Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - csp312

Pages: [1]
1
Tech Clinic / loadadv458!!!!!
« on: November 04, 2005, 03:39:18 PM »
You know what thanks for the help but im running out of space and i;m just going to restart my computer i have a backup drive so it dosesnt really matter. You were great thank again for the help.

2
Tech Clinic / loadadv458!!!!!
« on: November 03, 2005, 08:12:48 PM »
I still have the loadadv458 on my desktop can you help.

3
Tech Clinic / loadadv458!!!!!
« on: November 01, 2005, 05:14:25 PM »
Incident                      Status                        Location                                                                                                                                                                                                                                                        

Adware:Adware/Maxifiles       No disinfected                C:\Program Files\Microsoft AntiSpyware\Quarantine\6D9A4986-48B6-4441-80C4-DD203B\0779184B-420A-4CCE-8174-4E8E89                                                                                                                                                
Adware:Adware/Maxifiles       No disinfected                C:\Program Files\Microsoft AntiSpyware\Quarantine\EB4D89DD-1251-4B29-99D5-24BA47\2D07E7FA-771E-4B53-BCEE-E1A0F0                                                                                                                                                


oh yah were getting there thanks for the help so far!!

4
Tech Clinic / loadadv458!!!!!
« on: November 01, 2005, 04:56:05 PM »
that was me^^

5
Tech Clinic / loadadv458!!!!!
« on: October 31, 2005, 07:26:57 PM »
bump

6
Tech Clinic / loadadv458!!!!!
« on: October 31, 2005, 07:06:02 AM »
bump

7
Tech Clinic / loadadv458!!!!!
« on: October 30, 2005, 02:22:02 PM »
wow i have a lot

8
Tech Clinic / loadadv458!!!!!
« on: October 30, 2005, 01:51:10 PM »
Incident                      Status                        Location                                                                                                                                                                                                                                                        

Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f6726f9-43712b7d.zip[GetAccess.class]                                                                                                                
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f6726f9-43712b7d.zip[InsecureClassLoader.class]                                                                                                      
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f6726f9-43712b7d.zip[Dummy.class]                                                                                                                    
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f6726f9-43712b7d.zip[Installer.class]                                                                                                                
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-57111d2d-5f81bbdb.zip[BlackBox.class]                                                                                                                      
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-57111d2d-5f81bbdb.zip[VerifierBug.class]                                                                                                                  
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-57111d2d-5f81bbdb.zip[Dummy.class]                                                                                                                        
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-57111d2d-5f81bbdb.zip[Beyond.class]                                                                                                                        
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-7ebfe046-4bc17ecd.zip[NewSecurityClassLoader.class]                                                                                                        
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-7ebfe046-4bc17ecd.zip[NewURLClassLoader.class]                                                                                                              
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv441.jar-e736495-4adb0b10.zip[Matrix.class]                                                                                                                  
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv441.jar-e736495-4adb0b10.zip[Counter.class]                                                                                                                
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv441.jar-e736495-4adb0b10.zip[Dummy.class]                                                                                                                  
Virus:Exploit/ByteVerify      Disinfected                   C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv441.jar-e736495-4adb0b10.zip[Parser.class]                                                                                                                  
Adware:Adware/IST.ISTBar      No disinfected                C:\Documents and Settings\Chris\Local Settings\Temp\jfghjfgudk.exe                                                                                                                                                                                              
Adware:Adware/PurityScan      No disinfected                C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\294T6JWR\!update-2500[1].0000                                                                                                                                      
Adware:Adware/PurityScan      No disinfected                C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\294T6JWR\!update-2500[2].0000                                                                                                                                      
Adware:Adware/Naupoint        No disinfected                C:\Program Files\Common Files\Verizon Online\SFP\vzbb.dll                                                                                                                                                                                                      
Adware:Adware/Maxifiles       No disinfected                C:\Program Files\Microsoft AntiSpyware\Quarantine\6D9A4986-48B6-4441-80C4-DD203B\0779184B-420A-4CCE-8174-4E8E89                                                                                                                                                
Adware:Adware/SBSoft          No disinfected                C:\Program Files\Microsoft AntiSpyware\Quarantine\7E01FF87-CE5B-4E6F-B2EB-2FB727\4E07293C-6CD3-4DA0-A9E3-77669A                                                                                                                                                
Adware:Adware/Maxifiles       No disinfected                C:\Program Files\Microsoft AntiSpyware\Quarantine\EB4D89DD-1251-4B29-99D5-24BA47\2D07E7FA-771E-4B53-BCEE-E1A0F0                                                                                                                                                
Virus:W32/Alcan.A.worm        Disinfected                   C:\Program Files\winupdates\a.zip[Setup.exe]                                                                                                                                                                                                                    
Possible Virus.               No disinfected                C:\WINDOWS\ru.exe                                                                                                                                                                                                                                              
Adware:Adware/Popuper         No disinfected                C:\WINDOWS\SYSTEM32\hpE6AB.tmp

9
Tech Clinic / loadadv458!!!!!
« on: October 29, 2005, 05:01:49 PM »
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP    Current Build: Service Pack 2    Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...
UPX!                 10/29/2005 4:39:56 PM       218112     C:\hijackthis.exe

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...
UPX!                 8/22/2004 5:04:56 PM        69120      C:\WINDOWS\daemon.dll
UPX!                 9/8/2005 3:37:12 PM     RHS 82432      C:\WINDOWS\ru.exe

Checking %System% folder...
PEC2                 8/18/2001 7:00:00 AM        41397      C:\WINDOWS\SYSTEM32\dfrg.msc
PEC2                 8/9/2005 6:14:00 PM         692736     C:\WINDOWS\SYSTEM32\DivX.dll
PECompact2           8/9/2005 6:14:00 PM         692736     C:\WINDOWS\SYSTEM32\DivX.dll
PTech                8/29/2005 1:27:12 PM        520968     C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
PECompact2           6/9/2005 2:35:28 PM         1292120    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               6/9/2005 2:35:28 PM         1292120    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               8/4/2004 12:56:38 AM        708096     C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor             8/4/2004 12:56:46 AM        657920     C:\WINDOWS\SYSTEM32\rasdlg.dll
UPX!                 7/23/2001 1:29:32 AM        552960     C:\WINDOWS\SYSTEM32\saxzip.ocx
winsync              8/18/2001 7:00:00 AM        1309184    C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...
PTech                8/3/2004 10:41:38 PM        1309184    C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
                     10/29/2005 5:52:56 PM     S 2048       C:\WINDOWS\bootstat.dat
                     10/29/2005 4:58:34 PM    H  54156      C:\WINDOWS\QTFont.qfn
                     9/8/2005 3:37:12 PM     RHS 82432      C:\WINDOWS\ru.exe
                     9/15/2005 3:27:52 PM     H  0          C:\WINDOWS\INF\oem42.inf
                     10/29/2005 5:17:46 PM    H  0          C:\WINDOWS\LastGood\INF\oem43.inf
                     10/29/2005 5:17:46 PM    H  0          C:\WINDOWS\LastGood\INF\oem43.PNF
                     10/17/2005 2:11:14 AM     S 22087      C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem26.CAT
                     10/29/2005 5:52:48 PM    H  8192       C:\WINDOWS\SYSTEM32\config\default.LOG
                     10/29/2005 5:53:36 PM    H  1024       C:\WINDOWS\SYSTEM32\config\SAM.LOG
                     10/29/2005 5:52:58 PM    H  12288      C:\WINDOWS\SYSTEM32\config\SECURITY.LOG
                     10/29/2005 5:59:12 PM    H  102400     C:\WINDOWS\SYSTEM32\config\software.LOG
                     10/29/2005 5:53:02 PM    H  1413120    C:\WINDOWS\SYSTEM32\config\system.LOG
                     10/26/2005 3:42:44 PM     S 558        C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
                     10/26/2005 3:42:44 PM     S 144        C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
                     9/30/2005 9:43:14 PM     HS 388        C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\d9585617-b88b-4455-a9ec-d8ab0010389e
                     9/30/2005 9:43:14 PM     HS 24         C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred
                     10/29/2005 4:33:52 PM    HS 192        C:\WINDOWS\Tasks\RUTASK.job
                     10/29/2005 5:51:44 PM    H  6          C:\WINDOWS\Tasks\SA.DAT

Checking for CPL files...
Microsoft Corporation          8/4/2004 12:56:58 AM        68608      C:\WINDOWS\SYSTEM32\access.cpl
Realtek Semiconductor Corp.    12/1/2004 3:53:44 PM        16166912   C:\WINDOWS\SYSTEM32\ALSNDMGR.CPL
Microsoft Corporation          8/4/2004 12:56:58 AM        549888     C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        110592     C:\WINDOWS\SYSTEM32\bthprops.cpl
                               7/29/2004 3:56:00 PM        221184     C:\WINDOWS\SYSTEM32\cttune.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        135168     C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        80384      C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        155136     C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        358400     C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation          2/11/2005 9:52:06 PM        129536     C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        380416     C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        68608      C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc.         6/3/2005 3:52:54 AM         49265      C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation          8/18/2001 7:00:00 AM        187904     C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        618496     C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation          8/18/2001 7:00:00 AM        35840      C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        25600      C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        257024     C:\WINDOWS\SYSTEM32\nusrmgr.cpl
                               10/10/2005 9:49:00 PM       73728      C:\WINDOWS\SYSTEM32\nvtuicpl.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        32768      C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        114688     C:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc.           9/23/2004 6:57:40 PM        323072     C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        298496     C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation          8/18/2001 7:00:00 AM        28160      C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        94208      C:\WINDOWS\SYSTEM32\timedate.cpl
                               9/27/2004 9:00:00 PM        6151       C:\WINDOWS\SYSTEM32\txp4.cpl
Microsoft Corporation          8/4/2004 12:56:58 AM        148480     C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation          5/26/2005 4:16:30 AM        174360     C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation          8/18/2001 7:00:00 AM        187904     C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation          8/18/2001 7:00:00 AM        35840      C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation          8/18/2001 7:00:00 AM        28160      C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
NVIDIA Corporation             3/9/2002 8:53:00 PM         106496     C:\WINDOWS\SYSTEM32\ReinstallBackups\0010\DriverFiles\nvtuicpl.cpl
NVIDIA Corporation             5/3/2002 8:06:00 PM         106496     C:\WINDOWS\SYSTEM32\ReinstallBackups\0011\DriverFiles\nvtuicpl.cpl
Realtek Semiconductor Corp.    12/1/2004 3:53:44 PM        16166912   C:\WINDOWS\SYSTEM32\ReinstallBackups\0047\DriverFiles\ALSNDMGR.CPL

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
                     10/24/2005 12:21:40 PM      1757       C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
                     4/4/2002 1:59:02 AM      HS 84         C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
                     7/29/2005 6:46:16 PM        1805       C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
                     5/26/2002 10:39:16 PM       875        C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
                     8/1/2005 9:00:24 AM         2000       C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Verizon Online Support Center.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
                     4/3/2002 5:52:46 PM      HS 62         C:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
                     4/4/2002 1:59:02 AM      HS 84         C:\Documents and Settings\Chris\Start Menu\Programs\Startup\desktop.ini
                     8/31/2005 6:30:04 PM        888        C:\Documents and Settings\Chris\Start Menu\Programs\Startup\LyricsAMP Auto-Update!.lnk

Checking files in %USERPROFILE%\Application Data folder...
                     9/15/2005 3:52:46 PM        875        C:\Documents and Settings\Chris\Application Data\AdobeDLM.log
                     9/4/2005 4:14:40 PM         0          C:\Documents and Settings\Chris\Application Data\babhook.vers
                     9/4/2005 4:14:38 PM         7652       C:\Documents and Settings\Chris\Application Data\babinf.xml
                     4/3/2002 5:52:46 PM      HS 62         C:\Documents and Settings\Chris\Application Data\desktop.ini
                     9/15/2005 3:52:46 PM        0          C:\Documents and Settings\Chris\Application Data\dm.ini
                     9/4/2005 4:14:40 PM         153444     C:\Documents and Settings\Chris\Application Data\tizupd.bin

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
   {09799AFB-AD67-11d1-ABCD-00C04FC30936}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
   {E0D79304-84BE-11CE-9641-444553540000}    = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
   Start Menu Pin    = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\StopSignRCS
   {BB83FD23-AC96-472D-8AA2-7D8560A61D1A}    =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
   {E0D79304-84BE-11CE-9641-444553540000}    = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{1E0F077C-5FBF-4ddc-8E57-9928CCEAAD86}
       = blank

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EAC_VirusScanner
   {46D570D9-71C8-44E5-A76C-AADFE94442CA}    =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
   {E0D79304-84BE-11CE-9641-444553540000}    = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}
    = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
   AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D}
   Verizon Broadband Toolbar = C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
    = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
   Google Toolbar Helper = c:\program files\google\googletoolbar2.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFDA4F6F-2EA3-4942-9420-E42880965A3A}
    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
   &Tip of the Day = %SystemRoot%\System32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
   {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D}    = Verizon Broadband Toolbar   : C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
   {2318C2B1-4965-11d4-9B18-009027A5CD4F}    = &Google   : c:\program files\google\googletoolbar2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
   MenuText    = Sun Java Console   : C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}
   MenuText    = Uninstall BitDefender Online Scanner v8   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
   ButtonText    = Research   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
   ButtonText    = AIM   : C:\Program Files\AIM\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
   ButtonText    = Messenger   : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
    =
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
   Favorites Band = %SystemRoot%\System32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
   Explorer Band = %SystemRoot%\System32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
   {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links   : %SystemRoot%\system32\SHELL32.dll
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\System32\browseui.dll
   {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links   : %SystemRoot%\system32\SHELL32.dll
   {F5735C15-1FB2-41FE-BA12-242757E69DDE} =    :
   {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} = Verizon Broadband Toolbar   : C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
   {2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google   : c:\program files\google\googletoolbar2.dll
   {5776A2BC-D803-47F6-9DC0-8344DB8D604C} =    :
   {EEF280F3-B6ED-46D8-A8FD-57BD0C4A9ECF} =    :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      
   NvCplDaemon   RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
   nwiz   nwiz.exe /install
   WorksFUD   C:\Program Files\Microsoft Works\wkfud.exe
   Microsoft Works Portfolio   C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
   Microsoft Works Update Detection   C:\Program Files\Microsoft Works\WkDetect.exe
   NeroFilterCheck   C:\WINDOWS\system32\NeroCheck.exe
   GWMDMMSG   GWMDMMSG.exe
   GWMDMpi   C:\WINDOWS\GWMDMpi.exe
   gcasServ   "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
   Share-to-Web Namespace Daemon   C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
   NVMixerTray   "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
   SunJavaUpdateSched   C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
   SoundMan   SOUNDMAN.EXE
   DeadAIM   rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
   Motive SmartBridge   C:\PROGRA~1\VERIZO~1\VERIZO~1\SMARTB~1\MotiveSB.exe
   DownloadAccelerator   C:\PROGRA~1\DAP\DAP.EXE /STARTUP
   LiveMonitor   C:\Program Files\MSI\Live Update 3\LMonitor.exe
   QuickTime Task   "C:\Program Files\QuickTime\qttask.exe" -atboottime
   HostManager   C:\Program Files\Common Files\AOL\1126043299\ee\AOLSoftware.exe
   BootSkin Startup Jobs   "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
   DAEMON Tools-1033   "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
   NvMediaCenter   RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
   NVIDIA nTune   "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
   IMAIL   Installed = 1
   MAPI   Installed = 1
   MSFS   Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   ctfmon.exe   C:\WINDOWS\system32\ctfmon.exe
   Steam   
   SpybotSD TeaTimer   C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
   BlockAds   "C:\Program Files\Tweak-XP Pro 4\AdBlocker.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
   {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
   {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
   {0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
   dontdisplaylastusername   0
   legalnoticecaption   
   legalnoticetext   
   shutdownwithoutlogon   1
   undockwithoutlogon   1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoDriveTypeAutoRun   145
   NoViewOnDrive   0
   NoLogoff   0
   NoDrives   
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Windows Update


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   0aMCPClient                       {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} = C:\PROGRA~1\COMMON~1\Stardock\MCPCore.dll
   PostBootReminder                  {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
   CDBurn                            {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
   WebCheck                          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
   SysTray                           {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll
   UPnPMonitor                       {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
   UserInit   = C:\WINDOWS\system32\userinit.exe,
   Shell      = Explorer.exe
   System      =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient
    = C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB
    = C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
   Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
   AppInit_DLLs   


»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1   - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 10/29/2005 5:59:30 PM

10
Tech Clinic / loadadv458!!!!!
« on: October 29, 2005, 04:34:29 PM »
Um.... its on my desktop and in one of my drives that i just formatted its the only thing there and it wont go away. heres my log..........

Logfile of HijackThis v1.99.1
Scan saved at 4:40:06 PM, on 10/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\GWMDMMSG.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\VERIZO~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Common Files\AOL\1126043299\ee\AOLSoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Tweak-XP Pro 4\AdBlocker.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Verizon Online\Verizon Online Support Center\bin\mpbtn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Chris\My Documents\hijackthis.exe
C:\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.Email Removed/s/search?r=minisearch\' target=\'_blank\' rel=\'nofollow\'>http://my.Email Removed/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FFDA4F6F-2EA3-4942-9420-E42880965A3A} - (no file)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1126043299\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BlockAds] "C:\Program Files\Tweak-XP Pro 4\AdBlocker.exe"
O4 - Startup: LyricsAMP Auto-Update!.lnk = C:\Program Files\Windows Media Player\Plugins\LyricsAMP\WiseUpdt.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\Verizon Online Support Center\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLaunc...iveLauncher.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://simcity.ea.com/update/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120425676011
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126810707781
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} (DigWebHelper Class) - http://photos.msn.com/resources/neutral/co....cab?10,0,910,0
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Please help.

11
Tech Clinic / Help to get rid of crap slowing down my machine.
« on: October 29, 2005, 03:48:57 PM »
oh heres my regestred name sorry

Pages: [1]