Tech Support Forum banner
Cancel

Computer Slowdown, Not able to open some programs Please help

Jump to Latest Follow
Status
Not open for further replies.
1 - 3 of 3 Posts
P

· Registered
Joined
·
2 Posts
Discussion Starter · #1 ·
Here is my Hijack This Log. I am unable to open some programs like AIM, and I get pop-ups and get re-directed to spyware websites. Thank you for looking at my log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:21:52 PM, on 11/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {200D0AAD-71B1-51C9-DDB0-092BA4662A54} - C:\Program Files\Haetffxk\nxqczsgu.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AD19C3C7-FEEA-4791-A9D4-06C6F6352B0E} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {B3A0A641-168A-3808-DE2E-3CE603F60C96} - C:\WINDOWS\system32\hxpdkr.dll
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1193935424899
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O20 - Winlogon Notify: mljklmn - mljklmn.dll (file missing)
O20 - Winlogon Notify: ssqpp - C:\WINDOWS\system32\ssqpp.dll (file missing)
O20 - Winlogon Notify: winwim32 - winwim32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4512 bytes

Thanks for your help
 
P

· Registered
Joined
·
2 Posts
Discussion Starter · #2 ·
Update with DDS report Main.txt and Extra.txt


Deckard's System Scanner v20071014.68
Run by Authorized User on 2007-11-24 16:12:30
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
51: 2007-11-24 22:12:32 UTC - RP51 - Deckard's System Scanner Restore Point
50: 2007-11-24 20:08:21 UTC - RP50 - Installed Ad-Aware 2007
49: 2007-11-24 20:07:52 UTC - RP49 - Removed Google Toolbar for Internet Explorer
48: 2007-11-24 19:47:16 UTC - RP48 - Removed Ad-Aware 2007
47: 2007-11-24 19:18:40 UTC - RP47 - Installed AVG 7.5


-- First Restore Point --
1: 2007-11-01 06:34:06 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Authorized User.exe) -------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:13:05 PM, on 11/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Authorized User\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Authorized User.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {200D0AAD-71B1-51C9-DDB0-092BA4662A54} - C:\Program Files\Haetffxk\nxqczsgu.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AD19C3C7-FEEA-4791-A9D4-06C6F6352B0E} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {B3A0A641-168A-3808-DE2E-3CE603F60C96} - C:\WINDOWS\system32\hxpdkr.dll
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1193935424899
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O20 - Winlogon Notify: mljklmn - mljklmn.dll (file missing)
O20 - Winlogon Notify: ssqpp - C:\WINDOWS\system32\ssqpp.dll (file missing)
O20 - Winlogon Notify: winwim32 - winwim32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4509 bytes

-- File Associations -----------------------------------------------------------

.exe - exefile - shell\open\command - %1 %*
.txt - txtfile - shell\open\command - Notepad.exe %1


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 NVR0Dev - c:\windows\nvoclock.sys <Not Verified; NVidia Corp.; NVidia System Utility Driver>

S3 USB20L (Linksys USB 2.0 10/100 Adapter) - c:\windows\system32\drivers\usb200m.sys <Not Verified; Linksys; Windows (R) 2000 DDK driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S4 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S4 ForceWare Intelligent Application Manager (IAM) - c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcappflt.exe
S4 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>
S4 nSvcIp (ForceWare IP service) - c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcip.exe
S4 nTuneService (nTune Service) - c:\program files\nvidia corporation\ntune\ntuneservice.exe /startservice


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-01 11:40:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-24 and 2007-11-24 -----------------------------

2007-11-24 14:30:55 0 d-------- C:\Program Files\Lavasoft
2007-11-24 14:18:19 0 d-------- C:\Program Files\AIM6
2007-11-24 14:08:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-24 14:02:32 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-24 14:02:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-24 13:48:04 0 d-------- C:\Program Files\SpywareBlaster
2007-11-24 13:18:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-11-23 13:10:15 0 --a------ C:\WINDOWS\system32\sys_dll.dll
2007-11-23 12:55:49 0 d-------- C:\Documents and Settings\Authorized User\Application Data\U3
2007-11-18 14:33:30 0 d-------- C:\Program Files\Ventrilo
2007-11-15 14:36:22 0 d-------- C:\Program Files\Microsoft Works
2007-11-15 14:35:50 0 d-------- C:\Program Files\Microsoft.NET
2007-11-15 14:34:02 0 d-------- C:\WINDOWS\SHELLNEW
2007-11-15 14:33:17 0 dr-h----- C:\MSOCache
2007-11-14 11:50:34 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2007-11-13 16:46:29 0 d-------- C:\Program Files\Trend Micro
2007-11-13 15:50:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-13 15:00:18 642080 --ahs---- C:\WINDOWS\system32\ppqss.bak1
2007-11-13 14:58:20 0 d-------- C:\Documents and Settings\Authorized User\.housecall6.6
2007-11-13 14:55:09 2 --a------ C:\WINDOWS\system32\wapisvcc32.exe
2007-11-13 14:55:07 60928 --a------ C:\WINDOWS\system32\hxpdkr.dll
2007-11-13 14:55:07 0 d-------- C:\Documents and Settings\Authorized User\Application Data\?ppPatch
2007-11-13 14:55:01 0 d-------- C:\WINDOWS\system32\fibagbia
2007-11-13 14:55:01 0 d-------- C:\Program Files\??mantec
2007-11-13 14:55:00 0 --a------ C:\Install
2007-11-12 20:09:07 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Adobe
2007-11-12 19:22:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-11-12 19:22:18 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-11-11 21:23:00 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Bioshock
2007-11-09 15:48:53 0 d-------- C:\Documents and Settings\Authorized User\Application Data\DivX
2007-11-08 11:18:25 16618 -----n--- C:\WINDOWS\hpomdl01.dat
2007-11-08 11:18:25 20365 -----n--- C:\WINDOWS\hpoins01.dat
2007-11-06 11:29:28 0 d-------- C:\Program Files\Activision
2007-11-05 00:44:16 0 d-------- C:\Program Files\DivX
2007-11-04 20:23:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-04 19:49:42 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Viewpoint
2007-11-04 17:22:24 0 d-------- C:\WINDOWS\system32\AGEIA
2007-11-04 17:22:24 0 d-------- C:\Program Files\AGEIA Technologies
2007-11-03 12:52:20 0 d-------- C:\WINDOWS\system32\appmgmt
2007-11-03 00:00:58 36864 --a------ C:\WINDOWS\system32\wbsys.dll <Not Verified; Stardock.Net, Inc; WindowBlinds 4.x for x86 machines>
2007-11-03 00:00:58 20480 --a------ C:\WINDOWS\system32\wbload.dll
2007-11-03 00:00:58 0 d-------- C:\Program Files\Stardock
2007-11-02 22:54:37 0 d-------- C:\Documents and Settings\Authorized User\Application Data\WinRAR
2007-11-02 13:42:34 0 dr-h----- C:\Documents and Settings\Authorized User\Application Data\SecuROM
2007-11-01 23:40:46 0 d-------- C:\Documents and Settings\Authorized User\Application Data\acccore
2007-11-01 23:40:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-11-01 23:40:32 0 d-------- C:\Program Files\Viewpoint
2007-11-01 23:40:31 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2007-11-01 23:40:31 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-11-01 23:40:22 0 d-------- C:\Program Files\Common Files\AOL
2007-11-01 18:24:06 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Opera
2007-11-01 18:24:02 0 d-------- C:\Program Files\Opera
2007-11-01 17:19:20 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Logitech
2007-11-01 17:18:34 69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-11-01 17:18:34 110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-11-01 17:18:34 135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-11-01 17:18:34 163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-11-01 17:18:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2007-11-01 17:18:31 0 d-------- C:\Program Files\Logitech
2007-11-01 17:18:31 0 d-------- C:\Program Files\Common Files\Logitech
2007-11-01 17:18:29 0 d-------- C:\Documents and Settings\Authorized User\Application Data\InstallShield
2007-11-01 16:31:08 0 d-------- C:\Program Files\Steam
2007-11-01 15:58:37 0 d-------- C:\Program Files\Winamp
2007-11-01 15:58:37 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Winamp
2007-11-01 15:58:02 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-11-01 15:45:27 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Ventrilo
2007-11-01 15:45:07 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-01 15:20:35 0 d-------- C:\Program Files\id Software
2007-11-01 15:18:51 0 d--hs---- C:\WINDOWS\ftpcache
2007-11-01 14:08:54 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2007-11-01 14:08:49 0 d-------- C:\Program Files\World of Warcraft
2007-11-01 13:43:52 0 d-------- C:\WINDOWS\pss
2007-11-01 13:42:54 0 d-------- C:\WINDOWS\system32\Lang
2007-11-01 13:40:18 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-11-01 13:40:10 0 d-------- C:\WINDOWS\system32\RTCOM
2007-11-01 13:39:45 0 d-------- C:\Program Files\Realtek
2007-11-01 13:39:41 520192 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-11-01 13:39:41 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2007-11-01 13:10:12 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Macromedia
2007-11-01 12:53:16 0 d-------- C:\Program Files\MSXML 6.0
2007-11-01 12:38:09 0 d-------- C:\Program Files\MSBuild
2007-11-01 12:36:22 0 d-------- C:\WINDOWS\system32\XPSViewer
2007-11-01 12:35:53 0 d-------- C:\Program Files\Reference Assemblies
2007-11-01 12:33:15 0 d-------- C:\WINDOWS\network diagnostic
2007-11-01 12:27:40 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-01 12:27:10 0 d-------- C:\WINDOWS\system32\LogFiles
2007-11-01 12:27:10 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-11-01 12:22:23 0 d-------- C:\WINDOWS\system32\URTTemp
2007-11-01 11:41:03 0 d--h----- C:\WINDOWS\$hf_mig$
2007-11-01 11:40:36 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Apple Computer
2007-11-01 11:40:29 0 d-------- C:\Program Files\iPod
2007-11-01 11:40:27 0 d-------- C:\Program Files\iTunes
2007-11-01 11:40:11 0 d-------- C:\Program Files\QuickTime
2007-11-01 11:40:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-01 11:40:03 0 d-------- C:\Program Files\Apple Software Update
2007-11-01 11:39:59 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-11-01 11:39:52 0 d-------- C:\Program Files\Common Files\Apple
2007-11-01 11:39:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-01 11:39:29 0 d-------- C:\Program Files\Common Files\LightScribe
2007-11-01 11:37:36 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Ahead
2007-11-01 11:33:53 0 d-------- C:\Program Files\Nero
2007-11-01 11:33:53 0 d-------- C:\Program Files\Common Files\Ahead
2007-11-01 11:33:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-11-01 11:33:35 0 d-------- C:\WINDOWS\RegisteredPackages
2007-11-01 11:16:46 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-11-01 11:16:38 0 d-------- C:\Program Files\CyberLink
2007-11-01 11:15:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-11-01 11:11:22 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-01 11:11:05 0 d-------- C:\Program Files\NVIDIA Corporation
2007-11-01 11:10:16 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-11-01 11:06:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-11-01 11:06:22 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-01 10:55:44 0 d-------- C:\WINDOWS\nview
2007-11-01 10:55:01 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-01 10:54:58 0 d-------- C:\Program Files\NVIDIA
2007-11-01 10:47:38 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-11-01 10:47:07 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Google
2007-11-01 10:47:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-11-01 10:46:59 0 d-------- C:\Program Files\Google
2007-11-01 10:40:17 0 d--hs---- C:\Documents and Settings\Authorized User\UserData
2007-11-01 00:37:59 14208 -ra------ C:\WINDOWS\system32\drivers\USB200M.sys <Not Verified; Linksys; Windows (R) 2000 DDK driver>
2007-11-01 00:33:57 0 d-------- C:\Documents and Settings\Authorized User\Application Data\Identities
2007-11-01 00:33:52 0 d--h----- C:\Documents and Settings\Authorized User\Templates
2007-11-01 00:33:52 0 dr------- C:\Documents and Settings\Authorized User\Start Menu
2007-11-01 00:33:52 0 dr-h----- C:\Documents and Settings\Authorized User\SendTo
2007-11-01 00:33:52 0 dr-h----- C:\Documents and Settings\Authorized User\Recent
2007-11-01 00:33:52 0 d--h----- C:\Documents and Settings\Authorized User\PrintHood
2007-11-01 00:33:52 2359296 --ah----- C:\Documents and Settings\Authorized User\NTUSER.DAT
2007-11-01 00:33:52 0 d--h----- C:\Documents and Settings\Authorized User\NetHood
2007-11-01 00:33:52 0 dr------- C:\Documents and Settings\Authorized User\My Documents
2007-11-01 00:33:52 0 d--h----- C:\Documents and Settings\Authorized User\Local Settings
2007-11-01 00:33:52 0 dr------- C:\Documents and Settings\Authorized User\Favorites
2007-11-01 00:33:52 0 d-------- C:\Documents and Settings\Authorized User\Desktop
2007-11-01 00:33:52 0 d--hs---- C:\Documents and Settings\Authorized User\Cookies
2007-11-01 00:33:52 0 dr-h----- C:\Documents and Settings\Authorized User\Application Data
2007-11-01 00:33:19 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-11-01 00:33:17 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-11-01 00:33:17 0 d-------- C:\WINDOWS\Prefetch
2007-11-01 00:33:16 237568 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-11-01 00:33:16 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-11-01 00:33:16 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-11-01 00:33:16 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-11-01 00:33:16 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-11-01 00:32:31 237568 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-11-01 00:32:31 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-11-01 00:32:31 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2007-11-01 00:32:31 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-11-01 00:32:31 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-11-01 00:30:13 0 d-------- C:\WINDOWS\system32\xircom
2007-11-01 00:30:13 0 d-------- C:\Program Files\microsoft frontpage
2007-11-01 00:30:07 237568 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-11-01 00:29:58 0 -rahs---- C:\MSDOS.SYS
2007-11-01 00:29:58 0 -rahs---- C:\IO.SYS
2007-11-01 00:29:58 0 --a------ C:\CONFIG.SYS
2007-11-01 00:29:58 0 --a------ C:\AUTOEXEC.BAT
2007-11-01 00:29:20 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-11-01 00:29:14 0 dr------- C:\WINDOWS\Offline Web Pages
2007-11-01 00:29:13 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-11-01 00:29:06 0 d--h----- C:\Program Files\WindowsUpdate
2007-11-01 00:28:46 0 d-------- C:\WINDOWS\system32\DirectX
2007-11-01 00:27:59 0 d---s---- C:\WINDOWS\Tasks
2007-11-01 00:27:58 0 d-------- C:\Program Files\Common Files\MSSoap
2007-11-01 00:27:51 0 d-------- C:\WINDOWS\srchasst
2007-11-01 00:27:50 0 d-------- C:\WINDOWS\system32\Macromed
2007-11-01 00:27:38 0 d-------- C:\Program Files\Movie Maker
2007-11-01 00:27:27 0 d-------- C:\WINDOWS\system32\Restore
2007-11-01 00:26:50 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-11-01 00:26:37 0 d-------- C:\WINDOWS\Registration
2007-11-01 00:26:32 0 d-------- C:\Program Files\Online Services
2007-11-01 00:26:27 0 d-------- C:\Program Files\Messenger
2007-11-01 00:26:24 0 d-------- C:\Program Files\MSN Gaming Zone
2007-11-01 00:25:38 0 d-------- C:\Program Files\Windows NT
2007-11-01 00:25:34 0 d-------- C:\WINDOWS\system32\MsDtc
2007-11-01 00:25:31 0 d-------- C:\WINDOWS\system32\Com
2007-10-31 18:20:28 0 d--hs---- C:\WINDOWS\Installer
2007-10-31 18:20:28 0 d-------- C:\Program Files\Common Files\ODBC
2007-10-31 18:20:24 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-10-31 18:20:23 0 dr------- C:\Program Files
2007-10-31 18:20:23 0 d-------- C:\Program Files\Common Files
2007-10-31 18:19:52 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-10-31 18:19:52 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-10-31 18:19:52 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-10-31 18:19:52 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-10-31 18:19:52 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-10-31 18:19:52 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-10-31 18:19:52 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-10-31 18:19:52 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-10-31 18:19:52 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-10-31 18:19:52 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-10-31 18:19:52 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-10-31 18:19:52 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-10-31 18:19:52 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-10-31 18:19:52 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-10-31 18:19:52 0 dr------- C:\Documents and Settings\All Users\Documents
2007-10-31 18:19:52 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-10-31 18:19:38 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-10-31 18:19:38 0 d-------- C:\WINDOWS\system32\CatRoot
2007-10-31 18:19:33 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-10-31 18:19:33 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-10-31 18:19:33 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-10-31 18:19:33 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-10-31 18:19:08 0 d--hs---- C:\System Volume Information
2007-10-31 18:19:08 0 d-------- C:\Documents and Settings
2007-10-31 18:14:31 0 d-------- C:\WINDOWS
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\WinSxS
2007-10-31 18:14:31 0 dr------- C:\WINDOWS\Web
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\twain_32
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\wins
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\wbem
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\usmt
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\spool
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\ShellExt
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\Setup
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\ras
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\PreInstall
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\oobe
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\npp
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\mui
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\inetsrv
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\IME
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\icsxml
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\ias
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\export
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\drivers
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-10-31 18:14:31 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\dhcp
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\config
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\3076
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\2052
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1054
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1042
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1041
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1037
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1033
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1031
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1028
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system32\1025
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\system
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\security
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Resources
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\repair
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Provisioning
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\PeerNet
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\pchealth
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\mui
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\msapps
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\msagent
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Media
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\java
2007-10-31 18:14:31 0 d--h----- C:\WINDOWS\inf
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\ime
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Help
2007-10-31 18:14:31 0 dr--s---- C:\WINDOWS\Fonts
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\ehome
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Driver Cache
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Debug
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Cursors
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Connection Wizard
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\Config
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\AppPatch
2007-10-31 18:14:31 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2007-11-24 13:52:03 0 d-------- C:\Program Files\??mantec
2007-11-13 14:55:07 0 d-------- C:\Documents and Settings\Authorized User\Application Data\?ppPatch
2007-10-31 18:19:52 62 --ahs---- C:\Documents and Settings\Authorized User\Application Data\desktop.ini
2007-10-19 18:56:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-10-19 18:54:28 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-10-19 18:54:28 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-10-19 18:54:12 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-19 18:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 18:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 18:54:10 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-18 03:02:34 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-09-17 01:07:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-09-17 01:07:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-09-17 01:07:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-09-17 01:07:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-09-17 01:07:00 1478656 --a------ C:\WINDOWS\system32\nview.dll
2007-09-17 01:07:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-09-17 01:07:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-09-17 01:07:00 425984 --a------ C:\WINDOWS\system32\keystone.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{200D0AAD-71B1-51C9-DDB0-092BA4662A54}]
C:\Program Files\Haetffxk\nxqczsgu.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AD19C3C7-FEEA-4791-A9D4-06C6F6352B0E}]
C:\WINDOWS\system32\ssqpp.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B3A0A641-168A-3808-DE2E-3CE603F60C96}]
11/01/2007 07:44 AM 60928 --a------ C:\WINDOWS\system32\hxpdkr.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [11/15/2007 12:11 PM]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [07/03/2007 12:32 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [10/04/2007 09:20 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [11/1/2007 5:18:34 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{1E794189-7575-4306-8F49-CCDD291A59CD}"= C:\WINDOWS\system32\mljklmn.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljklmn]
mljklmn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqpp]
C:\WINDOWS\system32\ssqpp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 12/06/2005 08:16 PM 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winwim32]
winwim32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\\WINDOWS\\system32\\awvvv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Authorized User^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Authorized User\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bcuw]
"C:\PROGRA~1\MANTEC~1\ati2evxx.exe" -vt ndrv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
KHALMNPR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
"C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SC2]
C:\Program Files\SecCenter\scprot4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
%systemroot%\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Program Files\Winamp\winampa.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"PnkBstrB"=2 (0x2)
"nSvcIp"=2 (0x2)
"NMIndexingService"=3 (0x3)
"LightScribeService"=2 (0x2)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"gusvc"=2 (0x2)
"ForceWare Intelligent Application Manager (IAM)"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NVSvc"=2 (0x2)
"nTuneService"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"aawservice"=2 (0x2)


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8bc84a4f-99f5-11dc-bca6-00044b05ba24}]
AutoRun\command- F:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2007-11-24 16:13:43 ------------
 

Attachments

L

· Registered
Joined
·
1,712 Posts
#3 ·
Welcome to the forum Pointzero3k

Start Hijackthis Scan and place a check next to these items If there.
O2 - BHO: (no name) - {200D0AAD-71B1-51C9-DDB0-092BA4662A54} - C:\Program Files\Haetffxk\nxqczsgu.dll (file missing)
O2 - BHO: (no name) - {AD19C3C7-FEEA-4791-A9D4-06C6F6352B0E} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {B3A0A641-168A-3808-DE2E-3CE603F60C96} - C:\WINDOWS\system32\hxpdkr.dll
O20 - Winlogon Notify: mljklmn - mljklmn.dll (file missing)
O20 - Winlogon Notify: ssqpp - C:\WINDOWS\system32\ssqpp.dll (file missing)
O20 - Winlogon Notify: winwim32 - winwim32.dll (file missing)
====================================
Close all browsers, Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Post a combofix log
1. Download this file - combofix.exe to your desktop
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
alternate link
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
 
1 - 3 of 3 Posts
Status
Not open for further replies.
About this Discussion
2 Replies
2 Participants
Last post:
LonnyRJ
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top