Here we go. Fire Fox Works This Is what I Meant to post.
Deckard's System Scanner v20071014.68
Run by Xtra on 2008-05-07 01:43:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 255 MiB (512 MiB recommended).
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-07 01:43:43
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Unable to read version
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Grisoft\AVG7\avgwb.dat
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\2305\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\Spcron\Spcron.dll
O2 - BHO: gooochi browser optimizer - {1cf75d23-0d2e-8456-607d-c43fbf7b94b6} - C:\WINDOWS\system32\{b929d5bc-3f62-86f0-83bc-3b8b6b1a1be8}.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: (no name) - {C2626E66-D21B-E628-C1DF-1DACCFA36ED2} - C:\Program Files\Common Files\fjOs0r.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [JavaCore] C:\Program Files\\JavaCore\\JavaCore.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SpeedRunner] C:\Documents and Settings\2305\Application Data\SpeedRunner\SpeedRunner.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SfKg6wIP] C:\Documents and Settings\2305\Application Data\Microsoft\Windows\pdgsmib.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Sen] "C:\WINDOWS\ICROSO~1.NET\dvdplay.exe" -vt yazb (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [JavaCore] C:\Program Files\\JavaCore\\JavaCore.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SpeedRunner] C:\Documents and Settings\2305\Application Data\SpeedRunner\SpeedRunner.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SfKg6wIP] C:\Documents and Settings\2305\Application Data\Microsoft\Windows\pdgsmib.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Sen] "C:\WINDOWS\ICROSO~1.NET\dvdplay.exe" -vt yazb (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1201995460713
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.mi...b?1202000408437
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.ma...t/ultrashim.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{20E3DF36-C468-47D9-AAE6-0E0F40600F4A}: NameServer = 208.67.222.222 208.67.220.220
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\system32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
--
End of file - 8054 bytes
-- Files created between 2008-04-07 and 2008-05-07 -----------------------------
2008-05-07 00:59:49 0 d-------- C:\Documents and Settings\Xtra\Application Data\Macromedia
2008-05-07 00:59:48 0 d-------- C:\Documents and Settings\Xtra\Application Data\Adobe
2008-05-07 00:32:02 0 d-------- C:\Documents and Settings\Xtra\Application Data\Talkback
2008-05-07 00:31:43 0 d-------- C:\Documents and Settings\Xtra\Application Data\Mozilla
2008-05-07 00:01:27 0 d-------- C:\Documents and Settings\2305\Application Data\AVG7
2008-05-06 23:45:09 0 d-------- C:\Documents and Settings\Xtra\Application Data\AVG7
2008-05-06 23:33:51 0 d-------- C:\Documents and Settings\Xtra\Application Data\Google
2008-05-06 23:33:38 0 d-------- C:\Documents and Settings\Xtra\Application Data\Grisoft
2008-05-06 23:33:08 0 d-------- C:\Documents and Settings\Xtra\Application Data\Identities
2008-05-06 23:32:27 0 d--h----- C:\Documents and Settings\Xtra\Templates
2008-05-06 23:32:27 0 dr------- C:\Documents and Settings\Xtra\Start Menu
2008-05-06 23:32:27 0 dr-h----- C:\Documents and Settings\Xtra\SendTo
2008-05-06 23:32:27 0 dr-h----- C:\Documents and Settings\Xtra\Recent
2008-05-06 23:32:27 0 d--h----- C:\Documents and Settings\Xtra\PrintHood
2008-05-06 23:32:27 0 d--h----- C:\Documents and Settings\Xtra\NetHood
2008-05-06 23:32:27 0 dr------- C:\Documents and Settings\Xtra\My Documents
2008-05-06 23:32:27 0 d--h----- C:\Documents and Settings\Xtra\Local Settings
2008-05-06 23:32:27 0 dr------- C:\Documents and Settings\Xtra\Favorites
2008-05-06 23:32:27 0 d-------- C:\Documents and Settings\Xtra\Desktop
2008-05-06 23:32:27 0 d--hs---- C:\Documents and Settings\Xtra\Cookies
2008-05-06 23:32:27 0 dr-h----- C:\Documents and Settings\Xtra\Application Data
2008-05-06 23:32:26 2097152 --ah----- C:\Documents and Settings\Xtra\NTUSER.DAT
2008-05-06 23:21:05 0 d-------- C:\Program Files\Spcron
2008-05-06 23:20:52 0 d-------- C:\Program Files\Temporary
2008-05-06 19:28:42 47104 --a------ C:\WINDOWS\mrofinu1001186.exe
2008-05-06 18:44:10 0 d-------- C:\Program Files\Avira
2008-05-06 18:44:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-05 11:53:00 330752 --a------ C:\WINDOWS\system32\{b929d5bc-3f62-86f0-83bc-3b8b6b1a1be8}.dll
2008-05-03 20:53:15 0 d-------- C:\Documents and Settings\2305\Application Data\Grisoft
2008-05-03 20:48:23 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-05-03 20:47:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-03 20:47:19 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-05-03 18:08:35 101376 --a------ C:\WINDOWS\system32\VT100.EXE
2008-05-02 23:12:21 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-05-02 23:12:21 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-05-02 23:12:21 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-05-02 23:12:21 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-05-02 23:12:21 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-05-02 23:12:21 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-05-02 23:12:21 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-05-02 23:12:21 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-05-02 23:12:21 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-05-02 23:12:21 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-05-02 23:12:21 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-05-02 23:12:20 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-05-02 23:12:20 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-05-02 23:12:19 1777664 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-05-01 08:40:16 75776 --a------ C:\WINDOWS\b155.exe
2008-04-29 22:38:25 0 d-------- C:\Program Files\Svconr
2008-04-29 22:16:36 0 d-------- C:\WINDOWS\ERUNT
2008-04-24 17:44:20 80896 --a------ C:\WINDOWS\b156.exe
2008-04-21 22:48:41 0 d-------- C:\WINDOWS\?icrosoft.NET
2008-04-13 15:08:10 399922 --a------ C:\WINDOWS\system32\g26.exe
-- Find3M Report ---------------------------------------------------------------
2008-05-06 23:53:15 0 d-------- C:\Program Files\QuickTime
2008-05-06 23:52:45 0 d-------- C:\Program Files\NINTENDO
2008-05-06 23:52:41 0 d-------- C:\Program Files\Microsoft Works
2008-05-02 22:16:27 0 d-------- C:\Program Files\Common Files
2008-05-02 22:16:27 475 --a------ C:\Program Files\Common Files\Shortcut to Common Files.lnk
2008-04-16 22:47:55 0 d-------- C:\Program Files\Warcraft III
2008-04-13 16:24:01 937 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-04-03 22:48:21 18027 --a------ C:\WINDOWS\War3Unin.dat
2008-04-03 22:45:01 2829 --a------ C:\WINDOWS\War3Unin.pif
2008-04-03 22:45:00 135168 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>
2008-04-01 09:25:31 39883 --a------ C:\WINDOWS\system32\targetedbanner-uninst.exe
2008-03-29 23:10:58 0 d-------- C:\Program Files\Apple Software Update
2008-03-18 14:13:23 0 d-------- C:\Program Files\ACSPMonitor
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
-- End of Deckard's System Scanner: finished at 2008-05-07 01:48:16 ------------
There is no Extra.txt as instructed.
Edited by Capritorn, 06 May 2008 - 11:51 PM.
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
