Thread: Completed the 5 Steps
View Single Post
Old 08-05-2007, 06:08 PM   #1 (permalink)
derrickt
Registered User
 
Join Date: Aug 2007
Posts: 26
OS: XP


EEK! Completed the 5 Steps
Deckard's System Scanner v20070804.61
Run by HP_Owner on 2007-08-05 at 16:46:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis (run as HP_Owner.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:37:16 PM, on 8/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Common Files\AOL\1128887343\ee\AOLSoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
c:\program files\common files\aol\1128887343\ee\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
c:\windows\system\hpsysdrv.exe
c:\program files\common files\aol\1128887343\ee\aexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\program files\aol\aol toolbar 5.0\AolTbServer.exe
C:\WINDOWS\TEMP\winD1E.tmp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Malware Spyware Fix\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HP_Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {14B090B0-3621-4391-97BF-B4EE4AB38334} - C:\WINDOWS\system32\mljjh.dll (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {23BA69E4-30C7-4247-A148-E44CD90FD800} - C:\WINDOWS\system32\vtsqo.dll
O2 - BHO: (no name) - {34F4A050-C52E-412F-AC5A-2D60066134CD} - C:\WINDOWS\system32\awvvs.dll (file missing)
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\elrllblf.dll
O2 - BHO: (no name) - {E9BD0828-1FD9-410C-A50F-43EBE65D310F} - C:\WINDOWS\system32\jkkligd.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1128887343\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\keokexbw.dll",forkonce
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\winD1E.tmp.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvhat.dll,startup
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00000005-0000-0000-0000-100011000004} - http://c.imputati.com/l/5eef92fa1bb3...ad449e1_35.exe
O16 - DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} (PeoplePC Web Installer) - https://www.peoplepc.com/ppcos/ISP60...ad/ppcwebi.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.1.6.cab
O20 - Winlogon Notify: jkkligd - C:\WINDOWS\SYSTEM32\jkkligd.dll
O20 - Winlogon Notify: vtsqo - C:\WINDOWS\system32\vtsqo.dll
O20 - Winlogon Notify: winemx32 - C:\WINDOWS\SYSTEM32\winemx32.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 14276 bytes

-- Files created between 2007-07-05 and 2007-08-05 -----------------------------

2007-08-05 15:52:49 0 d-------- C:\Program Files\Malware Spyware Fix
2007-08-05 15:42:52 0 d-------- C:\ie-spyad
2007-08-05 15:30:30 0 d-------- C:\Program Files\ZonedOut
2007-08-05 15:23:31 0 d-------- C:\Program Files\SpywareBlaster
2007-08-05 15:15:23 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Viewpoint
2007-08-05 14:04:04 93696 --a------ C:\WINDOWS\system32\drvhat.dll
2007-08-05 14:03:53 31254 --a------ C:\WINDOWS\system32\yaywxyy.dll
2007-08-05 12:40:13 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-08-05 12:30:27 40183 ---hs---- C:\Program Files\Common Files\Yazzle1162OinUninstaller.exe
2007-08-05 12:27:44 31254 --a------ C:\WINDOWS\system32\hggghge.dll
2007-08-05 12:13:33 6467 ---hs---- C:\WINDOWS\system32\oqstv.bak1
2007-08-05 12:13:03 228960 --a------ C:\WINDOWS\system32\vtsqo.dll
2007-08-05 12:01:55 0 d-------- C:\WINDOWS\??sembly
2007-08-05 12:01:36 103 --a------ C:\WINDOWS\system32\mit.bat
2007-08-05 12:01:26 31254 --a------ C:\WINDOWS\system32\nnnlkkj.dll
2007-08-05 11:48:40 1731611 ---hs---- C:\WINDOWS\system32\ijjlm.ini2
2007-08-05 11:47:48 125504 --a------ C:\WINDOWS\system32\keokexbw.dll
2007-08-04 04:40:35 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-08-04 04:40:18 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-08-04 03:17:49 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Download Manager
2007-08-04 03:00:56 0 --a------ C:\Documents and Settings\HP_Owner\Application Data\Install.dat
2007-08-04 03:00:47 31254 --a------ C:\WINDOWS\system32\hgghhih.dll
2007-08-03 03:35:20 31254 --a------ C:\WINDOWS\system32\pmnoopn.dll
2007-08-03 01:31:54 31254 --a------ C:\WINDOWS\system32\awttrom.dll
2007-08-03 01:26:18 1731301 ---hs---- C:\WINDOWS\system32\ijjlm.bak2
2007-08-02 1408 31254 --a------ C:\WINDOWS\system32\mljjjjg.dll
2007-08-02 13:34:17 31254 --a------ C:\WINDOWS\system32\rqrsspq.dll
2007-08-02 13:22:04 0 d-------- C:\Program Files\Trend Micro
2007-08-02 13:21:53 6467 ---hs---- C:\WINDOWS\system32\ijjlm.bak1
2007-08-02 13:03:21 31254 --a------ C:\WINDOWS\system32\ddcccaw.dll
2007-08-02 11:37:24 31254 --a------ C:\WINDOWS\system32\yayxurq.dll
2007-08-02 09:52:45 31254 --a------ C:\WINDOWS\system32\jkkligd.dll
2007-08-01 12:44:40 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2007-08-01 12:44:27 0 d-------- C:\Program Files\Final Draft 5
2007-08-01 11:56:24 31254 --a------ C:\WINDOWS\system32\qomjkki.dll
2007-07-30 22:15:50 0 d-------- C:\Program Files\SmitfraudFix
2007-07-30 21:02:34 31254 --a------ C:\WINDOWS\system32\awtuvwv.dll
2007-07-30 19:14:25 31254 --a------ C:\WINDOWS\system32\khffdec.dll
2007-07-29 14:49:31 1733503 --ahs---- C:\WINDOWS\system32\ccbeg.bak2
2007-07-29 14:49:29 1734346 --ahs---- C:\WINDOWS\system32\ccbeg.ini2
2007-07-28 11:50:39 6467 --ahs---- C:\WINDOWS\system32\ccbeg.bak1
2007-07-28 11:48:51 5226 --a------ C:\WINDOWS\system32\tmp.reg
2007-07-28 11:27:56 0 d-------- C:\VundoFix Backups
2007-07-28 10:54:42 69184 --a------ C:\WINDOWS\system32\elrllblf.dll
2007-07-28 10:54:11 1734844 --ahs---- C:\WINDOWS\system32\llnmp.ini2
2007-07-28 10:46:28 1733464 --ahs---- C:\WINDOWS\system32\llnmp.bak2
2007-07-27 12:05:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Macrovision
2007-07-27 12:05:06 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-07-27 11:48:11 6467 --ahs---- C:\WINDOWS\system32\llnmp.bak1
2007-07-27 11:43:16 2 --a------ C:\-1269735920
2007-07-27 11:42:43 19968 --a------ C:\WINDOWS\system32\winemx32.dll
2007-07-24 21:48:10 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Yahoo!
2007-07-24 21:48:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-07-17 13:21:19 0 d-------- C:\Program Files\iPod
2007-07-17 13:21:09 0 d-------- C:\Program Files\iTunes
2007-07-06 13:39:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-07-06 13:37:31 0 d-------- C:\Program Files\Yahoo!
2007-07-05 09:52:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe


-- Find3M Report ---------------------------------------------------------------

2007-08-05 16:39:36 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-08-05 15:22:14 240904 --a------ C:\Program Files\ZonedOut.zip
2007-08-05 14:23:03 0 d-------- C:\Program Files\QuickTime
2007-08-05 14:21:13 0 d-------- C:\Program Files\Norton Internet Security
2007-08-05 14:14:37 0 d-------- C:\Program Files\Google
2007-08-05 14:13:43 0 d-------- C:\Program Files\Common Files\Scanner
2007-08-05 14:12:57 0 d-a------ C:\Program Files\Common Files\LightScribe
2007-08-05 12:34:54 0 d-------- C:\Program Files\Common Files
2007-08-04 04:41:11 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Adobe
2007-08-04 04:30:25 0 d-------- C:\Program Files\Common Files\Adobe
2007-08-02 12:54:49 0 d-------- C:\Program Files\Java
2007-07-30 20:52:36 140 --a------ C:\Program Files\FixVundo.log
2007-07-27 11:59:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-21 11:46:34 112958 --a------ C:\WINDOWS\hpoins07.dat
2007-07-17 13:10:54 0 d-------- C:\Program Files\Apple Software Update
2007-07-14 10:24:08 0 d-------- C:\Program Files\Symantec
2007-07-06 13:23:32 0 d-------- C:\Program Files\Pure Networks
2007-07-06 13:23:32 0 d-------- C:\Program Files\Common Files\AOL
2007-07-06 13:20:33 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AOL
2007-07-05 09:21:18 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AdobeUM
2007-07-03 14:25:27 0 d-------- C:\Program Files\Common Files\Apple
2007-06-27 11:44:55 0 d-------- C:\Program Files\HP
2007-06-27 11:25:48 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\HP
2007-06-26 14:37:00 0 d-------- C:\Program Files\Microsoft Works
2007-06-18 18:28:41 0 d-------- C:\Program Files\06WebSetup


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{14B090B0-3621-4391-97BF-B4EE4AB38334}]
C:\WINDOWS\system32\mljjh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34F4A050-C52E-412F-AC5A-2D60066134CD}]
C:\WINDOWS\system32\awvvs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C87FAA5-363F-4E8A-8A6D-B112EC5AFE5A}]
08/05/2007 12:13 PM 228960 --a------ C:\WINDOWS\system32\vtsqo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6039E6C-BDE9-4de5-BB40-768CAA584FDC}]
07/28/2007 10:54 AM 69184 --a------ C:\WINDOWS\system32\elrllblf.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E9BD0828-1FD9-410C-A50F-43EBE65D310F}]
08/02/2007 09:52 AM 31254 --a------ C:\WINDOWS\system32\jkkligd.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [01/08/2005 12:07 AM C:\WINDOWS\system32\HdAShCut.exe]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [06/08/2005 10:59 AM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [06/08/2005 11:03 AM]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [06/01/2005 11:35 PM]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [02/25/2005 10:34 PM]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [05/10/2005 05:50 PM]
"HostManager"="C:\Program Files\Common Files\AOL\1128887343\ee\AOLSoftware.exe" [09/25/2006 05:52 PM]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/15/2005 07:49 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [05/12/2005 06:12 AM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/09/2007 10:59 PM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [09/05/2006 06:22 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [03/12/2007 06:30 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 06:24 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [07/10/2007 09:18 AM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [05/10/2007 10:46 PM]
"@"="" []
"SystemOptimizer"="C:\WINDOWS\system32\keokexbw.dll" [08/05/2007 11:47 AM]
"avp"="C:\WINDOWS\TEMP\winD1E.tmp.exe" []
"CTDrive"="C:\WINDOWS\system32\drvhat.dll" [08/05/2007 02:04 PM]
"smgr"="mgrs.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/24/2007 09:46 PM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [03/28/2007 03:10 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7/27/2007 12:02:05 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 6:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 1:05:56 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E9BD0828-1FD9-410C-A50F-43EBE65D310F}"= C:\WINDOWS\system32\jkkligd.dll [08/02/2007 09:52 AM 31254]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkligd]
jkkligd.dll 08/02/2007 09:52 AM 31254 C:\WINDOWS\system32\jkkligd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]
C:\WINDOWS\system32\vtsqo.dll 08/05/2007 12:13 PM 228960 C:\WINDOWS\system32\vtsqo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winemx32]
winemx32.dll 07/27/2007 11:42 AM 19968 C:\WINDOWS\system32\winemx32.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f94b8e8-3766-11da-8e46-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

*Newly Created Service* - COMHOST



-- End of Deckard's System Scanner: finished at 2007-08-05 at 16:48:01 ---------
Attached Files
File Type: txt extra.txt (24.2 KB, 2 views)
derrickt is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here