resenjem sadasnjih problema cu ti napisati uvece. Sad moram da idem.

Profil

taz_trippin Poslao: 02 Feb 2009 16:23 Idi na vrh
offline taz_trippin Građanin Pridružio: 02 Mar 2006 Poruke: 108 Gde živiš: Nis	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, sve dolazi u obzir pa i reinstalacija winblowsa. Ako imas neki savet kako da izbegnemo ovakve situacije ili savet za neki bolji anti-virus (koristimo AVG 8 free jer mora da bude free poshto je u pitanju firma - a majku mu nece da plate...) bio bih ti zahvalan. Inache, hvala unapred i izvini shto davim jbg mora se

Profil

helen1 Poslao: 02 Feb 2009 22:22 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini program sa sledeceg linka: http://amf.mycity.rs/programs/mc/mpcleaner.exe posle par sekundi, pojavice se log,koji ces mi ovde iskopirati.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problemi sa Generic host-om.

Ko je trenutno na forumu

Ukupno su 1175 korisnika na forumu :: 32 registrovanih, 6 sakrivenih i 1137 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: aleksmajstor, babaroga, bbogdan, Ben Roj, bestguarder, Bickoooo, Bobrock1, bokisha253, ccoogg123, darionis, darkangel, Duh sa sekirom, Frunze, Georgius, Krusarac, kybonacci, lord sir giga, Lucije Kvint, mean_machine, mercedesamg, Mercury, milenko crazy north, Milos ZA, milos97, MiroslavD, MrNo, proka89, samsung, Vlada1389, wolf431, yufighter, YugoSlav

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by