Tech Support Forum - View Single Post

flyjum · 12-28-2007, 03:38 AM

DSS did not make extra.txted I tried it 5 times and restarted computer and did it again still no extra.txt but here is the main
also I dont know why it didnt back up a system restore point but i have none saved. I just did one on the 24th of dec to.

Deckard's System Scanner v20071014.68
Run by Home on 2007-12-28 03:35:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Home.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:35:35 AM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\TrojanHunter 5.0\THGuard .exe
C:\Program Files\TrojanHunter 5.0\THGuard .exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Home\Local Settings\Temporary Internet Files\Content.IE5\LZV39NL5\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Home.exe

F3 - REG:win.ini: load=C:\WINDOWS\system32\jkhhe.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {2D5796A2-44E0-4E50-A5A0-80BF1EE3EA73} - C:\WINDOWS\system32\mljjkhg.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {3B283E7E-1499-46C5-B0D2-75438156DDFC} - C:\WINDOWS\system32\jkhhe.dll
O2 - BHO: (no name) - {4E35B657-BE29-42BD-B69E-9F680FF88C95} - C:\WINDOWS\system32\mllji.dll (file missing)
O2 - BHO: {7b519f24-0ae3-e138-4894-60124b71e6d6} - {6d6e17b4-2106-4984-831e-3ea042f915b7} - C:\WINDOWS\system32\mnvcpjpg.dll
O2 - BHO: (no name) - {702D7173-00A5-481C-9D32-7DB2565F265E} - C:\Program Files\Messenger\sagejyt83122.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: WebBlock Class - {C6B08E8D-3F9A-4710-9F38-E4BF827C6AC2} - C:\WINDOWS\Prefetch\10544\webblock.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard .exe"
O4 - HKLM\..\Run: [041fb4d4] rundll32.exe "C:\WINDOWS\system32\ymdgkwan.dll",b
O4 - HKUS\S-1-5-19\..\RunOnce: [FirstLogon] C:\windows\system32\prefetch32\Rundll.bat (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [FirstLogon] C:\windows\system32\prefetch32\Rundll.bat (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: IBM.lnk = C:\WINDOWS\system32\Prefetch32\IBM.bat (User 'SYSTEM')
O4 - .DEFAULT Startup: IBM.lnk = C:\WINDOWS\system32\Prefetch32\IBM.bat (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 5551 bytes

-- Files created between 2007-11-28 and 2007-12-28 -----------------------------

2007-12-28 02:54:17 348160 --a------ C:\WINDOWS\system32\jkhhe.exe
2007-12-27 14:47:20 0 d-------- C:\Documents and Settings\Home\Application Data\TrojanHunter
2007-12-27 14:09:40 81984 --a------ C:\WINDOWS\system32\mnvcpjpg.dll
2007-12-27 14:09:35 90176 --a------ C:\WINDOWS\system32\ymdgkwan.dll
2007-12-27 13:52:56 0 d-------- C:\Program Files\TrojanHunter 5.0
2007-12-27 13:33:36 6708 --ahs---- C:\WINDOWS\system32\ehhkj.ini2
2007-12-27 13:33:33 344576 -----n--- C:\WINDOWS\system32\jkhhe.dll
2007-12-27 12:08:25 35840 --a------ C:\WINDOWS\winshow .exe <Not Verified; ; winshow>
2007-12-27 11:38:28 0 d-------- C:\VundoFix Backups
2007-12-27 01:22:23 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2007-12-27 00:38:03 0 d-------- C:\Program Files\Trend Micro
2007-12-27 00:20:51 0 d-------- C:\Documents and Settings\Home\Application Data\Bitdefender
2007-12-27 00:07:13 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-12-27 00:02:05 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2007-12-26 23:47:08 0 d-------- C:\Program Files\WinAble
2007-12-26 23:47:08 0 d-------- C:\Program Files\Temporary
2007-12-26 23:13:08 2 --a------ C:\WINDOWS\system32\wtssvtr.exe
2007-12-26 23:13:07 0 d-------- C:\WINDOWS\?dobe
2007-12-26 23:12:56 0 d-------- C:\WINDOWS\system32\?icrosoft.NET
2007-12-26 23:12:15 39936 -----n--- C:\WINDOWS\system32\mljjkhg.dll
2007-12-26 23:12:08 80640 --a------ C:\WINDOWS\system32\drivers\core.sys
2007-12-26 23:12:07 0 d-------- C:\Program Files\Web Buying
2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\to9
2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\dj2
2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\bbc9
2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\b1
2007-12-26 23:12:02 0 d-------- C:\WINDOWS\system32\ardCo02
2007-12-26 23:12:02 0 d-------- C:\Temp
2007-12-25 12:12:14 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI
2007-12-25 12:07:51 0 d-------- C:\WINDOWS\LastGood(2)
2007-12-25 10:10:22 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-12-25 03:55:00 53760 --a------ C:\WINDOWS\b122.exe
2007-12-24 12:30:00 0 d-------- C:\Documents and Settings\Home\Application Data\acccore
2007-12-24 12:29:57 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-12-24 12:29:45 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2007-12-24 12:29:30 0 d-------- C:\Program Files\Common Files\Nullsoft
2007-12-24 12:29:14 0 d-------- C:\Program Files\Common Files\AOL
2007-12-24 12:29:08 0 d-------- C:\Program Files\AIM6
2007-12-24 12:27:36 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-12-23 10:59:57 5767168 --a------ C:\Documents and Settings\Home\ntuser.dat
2007-12-21 14:23:33 0 d-------- C:\Program Files\Microsoft Silverlight
2007-12-19 22:38:31 0 d-------- C:\Program Files\MagicISO
2007-12-19 21:03:24 0 d-------- C:\Program Files\epsxe
2007-12-17 04:41:51 0 d-------- C:\Program Files\Majorem
2007-12-10 18:44:19 967 --a------ C:\WINDOWS\ScUnin.pif
2007-12-10 18:44:19 94208 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2007-12-10 18:44:19 35190 --a------ C:\WINDOWS\scunin.dat
2007-12-10 18:43:36 0 d-------- C:\Program Files\Starcraft
2007-12-09 19:43:37 6338 --a------ C:\WINDOWS\scedunin.dat
2007-12-09 19:43:35 967 --a------ C:\WINDOWS\ScEdUnin.pif
2007-12-09 19:43:34 68608 --a------ C:\WINDOWS\ScEdUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2007-12-09 19:43:34 0 d-------- C:\Program Files\Starcraft Shareware(ED)
2007-12-03 18:33:18 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-12-03 18:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 18:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 18:33:16 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 13:20:35 0 d-------- C:\Program Files\Electronic Arts
2007-11-30 12:00:57 0 d-------- C:\Program Files\Network Stumbler
2007-11-30 08:20:30 0 d-------- C:\Program Files\Common Files\xing shared
2007-11-29 15:30:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 15:28:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-11-29 15:28:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-11-28 14:52:32 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

-- Find3M Report ---------------------------------------------------------------

2007-12-28 03:11:23 0 d-------- C:\Program Files\Steam
2007-12-28 02:41:48 0 d-------- C:\Program Files\Warcraft III
2007-12-27 12:10:56 0 d-------- C:\Documents and Settings\Home\Application Data\Skype
2007-12-27 01:52:01 0 d-------- C:\Program Files\Google
2007-12-27 01:48:19 0 d-------- C:\Program Files\Common Files\LightScribe
2007-12-27 00:28:28 0 d-------- C:\Program Files\WinAce
2007-12-27 00:13:39 0 d-------- C:\Program Files\Save
2007-12-27 00:13:30 0 d-------- C:\Program Files\QuickTime
2007-12-27 00:13:14 0 d-------- C:\Program Files\Messenger
2007-12-27 00:12:27 0 d-------- C:\Program Files\Common Files
2007-12-27 00:11:39 0 d-------- C:\Program Files\AIM
2007-12-26 23:42:39 0 d-------- C:\Program Files\CONEXANT
2007-12-26 23:40:21 0 d-------- C:\Program Files\Gran Paradiso
2007-12-26 23:40:07 0 d-------- C:\Program Files\GameSpy Arcade
2007-12-26 23:38:56 0 d-------- C:\Program Files\Real
2007-12-25 12:12:00 0 d-------- C:\Program Files\ATI Technologies
2007-12-24 12:28:35 335 --a------ C:\WINDOWS\nsreg.dat
2007-12-24 12:28:35 0 d-------- C:\Documents and Settings\Home\Application Data\Mozilla
2007-12-22 19:31:13 0 d-------- C:\Documents and Settings\Home\Application Data\DivX
2007-12-22 17:35:32 0 d-------- C:\Documents and Settings\Home\Application Data\Azureus
2007-12-19 08:08:18 0 d-------- C:\Documents and Settings\Home\Application Data\Adobe
2007-12-17 03:01:29 0 d-------- C:\Program Files\World of Warcraft
2007-12-16 17:08:14 0 d-------- C:\Documents and Settings\Home\Application Data\Aim
2007-12-12 09:18:20 0 d-------- C:\Program Files\DivX
2007-12-08 23:05:38 0 d-------- C:\Program Files\Azureus
2007-12-04 19:55:20 122880 --a------ C:\WINDOWS\system32\ati2evxx(4).dll <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows>
2007-12-04 19:55:20 122880 --a------ C:\WINDOWS\system32\ati2evxx(3).dll <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows>
2007-12-04 19:33:27 887724 --a------ C:\WINDOWS\system32\ativva6x.dat
2007-11-30 08:20:15 0 d-------- C:\Program Files\Common Files\Real
2007-11-06 07:19:00 158080 --a------ C:\WINDOWS\system32\atiicdxx.dat
2007-11-04 20:02:54 0 d-------- C:\Program Files\Yahoo!
2007-11-01 21:00:43 122880 --a------ C:\WINDOWS\system32\ati2evxx(2).dll <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows>
2007-10-28 15:32:57 0 d-------- C:\Program Files\Alcohol Soft

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2D5796A2-44E0-4E50-A5A0-80BF1EE3EA73}]
12/26/2007 11:12 PM 39936 --------- C:\WINDOWS\system32\mljjkhg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B283E7E-1499-46C5-B0D2-75438156DDFC}]
12/27/2007 01:33 PM 344576 --------- C:\WINDOWS\system32\jkhhe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E35B657-BE29-42BD-B69E-9F680FF88C95}]
C:\WINDOWS\system32\mllji.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d6e17b4-2106-4984-831e-3ea042f915b7}]
12/27/2007 02:09 PM 81984 --a------ C:\WINDOWS\system32\mnvcpjpg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{702D7173-00A5-481C-9D32-7DB2565F265E}]
C:\Program Files\Messenger\sagejyt83122.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard .exe" [12/28/2007 03:34 AM]
"041fb4d4"="C:\WINDOWS\system32\ymdgkwan.dll" [12/27/2007 02:09 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoRemoteRecursiveEvents"=1 (0x1)
"NoWindowsUpdate"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"ForceClassicControlPanel"=1 (0x1)
"NoSaveSettings"=0 (0x0)
"NoWindowsUpdate"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"ForceClassicControlPanel"=1 (0x1)
"NoSaveSettings"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{2D5796A2-44E0-4E50-A5A0-80BF1EE3EA73}"= C:\WINDOWS\system32\mljjkhg.dll [12/26/2007 11:12 PM 39936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkhhe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Home^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\Home\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
"C:\Program Files\Softwin\BitDefender10\bdagent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
C:\WINDOWS\system32\jkhhe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
ICO.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask .exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tray Temperature]
C:\DOCUME~1\Home\LOCALS~1\Temp\MiniBug.exe 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
"C:\Program Files\Save\Save.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAble]
C:\Program Files\WinAble\winable.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winshow]
"C:\WINDOWS\winshow .exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"OneStep Search Service"=2 (0x2)

-- End of Deckard's System Scanner: finished at 2007-12-28 03:36:45 ------------

12-28-2007, 03:38 AM	#4 (permalink)
flyjum Registered User Join Date: Dec 2007 Posts: 21 OS: xp	Re: HJT log mllji.dll found LOTS OF POPUPS DSS did not make extra.txted I tried it 5 times and restarted computer and did it again still no extra.txt but here is the main also I dont know why it didnt back up a system restore point but i have none saved. I just did one on the 24th of dec to. Deckard's System Scanner v20071014.68 Run by Home on 2007-12-28 03:35:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Home.exe) ------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:35:35 AM, on 12/28/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\TrojanHunter 5.0\THGuard .exe C:\Program Files\TrojanHunter 5.0\THGuard .exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Home\Local Settings\Temporary Internet Files\Content.IE5\LZV39NL5\dss[1].exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Home.exe F3 - REG:win.ini: load=C:\WINDOWS\system32\jkhhe.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {2D5796A2-44E0-4E50-A5A0-80BF1EE3EA73} - C:\WINDOWS\system32\mljjkhg.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {3B283E7E-1499-46C5-B0D2-75438156DDFC} - C:\WINDOWS\system32\jkhhe.dll O2 - BHO: (no name) - {4E35B657-BE29-42BD-B69E-9F680FF88C95} - C:\WINDOWS\system32\mllji.dll (file missing) O2 - BHO: {7b519f24-0ae3-e138-4894-60124b71e6d6} - {6d6e17b4-2106-4984-831e-3ea042f915b7} - C:\WINDOWS\system32\mnvcpjpg.dll O2 - BHO: (no name) - {702D7173-00A5-481C-9D32-7DB2565F265E} - C:\Program Files\Messenger\sagejyt83122.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: WebBlock Class - {C6B08E8D-3F9A-4710-9F38-E4BF827C6AC2} - C:\WINDOWS\Prefetch\10544\webblock.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard .exe" O4 - HKLM\..\Run: [041fb4d4] rundll32.exe "C:\WINDOWS\system32\ymdgkwan.dll",b O4 - HKUS\S-1-5-19\..\RunOnce: [FirstLogon] C:\windows\system32\prefetch32\Rundll.bat (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [FirstLogon] C:\windows\system32\prefetch32\Rundll.bat (User 'NETWORK SERVICE') O4 - S-1-5-18 Startup: IBM.lnk = C:\WINDOWS\system32\Prefetch32\IBM.bat (User 'SYSTEM') O4 - .DEFAULT Startup: IBM.lnk = C:\WINDOWS\system32\Prefetch32\IBM.bat (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 5551 bytes -- Files created between 2007-11-28 and 2007-12-28 ----------------------------- 2007-12-28 02:54:17 348160 --a------ C:\WINDOWS\system32\jkhhe.exe 2007-12-27 14:47:20 0 d-------- C:\Documents and Settings\Home\Application Data\TrojanHunter 2007-12-27 14:09:40 81984 --a------ C:\WINDOWS\system32\mnvcpjpg.dll 2007-12-27 14:09:35 90176 --a------ C:\WINDOWS\system32\ymdgkwan.dll 2007-12-27 13:52:56 0 d-------- C:\Program Files\TrojanHunter 5.0 2007-12-27 13:33:36 6708 --ahs---- C:\WINDOWS\system32\ehhkj.ini2 2007-12-27 13:33:33 344576 -----n--- C:\WINDOWS\system32\jkhhe.dll 2007-12-27 12:08:25 35840 --a------ C:\WINDOWS\winshow .exe <Not Verified; ; winshow> 2007-12-27 11:38:28 0 d-------- C:\VundoFix Backups 2007-12-27 01:22:23 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus> 2007-12-27 00:38:03 0 d-------- C:\Program Files\Trend Micro 2007-12-27 00:20:51 0 d-------- C:\Documents and Settings\Home\Application Data\Bitdefender 2007-12-27 00:07:13 81984 --a------ C:\WINDOWS\system32\bdod.bin 2007-12-27 00:02:05 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender 2007-12-26 23:47:08 0 d-------- C:\Program Files\WinAble 2007-12-26 23:47:08 0 d-------- C:\Program Files\Temporary 2007-12-26 23:13:08 2 --a------ C:\WINDOWS\system32\wtssvtr.exe 2007-12-26 23:13:07 0 d-------- C:\WINDOWS\?dobe 2007-12-26 23:12:56 0 d-------- C:\WINDOWS\system32\?icrosoft.NET 2007-12-26 23:12:15 39936 -----n--- C:\WINDOWS\system32\mljjkhg.dll 2007-12-26 23:12:08 80640 --a------ C:\WINDOWS\system32\drivers\core.sys 2007-12-26 23:12:07 0 d-------- C:\Program Files\Web Buying 2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\to9 2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\dj2 2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\bbc9 2007-12-26 23:12:06 0 d-------- C:\WINDOWS\system32\b1 2007-12-26 23:12:02 0 d-------- C:\WINDOWS\system32\ardCo02 2007-12-26 23:12:02 0 d-------- C:\Temp 2007-12-25 12:12:14 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI 2007-12-25 12:07:51 0 d-------- C:\WINDOWS\LastGood(2) 2007-12-25 10:10:22 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2007-12-25 03:55:00 53760 --a------ C:\WINDOWS\b122.exe 2007-12-24 12:30:00 0 d-------- C:\Documents and Settings\Home\Application Data\acccore 2007-12-24 12:29:57 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP 2007-12-24 12:29:45 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL 2007-12-24 12:29:30 0 d-------- C:\Program Files\Common Files\Nullsoft 2007-12-24 12:29:14 0 d-------- C:\Program Files\Common Files\AOL 2007-12-24 12:29:08 0 d-------- C:\Program Files\AIM6 2007-12-24 12:27:36 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads 2007-12-23 10:59:57 5767168 --a------ C:\Documents and Settings\Home\ntuser.dat 2007-12-21 14:23:33 0 d-------- C:\Program Files\Microsoft Silverlight 2007-12-19 22:38:31 0 d-------- C:\Program Files\MagicISO 2007-12-19 21:03:24 0 d-------- C:\Program Files\epsxe 2007-12-17 04:41:51 0 d-------- C:\Program Files\Majorem 2007-12-10 18:44:19 967 --a------ C:\WINDOWS\ScUnin.pif 2007-12-10 18:44:19 94208 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller> 2007-12-10 18:44:19 35190 --a------ C:\WINDOWS\scunin.dat 2007-12-10 18:43:36 0 d-------- C:\Program Files\Starcraft 2007-12-09 19:43:37 6338 --a------ C:\WINDOWS\scedunin.dat 2007-12-09 19:43:35 967 --a------ C:\WINDOWS\ScEdUnin.pif 2007-12-09 19:43:34 68608 --a------ C:\WINDOWS\ScEdUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller> 2007-12-09 19:43:34 0 d-------- C:\Program Files\Starcraft Shareware(ED) 2007-12-03 18:33:18 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-12-03 18:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-12-03 18:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-12-03 18:33:16 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-12-03 13:20:35 0 d-------- C:\Program Files\Electronic Arts 2007-11-30 12:00:57 0 d-------- C:\Program Files\Network Stumbler 2007-11-30 08:20:30 0 d-------- C:\Program Files\Common Files\xing shared 2007-11-29 15:30:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-11-29 15:28:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2007-11-29 15:28:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2007-11-28 14:52:32 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll -- Find3M Report --------------------------------------------------------------- 2007-12-28 03:11:23 0 d-------- C:\Program Files\Steam 2007-12-28 02:41:48 0 d-------- C:\Program Files\Warcraft III 2007-12-27 12:10:56 0 d-------- C:\Documents and Settings\Home\Application Data\Skype 2007-12-27 01:52:01 0 d-------- C:\Program Files\Google 2007-12-27 01:48:19 0 d-------- C:\Program Files\Common Files\LightScribe 2007-12-27 00:28:28 0 d-------- C:\Program Files\WinAce 2007-12-27 00:13:39 0 d-------- C:\Program Files\Save 2007-12-27 00:13:30 0 d-------- C:\Program Files\QuickTime 2007-12-27 00:13:14 0 d-------- C:\Program Files\Messenger 2007-12-27 00:12:27 0 d-------- C:\Program Files\Common Files 2007-12-27 00:11:39 0 d-------- C:\Program Files\AIM 2007-12-26 23:42:39 0 d-------- C:\Program Files\CONEXANT 2007-12-26 23:40:21 0 d-------- C:\Program Files\Gran Paradiso 2007-12-26 23:40:07 0 d-------- C:\Program Files\GameSpy Arcade 2007-12-26 23:38:56 0 d-------- C:\Program Files\Real 2007-12-25 12:12:00 0 d-------- C:\Program Files\ATI Technologies 2007-12-24 12:28:35 335 --a------ C:\WINDOWS\nsreg.dat 2007-12-24 12:28:35 0 d-------- C:\Documents and Settings\Home\Application Data\Mozilla 2007-12-22 19:31:13 0 d-------- C:\Documents and Settings\Home\Application Data\DivX 2007-12-22 17:35:32 0 d-------- C:\Documents and Settings\Home\Application Data\Azureus 2007-12-19 08:08:18 0 d-------- C:\Documents and Settings\Home\Application Data\Adobe 2007-12-17 03:01:29 0 d-------- C:\Program Files\World of Warcraft 2007-12-16 17:08:14 0 d-------- C:\Documents and Settings\Home\Application Data\Aim 2007-12-12 09:18:20 0 d-------- C:\Program Files\DivX 2007-12-08 23:05:38 0 d-------- C:\Program Files\Azureus 2007-12-04 19:55:20 122880 --a------ C:\WINDOWS\system32\ati2evxx(4).dll <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows> 2007-12-04 19:55:20 122880 --a------ C:\WINDOWS\system32\ati2evxx(3).dll <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows> 2007-12-04 19:33:27 887724 --a------ C:\WINDOWS\system32\ativva6x.dat 2007-11-30 08:20:15 0 d-------- C:\Program Files\Common Files\Real 2007-11-06 07:19:00 158080 --a------ C:\WINDOWS\system32\atiicdxx.dat 2007-11-04 20:02:54 0 d-------- C:\Program Files\Yahoo! 2007-11-01 21:00:43 122880 --a------ C:\WINDOWS\system32\ati2evxx(2).dll <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows> 2007-10-28 15:32:57 0 d-------- C:\Program Files\Alcohol Soft -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2D5796A2-44E0-4E50-A5A0-80BF1EE3EA73}] 12/26/2007 11:12 PM 39936 --------- C:\WINDOWS\system32\mljjkhg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3B283E7E-1499-46C5-B0D2-75438156DDFC}] 12/27/2007 01:33 PM 344576 --------- C:\WINDOWS\system32\jkhhe.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E35B657-BE29-42BD-B69E-9F680FF88C95}] C:\WINDOWS\system32\mllji.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d6e17b4-2106-4984-831e-3ea042f915b7}] 12/27/2007 02:09 PM 81984 --a------ C:\WINDOWS\system32\mnvcpjpg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{702D7173-00A5-481C-9D32-7DB2565F265E}] C:\Program Files\Messenger\sagejyt83122.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard .exe" [12/28/2007 03:34 AM] "041fb4d4"="C:\WINDOWS\system32\ymdgkwan.dll" [12/27/2007 02:09 PM] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoRemoteRecursiveEvents"=1 (0x1) "NoWindowsUpdate"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsHistory"=1 (0x1) "NoRecentDocsMenu"=1 (0x1) "ForceClassicControlPanel"=1 (0x1) "NoSaveSettings"=0 (0x0) "NoWindowsUpdate"=1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsHistory"=1 (0x1) "NoRecentDocsMenu"=1 (0x1) "ForceClassicControlPanel"=1 (0x1) "NoSaveSettings"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{2D5796A2-44E0-4E50-A5A0-80BF1EE3EA73}"= C:\WINDOWS\system32\mljjkhg.dll [12/26/2007 11:12 PM 39936] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=sockspy.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkhhe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Home^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk] path=C:\Documents and Settings\Home\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] C:\WINDOWS\system32\jkhhe.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon] ICO.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] "C:\Program Files\Steam\Steam.exe" -silent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tray Temperature] C:\DOCUME~1\Home\LOCALS~1\Temp\MiniBug.exe 1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave] "C:\Program Files\Save\Save.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAble] C:\Program Files\WinAble\winable.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winshow] "C:\WINDOWS\winshow .exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Viewpoint Manager Service"=2 (0x2) "OneStep Search Service"=2 (0x2) -- End of Deckard's System Scanner: finished at 2007-12-28 03:36:45 ------------ Last edited by flyjum : 12-28-2007 at 03:47 AM.