|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
08-21-2007, 09:05 AM
|
#3 (permalink) |
|
Registered User
Join Date: Aug 2007
Location: nr leeds (uk)
Posts: 24
OS: windows xp
 |
Re: pop ups
Run by Owner on 2007-08-21 14:41:52
Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 91: 2007-08-21 14:42:04 UTC - RP266 - Deckard's System Scanner Restore Point 90: 2007-08-21 09:51:24 UTC - RP265 - System Checkpoint 89: 2007-08-18 15:50:06 UTC - RP264 - Installed AVG 7.5 88: 2002-01-01 10:31:08 UTC - RP263 - Restore Operation 87: 2002-01-01 04:09:43 UTC - RP262 - Restore Operation -- First Restore Point -- 1: 2007-05-24 02:00:46 UTC - RP176 - Software Distribution Service 3.0 Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of HijackThis v1.99.1 Scan saved at 2007-08-21 14:48:46 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (6.00.2900.2180) Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\Grisoft\AVG7\avgamsvr.exe C:\Program Files\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Grisoft\AVG7\avgemc.exe C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system\hpsysdrv.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE C:\WINDOWS\system32\ps2.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe C:\Program Files\Grisoft\AVG7\avgcc.exe C:\Program Files\WinPop\winpop.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Owner\Desktop\dss.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qgb10.hpwis.com/ R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qgb10.hpwis.com/ R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qgb10.hpwis.com/ R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = http://qgb10.hpwis.com/ R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {88B6C391-2ABF-4767-A538-0C0FFF01C0A4} - C:\WINDOWS\system32\mljgh.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: 2pass toolbar - {b2d210af-464e-4a7e-b2ff-4ee0bf4ce564} - C:\Program Files\2pass\tb2pas.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVShExt.dll O2 - BHO: (no name) - {C84D8A0A-E708-42B6-90CA-9C30956A87C6} - (no file) O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - (no file) O2 - BHO: (no name) - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVShExt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll O3 - Toolbar: 2pass toolbar - {b2d210af-464e-4a7e-b2ff-4ee0bf4ce564} - C:\Program Files\2pass\tb2pas.dll O4 - HKEY_LOCAL_MACHINE\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKEY_LOCAL_MACHINE\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKEY_LOCAL_MACHINE\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKEY_LOCAL_MACHINE\..\Run: [VTTimer] VTTimer.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKEY_LOCAL_MACHINE\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKEY_LOCAL_MACHINE\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKEY_LOCAL_MACHINE\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKEY_LOCAL_MACHINE\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKEY_LOCAL_MACHINE\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-GB\local\search.html O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZK O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?13b825b2b61b4709bddf37494a65c047 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?13b825b2b61b4709bddf37494a65c047 O9 - Extra button: (no name) - CmdMapping - (file missing) O9 - Extra 'Tools' menuitem: (no name) - CmdMapping - (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll O9 - Extra 'Tools' menuitem: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll O9 - Extra 'Tools' menuitem: (no name) - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing) O9 - Extra 'Tools' menuitem: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{E1E5109B-EA74-4259-9A74-E27267074B3E}: NameServer = 212.139.132.52 212.139.132.53 O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Filter: text/html - {0EB00690-8FA1-11D3-96C7-829E3EA50C29} - (no file) O20 - Winlogon Notify: awturss - C:\WINDOWS\system32\awturss.dll (file missing) O20 - Winlogon Notify: mljgh - C:\WINDOWS\system32\mljgh.dll O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - "C:\WINDOWS\wanmpsvc.exe" -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 core - c:\windows\system32\drivers\core.sys R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> S3 PPPoEWin (PPPoEWin Miniport) - c:\windows\system32\drivers\pppoewin.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S2 AOLService (AOL Spyware Protection Service) - c:\progra~1\common~1\aol\aolspy~1\\aolserv.exe -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2007-08-21 14:00:02 254 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job 2007-07-27 20:11:48 530 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job 2007-03-07 20:32:27 412 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job -- Files created between 2007-07-21 and 2007-08-21 ----------------------------- 2007-08-21 10:13:42 0 dr-h----- C:\Documents and Settings\Owner\Recent 2007-08-21 09:34:53 0 d-------- C:\Program Files\Yahoo! 2007-08-21 09:34:33 0 d-------- C:\Program Files\CCleaner 2007-08-18 16:35:41 1004460 ---hs---- C:\WINDOWS\system32\hgjlm.ini2 2007-08-18 15:56:01 0 dr-h----- C:\$VAULT$.AVG 2007-08-18 15:55:08 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7 2007-08-18 15:51:01 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2007-08-18 15:50:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-08-18 15:50:24 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7 2007-08-18 15:33:22 51 --a------ C:\Documents and Settings\Owner\Application Data\Dxcuknwrd.dll 2007-08-16 06:41:30 997074 ---hs---- C:\WINDOWS\system32\hgjlm.bak2 2007-08-09 11:42:43 0 d-------- C:\Documents and Settings\jake 2k7\Contacts 2007-08-05 12:00:54 0 d-------- C:\Documents and Settings\Owner\Application Data\VideoEgg 2007-07-31 13:07:15 0 d--hs---- C:\WINDOWS\ftpcache 2007-07-26 23  22 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll2007-07-26 23:03:48 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2007-07-26 23:03:48 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2007-07-26 23:03:38 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-07-26 23:03:38 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-07-26 23:03:38 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-07-26 23:03:38 740442 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-07-26 23:03:02 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll 2007-07-24 06:34:45 0 d-------- C:\clippy 2007-07-22 09:51:20 0 d-------- C:\Documents and Settings\Owner\Application Data\GetRightToGo -- Find3M Report --------------------------------------------------------------- 2007-08-21 12:28:16 0 d-------- C:\Program Files\Common Files 2007-08-20 20:00:43 0 d-------- C:\Program Files\Live_TV 2007-08-20 11:26:45 0 d-------- C:\Program Files\WinPop 2007-08-20 08:10:30 0 d-------- C:\Program Files\LimeWire 2007-08-18 22:18:32 0 d-------- C:\Program Files\DC++ 2007-08-18 15:40:58 25214 --a------ C:\Program Files\A.ico 2007-08-18 15:40:56 25214 --a------ C:\Program Files\B.ico 2007-08-18 13:44:23 0 d-------- C:\Program Files\DivX 2007-08-18 12:20:19 956047 ---hs---- C:\WINDOWS\system32\hgjlm.bak1 2007-07-24 06:01:42 4096 --a------ C:\WINDOWS\system32\crash 2007-07-22 08:19:55 0 d-------- C:\Program Files\BitComet 2007-07-17 04:22:47 0 d-------- C:\Program Files\2pass 2007-07-12 04:10:16 65 --a------ C:\WINDOWS\vmreg32.dll 2007-07-04 20:26:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Jasc 2007-07-04 19:54:55 0 d-------- C:\Documents and Settings\Owner\Application Data\MSN6 2007-07-03 19:55:22 0 d-------- C:\Program Files\Jasc Software Inc 2007-07-03 19:38:48 0 d-------- C:\Program Files\Common Files\Jasc Software Inc 2007-07-03 19:38:09 0 d-------- C:\Program Files\Common Files\InstallShield 2007-07-03 19:37:21 0 d-------- C:\Documents and Settings\Owner\Application Data\Jasc Software Inc 2007-06-14 11:54:02 2922 --a------ C:\WINDOWS\mozver.dat 2007-06-14 03:44:13 384 --a------ C:\Documents and Settings\Owner\Application Data\internaldb6334.dat 2007-06-14 03:28:42 194 --a------ C:\Documents and Settings\Owner\Application Data\internaldb8467.dat 2007-06-14 03:28:42 18432 --a------ C:\Documents and Settings\Owner\Application Data\internaldb41.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88B6C391-2ABF-4767-A538-0C0FFF01C0A4}] 01/01/2002 06:40 243296 --a------ C:\WINDOWS\system32\mljgh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2d210af-464e-4a7e-b2ff-4ee0bf4ce564}] 26/06/2007 17:54 1383448 --a------ C:\Program Files\2pass\tb2pas.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C84D8A0A-E708-42B6-90CA-9C30956A87C6}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{B2D210AF-464E-4A7E-B2FF-4EE0BF4CE564}"= C:\Program Files\2pass\tb2pas.dll [26/06/2007 17:54 1383448] [-HKEY_CLASSES_ROOT\CLSID\{B2D210AF-464E-4A7E-B2FF-4EE0BF4CE564}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07/05/1998 16:04] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [07/04/2003 07:07] "HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [] "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [23/05/2003 02:55] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [13/09/2002 21:42] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [19/08/2003 02:56] "nwiz"="nwiz.exe" [19/08/2003 02:56 C:\WINDOWS\system32\nwiz.exe] "VTTimer"="VTTimer.exe" [] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [22/12/2004 17:45] "PS2"="C:\WINDOWS\system32\ps2.exe" [31/07/2002 20:28] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [07/03/2007 14:36] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [02/01/2006 16:41] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14/03/2007 03:43] "AlcxMonitor"="ALCXMNTR.EXE" [07/09/2004 13:47 C:\WINDOWS\ALCXMNTR.EXE] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [11/03/2007 04:58] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [26/01/2004 11:38] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [18/08/2007 15:50] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVIEW"="nview.dll,nViewLoadHook" [] "Spyware Doctor"="C:\PROGRA~1\SPYWAR~1\swdoctor.exe" [21/12/2004 13:34] "Aim6"="" [] "WinPop"="C:\Program Files\WinPop\winpop.exe" [01/01/2002 06:42] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awturss] awturss.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljgh] C:\WINDOWS\system32\mljgh.dll 01/01/2002 06:40 243296 C:\WINDOWS\system32\mljgh.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk backup=C:\WINDOWS\pss\AOL 9.0 Tray Icon.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk backup=C:\WINDOWS\pss\AOL Companion.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^TA_Start.lnk] path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\TA_Start.lnk backup=C:\WINDOWS\pss\TA_Start.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Think-Adz.lnk] path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Think-Adz.lnk backup=C:\WINDOWS\pss\Think-Adz.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] C:\Program Files\Common Files\AOL\1009845705\ee\AOLSoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r -- Hosts ----------------------------------------------------------------------- 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 60 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2007-08-21 15:20:35 ------------ |
|
     
|
|
| Thread Tools | |
|
|
