Thread: Constant popups--Vista Antivirus 2008
View Single Post
Old 06-16-2008, 11:01 PM   #1 (permalink)
Greg Nordstrom
Registered User
 
Join Date: Jun 2008
Posts: 5
OS: XP


Constant popups--Vista Antivirus 2008
When we use Internet Explorer, windows keep on popping up, at varying rates. It seems that clicking a button or link often causes a new unwanted popup to occur.

I've pasted the text from Deckard's main.txt below, and attached the extra.txt file as requested in the 5 steps. Thanks in advance for any/all help!

Greg Nordstrom


Deckard's System Scanner v20071014.68
Run by vikki on 2008-06-16 23:41:38
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
89: 2008-06-17 04:41:47 UTC - RP1059 - Deckard's System Scanner Restore Point
88: 2008-06-17 04:30:05 UTC - RP1058 - Software Distribution Service 3.0
87: 2008-06-17 04:27:06 UTC - RP1057 - Software Distribution Service 3.0
86: 2008-06-17 04:19:28 UTC - RP1056 - Software Distribution Service 3.0
85: 2008-06-16 23:33:33 UTC - RP1055 - System Checkpoint


-- First Restore Point --
1: 2008-05-28 00:04:33 UTC - RP971 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 510 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-16 23:43:36
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\Tablet.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\2\fpdisp4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SYSTEM32\hkcmd.exe
C:\WINDOWS\SYSTEM32\igfxpers.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\SYSTEM32\hpoipm07.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpofxm07.exe
C:\temp\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
O2 - BHO: (no name) - {32341E7E-C319-46DE-91D0-E30BB1A3CABA} - C:\WINDOWS\system32\jkkIBRii.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: {c45efca7-8d59-a078-c374-1d7182130887} - {78803128-17d1-473c-870a-95d87acfe54c} - C:\WINDOWS\SYSTEM32\dlpnxkvl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {E15682AB-0DD2-4F02-A5A7-C7FEAA70F3FA} - C:\WINDOWS\system32\hgGyaaXq.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Spam Blocker for Outlook Express] C:\PROGRA~1\SPAMBL~1\Bin\484~1.0\SBInst.exe
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKLM\..\Run: [a02f7358] rundll32.exe "C:\WINDOWS\system32\xwfcpwbo.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.21\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.21\ShoppingReport.dll (file missing)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} (SentinelVE3D Class) - http://download.microsoft.com/downlo...ualEarth3D.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.0.6.5.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1164000565375
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub...sh/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{5B87B817-18EB-4EFA-AA43-24F9D3C0464A}: NameServer = 192.168.0.1
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: jkkIBRii - C:\WINDOWS\system32\jkkIBRii.dll (file missing)
O20 - Winlogon Notify: __c00E29C1 - C:\WINDOWS\system32\__c00E29C1.dat (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\SYSTEM32\Tablet.exe


--
End of file - 11299 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 PenClass (Pen Class) - c:\windows\system32\drivers\penclass.sys <Not Verified; Wacom Technology Corporation; Wacom Pen Class Driver>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>

S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AdobeActiveFileMonitor (Adobe Active File Monitor) - c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe
R2 PhotoshopElementsDeviceConnect (Photoshop Elements Device Connect) - c:\program files\adobe\photoshop elements 3.0\photoshopelementsdeviceconnect.exe
R2 TabletService - c:\windows\system32\tablet.exe <Not Verified; Wacom Technology, Corp.; Wacom Win32 Tablet Service>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-15 20:24:11 362 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job


-- Files created between 2008-05-16 and 2008-06-16 -----------------------------

2008-06-16 2320 0 d-------- C:\ie-spyad_zo
2008-06-16 21:43:04 0 d-------- C:\Program Files\Panda Security
2008-06-16 19:09:19 0 d-------- C:\Program Files\Alwil Software
2008-06-16 19:00:45 0 d-------- C:\temp
2008-06-16 18:15:26 0 d-------- C:\Program Files\Enigma Software Group
2008-06-16 18:03:46 81408 --a------ C:\WINDOWS\system32\xwfcpwbo.dll
2008-06-16 18:03:43 99328 --a------ C:\WINDOWS\system32\dlpnxkvl.dll
2008-06-16 18:01:42 99328 --a------ C:\WINDOWS\system32\sumgikqb.dll
2008-06-15 23:12:02 99840 --a------ C:\WINDOWS\system32\oaenavbi.dll
2008-06-15 23:09:49 99840 --a------ C:\WINDOWS\system32\pkssdmke.dll
2008-06-15 23:04:22 25088 --a------ C:\WINDOWS\system32\pmnLcCsp.dll
2008-06-15 14:38:29 99840 --a------ C:\WINDOWS\system32\fdotepdy.dll
2008-06-14 14:37:14 98304 --a------ C:\WINDOWS\system32\ypeqpqtt.dll
2008-06-13 00:55:20 98816 --a------ C:\WINDOWS\system32\tydtwvmg.dll
2008-06-09 17:29:03 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-09 17:28:47 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-06-09 17:28:47 0 d-------- C:\Program Files\SpywareBlaster
2008-06-03 02:50:14 0 d-------- C:\Documents and Settings\mike\Application Data\Sammsoft
2008-06-01 05:23:05 0 d-------- C:\Program Files\LiveAntispy
2008-06-01 05:22:56 1219436 --a------ C:\Documents and Settings\mike\Application Data\Install.dat
2008-06-01 05:22:54 25088 --a------ C:\WINDOWS\xpupdate.exe
2008-06-01 05:22:54 25088 --a------ C:\WINDOWS\system32\__c008CC34.exe
2008-05-27 19:04:23 2573 --ahs---- C:\WINDOWS\system32\qXaayGgh.ini2
2008-05-27 18:59:08 42496 --a------ C:\WINDOWS\system32\~.exe
2008-05-17 20:53:01 0 d-------- C:\Program Files\Install Creator
2008-05-17 20:51:19 0 d-------- C:\zeldaatof


-- Find3M Report ---------------------------------------------------------------

2008-06-16 23:34:40 12913 --a------ C:\WINDOWS\system32\tablet.dat
2008-05-22 20:24:56 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{32341E7E-C319-46DE-91D0-E30BB1A3CABA}]
C:\WINDOWS\system32\jkkIBRii.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78803128-17d1-473c-870a-95d87acfe54c}]
06/16/2008 06:03 PM 99328 --a------ C:\WINDOWS\system32\dlpnxkvl.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E15682AB-0DD2-4F02-A5A7-C7FEAA70F3FA}]
C:\WINDOWS\system32\hgGyaaXq.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [04/11/2004 08:15 PM]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [04/19/2004 02:45 PM]
"FinePrint Dispatcher v4"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe" [12/08/2000 02:32 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [12/20/2005 09:54 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/19/2006 06:37 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36 AM]
"Spam Blocker for Outlook Express"="C:\PROGRA~1\SPAMBL~1\Bin\484~1.0\SBInst.exe" []
"Antivirus"="C:\Program Files\VAV\vav.exe" []
"a02f7358"="C:\WINDOWS\system32\xwfcpwbo.dll" [06/16/2008 06:03 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 06:19 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05/18/2007 10:54 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"Antivirus"="C:\Program Files\VAV\vav.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Documents and Settings\vikki\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 1:04:12 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [10/4/2004 1:12:18 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 4:44:06 AM]
DESKTOP.INI [8/10/2004 1:04:12 PM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [3/27/2008 4:43:09 PM]
HPAiODevice(hp officejet g series) - 1.lnk - C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe [11/20/2002 5:15:00 PM]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [9/28/2005 7:34:48 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{32341E7E-C319-46DE-91D0-E30BB1A3CABA}"= C:\WINDOWS\system32\jkkIBRii.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkIBRii]
jkkIBRii.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__c00E29C1]
C:\WINDOWS\system32\__c00E29C1.dat

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\hgGyaaXq




-- End of Deckard's System Scanner: finished at 2008-06-16 23:44:37 ------------
Attached Files
File Type: txt extra.txt (14.9 KB, 1 views)
Greg Nordstrom is offline