Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Hi Please Hijack this log Hi Please Hijack this log
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 03-21-2007, 06:27 PM   #1 (permalink)
Registered User
 
Join Date: Mar 2007
Posts: 4
OS: XP


Hi Please Hijack this log
Deckard's System Scanner v20070318.32
Run by Josh on 2007-03-21 at 21:04:58
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2007-03-22 01:05:42 UTC - RP1 - System Checkpoint


Performed disk cleanup.


-- HijackThis (run as Josh.exe) ------------------------------------------------

HijackThis failed to provide a log after three minutes; running clone instead.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-03-21 21:11:54
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.0.5730.11)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security 2005\PcCtlCom.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Trend Micro\Internet Security 2005\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security 2005\tmproxy.exe
C:\Program Files\Vongo\VongoService.exe
C:\Program Files\Trend Micro\Internet Security 2005\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\DLLLOADRS.EXE
C:\Program Files\PC Tools AntiVirus\PCTAV.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AIM6\anotify.exe
C:\Documents and Settings\Josh\Desktop\dss.exe
C:\Program Files\HijackThis\Josh.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {36DBC179-A19F-48F2-B16A-6A3E19B42A87} - C:\WINDOWS\system32\ipv6monl.dll
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O2 - BHO: (no name) - {867FD8AF-C6C2-4C4C-B159-6A4D9E825088} - C:\WINDOWS\Help\lpayva.dll
O2 - BHO: (no name) - {889582B2-C4B5-4D04-903D-079D27C207A2} - C:\WINDOWS\system32\sqcahenv.dll
O2 - BHO: (no name) - {8EE86299-F124-4C8E-9802-1DDF2C61F490} - C:\WINDOWS\system32\sqcahenv.dll
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\yndgmhgc.dll (file missing)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\aapixyec.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\DLLLOADRS.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\DLLLOADRS.EXE
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\tcnbleju.dll",setvm
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra 'Tools' menuitem: (no name) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.amaena.com (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com (HKCU)
O15 - Trusted Zone: http://locator1.cdn.imagesrvr.com (HKCU)
O15 - Trusted Zone: http://scanner.sysprotect.com (HKCU)
O15 - Trusted Zone: http://systemdoctor.com (HKCU)
O15 - Trusted Zone: http://www.winantivirus.com (HKCU)
O15 - Trusted Zone: http://www.winantiviruspro.com (HKCU)
O15 - Trusted Zone: http://download.cdn.winsoftware.com (HKCU)
O15 - Trusted IP Range: http://202.67.220.225 (HKCU)
O15 - Trusted IP Range: http://59.148.220.121 (HKCU)
O15 - Trusted IP Range: http://62.4.84.53 (HKCU)
O15 - Trusted IP Range: http://82.98.235.58 (HKCU)
O15 - Trusted IP Range: http://85.12.25.90 (HKCU)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1128944533843
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\mflbui.dll (file missing)
O20 - Winlogon Notify: lpayva - C:\WINDOWS\Help\lpayva.dll
O20 - Winlogon Notify: vtsqq - C:\WINDOWS\system32\vtsqq.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\system32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corp., Veritas Software - C:\WINDOWS\System32\dmadmin.exe /com
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security 2005\PcCtlCom.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - "C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe"
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security 2005\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2005\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2005\tmproxy.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: SMX regulator (Windows SMX) - Unknown owner - "C:\WINDOWS\winsmx.exe"


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 OMCI - c:\windows\system32\drivers\omci.sys
R1 tmtdi (Trend Micro TDI Driver) - c:\windows\system32\drivers\tmtdi.sys
R2 AVFilter - c:\windows\system32\drivers\avfilter.sys
R2 PfModNT - c:\windows\system32\drivers\pfmodnt.sys
R2 tm_cfw (Common Firewall Driver) - c:\windows\system32\drivers\tm_cfw.sys
R2 Tmfilter - c:\windows\system32\drivers\tmxpflt.sys
R2 Tmpreflt - c:\windows\system32\drivers\tmpreflt.sys
R2 Vsapint - c:\windows\system32\drivers\vsapint.sys
R3 AVHook - c:\windows\system32\drivers\avhook.sys
R3 AVRec - c:\windows\system32\drivers\avrec.sys
R3 BCMModem (BCM V.92 56K Modem) - c:\windows\system32\drivers\bcmsm.sys
R3 P16X (Creative SB Live! Series (WDM)) - c:\windows\system32\drivers\p16x.sys
R3 vaxscsi - c:\windows\system32\drivers\vaxscsi.sys

S3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys
S3 usbbus (LGE CDMA Composite USB Device) - c:\windows\system32\drivers\lgusbbus.sys
S3 UsbDiag (LGE CDMA USB Serial Port) - c:\windows\system32\drivers\lgusbdiag.sys
S3 USBModem (LGE CDMA USB Modem) - c:\windows\system32\drivers\lgusbmodem.sys
S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 PcCtlCom (Trend Micro Central Control Component) - c:\progra~1\trendm~1\intern~1\pcctlcom.exe
R2 PCTAVSvc (PC Tools AntiVirus Engine) - "c:\program files\pc tools antivirus\pctavsvc.exe"
R2 SNMP (SNMP Service) - c:\windows\system32\snmp.exe
R2 StarWindService (StarWind iSCSI Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe
R2 Tmntsrv (Trend Micro Real-time Service) - c:\progra~1\trendm~1\intern~1\tmntsrv.exe
R2 TmPfw (Trend Micro Personal Firewall) - c:\progra~1\trendm~1\intern~1\tmpfw.exe
R2 tmproxy (Trend Micro Proxy Service) - c:\progra~1\trendm~1\intern~1\tmproxy.exe
R2 Vongo Service - c:\program files\vongo\vongoservice.exe

S2 Windows SMX (SMX regulator) - "c:\windows\winsmx.exe" (file missing)
S3 LPDSVC (TCP/IP Print Server) - c:\windows\system32\tcpsvcs.exe


-- Scheduled Tasks -------------------------------------------------------------

2007-03-20 13:00:04 370 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job<MPSCHE~1.JOB>


-- Files created between 2007-02-21 and 2007-03-21 -----------------------------

2007-03-20 17:09:52 0 d-------- C:\Documents and Settings\Josh\Application Data\PC Tools<PCTOOL~1>
2007-03-20 17:01:50 15872 --a------ C:\WINDOWS\system32\drivers\AVRec.sys
2007-03-20 17:01:49 22528 --a------ C:\WINDOWS\system32\drivers\AVHook.sys
2007-03-20 17:01:49 15360 --a------ C:\WINDOWS\system32\drivers\AVFilter.sys
2007-03-20 17:01:26 0 d-------- C:\Program Files\Common Files\PC Tools<PCTOOL~1>
2007-03-20 17:01:22 0 d-------- C:\Program Files\PC Tools AntiVirus<PCTOOL~1>
2007-03-20 17:01:22 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools<PCTOOL~1>
2007-03-20 16:45:16 123412 --a------ C:\WINDOWS\system32\tcnbleju.dll
2007-03-20 16:45:06 76412 --a------ C:\WINDOWS\system32\eldebtyk.dll
2007-03-20 16:43:32 76412 --a------ C:\WINDOWS\system32\tdrkitso.dll
2007-03-18 20:29:53 0 d-------- C:\Documents and Settings\Josh\Application Data\Avant Profiles<AVANTP~1>
2007-03-18 20:29:26 0 d-------- C:\Program Files\Avant Browser<AVANTB~1>
2007-03-17 21:51:58 84184 --a------ C:\WINDOWS\system32\ipv6monl.dll
2007-03-17 21:51:53 116952 --a------ C:\WINDOWS\system32\~.exe
2007-03-17 18:00:02 76412 --a------ C:\WINDOWS\system32\smgeogrd.dll
2007-03-16 17:59:48 76412 --a------ C:\WINDOWS\system32\xvtllebx.dll
2007-03-16 17:59:18 76412 --a------ C:\WINDOWS\system32\vpjyilsg.dll
2007-03-14 11:08:32 76412 --a------ C:\WINDOWS\system32\lwkbucbm.dll
2007-03-11 1139 131604 --a------ C:\WINDOWS\system32\ctsgrfxp.dll
2007-03-10 08:17:51 76412 --a------ C:\WINDOWS\system32\bjkkqviy.dll
2007-03-09 08:16:53 76412 --a------ C:\WINDOWS\system32\caxhfiju.dll
2007-03-08 08:16:40 76412 --a------ C:\WINDOWS\system32\lnruildu.dll
2007-03-08 08:16:17 76412 --a------ C:\WINDOWS\system32\lbicqura.dll
2007-03-07 16:51:24 76412 --a------ C:\WINDOWS\system32\vjrfvqrm.dll
2007-03-06 16:49:23 76412 --a------ C:\WINDOWS\system32\oerefclk.dll
2007-03-05 16:47:54 76412 --a------ C:\WINDOWS\system32\ucirrdby.dll
2007-03-05 16:47:14 76412 --a------ C:\WINDOWS\system32\kxengywp.dll
2007-02-28 23:28:45 131604 --a------ C:\WINDOWS\system32\kdruqobs.dll
2007-02-27 23:27:11 131604 --a------ C:\WINDOWS\system32\kocqutvi.dll
2007-02-27 23:20:28 131604 --a------ C:\WINDOWS\system32\ngbsumxb.dll
2007-02-24 12:50:47 76412 --a------ C:\WINDOWS\system32\ledbdncl.dll
2007-02-23 12:50:24 76412 --a------ C:\WINDOWS\system32\utlnxpmr.dll
2007-02-22 16:48:44 76412 --a------ C:\WINDOWS\system32\jjdyjxtp.dll


-- Find3M Report ---------------------------------------------------------------

2007-03-18 17:53:58 0 d-------- C:\Documents and Settings\Josh\Application Data\Macromedia<MACROM~1>
2007-03-02 22:28:12 0 d-------- C:\Documents and Settings\Josh\Application Data\LimeWire
2007-02-22 18:58:59 0 d-------- C:\Documents and Settings\Josh\Application Data\Aim
2007-02-22 18:58:49 0 d-------- C:\Program Files\AIM
2007-02-19 11:50:05 76412 --a------ C:\WINDOWS\system32\onbpyydt.dll
2007-02-17 11:49:32 76412 --a------ C:\WINDOWS\system32\xepukahl.dll
2007-02-15 10:54:24 76412 --a------ C:\WINDOWS\system32\rtdovsys.dll
2007-02-15 10:45:50 0 d-------- C:\Program Files\PSP Brew<PSPBRE~1>
2007-02-15 09:22:27 118804 --a------ C:\WINDOWS\system32\iturlgxr.dll
2007-02-15 09:20:58 44177 --a------ C:\WINDOWS\system32\pypwjxux.dll
2007-02-15 09:20:50 76412 --a------ C:\WINDOWS\system32\xymvjgjy.dll
2007-02-15 04:10:44 0 d-------- C:\Program Files\Common Files\AOL
2007-02-14 22:30:26 0 d-------- C:\Program Files\AIM6
2007-02-14 22:26:33 0 d-------- C:\Documents and Settings\Josh\Application Data\Mozilla
2007-02-14 22:02:10 118804 --a------ C:\WINDOWS\system32\iuibxbao.dll
2007-02-14 21:59:51 131604 --a------ C:\WINDOWS\system32\ppoiscyx.dll
2007-02-14 21:56:24 0 d-------- C:\Program Files\AlienGUIse<ALIENG~1>
2007-02-14 21:51:43 0 d-------- C:\Program Files\BitLord
2007-02-14 21:41:19 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-14 20:56:00 131604 --a------ C:\WINDOWS\system32\ektpxocl.dll
2007-02-14 20:55:13 76412 --a------ C:\WINDOWS\system32\hfqrwtag.dll
2007-02-14 20:32:43 0 d-------- C:\Program Files\Morpheus
2007-02-11 19:30:46 76412 --a------ C:\WINDOWS\system32\cjketibm.dll
2007-02-10 19:29:26 131604 --a------ C:\WINDOWS\system32\sqcahenv.dll
2007-02-08 19:24:18 76412 --a------ C:\WINDOWS\system32\imyfvjke.dll
2007-02-06 18:51:20 76412 --a------ C:\WINDOWS\system32\cqayetwi.dll
2007-02-02 20:04:08 76412 --a------ C:\WINDOWS\system32\tjwxdxpv.dll
2007-01-31 20:02:38 76412 --a------ C:\WINDOWS\system32\sidxedmr.dll
2007-01-31 1753 0 d-------- C:\Documents and Settings\Josh\Application Data\Viewpoint<VIEWPO~1>
2007-01-29 17:03:17 44165 --a------ C:\WINDOWS\system32\ntbqmued.dll
2007-01-29 17:02:59 118804 -----n--- C:\WINDOWS\system32\nabhjutq.dll
2007-01-27 21:33:35 76412 --a------ C:\WINDOWS\system32\bjyltbxq.dll
2007-01-25 21:30:40 76412 --a------ C:\WINDOWS\system32\gltvbiqq.dll
2007-01-25 21:27:05 76412 --a------ C:\WINDOWS\system32\pghtcbqh.dll
2007-01-25 19:45:30 76412 --a------ C:\WINDOWS\system32\leqenxud.dll
2007-01-24 21:38:37 0 d-------- C:\Program Files\BearFlix
2007-01-24 21:34:25 28 --a------ C:\WINDOWS\system32\vfw_32.reg
2007-01-24 21:31:07 0 d-------- C:\Program Files\Xingtone
2007-01-24 21:31:04 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-01-23 19:42:59 76412 --a------ C:\WINDOWS\system32\iqaixjpa.dll
2007-01-21 19:42:04 76412 --a------ C:\WINDOWS\system32\iytxleui.dll
2007-01-18 12:23:43 76412 --a------ C:\WINDOWS\system32\ccqploim.dll
2007-01-16 12:23:02 76412 --a------ C:\WINDOWS\system32\rmxewaou.dll
2007-01-14 19:09:04 81684 --a------ C:\WINDOWS\system32\uumbppet.dll
2007-01-12 19:00:36 81684 --a------ C:\WINDOWS\system32\ddnrdrxr.dll
2007-01-11 19:00:19 118804 -----n--- C:\WINDOWS\system32\ibcqcutn.dll
2007-01-10 18:53:51 81684 --a------ C:\WINDOWS\system32\rkapdleb.dll
2007-01-09 18:52:21 132116 --a------ C:\WINDOWS\system32\rltgscac.dll
2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 18:51:49 81684 --a------ C:\WINDOWS\system32\fvbgstqd.dll
2007-01-07 18:51:25 132116 --a------ C:\WINDOWS\system32\dsrikxkn.dll
2007-01-06 18:51:01 81684 --a------ C:\WINDOWS\system32\puqequjg.dll
2007-01-05 18:50:15 81684 --a------ C:\WINDOWS\system32\hbijdhon.dll
2007-01-05 18:50:05 132116 --a------ C:\WINDOWS\system32\ktsarevd.dll
2007-01-03 22:25:44 81684 --a------ C:\WINDOWS\system32\istflqhh.dll
2007-01-02 22:23:49 81684 --a------ C:\WINDOWS\system32\xkjnoqlk.dll
2006-12-31 16:16:36 81684 --a------ C:\WINDOWS\system32\mqtuulyc.dll
2006-12-30 12:31:42 81684 --a------ C:\WINDOWS\system32\yhiyhfld.dll
2006-12-29 12:29:49 81684 --a------ C:\WINDOWS\system32\hrtkxelt.dll
2006-12-27 18:11:05 44060 --a------ C:\WINDOWS\system32\svnjqidb.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeper.exe\" /0"
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BCMSMMSG"="BCMSMMSG.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 2005\\pccguide.exe\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"diagent"="\"C:\\Program Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\" startup"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Windows System Configuration"="C:\\WINDOWS\\DLLLOADRS.EXE"
"Windows DLL Loader"="C:\\WINDOWS\\DLLLOADRS.EXE"
"2chkdsk"="rundll32.exe \"C:\\WINDOWS\\system32\\tcnbleju.dll\",setvm"
"PCTAVApp"="\"C:\\Program Files\\PC Tools AntiVirus\\PCTAV.exe\" /MONITORSCAN"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CU1"="C:\\Program Files\\Common Files\\VCClient\\VCClient.exe"
"CU2"="C:\\Program Files\\Common Files\\VCClient\\VCMain.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Controls Folder
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lpayva
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqq

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0



-- End of Deckard's System Scanner: finished at 2007-03-21 at 21:19:37 ---------
Attached Files
File Type: txt extra.txt (9.8 KB, 0 views)
jhayes is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 03-22-2007, 05:34 PM   #2 (permalink)
Registered User
 
Join Date: Mar 2007
Posts: 4
OS: XP


Re: Hi Please Hijack this log
Please help me my computer is still really really slow and has problems
thanks
jhayes is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 02:50 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82