Show Posts

1

Tech Clinic / Got a graphics problem...

« on: October 21, 2005, 10:20:22 PM »

I just tried something, I kept right clicking on the desktop and now in IE and almost everytime where the left side off the popup box was it left a light blue line, like the ones I've been seeing. Then when I minimize or maximize the IE window the lines disappear. I was thinking that might be a sign the memory is messed up or damaged. I dunno doesn't look good.

2

Tech Clinic / Got a graphics problem...

« on: October 21, 2005, 09:58:25 PM »

I tried everything, but still getting the same symptoms.

I got the driver directly from the ATI website, ATI is the company that makes the Radeon X300 graphics card that I have. I updated all the drivers after these things started happening though.

I'm really stumped about this, I've had bugs and adware before, but nothing ever like this, nothing I wasn't able to fix. I'm kinda thinking it's the hardware but the computer isn't that old, and I never had any problems with my old Dell, which is still running great after 7 years lol.

Here's the results from Jotti's site, didn't find anything:

Service load: 0% 100%

File: gfhkj.ini
Status: OK
MD5 2c18e64770fd8fd1f09efe7df40738d1
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

3

Tech Clinic / Got a graphics problem...

« on: October 21, 2005, 08:16:25 PM »

Ok, here is the WinPFind log done in safe mode and the HJT log done in normal mode...

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Checking %System% folder...
PEC2 8/12/2004 9:56:50 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
PEC2 6/9/2005 4:32:28 PM 692736 C:\WINDOWS\SYSTEM32\DivX.dll
PECompact2 6/9/2005 4:32:28 PM 692736 C:\WINDOWS\SYSTEM32\DivX.dll
PTech 8/29/2005 1:27:12 PM 520968 C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
PECompact2 10/4/2005 10:09:08 PM 2293088 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 10/4/2005 10:09:08 PM 2293088 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 8/12/2004 10:02:34 AM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor 8/12/2004 10:04:02 AM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 8/12/2004 10:08:50 AM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...

Items found in C:\WINDOWS\SYSTEM32\drivers\ETC\hosts

Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
10/21/2005 8:53:08 PM S 2048 C:\WINDOWS\BOOTSTAT.DAT
10/18/2005 4:48:42 PM H 54156 C:\WINDOWS\QTFont.qfn
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\WindowsShell.Manifest
10/21/2005 6:42:00 PM H 65 C:\WINDOWS\Downloaded Program Files\DESKTOP.INI
10/21/2005 6:42:30 PM HS 67 C:\WINDOWS\Fonts\DESKTOP.INI
9/28/2005 5:13:32 PM H 0 C:\WINDOWS\INF\oem22.inf
10/21/2005 6:42:00 PM H 65 C:\WINDOWS\occache\desktop.ini
10/21/2005 6:42:00 PM H 65 C:\WINDOWS\Offline Web Pages\DESKTOP.INI
10/21/2005 6:43:22 PM H 262144 C:\WINDOWS\REPAIR\NTUSER.DAT
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\cdplayer.exe.manifest
9/3/2005 10:07:46 PM HS 178718 C:\WINDOWS\SYSTEM32\gfhkj.bak1
9/30/2005 8:38:06 PM HS 428451 C:\WINDOWS\SYSTEM32\gfhkj.bak2
9/30/2005 9:22:30 PM HS 426867 C:\WINDOWS\SYSTEM32\gfhkj.ini
10/21/2005 6:41:58 PM RH 488 C:\WINDOWS\SYSTEM32\logonui.exe.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\nwc.cpl.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
10/21/2005 6:41:58 PM RH 488 C:\WINDOWS\SYSTEM32\WindowsLogon.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
8/25/2005 11:35:48 AM H 4212 C:\WINDOWS\SYSTEM32\zllictbl.dat
10/6/2005 8:31:08 PM S 77924 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem23.CAT
10/21/2005 8:53:00 PM H 8192 C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG
10/21/2005 2:28:24 PM H 0 C:\WINDOWS\SYSTEM32\CONFIG\default.tmp.LOG
10/21/2005 8:53:20 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG
10/21/2005 8:53:12 PM H 16384 C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG
10/21/2005 8:53:16 PM H 49152 C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG
10/21/2005 2:28:24 PM H 0 C:\WINDOWS\SYSTEM32\CONFIG\software.tmp.LOG
10/21/2005 8:53:16 PM H 921600 C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG
10/21/2005 2:27:52 PM H 0 C:\WINDOWS\SYSTEM32\CONFIG\system.tmp.LOG
10/21/2005 2:27:42 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\TempKey.LOG
10/21/2005 2:28:24 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\USERDIFF.LOG
10/21/2005 6:43:24 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\userdifr.LOG
10/11/2005 1:56:02 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
8/24/2005 3:48:52 PM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\cc1237e7-a29f-423f-a3e1-b2f4db56f999
8/24/2005 3:48:52 PM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred
10/6/2005 8:31:08 PM S 77924 C:\WINDOWS\SYSTEM32\ReinstallBackups\0018\DriverFiles\CX_27256.CAT
10/6/2005 8:31:08 PM S 77924 C:\WINDOWS\SYSTEM32\ReinstallBackups\0019\DriverFiles\CX_27256.CAT
10/21/2005 8:52:18 PM H 6 C:\WINDOWS\Tasks\SA.DAT
9/30/2005 9:16:20 PM H 23820 C:\WINDOWS\Temp\CS0039AB0A-AC81-48E0-81C4-62E899BEAC29.tmp
9/30/2005 9:16:20 PM H 240 C:\WINDOWS\Temp\CS07F96DA7-5559-4FE3-8E11-5E9BEC8785E0.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS099640D4-3162-4BA2-A43A-6E8DA83F7615.tmp
9/30/2005 9:16:20 PM H 42114 C:\WINDOWS\Temp\CS0C4CE6CB-D618-45FA-A63A-8A1126ACF258.tmp
9/30/2005 9:17:06 PM H 102 C:\WINDOWS\Temp\CS0FC93956-7E39-4D53-8FE7-4EAE4FA40842.tmp
9/30/2005 9:16:20 PM H 160 C:\WINDOWS\Temp\CS11872E4A-2773-4FCA-AE11-D8621E6886E9.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS1A9F09F1-697C-4A50-916A-7DC4F4548460.tmp
9/30/2005 9:17:12 PM H 366528 C:\WINDOWS\Temp\CS1AF674D3-3882-4C45-82DA-C3EAD3F478B1.tmp
9/30/2005 9:17:06 PM H 48 C:\WINDOWS\Temp\CS1BFACBA4-DA59-4982-801E-7D7E8C961937.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS1F4EEA50-B2F7-4457-8CA0-6944A59A145B.tmp
9/30/2005 9:16:20 PM H 5464 C:\WINDOWS\Temp\CS205A0B22-6A98-494B-A43B-826830D826B1.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS245573E6-5890-4342-AFEB-C729D6D0D298.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS24836318-DD67-4025-B5D0-B73F435AE554.tmp
9/30/2005 9:17:06 PM H 406 C:\WINDOWS\Temp\CS251CEC17-F5CA-4BAE-9AEC-A062973D0D37.tmp
9/30/2005 9:16:20 PM H 1323504 C:\WINDOWS\Temp\CS2BA0AABC-D175-4ED6-AF0B-BB5601CA8328.tmp
9/30/2005 9:17:06 PM H 310 C:\WINDOWS\Temp\CS3634AE52-E145-4BEC-864C-585716C8AB96.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS3878B89F-685C-4263-9BDF-6A6D2F384FE2.tmp
9/30/2005 9:17:06 PM H 196 C:\WINDOWS\Temp\CS38BDA2F3-8AC5-44AC-98EA-D813E075BF0C.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CS392E6C5B-4CE0-4130-9317-61AEECE7D6CE.tmp
9/30/2005 9:17:06 PM H 124 C:\WINDOWS\Temp\CS3F860BDC-FBE8-42D7-A74F-BD67B764A6E6.tmp
9/30/2005 9:16:20 PM H 929272 C:\WINDOWS\Temp\CS432099B4-BFC6-4114-B1F9-7A725EDC1A26.tmp
9/30/2005 9:17:06 PM H 50 C:\WINDOWS\Temp\CS49031064-44A0-45D7-B397-095F5061C58A.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS49BD8868-CE64-495E-99BC-FF0F3B30FBA2.tmp
9/30/2005 9:17:06 PM H 48 C:\WINDOWS\Temp\CS515B3A0B-B701-4EE5-A937-202F0321F024.tmp
9/30/2005 9:16:20 PM H 71162 C:\WINDOWS\Temp\CS525F5F8E-1FF3-4FEA-B4C1-874BE47D4F21.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS53B2A55B-FC37-468C-910E-0DB47F1E6DF1.tmp
9/30/2005 9:17:06 PM H 412 C:\WINDOWS\Temp\CS540DEF26-BB6E-443A-A455-8169340AFA05.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS57FF4DCD-8955-4E4E-8C56-6799C53DA1B2.tmp
9/30/2005 9:17:12 PM H 1796504 C:\WINDOWS\Temp\CS58A4AAD2-4A97-43B8-939B-06FD7A808677.tmp
9/30/2005 9:16:20 PM H 1890 C:\WINDOWS\Temp\CS59790216-5342-456E-8DBF-E57169E30D1B.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS59C813C5-591B-4418-BE7C-8368E93CB927.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS5A89585C-615B-4EB3-838C-3F04D44100EE.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS5B58CE28-1B4E-4D11-AC09-AE92001E710F.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS5FDD3EE7-605F-4637-A911-5387CE36FC43.tmp
9/30/2005 9:18:06 PM H 548 C:\WINDOWS\Temp\CS61B9F7DB-5273-4DB0-9C81-286823C8497B.tmp
9/30/2005 9:16:20 PM H 2016 C:\WINDOWS\Temp\CS63552240-DB92-4A8D-9109-2C65F843042C.tmp
9/30/2005 9:16:20 PM H 0 C:\WINDOWS\Temp\CS680EAE5E-EA77-45A7-809F-03702E7BD489.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS68129BA1-8EB1-4B1D-A278-D7BA39123394.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CS68841650-84F6-45DA-BDB3-44EF2126C8B6.tmp
9/30/2005 9:17:06 PM H 114 C:\WINDOWS\Temp\CS68A72714-E9ED-4991-A141-7EEC95F1ED1E.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS6DE23B5F-5155-4C6B-A73F-F2C91B16A385.tmp
9/30/2005 9:17:06 PM H 502 C:\WINDOWS\Temp\CS73DA8CC7-1594-4228-99C7-16F77F103A63.tmp
9/30/2005 9:16:20 PM H 108598 C:\WINDOWS\Temp\CS73FF47FE-6E2B-43ED-AEA9-7CF56CCB9E56.tmp
9/30/2005 9:16:20 PM H 32 C:\WINDOWS\Temp\CS79BB9307-73E8-4E23-B43C-EC2E59A9DA6E.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS7D9821D7-9BA9-42A9-9921-45C2EBF959DD.tmp
9/30/2005 9:17:06 PM H 598 C:\WINDOWS\Temp\CS7E187B75-51E2-412A-AF1C-D4C8917FDE49.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS8038A68D-46D3-441E-A669-44591604B9F6.tmp
9/30/2005 9:17:06 PM H 662 C:\WINDOWS\Temp\CS81BE186E-A5B6-44C0-99DF-F55735A20549.tmp
9/30/2005 9:17:06 PM H 120 C:\WINDOWS\Temp\CS829040E6-4642-4419-92D5-EAB003066612.tmp
9/30/2005 9:16:20 PM H 7166 C:\WINDOWS\Temp\CS8326B57A-DD06-4871-B53F-D7F3402FB606.tmp
9/30/2005 9:17:06 PM H 566 C:\WINDOWS\Temp\CS8490A86F-5385-43BB-BF8F-6C0C6BCEABCD.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS866EEE3D-F60E-44F7-B22C-234077EBC64D.tmp
9/30/2005 9:16:20 PM H 1503408 C:\WINDOWS\Temp\CS8B771174-72B6-40C9-87BE-10C2E1B3D1A5.tmp
9/30/2005 9:17:06 PM H 502 C:\WINDOWS\Temp\CS8D05915F-E86D-404F-8600-A64118BEE466.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS91CC0B82-656B-454E-BF84-2F6B07803CDF.tmp
9/30/2005 9:17:06 PM H 30 C:\WINDOWS\Temp\CS92AC968A-0B84-411D-88F4-5370A864AC30.tmp
9/30/2005 9:17:06 PM H 478 C:\WINDOWS\Temp\CS9362355A-092C-4AEB-A408-BFFB1D6A753A.tmp
9/30/2005 9:17:06 PM H 526 C:\WINDOWS\Temp\CS9583180F-D739-42CF-93C7-C2283604D14E.tmp
9/30/2005 9:17:10 PM H 1468862 C:\WINDOWS\Temp\CS998B4117-EEFB-4710-8CF3-416AFC45F463.tmp
9/30/2005 9:16:20 PM H 3429 C:\WINDOWS\Temp\CS9A736D53-78C3-43EE-9AE7-DFD04155DF92.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CS9B02D53F-F2E4-4359-AC7E-33E36E41AA86.tmp
9/30/2005 9:17:12 PM H 81280 C:\WINDOWS\Temp\CS9B1E1F7E-C028-49EE-BA64-1C9BED003D51.tmp
9/30/2005 9:17:06 PM H 30 C:\WINDOWS\Temp\CS9B6432DA-7503-484D-8E34-73F7AF80844F.tmp
9/30/2005 9:16:20 PM H 38434 C:\WINDOWS\Temp\CS9C5BEC10-FAD7-450E-BC12-F8839DE3E464.tmp
9/30/2005 9:16:20 PM H 0 C:\WINDOWS\Temp\CS9F296CE1-6BB8-4F5E-8FC5-0249E4857049.tmp
9/30/2005 9:16:20 PM H 140 C:\WINDOWS\Temp\CSA0976592-6D3E-4359-B4F7-D89C86E1F0A0.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSA3C09B5E-534B-4E85-8F50-E2F3F1AF555B.tmp
9/30/2005 9:16:20 PM H 2323146 C:\WINDOWS\Temp\CSA7E9B231-A77D-49A3-A4AB-D0F8877963D8.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSA9D2FE2F-0C0B-46C3-81BC-2D4DB708EE84.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSAB368C57-67B4-4FD0-83C5-2EDAE9C185C1.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSAF38DFE5-AE60-453D-B2DA-38A782DDFFF4.tmp
9/30/2005 9:16:20 PM H 204 C:\WINDOWS\Temp\CSB299B554-B7CD-49C6-A1DB-0AAA51B0125F.tmp
9/30/2005 9:17:06 PM H 48 C:\WINDOWS\Temp\CSB44B4B2A-7339-44D2-8A49-A2B29374314A.tmp
9/30/2005 9:17:06 PM H 120 C:\WINDOWS\Temp\CSB5EE15C5-E1A6-4B4E-B62F-40E3F660BBDC.tmp
9/30/2005 9:17:06 PM H 162 C:\WINDOWS\Temp\CSB9BD4CDD-A600-4423-8528-81D252342A27.tmp
9/30/2005 9:16:20 PM H 1105702 C:\WINDOWS\Temp\CSBE1904BB-0551-40D3-8F22-A506B5880C44.tmp
9/30/2005 9:17:06 PM H 68 C:\WINDOWS\Temp\CSBE87930B-4A12-4250-AB1E-9FCB63A78C24.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSC4CE90E1-83F3-4730-83E7-32BBA47567FF.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSC72DF72B-B4C8-4F21-9D7B-2F59022E2431.tmp
9/30/2005 9:20:08 PM H 74264 C:\WINDOWS\Temp\CSC8C6EA88-4A3C-4653-B482-8DEBAFCF3FEF.tmp
9/30/2005 9:17:06 PM H 14 C:\WINDOWS\Temp\CSC8D70AC1-3596-4F1E-849E-364AE7AEF56D.tmp
9/30/2005 9:17:06 PM H 136 C:\WINDOWS\Temp\CSC99B1FF8-3105-4815-BBA2-9050C2BBFAED.tmp
9/30/2005 9:16:20 PM H 569404 C:\WINDOWS\Temp\CSD1F1D7D5-7A61-458A-9116-3CE6806D0FB4.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSD4A3E722-C3C3-4DC9-9A63-1EBF16760DBD.tmp
9/30/2005 9:17:06 PM H 322 C:\WINDOWS\Temp\CSD5652D2D-2B90-4B58-AD18-14FC3DF912DA.tmp
9/30/2005 9:16:20 PM H 30 C:\WINDOWS\Temp\CSD6BC78F3-36BA-4005-B2A7-BC3147BA46E3.tmp
9/30/2005 9:17:06 PM H 310 C:\WINDOWS\Temp\CSD7A3AA1B-647C-4EF1-B60E-400E042ABD3E.tmp
9/30/2005 9:17:06 PM H 340 C:\WINDOWS\Temp\CSD7CC76DF-A9A3-43A5-AF31-610B6042817A.tmp
9/30/2005 9:17:06 PM H 42 C:\WINDOWS\Temp\CSD8FDD305-0CBD-4AC0-B793-4D44DED8E747.tmp
9/30/2005 9:17:06 PM H 42 C:\WINDOWS\Temp\CSD939CE2E-C247-4E02-9DFD-69367DC9DFF9.tmp
9/30/2005 9:16:20 PM H 369 C:\WINDOWS\Temp\CSDA955B8B-79BC-4005-971E-A1AE7697EA80.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSDD8DCBC3-11BB-4B26-864D-25CC57FA689C.tmp
9/30/2005 9:17:06 PM H 426 C:\WINDOWS\Temp\CSE05BEEE9-D880-4F34-9FE9-ACD208B1D161.tmp
9/30/2005 9:17:06 PM H 118 C:\WINDOWS\Temp\CSE18733BD-BD94-406B-8BF2-586DEAFE63AE.tmp
9/30/2005 9:16:20 PM H 748 C:\WINDOWS\Temp\CSE4FAB894-5485-4D07-B790-EE1309DAEBDD.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSEC7C103F-C573-4422-80AC-AD7835E66A91.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSEEF83116-BB68-4F90-B726-1DC18C6B7E1F.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CSF6AD2FF5-7AD0-41EC-A8AB-115163194013.tmp
9/30/2005 9:17:06 PM H 96 C:\WINDOWS\Temp\CSF76F4739-59E4-4840-83EF-4DABC2A5B945.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSF9E915D9-1FDA-4FA4-A3E1-822AA199A632.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSFDA1160D-8A42-4935-8DDD-84704A6472B8.tmp

Checking for CPL files...
Microsoft Corporation 8/4/2004 7:00:00 AM 68608 C:\WINDOWS\SYSTEM32\ACCESS.CPL
Microsoft Corporation 8/12/2004 9:55:48 AM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 8/12/2004 9:55:58 AM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
9/18/2003 5:18:00 AM R 24576 C:\WINDOWS\SYSTEM32\cpl_moh.cpl
Microsoft Corporation 8/12/2004 9:56:50 AM 135168 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/12/2004 9:57:24 AM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 8/12/2004 9:57:42 AM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 8/12/2004 9:58:04 AM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 8/12/2004 9:58:08 AM 129536 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/12/2004 9:58:16 AM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 8/12/2004 9:58:22 AM 68608 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems 11/19/2003 7:48:12 PM 61555 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 8/12/2004 9:59:12 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 8/12/2004 9:59:56 AM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 8/12/2004 10:01:36 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 8/12/2004 10:02:08 AM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 8/12/2004 10:02:44 AM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 8/12/2004 10:02:52 AM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 8/12/2004 10:03:40 AM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl
Intel® Corporation 3/2/2004 1:39:06 PM 77824 C:\WINDOWS\SYSTEM32\PRApplet.cpl
RealNetworks, Inc. 2/23/2005 2:18:00 AM 24576 C:\WINDOWS\SYSTEM32\prefscpl.cpl
Apple Computer, Inc. 1/6/2004 6:02:36 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 8/12/2004 10:06:56 AM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 8/12/2004 10:07:14 AM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 8/12/2004 10:07:18 AM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
Creative Technology Ltd. 2/18/2004 11:52:50 AM 176128 C:\WINDOWS\SYSTEM32\USBAudio.cpl
Microsoft Corporation 8/12/2004 10:10:30 AM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation 8/12/2004 10:10:42 AM 162304 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 8/4/2004 7:00:00 AM 68608 C:\WINDOWS\SYSTEM32\DLLCACHE\access.cpl
Microsoft Corporation 8/12/2004 9:55:48 AM 549888 C:\WINDOWS\SYSTEM32\DLLCACHE\appwiz.cpl
Microsoft Corporation 8/12/2004 9:56:50 AM 135168 C:\WINDOWS\SYSTEM32\DLLCACHE\desk.cpl
Microsoft Corporation 8/12/2004 9:57:24 AM 80384 C:\WINDOWS\SYSTEM32\DLLCACHE\firewall.cpl
Microsoft Corporation 8/12/2004 9:57:42 AM 155136 C:\WINDOWS\SYSTEM32\DLLCACHE\hdwwiz.cpl
Microsoft Corporation 8/12/2004 9:58:04 AM 358400 C:\WINDOWS\SYSTEM32\DLLCACHE\inetcpl.cpl
Microsoft Corporation 8/12/2004 9:58:08 AM 129536 C:\WINDOWS\SYSTEM32\DLLCACHE\intl.cpl
Microsoft Corporation 8/12/2004 9:58:22 AM 68608 C:\WINDOWS\SYSTEM32\DLLCACHE\joy.cpl
Microsoft Corporation 8/12/2004 9:59:12 AM 187904 C:\WINDOWS\SYSTEM32\DLLCACHE\main.cpl
Microsoft Corporation 8/12/2004 9:59:56 AM 618496 C:\WINDOWS\SYSTEM32\DLLCACHE\mmsys.cpl
Microsoft Corporation 8/12/2004 10:01:36 AM 35840 C:\WINDOWS\SYSTEM32\DLLCACHE\ncpa.cpl
Microsoft Corporation 8/12/2004 10:02:08 AM 25600 C:\WINDOWS\SYSTEM32\DLLCACHE\netsetup.cpl
Microsoft Corporation 8/12/2004 10:02:44 AM 257024 C:\WINDOWS\SYSTEM32\DLLCACHE\nusrmgr.cpl
Microsoft Corporation 8/12/2004 10:02:52 AM 32768 C:\WINDOWS\SYSTEM32\DLLCACHE\odbccp32.cpl
Microsoft Corporation 8/12/2004 10:03:40 AM 114688 C:\WINDOWS\SYSTEM32\DLLCACHE\powercfg.cpl
Microsoft Corporation 8/4/2004 7:00:00 AM 155648 C:\WINDOWS\SYSTEM32\DLLCACHE\sapi.cpl
Microsoft Corporation 8/12/2004 10:06:56 AM 298496 C:\WINDOWS\SYSTEM32\DLLCACHE\sysdm.cpl
Microsoft Corporation 8/12/2004 10:07:14 AM 28160 C:\WINDOWS\SYSTEM32\DLLCACHE\telephon.cpl
Microsoft Corporation 8/12/2004 10:07:18 AM 94208 C:\WINDOWS\SYSTEM32\DLLCACHE\timedate.cpl
Microsoft Corporation 8/12/2004 10:10:30 AM 148480 C:\WINDOWS\SYSTEM32\DLLCACHE\wscui.cpl
Microsoft Corporation 8/12/2004 10:10:42 AM 162304 C:\WINDOWS\SYSTEM32\DLLCACHE\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
10/19/2005 4:30:58 PM 1851 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk
10/21/2005 6:43:18 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI
2/23/2005 2:08:12 AM 1730 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
10/13/2005 10:50:02 AM 2169 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
10/21/2005 6:29:56 PM HS 62 C:\Documents and Settings\All Users\Application Data\DESKTOP.INI

Checking files in %USERPROFILE%\Startup folder...
8/10/2004 3:04:12 PM HS 84 C:\Documents and Settings\Timothy\Start Menu\Programs\Startup\DESKTOP.INI

Checking files in %USERPROFILE%\Application Data folder...
8/10/2004 2:57:42 PM HS 62 C:\Documents and Settings\Timothy\Application Data\DESKTOP.INI
10/3/2005 12:48:42 PM 57656 C:\Documents and Settings\Timothy\Application Data\GDIPFONTCACHEV1.DAT
10/18/2005 12:22:20 AM 2926 C:\Documents and Settings\Timothy\Application Data\wklnhst.dat

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
   SV1    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
   {09799AFB-AD67-11d1-ABCD-00C04FC30936}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
   {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}    = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
   Start Menu Pin    = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\MP3ToWave
   {DC6FA7E0-6666-11D5-8CE2-444553540000}    =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
   {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}    = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
   AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
   MSN Search Toolbar Helper = C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}
   CNavExtBho Class = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
   &Tip of the Day = %SystemRoot%\system32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
   Real.com = C:\WINDOWS\system32\Shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
   {BA52B914-B692-46c4-B683-905236F6F655}    =    :
   {40D41A8B-D79B-43d7-99A7-9EE0F344C385}    = AIM Search   : C:\Program Files\AIM Toolbar\AIMBar.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}    = MSN Search Toolbar   : C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}    = Norton AntiVirus   : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
   MenuText    = Sun Java Console   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
   ButtonText    = AIM   : C:\Program Files\AIM\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
   ButtonText    = PartyPoker.com   : C:\Program Files\PartyPoker\PartyPoker.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
   ButtonText    = Real.com   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
   ButtonText    = Messenger   : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus   : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN Search Toolbar   : C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
   {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links   : %SystemRoot%\system32\SHELL32.dll
   {40D41A8B-D79B-43D7-99A7-9EE0F344C385} = AIM Search   : C:\Program Files\AIM Toolbar\AIMBar.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN Search Toolbar   : C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   IntelMeM   C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
   CTSysVol   C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
   P17Helper   Rundll32 P17.dll,P17Helper
   UpdReg   C:\WINDOWS\UpdReg.EXE
   Drag'n'Drop_Autolaunch   "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
   QuickTime Task   "C:\Program Files\QuickTime\qttask.exe" -atboottime
   gcasServ   "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
   ATICCC   "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
   ccApp   "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
   Symantec NetDriver Monitor   C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
   IMAIL   Installed = 1
   MAPI   Installed = 1
   MSFS   Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   MSMSGS   "C:\Program Files\Messenger\msmsgs.exe" /background
   Norton SystemWorks   "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk
   path   C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
   backup   C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup
   location   Common Startup
   command   C:\PROGRA~1\AMERIC~1.0\aoltray.exe -check
   item   America Online 9.0 Tray Icon

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AIM
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   aim
   hkey   HKCU
   command   C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   aim
   hkey   HKCU
   command   C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   DSAgnt
   hkey   HKCU
   command   "C:\Program Files\Dell Support\DSAgnt.exe" /startup
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   DSAgnt
   hkey   HKCU
   command   "C:\Program Files\Dell Support\DSAgnt.exe" /startup
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCAgentExe
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcagent
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\agent\mcagent.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcagent
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\agent\mcagent.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCUpdateExe
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcupdate
   hkey   HKLM
   command   C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcupdate
   hkey   HKLM
   command   C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MPFExe
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   MpfTray
   hkey   HKLM
   command   C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   MpfTray
   hkey   HKLM
   command   C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   msmsgs
   hkey   HKCU
   command   "C:\Program Files\Messenger\msmsgs.exe" /background
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   msmsgs
   hkey   HKCU
   command   "C:\Program Files\Messenger\msmsgs.exe" /background
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirusScan Online
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcvsshld
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcvsshld
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VSOCheckTask
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcmnhdlr
   hkey   HKLM
   command   "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcmnhdlr
   hkey   HKLM
   command   "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
   system.ini   0
   win.ini   0
   bootini   0
   services   0
   startup   2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
   {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
   {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
   {0DF44EAA-FF21-4412-828E-260A8728E7F1} =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
   dontdisplaylastusername   0
   legalnoticecaption
   legalnoticetext
   shutdownwithoutlogon   1
   undockwithoutlogon   1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoDriveTypeAutoRun   145

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   PostBootReminder    {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
   CDBurn    {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
   WebCheck    {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
   SysTray     {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
   UserInit   = C:\WINDOWS\system32\userinit.exe,
   Shell      = Explorer.exe
   System      =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
   Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
   AppInit_DLLs

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1   - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 10/21/2005 9:09:34 PM

Logfile of HijackThis v1.99.1
Scan saved at 9:13:51 PM, on 10/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Timothy\Desktop\Hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nascar.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?3abffb653bff43bbbc72c0abf1a46ad0
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?3abffb653bff43bbbc72c0abf1a46ad0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18CD2FD8-81CE-44C3-99E1-0822E1C7116C} (EARTPatch8X Class) - http://files.ea.com/downloads/rtpatch/v4/EARTP8X.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127859030000
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

4

Tech Clinic / Got a graphics problem...

« on: October 21, 2005, 07:32:27 PM »

Ok this started a few days ago, I don't recall doing anything to trigger this behavior. I'm hoping somebody can help because I'm at my wits end lol.

Here's the symptoms, I'm seeing a light blue shadow over some of the text on the desktop and programs like IE and Word, there's also a blue line of the same color blue by icons and on my mouse cursor. Another graphics issue is in games I'm seeing little blinking or flickering squares during gameplay. I did reinstall Windows XP and it didn't solve the graphics problem. I've updated all my graphics drivers and it still didn't repair the graphics, I've also dusted the inside of my PC and still nothing.

However I did do a virus scan with Ad-Aware and it said I had the Worm.Alcan.A virus, eventually it said it was removed after a few tries, but I doubt it. It didn't show up with Norton or Microsoft's anti-virus software though, just Lavasofts.

My question is does anyone know if this Worm effects your graphics card or do you think my graphics card is going? I don't think it is though because I just bought this PC about 6 months ago and graphics cards usually never go. The only other thing I didn't try is actually unplugging my card and plugging it back in but I don't think that wouldn't do anything.

If someone could help me out I'd greatly appreciate it. Just wondering if anybody else with this worm has graphic issues as well? Like I said I don't recall doing anything to trigger this, I may have accidentally downloaded the AlcanA Worm through Limewire though which I was using a few days ago. Thanks. Sorry for posting in the other guy's topic before.

5

Tech Clinic / Help me please

« on: October 21, 2005, 06:04:12 PM »

Is anybody's graphics messed up because of this virus? Just wondering if it's the worm or my graphics card going.

6

Tech Clinic / Alcan.a

« on: October 21, 2005, 06:01:08 PM »

Ad-Aware found it on mine.

7

Tech Clinic / Alcan Worm

« on: October 21, 2005, 12:01:33 PM »

Here's my Hijack This Log...

Logfile of HijackThis v1.99.1
Scan saved at 12:58:05 PM, on 10/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Timothy\LOCALS~1\Temp\Rar$EX00.813\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nascar.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nascar.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ucmtbtm] C:\WINDOWS\system32\hasxfxr.exe r
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?3abffb653bff43bbbc72c0abf1a46ad0
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?3abffb653bff43bbbc72c0abf1a46ad0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18CD2FD8-81CE-44C3-99E1-0822E1C7116C} (EARTPatch8X Class) - http://files.ea.com/downloads/rtpatch/v4/EARTP8X.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127859030000
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe

8

Tech Clinic / Alcan Worm

« on: October 21, 2005, 11:49:46 AM »

Hey I'm new on here but I have the same problem I think, Ad-Aware found Alcan on my comp too.

I was just wondering what the syptoms are because my graphics are a little messed up, I'm getting random blue shadows over text and lines over my desktop and on the side of programs, and on games I see little blinking squares off and on. Just wondering if Alcan messes with the graphics or not?

TheTechGuide Forum

News:

Messages - teinte411

Tech Clinic / Got a graphics problem...

Tech Clinic / Got a graphics problem...

Tech Clinic / Got a graphics problem...

Tech Clinic / Got a graphics problem...

Tech Clinic / Help me please

Tech Clinic / Alcan.a

Tech Clinic / Alcan Worm

Tech Clinic / Alcan Worm