Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > HijackThis Log Help (Inactive)
Reload this Page I Think I Have Trojan,Virus,Spyware etc.
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


 
 
LinkBack Thread Tools
Old 10-31-2007, 04:19 PM   #1 (permalink)
Registered User
 
Deron's Avatar
 
Join Date: Dec 2005
Location: Baton Rouge,Louisiana
Posts: 63
OS: XP,2000


Send a message via MSN to Deron Send a message via Yahoo to Deron
I Think I Have Trojan,Virus,Spyware etc.
I Think I Have Spyware And A Trojan
Heres My Log:

Deckard's System Scanner v20071014.68
Run by Owner on 2007-10-31 17:05:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 90% (more than 75%).
Total Physical Memory: 126 MiB (256 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:07:48 PM, on 10/31/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\vvgeowbv.exe
C:\WINNT\Explorer.EXE
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\My Documents\AVG Anti-Spyware 7.5\avgas.exe
C:\WINNT\plite731.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\DOCUME~1\OWNER~2.OWN\LOCALS~1\Temp\poewmekwr.exe
C:\WINNT\system32\regsvr32.exe
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cintek.com/default.shtml
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
F2 - REG:system.ini: UserInit=C:\WINNT\system32\vvgeowbv.exe,C:\WINNT\system32\userinit.exe
O1 - Hosts: 194.54.90.238 google.com
O1 - Hosts: 194.54.90.238 google.ca
O1 - Hosts: 194.54.90.238 www.google.com
O1 - Hosts: 194.54.90.238 search.yahoo.com
O1 - Hosts: 194.54.90.238 search.msn.com
O1 - Hosts: 194.54.90.238 search.live.com
O2 - BHO: (no name) - { - (no file)
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: (no name) - {6dae88ea-1dd2-11b2-ad21-f63e090be568} - C:\WINNT\mhebwlej.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04} - C:\WINNT\system32\ddcdayw.dll
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINNT\system32\gbkfswyd.dll
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: aivskurq.msdn_hlp - {A6E432B4-D4C2-43B3-BF55-C364F8F7362A} - C:\WINNT\system32\aivskurq.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing)
O2 - BHO: (no name) - {B444A3C5-F2A5-4A90-A2C8-7161FFA43DAB} - C:\WINNT\system32\pmnon.dll
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Synchronization Agent] "C:\Program Files\Sync Manager Demo\agent\syncagent.exe"
O4 - HKLM\..\Run: [WorkFlow] D:\Install\WorkFlow.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Owner.OWNER-I1C27XPXS\My Documents\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINNT\system32\owinplds.exe CHD003
O4 - HKLM\..\Run: [plite731] C:\WINNT\plite731.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [54a9d6e9] rundll32.exe "C:\WINNT\system32\kmdikcjs.dll",b
O4 - HKLM\..\Run: [CheckWinPerf] C:\DOCUME~1\OWNER~2.OWN\LOCALS~1\Temp\poewmekwr.exe
O4 - HKLM\..\Run: [sfudizox] regsvr32 /u "C:\Documents and Settings\All Users.WINNT\Application Data\sfudizox.dll"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Think-Adz.lnk = C:\WINNT\system32\owinplds.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.cintek.com/default.shtml
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.2.100.cab
O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxrnet.net/code/chm/xpre.chm::/xpreload.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1191803283292
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {DD8C9372-35FD-4F7D-8CE4-909ABCFAB2C5} - ms-its:mhtml:file://c:\\nores.mht!http://adxtnet.net/code/chm/xpre.chm::/xpreload.ocx
O20 - Winlogon Notify: ddcdayw - C:\WINNT\SYSTEM32\ddcdayw.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 8183 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - "regedit.exe" "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 i81x - c:\winnt\system32\drivers\i81xnt5.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>

S1 vcdrom (Virtual CD-ROM Device Driver) - c:\documents and settings\owner.owner-i1c27xpxs\desktop\vcdrom.sys (file missing)
S3 MTK (Media Technology Kernel Driver) - c:\winnt\system32\drivers\mtk.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Device
Device ID: PCI\VEN_8086&DEV_2443&SUBSYS_00000000&REV_11\3&29E81982&0&FB
Manufacturer:
Name: PCI Device
PNP Device ID: PCI\VEN_8086&DEV_2443&SUBSYS_00000000&REV_11\3&29E81982&0&FB
Service:


-- Files created between 2007-09-30 and 2007-10-31 -----------------------------

2007-10-31 17:08:57 18432 --a------ C:\WINNT\fkwggshm.exe <Not Verified; Microsoft Corp.; Project1>
2007-10-31 17:07:09 0 d-------- C:\Program Files\Trend Micro
2007-10-31 16:52:05 0 d-------- C:\Program Files\p2pnetworks
2007-10-31 15:29:39 0 d-------- C:\Program Files\AntispyStorm
2007-10-31 15:21:13 4 --a------ C:\WINNT\system32\stfv.bin
2007-10-31 15:14:30 13568 --a------ C:\WINNT\system32\msole32.exe
2007-10-31 15:14:30 20992 --a------ C:\WINNT\eventlowg.dll
2007-10-31 15:14:30 8448 --a------ C:\WINNT\daxtime.dll
2007-10-31 15:14:29 22016 --a------ C:\WINNT\liqui-Uninstaller.exe
2007-10-31 15:14:29 14336 --a------ C:\WINNT\liqui.exe
2007-10-31 15:14:29 23808 --a------ C:\WINNT\liqui.dll
2007-10-31 15:14:28 20480 --a------ C:\WINNT\fhfmm.exe
2007-10-31 15:14:27 22784 --a------ C:\WINNT\xadbrk.dll
2007-10-31 15:14:27 24064 --a------ C:\WINNT\fhfmm-Uninstaller.exe
2007-10-31 15:14:26 21760 --a------ C:\WINNT\xadbrk_.exe
2007-10-31 15:14:26 15616 --a------ C:\WINNT\xadbrk.exe
2007-10-31 15:14:25 31488 --a------ C:\WINNT\kkcomp.exe
2007-10-31 15:14:25 25344 --a------ C:\WINNT\kkcomp.dll
2007-10-31 15:14:23 32512 --a------ C:\WINNT\liqad.dll
2007-10-31 15:14:23 24576 --a------ C:\WINNT\kkcomp$.exe
2007-10-31 15:14:22 28160 --a------ C:\WINNT\liqad.exe
2007-10-31 15:14:21 13056 --a------ C:\WINNT\liqad$.exe
2007-10-31 15:14:20 29440 --a------ C:\WINNT\kvnab.dll
2007-10-31 15:14:19 27648 --a------ C:\WINNT\kvnab.exe
2007-10-31 15:14:19 31488 --a------ C:\WINNT\kvnab$.exe
2007-10-31 15:14:17 27392 --a------ C:\WINNT\settn.dll
2007-10-31 15:14:17 31232 --a------ C:\WINNT\hcwprn.exe
2007-10-31 15:14:16 24576 --a------ C:\WINNT\cbinst$.exe
2007-10-31 15:14:15 23296 --a------ C:\WINNT\pbsysie.dll
2007-10-31 15:14:14 24832 --a------ C:\WINNT\wbeInst$.exe
2007-10-31 15:14:14 23808 --a------ C:\WINNT\wbeCheck.exe
2007-10-31 15:14:12 19200 --a------ C:\WINNT\iexplorr23.dll
2007-10-31 15:14:12 10752 --a------ C:\WINNT\adbar.dll
2007-10-31 15:14:10 12288 --a------ C:\WINNT\jd2002.dll
2007-10-31 15:14:09 28928 --a------ C:\WINNT\system32\ESHOPEE.exe
2007-10-31 15:14:09 20480 --a------ C:\WINNT\spredirect.dll
2007-10-31 15:14:07 0 d-------- C:\Program Files\e-zshopper
2007-10-31 15:14:02 0 d-------- C:\Program Files\amsys
2007-10-31 15:14:00 18176 --a------ C:\WINNT\ie_32.exe
2007-10-31 15:14:00 26368 --a------ C:\WINNT\aconti.exe
2007-10-31 15:13:58 0 d-------- C:\WINNT\system32\acespy
2007-10-31 15:13:58 15104 --a------ C:\WINNT\system32\ace16win.dll
2007-10-31 15:13:58 0 d-------- C:\Program Files\Accoona
2007-10-31 15:13:57 22272 --a------ C:\WINNT\xxxvideo.exe
2007-10-31 15:13:57 18432 --a------ C:\WINNT\ngd.dll
2007-10-31 15:13:56 20992 --a------ C:\WINNT\hotporn.exe
2007-10-31 15:13:56 28160 --a------ C:\WINNT\dp0.dll
2007-10-31 15:13:50 32256 --a------ C:\WINNT\vxddsk.exe
2007-10-31 15:13:50 0 d-------- C:\Program Files\akl
2007-10-31 15:13:49 19968 --a------ C:\WINNT\system32\vxddsk.exe
2007-10-31 15:13:48 18432 --a------ C:\WINNT\wml.exe
2007-10-31 15:13:48 8960 --a------ C:\WINNT\system32\wml.exe
2007-10-31 15:13:48 10752 --a------ C:\WINNT\7search.dll
2007-10-31 15:13:47 13312 --a------ C:\WINNT\flt.dll
2007-10-31 15:13:47 25856 --a------ C:\WINNT\764.exe
2007-10-31 15:13:46 13312 --a------ C:\WINNT\pbar.dll
2007-10-31 15:13:43 0 d-------- C:\Program Files\3721
2007-10-31 14:51:48 12 --a------ C:\WINNT\system32\dpqaqlqx.bin
2007-10-31 14:46:42 123908 --a------ C:\WINNT\system32\vvgeowbv.exe <Not Verified; Microsoft; _>
2007-10-31 14:46:41 21504 --a------ C:\WINNT\system32\aivskurq.dll <Not Verified; Microsoft; Windows Explorer cdrom optimizer>
2007-10-31 14:46:21 70656 --a------ C:\Documents and Settings\All Users.WINNT\Application Data\sfudizox.dll
2007-10-31 14:46:15 70656 --a------ C:\WINNT\mhebwlej.dll
2007-10-31 14:46:11 0 d-------- C:\WINNT\PerfInfo
2007-10-31 14:46:04 0 d-------- C:\WINNT\system32\Mz15r
2007-10-31 14:45:53 3638 --a------ C:\wndcqgv.exe
2007-10-31 14:44:32 85568 --a------ C:\WINNT\system32\kmdikcjs.dll
2007-10-31 14:44:31 75328 --a------ C:\WINNT\system32\lkhnkkjg.exe <Not Verified; ; DDC>
2007-10-30 15:23:44 0 d-------- C:\Program Files\Enigma Software Group
2007-10-30 09:18:53 77888 --a------ C:\WINNT\system32\gbkfswyd.dll
2007-10-30 09:13:12 75328 --a------ C:\WINNT\system32\mgfvfjxn.exe <Not Verified; ; DDC>
2007-10-30 09:13:10 424768 ---hs---- C:\WINNT\system32\nonmp.bak2
2007-10-30 03:14:37 0 d-------- C:\WINNT\system32\Windows Media
2007-10-30 03:12:38 0 d-------- C:\WINNT\msiinst.tmp
2007-10-29 19:22:33 376324 ---h----- C:\WINNT\ShellIconCache
2007-10-29 18:13:06 0 d--h----- C:\WINNT\PIF
2007-10-29 17:27:26 6510 ---hs---- C:\WINNT\system32\nonmp.bak1
2007-10-29 17:27:07 34816 --a------ C:\WINNT\system32\urqqnol.dll
2007-10-29 17:26:57 316000 --a------ C:\WINNT\system32\pmnon.dll
2007-10-29 17:24:37 34816 --a------ C:\WINNT\system32\awtqrpn.dll
2007-10-29 17:24:08 34816 --a------ C:\WINNT\system32\ljjhhih.dll
2007-10-29 17:22:00 41 --a------ C:\WINNT\plite731_uninstaller_.bat
2007-10-29 17:21:56 13824 --a------ C:\WINNT\plite731.exe <Not Verified; System Service; System Monitor Service>
2007-10-29 17:21:52 0 d-------- C:\WINNT\system32\Mz02r
2007-10-29 17:21:50 294668 --a------ C:\WINNT\frexup2.exe
2007-10-29 17:21:49 34816 --a------ C:\WINNT\system32\ddcdayw.dll
2007-10-27 12:27:13 0 d-------- C:\Program Files\LimeWire
2007-10-26 21:14:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2007-10-26 21:14:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-10-26 21:14:06 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-10-26 21:14:06 0 d-------- C:\Documents and Settings\Administrator\Start Menu
2007-10-26 21:14:06 0 d--h----- C:\Documents and Settings\Administrator\SendTo
2007-10-26 21:14:06 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-10-26 21:14:06 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-10-26 21:14:06 282624 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-10-26 21:14:06 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-10-26 21:14:06 0 d-------- C:\Documents and Settings\Administrator\My Documents
2007-10-26 21:14:06 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-10-26 21:14:06 0 dr------- C:\Documents and Settings\Administrator\Favorites
2007-10-26 21:14:06 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-10-26 21:14:06 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-10-26 21:14:06 0 d--h----- C:\Documents and Settings\Administrator\Application Data
2007-10-26 21:14:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-10-26 21:14:06 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-10-26 15:02:46 53269 --a------ C:\WINNT\system32\kodsrngo.exe <Not Verified; ; Browser Driver>
2007-10-22 16:39:47 34304 --a------ C:\WINNT\system32\vtustqp.dll
2007-10-22 16:37:12 34304 --a------ C:\WINNT\system32\byxutqn.dll
2007-10-22 16:36:33 930 --a------ C:\WINNT\system32\winpfz32.sys
2007-10-22 16:35:38 192583 --a------ C:\WINNT\system32\owinplds.exe
2007-10-22 16:35:29 53264 --a------ C:\WINNT\system32\dwdsrngt.exe <Not Verified; ; Browser Driver>
2007-10-22 16:35:15 0 d-------- C:\WINNT\system32\oTt02e
2007-10-22 16:35:06 34304 --a------ C:\WINNT\system32\rqrqqpn.dll
2007-10-17 20:46:56 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\WinMX Music
2007-10-17 20:46:47 0 d-------- C:\Program Files\WinMX Music
2007-10-16 19:01:56 0 d-------- C:\Documents and Settings\All Users.WINNT\Desktop
2007-10-15 19:58:54 733184 --a------ C:\WINNT\system32\qedwipes.dll
2007-10-15 19:58:53 1798144 --a------ C:\WINNT\system32\qedit.dll
2007-10-15 19:58:53 324096 --a------ C:\WINNT\system32\mswebdvd.dll <Not Verified; Microsoft Corporation; DirectShow>
2007-10-15 19:58:53 13312 --a------ C:\WINNT\system32\msdmo.dll
2007-10-15 19:58:52 18944 --a------ C:\WINNT\system32\encapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:50 18432 --a------ C:\WINNT\system32\dswave.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:50 76800 --a------ C:\WINNT\system32\dmscript.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:50 664576 --a------ C:\WINNT\system32\dinput8.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:50 1634304 --a------ C:\WINNT\system32\d3d9.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:49 1675264 --a------ C:\WINNT\system32\dxdiagn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:49 1177600 --a------ C:\WINNT\system32\d3d8.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:48 491520 --a------ C:\WINNT\system32\dsdmoprp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:48 186880 --a------ C:\WINNT\system32\dsdmo.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:48 112128 --a------ C:\WINNT\system32\dpvvox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:48 80896 --a------ C:\WINNT\system32\dpvsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:48 381952 --a------ C:\WINNT\system32\dpvoice.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:48 19968 --a------ C:\WINNT\system32\dpvacm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 1189888 --a------ C:\WINNT\system32\dx8vb.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 16896 --a------ C:\WINNT\system32\dpnsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 3072 --a------ C:\WINNT\system32\dpnlobby.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 68096 --a------ C:\WINNT\system32\dpnhupnp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 32768 --a------ C:\WINNT\system32\dpnhpast.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 723968 --a------ C:\WINNT\system32\dpnet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 3072 --a------ C:\WINNT\system32\dpnaddr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 459264 --a------ C:\WINNT\system32\diactfrm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:58:47 7168 --a------ C:\WINNT\system32\d3d8thk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-15 19:46:32 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\AdobeUM
2007-10-15 19:46:09 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Adobe
2007-10-15 19:33:59 0 d-------- C:\WINNT\Cache
2007-10-14 23:01:34 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\TuxPaint
2007-10-14 23:00:27 0 d-------- C:\Program Files\TuxPaint
2007-10-14 22:27:27 327168 --a------ C:\WINNT\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-10-14 00:37:12 44032 --a------ C:\WINNT\system32\dimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-12 20:27:27 0 d--h----- C:\WINNT\msdownld.tmp
2007-10-12 20:27:21 0 d-------- C:\WINNT\system32\directx
2007-10-11 16:18:00 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\OpenOffice.org2
2007-10-08 15:09:31 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Google
2007-10-08 15:09:28 0 d-------- C:\Documents and Settings\All Users.WINNT\Application Data\Google
2007-10-07 22:34:33 425480 --a------ C:\syshkpe.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-07 20:43:07 2890240 --a------ C:\WINNT\system32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2007-10-07 20:42:41 0 d-------- C:\WINNT\system32\BITS
2007-10-07 20:26:14 0 d-------- C:\WINNT\ime
2007-10-07 20:16:03 0 d-------- C:\WINNT\ServicePackFiles
2007-10-07 20:16:00 0 d-------- C:\WINNT\system32\ie_de
2007-10-07 20:16:00 0 d-------- C:\WINNT\system32\CertSrv
2007-10-07 18:28:16 0 d-------- C:\WINNT\SoftwareDistribution
2007-10-06 00:37:55 0 d-------- C:\WINNT\Sun
2007-10-04 20:43:29 36864 -----n--- C:\WINNT\system32\wbsys.dll <Not Verified; Stardock.Net, Inc; WindowBlinds 4.x for x86 machines>
2007-10-04 20:31:46 0 d-------- C:\WINNT\Resources
2007-10-04 20:31:45 0 d-------- C:\Program Files\TGTSoft
2007-10-04 19:39:48 0 d-------- C:\Program Files\Color Style Studio
2007-10-04 19:39:24 0 d-------- C:\Program Files\Common Files\Download Manager
2007-10-03 17:24:44 0 d-------- C:\Downloads
2007-10-03 17:24:41 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\GetRightToGo
2007-10-03 15:35:39 0 d-------- C:\Program Files\Virtual Laguna Beach
2007-10-02 19:53:49 0 d-------- C:\CtDriverInstTemp
2007-10-02 18:39:35 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Yahoo!
2007-10-02 18:36:17 0 d-------- C:\Documents and Settings\All Users.WINNT\Application Data\Yahoo!
2007-10-01 22:38:56 225280 --a------ C:\WINNT\system32\wmpdxm.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2007-10-01 22:34:17 0 d-a------ C:\WINNT\system32\appmgmt
2007-10-01 21:59:08 0 d-------- C:\WINNT\MUI
2007-10-01 21:36:44 0 dr-hs---- C:\sys


-- Find3M Report ---------------------------------------------------------------

2007-10-30 16:40:07 0 d-------- C:\Program Files\Yahoo!
2007-10-30 16:39:59 0 d-------- C:\Program Files\OfficeUpdate11
2007-10-30 16:39:59 0 d-------- C:\Program Files\MyWay
2007-10-30 16:39:53 0 d-------- C:\Program Files\Google
2007-10-30 16:39:52 0 d-------- C:\Program Files\Common Files
2007-10-30 16:39:49 0 d-------- C:\Program Files\Accessories
2007-10-29 19:59:58 0 d-------- C:\Program Files\InstallShield Installation Information
2007-10-29 18:36:21 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Hamachi
2007-10-29 18:17:30 0 d-------- C:\Program Files\Java
2007-10-27 12:28:25 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\LimeWire
2007-10-26 15:00:47 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-18 21:13:45 0 d-------- C:\Program Files\Movie Maker
2007-10-15 19:46:10 0 d-------- C:\Program Files\Common Files\Adobe
2007-10-07 22:16:37 333 --a------ C:\Program Files\Shortcut to hal.dll (7).lnk
2007-10-07 22:16:35 333 --a------ C:\Program Files\Shortcut to hal.dll (6).lnk
2007-10-07 20:35:22 0 d-------- C:\Program Files\WindowsUpdate
2007-10-07 11:46:37 0 d-------- C:\Program Files\QMgr
2007-09-29 17:54:49 0 d-------- C:\Program Files\Universal
2007-09-29 12:54:33 0 d-------- C:\Program Files\MSN Messenger
2007-09-20 17:25:09 0 d-------- C:\Program Files\Common Files\Adaptec Shared
2007-09-20 16:52:25 0 d-------- C:\Program Files\Acoustica Beatcraft
2007-09-20 16:51:39 0 d-------- C:\Program Files\Image-Line
2007-09-17 16:10:23 0 d-------- C:\Program Files\Adaptec
2007-09-16 21:55:11 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Grisoft
2007-09-11 18:15:49 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\VideoEgg
2007-09-10 21:48:02 0 d-------- C:\Program Files\Dell
2007-09-10 19:08:54 4385 --a------ C:\WINNT\REG16X2.DAT
2007-09-10 1919 91 --ah----- C:\AUTOEXEC.BAT
2007-09-07 19:47:30 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Sun
2007-09-07 18:04:27 57344 --a------ C:\WINNT\uneng.exe <Not Verified; Roxio; Roxio Update Wizard>
2007-09-07 17:07:59 2366 --a------ C:\WINNT\checkip.dat
2007-09-06 19:03:41 0 d-------- C:\Program Files\BHO
2007-09-06 16:38:41 1222 --a------ C:\WINNT\system32\tmp.reg
2007-09-06 01:22:23 289144 --a------ C:\WINNT\system32\VCCLSID.exe <Not Verified; S!Ri; >
2007-09-05 23:21:58 0 d-------- C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\Simply Super Software
2007-09-05 06:44:14 0 d-------- C:\Program Files\WebRebates4
2007-09-05 06:44:14 0 d-------- C:\Program Files\WebRebates
2007-09-05 06:44:10 0 d-------- C:\Program Files\Sync Manager Demo
2007-08-03 13:31:43 40183 --ahs---- C:\Program Files\Common Files\Yazzle1549OinUninstaller.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000012-890e-4aac-afd9-eff6954a34dd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{029e02f0-a0e5-4b19-b958-7bf2db29fb13}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06dfedaa-6196-11d5-bfc8-00508b4a487d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51641ef3-8a7a-4d84-8659-b0911e947cc8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53C330D6-A4AB-419B-B45D-FD4411C1FEF4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54645654-2225-4455-44A1-9F4543D34546}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6abc861a-31e7-4d91-b43b-d3c98f22a5c0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6dae88ea-1dd2-11b2-ad21-f63e090be568}]
10/31/07 02:46p 70656 --a------ C:\WINNT\mhebwlej.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04}]
10/29/07 05:21p 34816 --a------ C:\WINNT\system32\ddcdayw.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89AD4D75-2429-462e-BD4E-443F233F6033}]
10/30/07 09:18a 77888 --a------ C:\WINNT\system32\gbkfswyd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864a5-3916-46e2-96a9-a2e84f3f1208}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a4a435cf-3583-11d4-91bd-0048546a1450}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6E432B4-D4C2-43B3-BF55-C364F8F7362A}]
10/31/07 02:46p 21504 --a------ C:\WINNT\system32\aivskurq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B444A3C5-F2A5-4A90-A2C8-7161FFA43DAB}]
10/29/07 05:26p 316000 --a------ C:\WINNT\system32\pmnon.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bb936323-19fa-4521-ba29-eca6a121bc78}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2680e10-1655-4a0e-87f8-4259325a84b7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c4ca6559-2cf1-48b6-96b2-8340a06fd129}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af2622-8c75-4dfb-9693-23ab7686a456}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d8efadf1-9009-11d6-8c73-608c5dc19089}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9147a0a-a866-4214-b47c-da821891240f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9306072-417e-43e3-81d5-369490beef7c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [06/19/03 01:05p C:\WINNT\system32\mobsync.exe]
"Synchronization Agent"="C:\Program Files\Sync Manager Demo\agent\syncagent.exe" []
"WorkFlow"="D:\Install\WorkFlow.exe" []
"!AVG Anti-Spyware"="C:\Documents and Settings\Owner.OWNER-I1C27XPXS\My Documents\AVG Anti-Spyware 7.5\avgas.exe" [06/11/07 03:25a]
"LoadQM"="loadqm.exe" [05/03/00 05:23p C:\WINNT\loadqm.exe]
"ExploreUpdSched"="C:\WINNT\system32\owinplds.exe" [10/22/07 04:35p]
"plite731"="C:\WINNT\plite731.exe" [10/29/07 05:21p]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/07 01:11a]
"54a9d6e9"="C:\WINNT\system32\kmdikcjs.dll" [10/31/07 02:44p]
"CheckWinPerf"="C:\DOCUME~1\OWNER~2.OWN\LOCALS~1\Temp\poewmekwr.exe" []
"sfudizox"="regsvr32 /u C:\Documents and Settings\All Users.WINNT\Application Data\sfudizox.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [09/04/07 04:40p]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Start Menu\Programs\Startup\
Think-Adz.lnk - C:\WINNT\system32\owinplds.exe [10/22/2007 4:35:38 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"DisableTaskMgr"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"Btn_Back"=0 (0x0)
"Btn_Forward"=0 (0x0)
"Btn_Stop"=0 (0x0)
"Btn_Refresh"=0 (0x0)
"Btn_Home"=0 (0x0)
"Btn_Search"=0 (0x0)
"Btn_History"=0 (0x0)
"Btn_Favorites"=0 (0x0)
"Btn_Folders"=0 (0x0)
"Btn_Fullscreen"=0 (0x0)
"Btn_Tools"=0 (0x0)
"Btn_MailNews"=0 (0x0)
"Btn_Size"=0 (0x0)
"Btn_Print"=0 (0x0)
"Btn_Edit"=0 (0x0)
"Btn_Discussions"=0 (0x0)
"Btn_Cut"=0 (0x0)
"Btn_Copy"=0 (0x0)
"Btn_Paste"=0 (0x0)
"Btn_Encoding"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04}"= C:\WINNT\system32\ddcdayw.dll [10/29/07 05:21p 34816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINNT\system32\vvgeowbv.exe,C:\WINNT\system32\userinit.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcdayw]
ddcdayw.dll 10/29/07 05:21p 34816 C:\WINNT\system32\ddcdayw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\pmnon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"




-- Hosts -----------------------------------------------------------------------

194.54.90.238 google.com
194.54.90.238 google.ca
194.54.90.238 www.google.com
194.54.90.238 search.yahoo.com
194.54.90.238 search.msn.com
194.54.90.238 search.live.com


-- End of Deckard's System Scanner: finished at 2007-10-31 17:13:44 ------------


Extra:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows 2000 Professional (build 2195) SP 4.0
Architecture: X86; Language: English

CPU 0: Intel Pentium III processor
Percentage of Memory in Use: 91%
Physical Memory (total/avail): 125.51 MiB / 10.16 MiB
Pagefile Memory (total/avail): 298.1 MiB / 109.65 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1959.33 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 37.24 GiB total, 22.42 GiB free.
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - WDC WD400BB-75FJA1 - 37.25 GiB - 2 partitions
\PARTITION0 (bootable) - Logical Disk Manager - 37.24 GiB - C:
\PARTITION1 - Logical Disk Manager - 7.84 MiB



-- Security Center -------------------------------------------------------------

AUOptions is disabled.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINNT
APPDATA=C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OWNER-I1C27XPXS
ComSpec=C:\WINNT\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\
LOGONSERVER=\\OWNER-I1C27XPXS
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Os2LibPath=C:\WINNT\system32\os2\dll;
Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 10, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=080a
ProgramFiles=C:\Program Files
PROMPT=$P$G
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\OWNER~2.OWN\LOCALS~1\Temp
TMP=C:\DOCUME~1\OWNER~2.OWN\LOCALS~1\Temp
USERDOMAIN=OWNER-I1C27XPXS
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner.OWNER-I1C27XPXS
windir=C:\WINNT


-- User Profiles ---------------------------------------------------------------

Owner.OWNER-I1C27XPXS (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

Adobe Flash Player ActiveX --> C:\WINNT\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player --> C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Creative WebCam NX Driver (1.02.01.0827) --> C:\WINNT\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
VideoEgg Publisher --> C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Application Data\VideoEgg\Uninstall.exe
Windows 2000 Service Pack 4 --> C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe
Windows Media Player system update (9 Series) --> C:\PROGRA~1\WINDOW~1\setup_wm.exe /Uninstall


-- Application Event Log -------------------------------------------------------

Event Record #/Type1359 / Error
Event Submitted/Written: 10/31/2007 04:46:24 PM
Event ID/Source: 1000 / Microsoft Internet Explorer
Event Description:
iexplore.exe6.0.2800.1106unknown0.0.0.0074d9cb5

Event Record #/Type1358 / Error
Event Submitted/Written: 10/31/2007 04:03:01 PM
Event ID/Source: 1000 / Microsoft Internet Explorer
Event Description:
iexplore.exe6.0.2800.1106unknown0.0.0.0001a2010

Event Record #/Type1357 / Error
Event Submitted/Written: 10/31/2007 04:02:47 PM / 10/31/2007 04:02:48 PM
Event ID/Source: 1000 / Microsoft Internet Explorer
Event Description:
iexplore.exe6.0.2800.1106unknown0.0.0.0001413cd

Event Record #/Type1356 / Error
Event Submitted/Written: 10/31/2007 03:29:35 PM / 10/31/2007 03:29:36 PM
Event ID/Source: 1000 / Microsoft Internet Explorer
Event Description:
iexplore.exe6.0.2800.1106unknown0.0.0.00373cdf0

Event Record #/Type1347 / Warning
Event Submitted/Written: 10/30/2007 03:28:55 PM
Event ID/Source: 4098 / EventSystem
Event Description:
The COM+ Event System failed to fire the Logoff method on subscription {C598ECC9-14C6-44AA-9AD6-013AD91A496D}. The subscriber returned HRESULT 800706BA.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type12163 / Error
Event Submitted/Written: 10/31/2007 04:49:07 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the Symantec Network Proxy service to connect.

Event Record #/Type12151 / Error
Event Submitted/Written: 10/31/2007 05:58:30 AM
Event ID/Source: 5001 / EL90BC
Event Description:
\DEVICE\{2CA5BBE9-8DBF-4B09-85F6-5DF1196D68D7} : Could not allocate the resources necessary for operation.

Event Record #/Type12150 / Error
Event Submitted/Written: 10/31/2007 05:58:30 AM
Event ID/Source: 5001 / EL90BC
Event Description:
\DEVICE\{2CA5BBE9-8DBF-4B09-85F6-5DF1196D68D7} : Could not allocate the resources necessary for operation.

Event Record #/Type12149 / Error
Event Submitted/Written: 10/31/2007 05:51:39 AM
Event ID/Source: 5001 / EL90BC
Event Description:
\DEVICE\{2CA5BBE9-8DBF-4B09-85F6-5DF1196D68D7} : Could not allocate the resources necessary for operation.

Event Record #/Type12148 / Error
Event Submitted/Written: 10/31/2007 05:51:39 AM
Event ID/Source: 5001 / EL90BC
Event Description:
\DEVICE\{2CA5BBE9-8DBF-4B09-85F6-5DF1196D68D7} : Could not allocate the resources necessary for operation.



-- End of Deckard's System Scanner: finished at 2007-10-31 17:13:44 ------------
Deron is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 10-31-2007, 07:06 PM   #2 (permalink)
Registered User
 
Deron's Avatar
 
Join Date: Dec 2005
Location: Baton Rouge,Louisiana
Posts: 63
OS: XP,2000


Send a message via MSN to Deron Send a message via Yahoo to Deron
Re: I Think I Have Trojan,Virus,Spyware etc.
I Think That This Is Part Of The Problem:

O4 - Startup: Think-Adz.lnk = C:\WINNT\system32\owinplds.exe
Deron is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-31-2007, 07:32 PM   #3 (permalink)
Registered User
 
Deron's Avatar
 
Join Date: Dec 2005
Location: Baton Rouge,Louisiana
Posts: 63
OS: XP,2000


Send a message via MSN to Deron Send a message via Yahoo to Deron
Re: I Think I Have Trojan,Virus,Spyware etc.
I Just Finished Scanning Whole System Using AVG-Anti-Sypware 7.5 And Here's The Log For That:


Name Of Results:

~Adware.ActivShopper~
~Adware.Accoona~
~Adware.Generic~
~TrackingCookie.2o7~
~TrackingCookie.Aavalue~
~TrackingCookie.Adrevolver~
~TrackingCookie.Addynamix~
~TrackingCookie.Advertising~
~TrackingCookie.Tacoda~
~TrackingCookie.Atdmt~
~TrackingCookie.Casalemedia~
~TrackingCookie.Fastclick~
~TrackingCookie.Tracking101~
~TrackingCookie.Revsci~
~TrackingCookie.Tribalfusion~
~TrackingCookie.Burstnet~
~TrackingCookie.Zedo~
~Hijacker.Costrat.e~
~Trojan.small~
~Downloader.VB.bpt~
~Downloader.VB.bnq~

Here's The Log:


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:30:44 PM 10/31/2007

+ Scan result:



HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864a5-3916-46e2-96a9-a2e84f3f1208} -> Adware.Accoona : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4} -> Adware.ActivShopper : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5af2622-8c75-4dfb-9693-23ab7686a456} -> Adware.Generic : Cleaned.
C:\Program Files\p2pnetworks -> Adware.MediaPipe : Cleaned.
C:\Program Files\p2pnetworks\amp2pl.exe -> Adware.MediaPipe : Cleaned.
C:\WINNT\system32\oTt02e\oTt02e1065.exe -> Downloader.VB.bnq : Cleaned.
C:\WINNT\system32\aivskurq.dll -> Downloader.VB.bpt : Cleaned.
C:\WINDOWS\SYSTEM32:lzx32.sys -> Hijacker.Costrat.e : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@crush.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Owner.OWNER-I1C27XPXS\Cookies\owner@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\WINNT\fkwggshm.exe -> Trojan.Small : Cleaned.


::Report end
Deron is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 02:49 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85