TheTechGuide Forum

General Category => Tech Clinic => Topic started by: 2-D on January 16, 2006, 03:15:52 AM

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 03:15:52 AM

I turn on my computer...wait for it to log me in... everything loads up as it should and then i go to open something and everything freezes cant click, cant ctrl alt delete... nothing. so i run my computer in safe mode and go to msn config and disable some stuff from starting up. i restart and now im here.. the GUI is looking old, not the same blue interface that comes with XP.

i dont think posting a log would do much since almost all things that start up are disabled... but ill try to able everything and get the log... here is the log now.

Logfile of HijackThis v1.99.1
Scan saved at 12:15:05 AM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {22D003CE-6952-46C5-80B9-D19B479620AB} - (no file)
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab (http://\"http://download.games.yahoo.com/games/clients/y/pote_x.cab\")
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab\")
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab\")
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab\")
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - <a href='http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab' target='_blank' rel='nofollow'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab</a>
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab\")
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab (http://\"http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab\")
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab (http://\"http://www.linksysfix.com/netcheck/51/install/gtdownls.cab\")
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab (http://\"http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab\")
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab\")
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab (http://\"http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab\")
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe



ill post another later..


EDIT: everything is the same... except some files come on startup.. everything looks the same..plz help...god....

Logfile of HijackThis v1.99.1
Scan saved at 12:19:57 AM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Userinit.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {22D003CE-6952-46C5-80B9-D19B479620AB} - (no file)
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKExe] c:\PROGRA~1\mcafee\SPAMKI~1\spamkiller.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab (http://\"http://download.games.yahoo.com/games/clients/y/pote_x.cab\")
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab\")
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab\")
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab\")
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.Email (http://\"http://by112fd.bay112.Email\") Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab\")
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab (http://\"http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab\")
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab (http://\"http://www.linksysfix.com/netcheck/51/install/gtdownls.cab\")
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab (http://\"http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab\")
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab\")
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab (http://\"http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab\")
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 04:41:03 AM

(http://img13.imageshack.us/img13/6918/lame0fq.jpg)





I ALSO CANNOT HEAR SOUND!!!!!!!!!!!!!!!!!!!!!

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 07:15:58 AM

god jesus plz help i know its only been an hour or so but if this isnt fixed soon in gonna be in some deep [censored] /sleep.gif\' class=\'bbc_emoticon\' alt=\'-_-\' />

i cant print <-- BIG PROBLEM
cant hear anything from my computer, except a lil beep from the brain
cant play soldat (lol)
cant use webcam
cant use mic
cant choose XP theme


many other things, prolly everything
lucky i have internet connection, cuz i cant do anything else

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 04:56:54 PM

bump...........

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 06:31:21 PM

bump?

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 06:34:52 PM

Go back to msconfig
Under the Startup tab>>enable all
Under the General tab>>Select Normal

Apply and close, but Don't reboot the computer yet

Instead, come back here and post a fresh hijackthis log

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 07:42:17 PM

those settings where already like that lol


Logfile of HijackThis v1.99.1
Scan saved at 4:42:09 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKExe] c:\PROGRA~1\mcafee\SPAMKI~1\spamkiller.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab (http://\"http://download.games.yahoo.com/games/clients/y/pote_x.cab\")
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab\")
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab\")
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab\")
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.Email (http://\"http://by112fd.bay112.Email\") Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab\")
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab (http://\"http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab\")
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab (http://\"http://www.linksysfix.com/netcheck/51/install/gtdownls.cab\")
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab (http://\"http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab\")
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab\")
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab (http://\"http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab\")
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 07:53:27 PM

Quote

those settings where already like that lol

I don't want to get too involved in your log
You now have McAfee's and Norton's installed
Or both were installed earlier
Having more than one active AV running in the background can cause conflicts and decrease system performance
I suggest you uninstall one or the other and then reboot your computer afterwards

Also: I didn't see Security Stronghold
I'm not familiar with this program, but can interfere with any fixes also, if we may have to do any

You appear to be installing what you don't need
Again, I'm not sure how much I want to get involved in this log

Having too many Security programs can cause interference with each other
and just be a waste of time attempting to help fix it

If you want to keep installing other programs, go ahead, you seem very impatient
But when your done, come back here and see if I can be of any help

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 08:03:43 PM

(http://tinypic.com/kdahbn.jpg)

i cant run anything. i cant connect printers or anything. im going to uninstal mcafee now because like you said i dont need it at all.

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 08:05:44 PM

That's not enough, is Security Stronghold something you paid for
If not, uninstall it for now too

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 08:08:00 PM

no. ill uninstall that with mcafee.



uh.. sererity stronghold is already uninstalled, but the folder is still there with a few .dat files and one configuration setting..



and you can get into my log all you want, what ever will fix my computer ..k

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 08:13:55 PM

When you have the above uninstalled and reboot the computer
Come back here and post a fresh hijackthis log

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 08:19:03 PM

Logfile of HijackThis v1.99.1
Scan saved at 5:18:50 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab (http://\"http://download.games.yahoo.com/games/clients/y/pote_x.cab\")
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab\")
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab\")
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab\")
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - <a href='http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab' target='_blank' rel='nofollow'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab</a>
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab\")
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab (http://\"http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab\")
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab (http://\"http://www.linksysfix.com/netcheck/51/install/gtdownls.cab\")
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab (http://\"http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab\")
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab\")
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab (http://\"http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab\")
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe





mcafee updater still installed..?

and since there isnt an active shield.exe anymore, or where it says it is then...wtf..

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 08:30:11 PM

Can you open Hijackthis>>Open Misc tools section>>Open Uninstall manager
Click the SAVE LIST button
Save this list too desktop then copy and paste back here the whole contents please

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 08:31:37 PM

/happy.gif\' class=\'bbc_emoticon\' alt=\'^_^\' />

Ad-Aware SE Personal
Adobe Photoshop CS
Adobe Reader 7.0.5
All Video Converter 2.3
ArcSoft Multimedia Email
ArcSoft PhotoImpression 4
ArcSoft PhotoImpression 5
AviSynth 2.5
BCM V.92 56K Modem
BitTorrent 4.2.0
Camtasia Studio 3
ccCommon
ccCommon
Change Extension
Cheat Engine 5.1.1
Cheat Engine 5.2
CleanUp!
Creative WebCam Center
Creative WebCam Instant Driver (1.01.02.0729)
Creative WebCam Instant User's Guide (English)
Delete FXP Files
Ease Audio Converter 1.81
ewido security suite
EZ-Tracks Toolbar
Flash Decompiler
Gaim (remove only)
Game Maker 6.1
Get Yahoo! Messenger
Google Earth
Google Toolbar for Internet Explorer
GTA2
GTK+ Runtime 2.6.9 rev a (remove only)  [color=\"#FF0000\"] (suposivly Gaim, messenger program..)[/color]
GunboundWC
Hide IP Platinum 2.0
HijackThis 1.99.1
Intel® Extreme Graphics Driver
Internet Worm Protection
iPod for Windows 2005-03-23
iPod for Windows 2005-10-12
iTunes
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 4
Kodak EasyShare software
Korean Language Support
Lernout & Hauspie TruVoice American English TTS Engine
Lexmark 4300 Series
Lexmark X74-X75
LimeWire PRO 4.9.23
Lineage II
LiveUpdate 2.5 (Symantec Corporation)
Macromedia Extension Manager
Macromedia Fireworks 8
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash MX 2004
Macromedia Flash Player 8
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Macromedia Shockwave Player
MAIET Gunz
MapleStory
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Office Standard Edition 2003
Microsoft Office XP Professional with FrontPage
Mozilla Firefox (1.5)
MSN Messenger 7.5
MSN Music Assistant
MSRedist
MSXML 4.0 SP2 Parser and SDK
NAVShortcut
Nero 6 Ultra Edition
NoAdware v4.0
Norton AntiVirus 2006
Norton AntiVirus 2006 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Internet Security
Norton Personal Firewall 2005 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Pivot Stickfigure Animator
PlayFKiSS
Project64 1.6
QuickTime
Rakion_International
RealPlayer
Remove Hidden Data Tool
Rhapsody Player Engine
Save Flash 3.0
Security Task Manager 1.6f
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Softnyx Launcher
Soldat 1.3.1
Soldat 1.3.1
Soldat BOT Creator/Editor 1.2.0
Soldat BuddyList 2.0
Soldat Map Maker 1.2
Sony Sound Forge 8.0b
Sothink SWF Decompiler
SPBBC
Speakonia
Spybot - Search & Destroy 1.4
Spyware Doctor 3.2
SpywareBlaster v3.4
Stop Motion Pro v4
Swift 3D Version 1.00
Symantec
Symantec Script Blocking Installer
SymNet
TeamSpeak 2 RC2
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
Ventrilo Client
Videora iPod Converter 0.91
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WarRock
Windows Driver Package - Argus (MR97310_VGA_DUAL_CAMERA) Image 04/27/2005 2.0.1.0
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WJ III Compuscore and Profiles Program
Xfire (remove only)
XoftSpy

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 08:46:52 PM

I'm not sure what Security Task Manager can do besides showing running processes
If it has the ability to disable bad processes on startup or any other time, disable it,
We want to see what bad guys are running, if any

Please disable Spyware Doctor's onguard tools, so it won't interfere with anything we have to do
To deactivate Spyware Doctor's OnGuard Tools

1. From within Spyware Doctor, click the "OnGuard" button on the left side.
2. Uncheck "Activate OnGuard".

If you didn't intentionally install Viewpoint
Access your add/remove programs via control panel and remove
Viewpoint Manager (Remove Only)
Viewpoint Media Player

Do a "System scan only" with Hijackthis and put a check next to these entries:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O18 - Filter: text/html - (no CLSID) - (no file)

After you have ticked the above entry, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Post back a fresh hijackthis log

Title: What Do I Do Now.....
Post by: 2-D on January 16, 2006, 10:16:33 PM

Logfile of HijackThis v1.99.1
Scan saved at 7:16:10 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab (http://\"http://download.games.yahoo.com/games/clients/y/pote_x.cab\")
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab\")
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab\")
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab\")
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.Email (http://\"http://by112fd.bay112.Email\") Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab\")
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab (http://\"http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab\")
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab (http://\"http://www.linksysfix.com/netcheck/51/install/gtdownls.cab\")
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab (http://\"http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab\")
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (http://\"http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab\")
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab (http://\"http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab\")
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

Title: What Do I Do Now.....
Post by: guestolo on January 16, 2006, 10:59:56 PM

Open Ewido
From the main ewido screen, click on Update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")
Close out Ewido for now, we'll need it later
If for some reason the Updater won't work can you manually download the
Updates from this link
http://www.ewido.net/en/download/updates/ (http://\"http://www.ewido.net/en/download/updates/\")

Click on the Scanner button on the left menu
Select Complete System Scan
*If Ewido finds something it will prompt you with "Infected Object found"
Ensure the following are Selected
*1. Perform Action = Remove
*2. Create Encrypted Backup in Quarantine (Recommended)
*3. Perform action with all infections

Then click OK
When Ewido has finished it's scan click the "Save Report" button
Save the report to desktop
Exit Ewido
NOTE: When Ewido is running, don't open any other Windows

Post back here the report from Ewido's
Let me know of any problems, if any

Title: What Do I Do Now.....
Post by: 2-D on January 17, 2006, 12:38:59 AM

oops... i opend firefox and flash while it was running... sorry didnt read the note... my bad...


---------------------------------------------------------
 ewido anti-malware - Scan report
---------------------------------------------------------

 + Created on:         9:37:47 PM, 1/16/2006
 + Report-Checksum:      ED8DE45

 + Scan result:

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup
   :mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
   :mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
   :mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
   :mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.98:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.100:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.154:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.172:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.176:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.191:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.192:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.193:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.195:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.196:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.197:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.199:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.203:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.204:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.205:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.206:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.207:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.208:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.209:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.210:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.218:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.224:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.257:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.268:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.269:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.270:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.271:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.272:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
   :mozilla.278:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.279:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.288:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.289:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.290:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.291:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.292:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.293:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.294:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.295:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.298:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.299:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.303:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.304:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
   :mozilla.309:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.325:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.326:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
   :mozilla.340:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adition : Cleaned with backup
   :mozilla.341:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adition : Cleaned with backup
   :mozilla.344:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.345:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.346:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Revenue : Cleaned with backup
   :mozilla.360:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.361:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.362:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.363:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.364:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.378:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
   :mozilla.387:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.388:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.389:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.390:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.391:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.392:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.393:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.394:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.416:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Findwhat : Cleaned with backup
   :mozilla.417:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.418:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.419:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.424:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.425:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
   :mozilla.456:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.457:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.459:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.460:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.461:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.462:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.463:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.464:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.466:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.473:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.474:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.475:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.476:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.498:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.499:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.500:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.501:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.522:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
   :mozilla.523:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
   :mozilla.527:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.530:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.531:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.538:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.539:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.540:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.755:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
   :mozilla.763:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adocean : Cleaned with backup
   :mozilla.764:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adocean : Cleaned with backup
   :mozilla.784:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
   :mozilla.792:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
   :mozilla.796:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.815:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
   :mozilla.822:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adtech : Cleaned with backup
   :mozilla.823:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adtech : Cleaned with backup
   :mozilla.834:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.837:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.838:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.839:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.843:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.844:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.850:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.858:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.859:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.908:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.935:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bfast : Cleaned with backup
   :mozilla.936:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bfast : Cleaned with backup
   :mozilla.944:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Estat : Cleaned with backup
   :mozilla.965:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.974:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.975:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.985:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafic : Cleaned with backup
   :mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.44:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.45:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.123:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.151:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.152:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.181:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.182:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.183:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.184:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.185:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.186:C:\Documents and Settings\Administrator\Application Data\Mozilla\

Title: What Do I Do Now.....
Post by: guestolo on January 17, 2006, 01:29:30 AM

You didn't post the whole log from Ewido's

Please post the remainder
Use multiple replies if you have too
Post back anything below this point in the log

 :mozilla.186:C:\Documents and Settings\Administrator\Application Data\Mozilla\

Title: What Do I Do Now.....
Post by: 2-D on January 17, 2006, 01:30:40 AM

:mozilla.186:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.187:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.188:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.189:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.190:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.191:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.192:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.193:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.212:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.216:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.217:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.222:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.223:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.224:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.237:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.238:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
   :mozilla.241:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
   :mozilla.242:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
   :mozilla.296:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
   :mozilla.298:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.300:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.336:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.337:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.383:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.384:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.385:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.390:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.391:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.392:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.393:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.397:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.398:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.399:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.400:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.401:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.403:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.404:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.405:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.428:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.429:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
   :mozilla.473:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.477:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.478:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.479:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.480:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.481:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.502:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.503:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.509:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
   :mozilla.510:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.515:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.522:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
   :mozilla.529:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
   :mozilla.530:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
   :mozilla.531:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
   :mozilla.532:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.533:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.534:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.535:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.536:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.537:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.538:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.539:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.540:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.658:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.757:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Linkbuddies : Cleaned with backup
   :mozilla.866:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.879:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\[censored]\SoldatHack\................................ìÿ² -> Backdoor.Agent.rc : Cleaned with backup
   C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\[censored]\SoldatHack\SoldatHack - Modified - LG.exe -> Backdoor.Agent.rc : Cleaned with backup
   C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\[censored]\wwwhack\patch.exe -> Not-A-Virus.HackTool.WwwHack.a : Cleaned with backup
   C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\[censored]\wwwhack\wwwhack.exe -> Not-A-Virus.HackTool.WwwHack.a : Cleaned with backup
   C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Directory 1 for wwwhack.zip\wwwhack.exe -> Not-A-Virus.HackTool.WwwHack.a : Cleaned with backup
   C:\Documents and Settings\Administrator\My Documents\Soldat Hacks.zip/Soldat Hacks/SoldatHck.exe -> Backdoor.Agent.rc : Cleaned with backup
   C:\WINDOWS\system32\dllcache\win32\red.exe -> Not-A-Virus.RemoteAdmin.Win32.NirComLine.12 : Cleaned with backup


::Report End

Title: What Do I Do Now.....
Post by: guestolo on January 17, 2006, 01:38:19 AM

Looks like your downloading a lot of cracks or hacks
It's not paying off for you

Set Windows To Show Hidden Files and Folders
    * Click Start.
    * Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Uncheck the Hide Extensions for known file types
    * Click Yes to confirm.
    * Click OK.

I'm not sure what you have in the Censored folder, but if you don't need it remove the censored folder containing>>SoldatHack folder, unless the [Censored] folder is legit
 C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\[censored]\SoldatHack\
How about this folder, I would remove it too
 C:\Documents and Settings\Administrator\My Documents\Soldat Hacks.zip
Navigate to this folder
 C:\WINDOWS\system32\dllcache\win32
What other files do you see in there?

I would also run CleanUp! on your machine
Reboot afterwards, how's it running after that?

Title: What Do I Do Now.....
Post by: 2-D on January 17, 2006, 01:50:49 AM

i thought it would be easier to see them then me type all of them out.. if im wrong then sorry

(http://img30.imageshack.us/img30/1892/thatsall2wz.png) (http://\"http://imageshack.us\")
im running Cleanup!!!1 right now.




lol......

(http://img12.imageshack.us/img12/8035/lol4cy.png)

Title: What Do I Do Now.....
Post by: guestolo on January 17, 2006, 02:08:53 AM

I'm betting your computer has been hacked
Possibly when using sone chat client, I can't be sure
Although all the files can be used legitimately, they can also be used maliciously

Try sending the whole win32 folder to the recycle bin

Reboot again

How's everything running?

Title: What Do I Do Now.....
Post by: 2-D on January 17, 2006, 02:24:02 AM

i cant print still, says something about the spooler not activated, mic works, i can change themes, but i really need the printer to work



also, i have to go to bed so i cant answer for about 7 hours...or mabye 15 hours lol

just tell me the next thing to do and it will be done lol...

Title: What Do I Do Now.....
Post by: guestolo on January 17, 2006, 11:39:08 AM

Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- Remote Procedure Call (RPC)
Double click on it
It should be running, if not, In the drop down menu set to Automatic
You shouldn't be able to even have an option to change that setting, but make sure it's set to Auto

Now open the Print Spooler Service
Make sure Print Spooler is set to Auto
Click on the Dependencies tab>>The only dependency it relies on should be Remote Procedure Call (RPC)
If not, find the other service and enable it

Reboot the computer

See if that helps

Title: What Do I Do Now.....
Post by: 2-D on January 18, 2006, 12:42:06 AM

[quote name=\'guestolo\' post=\'82676\' date=\'Jan 17 2006, 08:39 AM\']Click on the Dependencies tab>>The only dependency it relies on should be Remote Procedure Call (RPC)
If not, find the other service and enable it[/quote]


i dont get it... i go to that tab in properties and this comes up

(http://img80.imageshack.us/img80/8385/untitled6mj1.png)


and then i cant type or anything else in the properites

Title: What Do I Do Now.....
Post by: guestolo on January 18, 2006, 12:54:32 AM

Quote

i dont get it... i go to that tab in properties and this comes up

I don't know what you mean by that?

Could you Download GetServices.zip (http://\"http://www.bleepingcomputer.com/files/spyware/getservices.zip\")
Unzip it to a folder
Double click on the Getservice.bat file to run it. This will create and open a text file named getservice.txt in the same folder.
getservice.txt will list all active Services

Post the getservices.txt

Title: What Do I Do Now.....
Post by: 2-D on January 18, 2006, 01:25:16 AM

PsService v1.1 - local and remote services viewer/controller
Copyright © 2001-2003 Mark Russinovich
Sysinternals - www.sysinternals.com

SERVICE_NAME: Adobe LM Service
Adobe LM Service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Adobe LM Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Alerter
Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k LocalService
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Alerter
   DEPENDENCIES     : LanmanWorkstation
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: ALG
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\alg.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Application Layer Gateway Service
   DEPENDENCIES     :
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: AppMgmt
Provides software installation services such as Assign, Publish, and Remove.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Application Management
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: aspnet_state
Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : ASP.NET State Service
   DEPENDENCIES     :
   SERVICE_START_NAME: NT AUTHORITY\NetworkService

SERVICE_NAME: AudioSrv
Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : AudioGroup
   TAG        : 0
   DISPLAY_NAME     : Windows Audio
   DEPENDENCIES     : PlugPlay
           : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: BITS
Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Background Intelligent Transfer Service
   DEPENDENCIES     : Rpcss
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 0 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 60000 seconds

SERVICE_NAME: Browser
Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Computer Browser
   DEPENDENCIES     : LanmanWorkstation
           : LanmanServer
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ccEvtMgr
Event propagation and logging service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
   LOAD_ORDER_GROUP  : Symantec Core Services
   TAG        : 0
   DISPLAY_NAME     : Symantec Event Manager
   DEPENDENCIES     : RPCSS
           : ccSetMgr
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ccPwdSvc
Symantec Password Validation Service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Symantec Password Validation
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ccSetMgr
Settings storage and management service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
   LOAD_ORDER_GROUP  : Symantec Core Services
   TAG        : 0
   DISPLAY_NAME     : Symantec Settings Manager
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: CiSvc
Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
   TYPE        : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\cisvc.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Indexing Service
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ClipSrv
Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\clipsrv.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : ClipBook
   DEPENDENCIES     : NetDDE
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: clr_optimization_v2.0.50727_32
Microsoft .NET Framework NGEN
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : .NET Runtime Optimization Service v2.0.50727_X86
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 86400 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 960000 seconds
           : Restart   DELAY: 15360000 seconds
           : None   DELAY: 0 seconds

SERVICE_NAME: COMSysApp
Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : COM+ System Application
   DEPENDENCIES     : rpcss
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 30 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 1000 seconds
           : Restart   DELAY: 5000 seconds
           : None   DELAY: 1000 seconds

SERVICE_NAME: CryptSvc
Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Cryptographic Services
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Dcfssvc
(null)
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\drivers\dcfssvc.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Dcfssvc
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: DcomLaunch
Provides launch functionality for DCOM services.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost -k DcomLaunch
   LOAD_ORDER_GROUP  : Event Log
   TAG        : 0
   DISPLAY_NAME     : DCOM Server Process Launcher
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 0 seconds
   FAILURE_ACTIONS     : Reboot   DELAY: 60000 seconds

SERVICE_NAME: Dhcp
Manages network configuration by registering and updating IP addresses and DNS names.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : TDI
   TAG        : 0
   DISPLAY_NAME     : DHCP Client
   DEPENDENCIES     : Tcpip
           : Afd
           : NetBT
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: dmadmin
Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\dmadmin.exe /com
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Logical Disk Manager Administrative Service
   DEPENDENCIES     : RpcSs
           : PlugPlay
           : DmServer
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: dmserver
Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Logical Disk Manager
   DEPENDENCIES     : RpcSs
           : PlugPlay
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Dnscache
Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k NetworkService
   LOAD_ORDER_GROUP  : TDI
   TAG        : 0
   DISPLAY_NAME     : DNS Client
   DEPENDENCIES     : Tcpip
   SERVICE_START_NAME: NT AUTHORITY\NetworkService

SERVICE_NAME: ERSvc
Allows error reporting for services and applictions running in non-standard environments.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Error Reporting Service
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Eventlog
Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\services.exe
   LOAD_ORDER_GROUP  : Event log
   TAG        : 0
   DISPLAY_NAME     : Event Log
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: EventSystem
Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : Network
   TAG        : 0
   DISPLAY_NAME     : COM+ Event System
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ewido security suite control
(null)
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\Program Files\ewido\security suite\ewidoctrl.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : ewido security suite control
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: FastUserSwitchingCompatibility
Provides management for applications that require assistance in a multiple user environment.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Fast User Switching Compatibility
   DEPENDENCIES     : TermService
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Fax
Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\fxssvc.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Fax
   DEPENDENCIES     : TapiSrv
           : RpcSs
           : PlugPlay
           : Spooler
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: helpsvc
Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Help and Support
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 86400 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 100 seconds
           : Restart   DELAY: 100 seconds
           : None   DELAY: 100 seconds

SERVICE_NAME: HidServ
Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Human Interface Device Access
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: HTTPFilter
This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service,  using the Secure Socket Layer (SSL).  If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k HTTPFilter
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : HTTP SSL
   DEPENDENCIES     : HTTP
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: IDriverT
Provides support for the Running Object Table for InstallShield Drivers
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : InstallDriver Table Manager
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ImapiService
Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\imapi.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : IMAPI CD-Burning COM Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: iPodService
iPod hardware management services
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\Program Files\iPod\bin\iPodService.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : iPodService
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ISSVC
Internet Security Service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Norton Personal Firewall\ISSVC.exe"
   LOAD_ORDER_GROUP  : Symantec Services
   TAG        : 0
   DISPLAY_NAME     : ISSvc
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: lanmanserver
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Server
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: lanmanworkstation
Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : NetworkProvider
   TAG        : 0
   DISPLAY_NAME     : Workstation
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: LexBceS
(null)
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\LEXBCES.EXE
   LOAD_ORDER_GROUP  : SpoolerGroup
   TAG        : 0
   DISPLAY_NAME     : LexBce Server
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: LmHosts
Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k LocalService
   LOAD_ORDER_GROUP  : TDI
   TAG        : 0
   DISPLAY_NAME     : TCP/IP NetBIOS Helper
   DEPENDENCIES     : NetBT
           : Afd
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: lxce_device
(null)
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\lxcecoms.exe -service
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : lxce_device
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Macromedia Licensing Service
Provides authentication services for Macromedia applications.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Macromedia Licensing Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: McAfeeFramework
Shared component framework for McAfee products
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : McAfee Framework Service
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: MDM
Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly.
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Machine Debug Manager
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Messenger
Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Messenger
   DEPENDENCIES     : LanmanWorkstation
           : NetBIOS
           : PlugPlay
           : RpcSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: mnmsrvc
Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\mnmsrvc.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : NetMeeting Remote Desktop Sharing
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: MSDTC
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\msdtc.exe
   LOAD_ORDER_GROUP  : MS Transactions
   TAG        : 0
   DISPLAY_NAME     : Distributed Transaction Coordinator
   DEPENDENCIES     : RPCSS
           : SamSS
   SERVICE_START_NAME: NT AUTHORITY\NetworkService

SERVICE_NAME: MSIServer
Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\msiexec.exe /V
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Installer
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: navapsvc
Handles Norton AntiVirus Auto-Protect events.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Norton AntiVirus\navapsvc.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Norton AntiVirus Auto-Protect Service
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: NetDDE
Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\netdde.exe
   LOAD_ORDER_GROUP  : NetDDEGroup
   TAG        : 0
   DISPLAY_NAME     : Network DDE
   DEPENDENCIES     : NetDDEDSDM
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: NetDDEdsdm
Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\netdde.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Network DDE DSDM
   DEPENDENCIES     :
           : EGrLocalSystem
           : Network DDE DSDM
           : etwork DDE
           : on AntiVirus Auto-Protect Service
           : n Coordinator
           :  Service
           : r
           : D‚
           : 
           : ¼
           : 
           : èU6
           : x
6
           : ges Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
           :  
           : u
           : n
           : a
           : v
           : a
           : i
           : l
           : a
           : b
           : l
           : e
           : .
           :  
           : I
           : f
           :  
           : t
           : h
           : i
           : s
           :  
           : s
           : e
           : r
           : v
           : i
           : c
           : e
           :  
           : i
           : s
           :  
           : d
           : i
           : s
           : a
           : b
           : l
           : e
           : d
           : ,
           :  
           : a
           : n
           : y
           :  
           : s
           : e
           : r
           : v
           : i
           : c
           : e
           : s
           :  
           : t
           : h
           : a
           : t
           :  
           : e
           : x
           : p
           : l
           : i
           : c
           : i
           : t
           : l
           : y
           :  
           : d
           : e
           : p
           : e
           : n
           : d
           :  
           : o
           : n
           :  
           : i
           : t
           :  
           : w
           : i
           : l
           : l
           :  
           : f
           : a
           : i
           : l
           :  
           : t
           : o
           :  
           : s
           : t
           : a
           : r
           : t
           : .
           :  
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Netlogon
Supports pass-through authentication of account logon events for computers in a domain.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\lsass.exe
   LOAD_ORDER_GROUP  : RemoteValidation
   TAG        : 0
   DISPLAY_NAME     : Net Logon
   DEPENDENCIES     : LanmanWorkstation
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Netman
Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
   TYPE        : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Network Connections
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Nla
Collects and stores network configuration and location information, and notifies applications when this information changes.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Network Location Awareness (NLA)
   DEPENDENCIES     : Tcpip
           : Afd
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: NPFMntor
Detects installation of Symantec Firewall clients
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Norton AntiVirus Firewall Monitor Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: NSCService
Norton Console Service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Norton Protection Center Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: NtLmSsp
Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\lsass.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : NT LM Security Support Provider
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: NtmsSvc
(null)
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Removable Storage
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ose
Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Office Source Engine
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: PlugPlay
Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\services.exe
   LOAD_ORDER_GROUP  : PlugPlay
   TAG        : 0
   DISPLAY_NAME     : Plug and Play
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: PolicyAgent
Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\lsass.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : IPSEC Services
   DEPENDENCIES     : RPCSS
           : Tcpip
           : IPSec
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ProtectedStorage
Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
   TYPE        : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\lsass.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Protected Storage
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: RasAuto
Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Remote Access Auto Connection Manager
   DEPENDENCIES     : RasMan
           : Tapisrv
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: RasMan
Creates a network connection.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Remote Access Connection Manager
   DEPENDENCIES     : Tapisrv
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: RDSessMgr
Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\sessmgr.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Remote Desktop Help Session Manager
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: RemoteAccess
Offers routing services to businesses in local area and wide area network environments.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Routing and Remote Access
   DEPENDENCIES     : RpcSS
           : +NetBIOSGroup
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: RemoteRegistry
Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k LocalService
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Remote Registry
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: NT AUTHORITY\LocalService
   FAIL_RESET_PERIOD : 0 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 1000 seconds

SERVICE_NAME: RpcLocator
Manages the RPC name service database.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\locator.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Remote Procedure Call (RPC) Locator
   DEPENDENCIES     : LanmanWorkstation
   SERVICE_START_NAME: NT AUTHORITY\NetworkService

SERVICE_NAME: RpcSs
Provides the endpoint mapper and other miscellaneous RPC services.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost -k rpcss
   LOAD_ORDER_GROUP  : COM Infrastructure
   TAG        : 0
   DISPLAY_NAME     : Remote Procedure Call (RPC)
   DEPENDENCIES     :
   SERVICE_START_NAME: NT Authority\NetworkService
   FAIL_RESET_PERIOD : 0 seconds
   FAILURE_ACTIONS     : Reboot   DELAY: 60000 seconds

SERVICE_NAME: RSVP
Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\rsvp.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : QoS RSVP
   DEPENDENCIES     : TcpIp
           : Afd
           : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SamSs
Stores security information for local user accounts.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\lsass.exe
   LOAD_ORDER_GROUP  : LocalValidation
   TAG        : 0
   DISPLAY_NAME     : Security Accounts Manager
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SAVScan
Handles Norton AntiVirus Auto-Protect Archive Scanning
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 3  DEMAND_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Norton AntiVirus\SAVScan.exe"
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Symantec AVScan
   DEPENDENCIES     : SAVRT
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SBService
(null)
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : ScriptBlocking Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SCardSvr
Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\System32\SCardSvr.exe
   LOAD_ORDER_GROUP  : SmartCardGroup
   TAG        : 0
   DISPLAY_NAME     : Smart Card
   DEPENDENCIES     : PlugPlay
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: Schedule
Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : SchedulerGroup
   TAG        : 0
   DISPLAY_NAME     : Task Scheduler
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: seclogon
Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Secondary Logon
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SENS
Tracks system events such as Windows logon, network, and power events.  Notifies COM+ Event System subscribers of these events.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : Network
   TAG        : 0
   DISPLAY_NAME     : System Event Notification
   DEPENDENCIES     : EventSystem
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SharedAccess
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Firewall/Internet Connection Sharing (ICS)
   DEPENDENCIES     : Netman
           : WinMgmt
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: ShellHWDetection
(null)
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : ShellSvcGroup
   TAG        : 0
   DISPLAY_NAME     : Shell Hardware Detection
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SNDSrvc
Symantec Network Drivers Service
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
   LOAD_ORDER_GROUP  : Symantec Services
   TAG        : 0
   DISPLAY_NAME     : Symantec Network Drivers Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Sound Service
Provides the system with a sound playback device.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : ................................ìÿ²
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Sound
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SPBBCSvc
Symantec SPBBC
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
   LOAD_ORDER_GROUP  : Symantec Services
   TAG        : 0
   DISPLAY_NAME     : SPBBCSvc
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Spooler
Loads files to memory for later printing.
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\spoolsv.exe
   LOAD_ORDER_GROUP  : SpoolerGroup
   TAG        : 0
   DISPLAY_NAME     : Print Spooler
   DEPENDENCIES     : LexBceS
           : RPCSS
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 86400 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 60000 seconds
           : None   DELAY: 0 seconds

SERVICE_NAME: srservice
Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : System Restore Service
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SSDPSRV
Enables discovery of UPnP devices on your home network.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k LocalService
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : SSDP Discovery Service
   DEPENDENCIES     : HTTP
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: stisvc
Provides image acquisition services for scanners and cameras.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k imgsvc
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Image Acquisition (WIA)
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SwPrv
Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\System32\dllhost.exe /Processid:{BC129482-FC3E-4B46-BC5B-121BBB624E7F}
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : MS Software Shadow Copy Provider
   DEPENDENCIES     : rpcss
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Symantec Core LC
Symantec Core LC
   TYPE        : 110 WIN32_OWN_PROCESS INTERACTIVE_PROCESS  
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
   LOAD_ORDER_GROUP  : Symantec Services
   TAG        : 0
   DISPLAY_NAME     : Symantec Core LC
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: SysmonLog
Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\smlogsvc.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Performance Logs and Alerts
   DEPENDENCIES     :
   SERVICE_START_NAME: NT Authority\NetworkService

SERVICE_NAME: TapiSrv
Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Telephony
   DEPENDENCIES     : PlugPlay
           : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: TermService
Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost -k DComLaunch
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Terminal Services
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Themes
Provides user experience theme management.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 2  AUTO_START
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : UIGroup
   TAG        : 0
   DISPLAY_NAME     : Themes
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 86400 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 60000 seconds
           : None   DELAY: 0 seconds

SERVICE_NAME: TlntSvr
Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\tlntsvr.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Telnet
   DEPENDENCIES     : RPCSS
           : TCPIP
           : NTLMSSP
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: TrkWks
Maintains links between NTFS files within a computer or across computers in a network domain.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Distributed Link Tracking Client
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: UMWdf
Enables Windows user mode drivers.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\system32\wdfmgr.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows User Mode Driver Framework
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: upnphost
Provides support to host Universal Plug and Play devices.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k LocalService
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Universal Plug and Play Device Host
   DEPENDENCIES     : SSDPSRV
           : HTTP
   SERVICE_START_NAME: NT AUTHORITY\LocalService
   FAIL_RESET_PERIOD : -1 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 0 seconds

SERVICE_NAME: UPS
Manages an uninterruptible power supply (UPS) connected to the computer.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\ups.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Uninterruptible Power Supply
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: usprserv
(null)
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : User Privilege Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: VSS
Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\vssvc.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Volume Shadow Copy
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: W32Time
Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.


   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Time
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 5 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 60000 seconds

SERVICE_NAME: WebClient
Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k LocalService
   LOAD_ORDER_GROUP  : NetworkProvider
   TAG        : 0
   DISPLAY_NAME     : WebClient
   DEPENDENCIES     : MRxDAV
   SERVICE_START_NAME: NT AUTHORITY\LocalService

SERVICE_NAME: winmgmt
Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 0  IGNORE
   BINARY_PATH_NAME  : C:\WINDOWS\system32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Management Instrumentation
   DEPENDENCIES     : RPCSS
           : Eventlog
   SERVICE_START_NAME: LocalSystem
   FAIL_RESET_PERIOD : 86400 seconds
   FAILURE_ACTIONS     : Restart   DELAY: 60000 seconds
           : Restart   DELAY: 60000 seconds

SERVICE_NAME: WmdmPmSN
Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Portable Media Serial Number Service
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: Wmi
Provides systems management information to and from drivers.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Windows Management Instrumentation Driver Extensions
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: WmiApSrv
Provides performance library information from WMI HiPerf providers.
   TYPE        : 10 WIN32_OWN_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\wbem\wmiapsrv.exe
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : WMI Performance Adapter
   DEPENDENCIES     : RPCSS
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: wscsvc
Monitors system security settings and configurations.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Security Center
   DEPENDENCIES     : RpcSs
           : winmgmt
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: wuauserv
Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Automatic Updates
   DEPENDENCIES     :
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: WZCSVC
Provides automatic configuration for the 802.11 adapters
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  : TDI
   TAG        : 0
   DISPLAY_NAME     : Wireless Zero Configuration
   DEPENDENCIES     : RpcSs
           : Ndisuio
   SERVICE_START_NAME: LocalSystem

SERVICE_NAME: xmlprov
Manages XML configuration files on a domain basis for automatic network provisioning.
   TYPE        : 20 WIN32_SHARE_PROCESS
   START_TYPE     : 4  DISABLED
   ERROR_CONTROL     : 1  NORMAL
   BINARY_PATH_NAME  : C:\WINDOWS\System32\svchost.exe -k netsvcs
   LOAD_ORDER_GROUP  :
   TAG        : 0
   DISPLAY_NAME     : Network Provisioning Service
   DEPENDENCIES     : RpcSs
   SERVICE_START_NAME: LocalSystem

Title: What Do I Do Now.....
Post by: guestolo on January 18, 2006, 01:46:44 AM

Can you do the following
Go back to Services.msc

Enable these 2 services
lxce_device
LexBce Server

Reboot the computer
Does that help?

Title: What Do I Do Now.....
Post by: 2-D on January 18, 2006, 02:04:14 AM

thank you so much.. printers working. thank you so much.. if i find something wrong ill post here in this thread. thank you so much, i was thinking i was gonna have to reinstall windows..

Title: What Do I Do Now.....
Post by: guestolo on January 18, 2006, 02:20:04 AM

Your welcome 2D
I'm going to post some final cleanup later
tomorrow, as I'm off to bed now
Please return tomorrow

Title: What Do I Do Now.....
Post by: 2-D on January 18, 2006, 03:48:16 PM

yes, i will

Title: What Do I Do Now.....
Post by: guestolo on January 19, 2006, 01:35:14 AM

Final cleanup

Your version of Spyware Blaster is out of date
Open your version of Spyware Blaster 3.4
Click on "Disable all protections"
Access your add/remove programs and remove SpywareBlaster 3.4

Download and Install
SpywareBlaster 3.5.1 by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")  

*Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
After installation, Check for updates and then click the "Enable all protection"

Check for updates every couple of weeks
after every update just simply click the "enable protection on all unprotected items"

*If everything is running better
We should clear all your restore points to ensure you don't restore any nasties that may be residing in the
restore folders
Go to START>>RUN>>In the open field
type in msconfig
Click the "Launch System Restore" button
On the Left hand side click on "System Restore Settings"
Put a Check in "Turn off System Restore"

Apply it and OK out of there>>Reboot your computer
                           
Back in Windows, Go back and take the check out of Turn off system restore
This will reenable the System Restore feature and creates a new restore point
                  [indent]===========================[/indent]
[/list]*Check for updates with your anti-spyware programs and run a check on a regular basis
About every couple of weeks
In addition>>Open Spybot 1.4
*Click the "Immunize" button on the left>>>OK at the prompt>>Immunzine at the top green cross
Do the above after every update

You appear to be up to date on Windows updates and set to Autoupdate, that's good
Just a reminder, if you are not set to Autoupdate, make a habit of visiting Windows Updates
and check for High Priority updates a couple times a month
This is important in keeping your system secure

Take care

Title: What Do I Do Now.....
Post by: 2-D on January 19, 2006, 10:46:55 PM

thanks, i had to turn windows updates on manualy cuz they got turned off.


thank you so much. i wish i had money, and paypal, so i could donate money. but i will someday. thanks.

plus, do you get paid to do this? or are you already working for someone/some place. lol

Title: What Do I Do Now.....
Post by: 2-D on January 20, 2006, 08:54:38 PM

http://img32.imageshack.us/my.php?image=ol5vf.swf (http://\"http://img32.imageshack.us/my.php?image=ol5vf.swf\")

(http://img32.imageshack.us/img32/5616/task1tr.png)
(lol)

um. i used to get eather Administrator or System under User Name and now its not there.

any idea how to turn it back to that @_@ yaya thanks

Title: What Do I Do Now.....
Post by: guestolo on January 20, 2006, 10:53:22 PM

In task manager select VIEW>>Select Columns>>Select User names  /wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />

Title: What Do I Do Now.....
Post by: 2-D on January 20, 2006, 11:22:11 PM

it was already checked, i unchecked and rechecked it and its still blank under user name /sleep.gif\' class=\'bbc_emoticon\' alt=\'-_-\' />

Title: What Do I Do Now.....
Post by: guestolo on January 20, 2006, 11:36:39 PM

Go to services.msc
Look for Terminal Services
Set to MANUAL

Reboot the computer
How's that?

Also check out other services
Safe configuration>>at minimum
Default for SP2 default for service pack 2
http://www.codecavalier.com/blackviper/WinXP/servicecfg.htm (http://\"http://www.codecavalier.com/blackviper/WinXP/servicecfg.htm\")

Title: What Do I Do Now.....
Post by: 2-D on January 21, 2006, 12:01:11 AM

Quote

Also check out other services
Safe configuration>>at minimum
Default for SP2 default for service pack 2
http://www.codecavalier.com/blackviper/WinXP/servicecfg.htm (http://\"http://www.codecavalier.com/blackviper/WinXP/servicecfg.htm\")

i dont know what you mean by that but unless its important i wont worry about it

since the first thing you told me to do works, i didnt have to reboot though, thanks agian /happy.gif\' class=\'bbc_emoticon\' alt=\'^_^\' />

Title: What Do I Do Now.....
Post by: guestolo on January 21, 2006, 05:58:45 PM

Sorry 2-D, I was in a bit of a hurry
I posted that link to servicecfg, just in case you found other problems on your computer
Eg.. Terminal services and printer services were disabled
You could try checking in services.msc
and compare to the chart>>>>But you should be ok now

Quote

do you get paid to do this? or are you already working for someone/some place. lol

Volunteer, I have a real job elsewhere  /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
I do this free, call it a hobby......

Title: What Do I Do Now.....
Post by: 2-D on January 22, 2006, 03:02:43 AM

is it fun? , er an enjoyment? or just a time passer

Title: What Do I Do Now.....
Post by: guestolo on January 22, 2006, 05:39:22 AM

Quote

is it fun? , er an enjoyment? or just a time passer

All 3  /biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Believe or not, you learn alot on the way too
Of course you have to have some knowledge, but with new malware popping up all the time
You never know what they're going to think up next
Trying to stay up on it is a challenge at times

I'm going to lock this topic 2-D as your problems appear resolved
I don't need anyone sneaking a hijackthis log into this thread  /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Take care