hi i have another error much like the one on [url="http://www.techsupportforum.com/security-center/hijackthis-log-help/253123-userinit-exe-applicatin-error.html[/URL] but i assumed i would need my own hijack this log file so i made another thread, hope this is alright.firstly i noticed getting stupid antivirus popups, tried to see if there was any unwanted programs in add remove programs and couldnt access it, and my security centre was turned off. couldnt access that either. Downloaded adaware and some stupid registry fix thing, thought the registry fix thing would work, and well it did get rid of the
virus (i think) because now i can get into everything like before but....after restarting comp i keep getting the same bad image errors b4 i open up a program, ofcourse the file location or name is different for each program.HERE is my dss log file, hope it helps and you can help
Deckard's System Scanner v20071014.68Run by Glen on 2008-06-07 23:25:14Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --100: 2008-06-07 13:25:54 UTC - RP100 - Deckard's System Scanner Restore Point99: 2008-06-07 00:27:52 UTC - RP99 - System Checkpoint98: 2008-06-05 22:21:30 UTC - RP98 - Uniblue RegistryBooster97: 2008-06-05 06:55:41 UTC - RP97 - Installed Medieval CUE Splitter96: 2008-06-05 06:57:50 UTC - RP96 - Restore Operation-- First Restore Point -- 1: 2008-06-03 21:51:12 UTC - RP1 - Installed Digital Media Feature Pack for Windows Media Center 2005Backed up registry hives.Performed disk cleanup.-- HijackThis (run as Glen.exe) ------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:26:52 PM, on 6/7/2008Platform:
windows xp SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\s ystem32\winlogon.exeC:\WINDOWS\system32\services.e xeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32 \svchost.exeC:\WINDOWS\System32\svchost.exeC:\WIND OWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\ Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\eh Recvr.exeC:\WINDOWS\eHome\ehSched.exeC:\PROGRA~1\M cAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\m cafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS ~1\mcshield.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\McAfee\MSK\MskSrver.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC.exeC:\WINDOWS\sys tem32\dllhost.exec:\PROGRA~1\mcafee.com\agent\mcag ent.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\ ehome\ehtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WI NDOWS\system32\igfxpers.exeC:\WINDOWS\stsystra.exe C:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\igf xsrvc.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\SiteAdvisor\6253\SiteAdv.exeC:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exeC:\WINDOWS\system32\ctfmo n.exeC:\Program Files\Windows Live\Messenger\MsnMsgr.ExeC:\Program Files\SlySoft\AnyDVD\AnyDVD.exeC:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exeC:\PROGRA~1\McAfee\V IRUSS~1\mcsysmon.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files\Windows Live\Messenger\usnsvc.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exeC:\Program Files\uTorrent\uTorrent.exeC:\Documents and Settings\Glen\Desktop\dss.exeC:\DOCUME~1\Glen\MYDO CU~1\Glen.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ninemsn.com.au/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.localO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dllO2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dllO4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exeO4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exeO4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hideO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkeyO4 - HKLM\..\RunOnce: [Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exeO4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /SO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?O4 - Global Startup: Bluetooth Manager.lnk = ?O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO20 - AppInit_DLLs: C:\WINDOWS\system32\__c0096A24.datO23 - Service: McAfee Application Installer Cleanup (0032851212673560) (0032851212673560mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\003285~1.EXE (file missing)O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exeO23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeO23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exeO23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exeO23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeO23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe--End of file - 10651 bytes-- File Associations -----------------------------------------------------------.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------R1 APPDRV - c:\windows\system32\drivers\appdrv.sys R1 OMCI - c:\windows\system32\drivers\omci.sys R1 Tosrfcom (Bluetooth RFCOMM from TOSHIBA) - c:\windows\system32\drivers\tosrfcom.sys R3 tosporte (Bluetooth Port Driver from Toshiba) - c:\windows\system32\drivers\tosporte.sys R3 Tosrfbd (Bluetooth RFBUS from TOSHIBA) - c:\windows\system32\drivers\tosrfbd.sys R3 Tosrfbnp (Bluetooth RFBNEP from TOSHIBA) - c:\windows\system32\drivers\tosrfbnp.sys R3 Tosrfhid (Bluetooth RFHID from TOSHIBA) - c:\windows\system32\drivers\tosrfhid.sys R3 tosrfnds (Bluetooth Personal Area Network from TOSHIBA) - c:\windows\system32\drivers\tosrfnds.sys R3 Tosrfusb (Bluetooth USB Controller) - c:\windows\system32\drivers\tosrfusb.sys S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys S3 BCOREUSB (BCOREUSB.Sys CSR test driver) - c:\windows\system32\drivers\bcoreusb.sys S3 toshidpt (TOSHIBA Bluetooth HID port driver) - c:\windows\system32\drivers\toshidpt.sys S3 TosRfSnd (Bluetooth Audio Device (WDM) from TOSHIBA) - c:\windows\system32\drivers\tosrfsnd.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 ##) - "c:\program files\bonjour\mdnsresponder.exe" R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exeR2 NICCONFIGSVC - c:\program files\dell\quickset\nicconfigsvc.exe S2 0032851212673560mcinstcleanup (McAfee Application Installer Cleanup (0032851212673560)) - c:\windows\temp\003285~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" S4 Bluetooth Hid Switch Service - "c:\program files\bluetooth\hidswitchservice\hidsw.exe" -- Device Manager: Disabled ----------------------------------------------------No disabled devices found.-- Scheduled Tasks -------------------------------------------------------------2008-06-01 01:03:45 350 --a------ C:\WINDOWS\Tasks\McQcTask.job2008-05-15 02:26:55 348 --a------ C:\WINDOWS\Tasks\McDefragTask.job-- Files created between 2008-05-07 and 2008-06-07 -----------------------------2008-06-07 23:17:34 0 d-------- C:\Documents and Settings\Glen\.housecall6.62008-06-06 08:25:59 520128 --a------ C:\WINDOWS\system\MAPI.DLL 2008-06-06 08:02:07 0 d-------- C:\Program Files\RegistryFix62008-06-06 08:01:45 94720 --a------ C:\WINDOWS\system32\msupdte.exe2008-06-06 07:59:51 0 d-------- C:\Program Files\Advanced Registry Fix2008-06-06 07:10:03 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP2008-06-05 23:45:55 0 d-------- C:\WINDOWS\LastGood2008-06-05 16:55:43 0 d-------- C:\Program Files\Medieval Software2008-06-05 16:13:47 0 d-------- C:\Documents and Settings\Glen\Application Data\Malwarebytes2008-06-05 13:35:12 51200 -----n--- C:\WINDOWS\system32\__c0096A24.dat2008-06-05 13:35:11 51200 --a------ C:\WINDOWS\system32\vghafstn.dll2008-06-05 13:31:47 51200 --a------ C:\WINDOWS\system32\jkbtcach.dll2008-06-05 13:28:47 51200 --a------ C:\WINDOWS\system32\vjpldlfm.dll2008-06-05 13:25:47 51200 --a------ C:\WINDOWS\system32\khwvhldx.dll2008-06-05 13:22:49 51200 --a------ C:\WINDOWS\system32\fhtmausb.dll2008-06-05 13:19:47 51200 --a------ C:\WINDOWS\system32\rkhhqlsy.dll2008-06-05 13:16:47 51200 --a------ C:\WINDOWS\system32\hxbcckqy.dll2008-06-05 13:13:47 51200 --a------ C:\WINDOWS\system32\kmkiomie.dll2008-06-05 13:10:47 51200 --a------ C:\WINDOWS\system32\hogoicks.dll2008-06-05 13:09:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes2008-06-05 13:09:25 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware2008-06-05 13:07:49 51200 --a------ C:\WINDOWS\system32\bgasnjso.dll2008-06-05 12:31:01 0 d-------- C:\Documents and Settings\Glen\Application Data\Uniblue2008-06-05 12:30:52 0 d-------- C:\Program Files\Uniblue2008-06-05 12:19:09 0 d-------- C:\Documents and Settings\Glen\Application Data\Lavasoft2008-06-05 12:18:42 0 d-------- C:\Program Files\Lavasoft2008-06-04 20:01:14 51200 --a------ C:\WINDOWS\system32\rxmhgqsn.dll2008-06-04 19:52:51 126976 --a------ C:\WINDOWS\system32\uonobubq.dll2008-06-04 07:51:02 420613 --ahs---- C:\WINDOWS\system32\lUEegMoq.ini22008-06-04 07:50:32 373248 -----n--- C:\WINDOWS\system32\qoMgeEUl.dll2008-05-11 10:58:25 0 d-------- C:\Program Files\SpacialAudio2008-05-11 10:49:27 0 d-------- C:\WINDOWS\system32\djpclib2008-05-11 10:49:27 0 d-------- C:\Program Files\DJ Music Mixer2008-05-11 10:45:04 0 d-------- C:\WINDOWS\Sun2008-05-08 16:14:03 233472 --a------ C:\WINDOWS\system32\REX Shared Library.dll 2008-05-08 16:14:03 368640 --a------ C:\WINDOWS\system32\ReWire.dll 2008-05-08 16:13:21 0 d-------- C:\Program Files\Orion-- Find3M Report ---------------------------------------------------------------2008-06-07 23:21:29 0 d-------- C:\Documents and Settings\Glen\Application Data\uTorrent2008-06-05 23:45:54 0 d-------- C:\Program Files\McAfee2008-06-05 12:09:19 0 d-------- C:\Program Files\MP3 Player Utilities 3.5.022008-06-04 13:38:55 0 d-------- C:\Documents and Settings\Glen\Application Data\LimeWire2008-05-29 18:57:30 0 d-------- C:\Program Files\Java2008-05-28 14:22:23 0 d-------- C:\Documents and Settings\Glen\Application Data\U32008-05-22 20:39:34 0 d-------- C:\Program Files\SiteAdvisor2008-05-11 11:14:21 0 d-------- C:\Documents and Settings\Glen\Application Data\Adobe2008-05-09 21:44:39 0 d-------- C:\Program Files\LimeWire2008-05-07 12:00:35 0 d-------- C:\Documents and Settings\Glen\Application Data\AdobeUM2008-05-06 22:20:35 0 d-------- C:\Documents and Settings\Glen\Application Data\SiteAdvisor2008-05-04 18:40:13 0 d-------- C:\Program Files\Common Files\McAfee2008-05-02 18:34:14 0 d-------- C:\Documents and Settings\Glen\Application Data\CoSoSys2008-05-02 07:24:48 0 d-------- C:\Program Files\Common Files\Adobe2008-05-01 17:41:29 0 d-------- C:\Program Files\Bonjour2008-05-01 17:29:43 0 d-------- C:\Program Files\Common Files2008-05-01 17:29:43 0 d-------- C:\Program Files\Common Files\Macrovision Shared2008-05-01 12:05:56 0 d-------- C:\Program Files\MSXML 4.02008-05-01 11:53:33 0 d-------- C:\Program Files\Microsoft ActiveSync2008-05-01 11:52:14 0 d-------- C:\Program Files\Microsoft.NET2008-05-01 07:14:20 0 d-------- C:\Documents and Settings\Glen\Application Data\Real2008-04-30 17:05:28 0 d-------- C:\Documents and Settings\Glen\Application Data\SlySoft2008-04-30 16:38:28 0 d-------- C:\Program Files\Elaborate Bytes2008-04-30 16:37:22 0 d-------- C:\Program Files\SlySoft2008-04-30 16:37:04 0 d-------- C:\Program Files\DVD Shrink2008-04-30 16:34:44 0 d-------- C:\Documents and Settings\Glen\Application Data\Nero2008-04-30 16:33:42 0 d-------- C:\Program Files\Common Files\Nero2008-04-30 16:31:37 0 d-------- C:\Program Files\Nero2008-04-30 10:29:57 0 d-------- C:\Program Files\McAfee.com2008-04-30 08:18:57 0 d-------- C:\Program Files\PowerDataRecovery2008-04-30 08:14:02 0 d-------- C:\Program Files\DivX2008-04-30 08:00:17 0 d-------- C:\Documents and Settings\Glen\Application Data\DivX2008-04-30 07:48:57 0 d-------- C:\Program Files\K-Lite Codec Pack2008-04-30 07:46:32 0 d-------- C:\Documents and Settings\Glen\Application Data\WinRAR2008-04-29 16:19:43 0 d-------- C:\Program Files\uTorrent2008-04-29 15:27:46 0 d-------- C:\Program Files\Windows Media Connect 22008-04-29 08:07:37 0 d-------- C:\Program Files\Messenger2008-04-29 07:47:31 0 d-------- C:\Program Files\Windows Live2008-04-29 07:46:02 0 d-------- C:\Program Files\Windows Live Toolbar2008-04-29 07:41:10 0 d-------- C:\Program Files\Microsoft Silverlight2008-04-29 07:28:16 0 d-------- C:\Program Files\AVIConverter2008-04-29 07:19:36 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition2008-04-29 07:17:27 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller2008-04-29 06:53:27 0 d-------- C:\Documents and Settings\Glen\Application Data\Macromedia2008-04-29 06:48:15 0 d-------- C:\Program Files\MagicISO2008-04-29 06:47:33 0 d-------- C:\Documents and Settings\Glen\Application Data\vlc2008-04-29 06:47:02 0 d-------- C:\Program Files\VideoLAN2008-04-28 22:33:33 0 d-------- C:\Program Files\Common Files\ODBC2008-04-28 22:33:28 0 d-------- C:\Program Files\Common Files\SpeechEngines2008-04-28 22:33:01 62 --ahs---- C:\Documents and Settings\Glen\Application Data\desktop.ini2008-04-28 16:47:22 0 d-------- C:\Program Files\Intel2008-04-28 16:44:35 0 d--h----- C:\Program Files\InstallShield Installation Information2008-04-28 16:44:35 0 d-------- C:\Program Files\Dell2008-04-28 16:42:35 0 d-------- C:\Documents and Settings\Glen\Application Data\Sun2008-04-28 16:42:23 0 d-------- C:\Program Files\Common Files\Java2008-04-28 16:41:10 0 d-------- C:\Program Files\Synaptics2008-04-28 16:40:44 0 d-------- C:\Program Files\CONEXANT2008-04-28 16:40:27 0 d-------- C:\Program Files\Modem Helper2008-04-28 16:39:45 0 d-------- C:\Program Files\BlueTooth2008-04-28 16:37:56 0 d-------- C:\Program Files\Toshiba2008-04-28 16:36:56 0 d-------- C:\Program Files\SigmaTel2008-04-28 16:29:51 0 d-------- C:\Program Files\Broadcom2008-04-28 16:28:40 0 d-------- C:\Program Files\DIFX2008-04-28 16:28:25 0 d-------- C:\Program Files\Common Files\InstallShield2008-04-28 16:04:03 0 d-------- C:\Documents and Settings\Glen\Application Data\Identities2008-04-28 15:53:12 0 d-------- C:\Program Files\RGB2008-04-28 15:50:46 0 d-------- C:\Program Files\ESPNMotion2008-04-28 15:50:45 0 d-------- C:\Program Files\DIGStream2008-04-28 15:50:39 0 d-------- C:\Program Files\GemMaster2008-04-28 13:23:14 0 d-------- C:\Program Files\microsoft frontpage2008-04-28 13:21:34 0 -rahs---- C:\MSDOS.SYS2008-04-28 13:21:34 0 -rahs---- C:\IO.SYS2008-04-28 13:21:34 0 --a------ C:\CONFIG.SYS2008-04-28 13:21:34 0 --a------ C:\AUTOEXEC.BAT2008-04-28 13:19:43 0 d--h----- C:\Program Files\WindowsUpdate2008-04-28 13:18:39 0 d-------- C:\Program Files\Common Files\MSSoap2008-04-28 13:18:25 0 d-------- C:\Program Files\Movie Maker2008-04-28 13:16:51 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat2008-04-28 13:16:22 0 d-------- C:\Program Files\Online Services2008-04-28 13:15:47 0 d-------- C:\Program Files\Windows Plus2008-04-28 13:13:19 0 d-------- C:\Program Files\MSN Gaming Zone2008-04-28 13:13:10 0 d-------- C:\Program Files\Windows NT2008-04-01 07:25:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2008-04-01 07:25:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll 2008-04-01 07:25:46 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll 2008-04-01 07:25:46 831488 --a------ C:\WINDOWS\system32\divx_xx0a.dll2008-04-01 07:25:46 682496 --a------ C:\WINDOWS\system32\DivX.dll 2008-03-22 06:30:08 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll2008-03-22 06:28:54 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2008-03-22 06:28:54 81920 --a------ C:\WINDOWS\system32\dpl100.dll 2008-03-22 06:28:20 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]11/26/2007 10:46 AM 324936 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]"BluetoothAuthenticationAgent"="bthprops.cpl" [08/10/2004 09:00 PM C:\WINDOWS\system32\bthprops.cpl]"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 01:56 PM]"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [12/13/2005 05:44 PM]"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [12/13/2005 05:41 PM]"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [12/13/2005 05:45 PM]"SigmatelSysTrayApp"="stsystra.exe" [03/24/2006 05:30 PM C:\WINDOWS\stsystra.exe]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/08/2006 12:48 PM]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [04/06/2006 02:58 PM]"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [06/22/2007 09:12 AM]"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [11/30/2007 05:42 AM]"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [09/20/2007 09:51 AM]"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [04/23/2008 02:08 AM]"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 07:12 PM][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 09:00 PM]"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [04/29/2008 04:19 PM]"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [04/30/2008 04:38 PM]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [09/20/2007 03:35 PM]"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [][HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonce]"Microsoft WinUpdate"=C:\WINDOWS\system32\msupdte.exeC:\Docum ents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [5/2/2008 7:27:28 AM]Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [11/18/2005 5:46:00 PM]WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [4/28/2008 11:20:00 AM][HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\R oyale\Royale.msstyles"InstallTheme"=C:\WINDOWS\Res ources\Themes\Royale.theme[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"appinit_dlls"=C:\WINDOWS\system32\__c0096A24. dat[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\mcmscsvc]@=""[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]@=""[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]bthsvcs BthServ[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ac5b33a9-1635-11dd-847e-001641769d31}]AutoRun\command- E:\LaunchU3.exe -a*Newly Created Service* - TMCOMM*Newly Created Service* - WMIAPSRV-- End of Deckard's System Scanner: finished at 2008-06-07 23:27:37 ------------EDIT - changed hyperlink. and changed hijackthis to dss log file
06-07-2008, 01:42 PM
Another userinit error 
Linear Mode
