Messages

1

Tech Clinic / Internet not working and computer freezing.

« on: January 23, 2007, 01:55:07 AM »

I just copied my Intrusion list  maybe tell me what going on seems when i get attack that when my internet locks up and my computer slows down.

Category: Intrusion Prevention
Date,User,Message,Details
1/22/2007 11:01:56 PM,Supervisor,Intrusion detected and blocked. All communication with 205.171.3.65 will be blocked for 30 minutes.,Intrusion detected and blocked. All communication with 205.171.3.65 will be blocked for 30 minutes.
1/22/2007 11:01:56 PM,Supervisor,Intrusion: Portscan.,"Intrusion: Portscan.  Intruder: 205.171.3.65(domain(53)).   Risk Level: Medium.  Protocol: UDP.  Attacked IP: FAMILY(192.168.0.3).  Attacked Port: 1468."
1/22/2007 11:00:08 PM,No User,Intrusion Prevention Signature File Version: 1/23/2007 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/23/2007 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 11:00:08 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 11:00:08 PM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/22/2007 9:27:19 PM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 9:27:19 PM,Supervisor,Intrusion Prevention Signature File Version: 1/23/2007 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/23/2007 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 9:27:19 PM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/22/2007 5:50:14 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 5:50:14 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 5:50:14 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/22/2007 8:32:38 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 8:32:38 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 8:32:38 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/22/2007 2:03:21 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 2:03:21 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 2:03:21 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/22/2007 1:05:31 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 1:05:31 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/22/2007 1:05:31 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 12:24:38 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/22/2007 12:24:38 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/22/2007 12:24:38 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 8:05:57 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 8:05:57 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 8:05:57 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 7:47:25 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 7:47:25 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 7:47:25 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 7:26:02 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 7:26:02 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 7:26:02 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 5:53:29 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 5:53:29 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 5:53:29 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 2:42:11 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 2:42:11 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 2:42:11 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 10:14:02 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 10:14:02 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 10:14:02 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 9:40:39 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 9:40:39 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 9:40:39 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 9:36:20 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 9:36:20 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 9:36:20 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 4:29:52 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 4:29:52 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 4:29:52 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 4:10:41 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 4:10:41 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 4:10:41 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 4:01:09 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 4:01:09 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 4:01:09 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 2:56:04 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 2:56:04 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 2:56:04 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 2:52:06 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 2:52:06 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/21/2007 2:52:06 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 12:15:34 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/21/2007 12:15:34 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/21/2007 12:15:34 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 9:10:44 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 9:10:44 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 9:10:44 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 8:28:00 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 8:28:00 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 8:28:00 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 6:23:21 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 6:23:21 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 6:23:21 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 12:51:59 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 12:51:59 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 12:51:59 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 4:01:50 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 4:01:50 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 4:01:50 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 3:24:39 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 3:24:39 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 3:24:39 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 3:06:22 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 3:06:22 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 3:06:22 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 2:36:33 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 2:36:33 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 2:36:33 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 12:56:43 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 12:56:43 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/20/2007 12:56:43 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 12:04:38 AM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/20/2007 12:04:38 AM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/20/2007 12:04:38 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/18/2007 9:03:53 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/18/2007 9:03:53 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/18/2007 9:03:53 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/18/2007 8:36:50 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/18/2007 8:36:50 PM,No User,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/18/2007 8:36:50 PM,No User,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/18/2007 11:11:22 AM,Supervisor,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/17/2007 Rev. 2. Intrusion Prevention Engine Version: 3.0.0.60809.
1/18/2007 11:11:22 AM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/18/2007 11:11:22 AM,Supervisor,Intrusion Prevention is monitoring 675 signatures.,Intrusion Prevention is monitoring 675 signatures.
1/17/2007 10:48:16 AM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/17/2007 10:48:16 AM,Supervisor,Intrusion Prevention Signature File Version: 1/16/2007 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/16/2007 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.
1/17/2007 10:48:16 AM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/17/2007 3:07:18 AM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/17/2007 3:07:18 AM,No User,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/17/2007 3:07:18 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/15/2007 2:45:56 AM,No User,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/15/2007 2:45:56 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/15/2007 2:45:56 AM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/13/2007 9:14:31 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/13/2007 9:14:31 PM,No User,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/13/2007 9:14:31 PM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/13/2007 8:38:28 PM,No User,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/13/2007 8:38:28 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/13/2007 8:38:28 PM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/13/2007 5:16:10 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/13/2007 5:16:10 PM,No User,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/13/2007 5:16:10 PM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/13/2007 11:54:22 AM,No User,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/13/2007 11:54:22 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/13/2007 11:54:22 AM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/13/2007 1:14:52 AM,Supervisor,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/13/2007 1:14:52 AM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/13/2007 1:14:52 AM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/12/2007 4:33:06 AM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/12/2007 4:33:06 AM,Supervisor,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 3. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/12/2007 Rev. 3. Intrusion Prevention Engine Version: 3.0.0.60809.
1/12/2007 4:33:06 AM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/11/2007 12:49:22 PM,No User,Intrusion Prevention Signature File Version: 1/8/2007 Rev. 3. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/8/2007 Rev. 3. Intrusion Prevention Engine Version: 3.0.0.60809.
1/11/2007 12:49:22 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/11/2007 12:49:22 PM,No User,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/11/2007 12:47:58 PM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/11/2007 8:52:42 AM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/10/2007 9:32:39 AM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/10/2007 9:32:39 AM,Supervisor,Intrusion Prevention Signature File Version: 1/8/2007 Rev. 3. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 1/8/2007 Rev. 3. Intrusion Prevention Engine Version: 3.0.0.60809.
1/10/2007 9:32:39 AM,Supervisor,Intrusion Prevention is monitoring 676 signatures.,Intrusion Prevention is monitoring 676 signatures.
1/8/2007 4:51:53 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/8/2007 4:51:53 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/8/2007 4:51:53 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/6/2007 7:21:35 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/6/2007 7:21:35 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/6/2007 7:21:35 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/6/2007 6:45:23 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/6/2007 6:45:23 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/6/2007 6:45:23 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/6/2007 5:32:29 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/6/2007 5:32:29 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/6/2007 5:32:29 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/6/2007 3:38:36 AM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/6/2007 3:38:36 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/6/2007 3:38:36 AM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/4/2007 11:05:54 PM,Supervisor,Intrusion: HTTP Apache Redundant Slashes DoS.,"Intrusion: HTTP Apache Redundant Slashes DoS.   Intruder: localhost(1762).   Risk Level: Medium.  Protocol: TCP.  Attacked IP: 128.241.247.240.  Attacked Port: http(80)."
1/4/2007 11:05:40 PM,Supervisor,Intrusion: HTTP Apache Redundant Slashes DoS.,"Intrusion: HTTP Apache Redundant Slashes DoS.   Intruder: localhost(1555).   Risk Level: Medium.  Protocol: TCP.  Attacked IP: 128.241.247.240.  Attacked Port: http(80)."
1/2/2007 6:31:13 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/2/2007 6:31:13 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/2/2007 6:31:13 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/1/2007 9:11:55 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/1/2007 9:11:55 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/1/2007 9:11:55 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
1/1/2007 6:26:03 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
1/1/2007 6:26:03 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
1/1/2007 6:26:03 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/30/2006 7:43:33 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/30/2006 7:43:33 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/30/2006 7:43:33 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/27/2006 10:05:57 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/27/2006 10:05:57 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/27/2006 10:05:57 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/26/2006 7:24:11 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/26/2006 7:24:11 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/26/2006 7:24:11 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/25/2006 3:26:06 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/25/2006 3:26:06 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/25/2006 3:26:06 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/25/2006 10:36:07 AM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/25/2006 10:36:07 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/25/2006 10:36:07 AM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/23/2006 9:57:29 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/23/2006 9:57:29 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/23/2006 9:57:29 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/23/2006 9:56:03 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/23/2006 9:56:03 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/23/2006 9:56:03 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/22/2006 6:26:08 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/22/2006 6:26:08 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/22/2006 6:26:08 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/21/2006 6:59:37 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/21/2006 6:59:37 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/21/2006 6:59:37 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/19/2006 4:39:02 AM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/19/2006 4:39:02 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/19/2006 4:39:02 AM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/18/2006 5:18:08 PM,No User,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/18/2006 5:18:08 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/18/2006 5:18:08 PM,No User,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/18/2006 2:26:49 PM,Supervisor,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/15/2006 Rev. 5. Intrusion Prevention Engine Version: 3.0.0.60809.
12/18/2006 2:26:49 PM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/18/2006 2:26:49 PM,Supervisor,Intrusion Prevention is monitoring 605 signatures.,Intrusion Prevention is monitoring 605 signatures.
12/15/2006 10:10:20 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/15/2006 10:10:20 PM,No User,Intrusion Prevention Signature File Version: 12/11/2006 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/11/2006 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.
12/15/2006 10:10:20 PM,No User,Intrusion Prevention is monitoring 604 signatures.,Intrusion Prevention is monitoring 604 signatures.
12/14/2006 2:22:32 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/14/2006 2:22:32 AM,No User,Intrusion Prevention Signature File Version: 12/11/2006 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/11/2006 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.
12/14/2006 2:22:32 AM,No User,Intrusion Prevention is monitoring 604 signatures.,Intrusion Prevention is monitoring 604 signatures.
12/13/2006 12:32:51 AM,Supervisor,Intrusion Prevention is monitoring 604 signatures.,Intrusion Prevention is monitoring 604 signatures.
12/13/2006 12:32:51 AM,Supervisor,Intrusion Prevention Signature File Version: 12/11/2006 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 12/11/2006 Rev. 1. Intrusion Prevention Engine Version: 3.0.0.60809.
12/13/2006 12:32:51 AM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/12/2006 8:50:05 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/12/2006 8:50:05 AM,No User,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/12/2006 8:50:05 AM,No User,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/9/2006 3:06:34 AM,No User,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/9/2006 3:06:34 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/9/2006 3:06:34 AM,No User,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/9/2006 3:03:43 AM,No User,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/9/2006 3:03:43 AM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/9/2006 3:03:43 AM,No User,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/8/2006 11:01:03 PM,No User,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/8/2006 11:01:03 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/8/2006 11:01:03 PM,No User,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/8/2006 10:17:31 PM,No User,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/8/2006 10:17:31 PM,No User,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/8/2006 10:17:31 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/8/2006 9:22:56 PM,No User,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/8/2006 9:22:56 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/8/2006 9:22:56 PM,No User,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/8/2006 9:21:38 PM,Supervisor,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/8/2006 9:21:38 PM,Supervisor,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.,Intrusion Prevention Signature File Version: 11/13/2006 Rev. 31. Intrusion Prevention Engine Version: 3.0.0.60809.
12/8/2006 9:21:38 PM,Supervisor,Intrusion Prevention is monitoring 600 signatures.,Intrusion Prevention is monitoring 600 signatures.
12/8/2006 8:05:37 PM,No User,Intrusion Prevention Signature File Version: 9/1/2005 Rev. 36. Intrusion Prevention Engine Version: 2.0.0.50707.,Intrusion Prevention Signature File Version: 9/1/2005 Rev. 36. Intrusion Prevention Engine Version: 2.0.0.50707.
12/8/2006 8:05:37 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/8/2006 8:05:37 PM,No User,Intrusion Prevention is monitoring 496 signatures.,Intrusion Prevention is monitoring 496 signatures.
12/8/2006 7:53:16 PM,No User,Intrusion Prevention is monitoring 496 signatures.,Intrusion Prevention is monitoring 496 signatures.
12/8/2006 7:53:15 PM,No User,Intrusion Prevention Signature File Version: 9/1/2005 Rev. 36. Intrusion Prevention Engine Version: 2.0.0.50707.,Intrusion Prevention Signature File Version: 9/1/2005 Rev. 36. Intrusion Prevention Engine Version: 2.0.0.50707.
12/8/2006 7:53:15 PM,No User,Intrusion Prevention has been enabled.,Intrusion Prevention has been enabled.
12/8/2006 7:53:15 PM,No User,Intrusion Prevention is monitoring 496 signatures.,Intrusion Prevention is monitoring 496 signatures.

2

Tech Clinic / Internet not working and computer freezing.

« on: January 23, 2007, 01:11:08 AM »

My norton just popped up saying that I was attack but it was blocked. It said it was a port scan from the IP addy 205.171.3.65 any help?

3

Tech Clinic / Internet not working and computer freezing.

« on: January 21, 2007, 09:51:01 PM »

Ok to start this computer is about 1 month old just got it from Dell. I have it connected to the internet with wifi in my home. It has work great up til 3 days ago. The internet will just stop working even though my wifi icon says it has very good connection. I have to do a restart to get it to work again. Some times when I restart it it bring up a error about the SVChost memory i'm not sure what this has to do with the problem. I have 2 computers on the same network and the other one is running just fine so I dont think its the ISP. Then the computer acts like its bogged down even though i'm not running any programs. It then will just freeze and I have to hold the power button down to restart it.  The only thing I can think that it might of been was a file that was sent my email from a ebay member. I did a norton antivirus scan on it and said it was fine. The name of the file was roguepic.scr which I thought was strange at the time which is why I scanned it. I had to run it to see the picture. I've ran spybot search and destroy and all the others you reccomended. They all cam back clean for the most part a few cookies here and there. My computer specs are Amd athlon 64 X2 Duel core Processor 3800+ 2.00 GHz, 1.00GB of ram. I saved the roguepic.scr incase I need to send it to you. Here is the hijack log.

Logfile of HijackThis v1.99.1
Scan saved at 7:27:21 PM, on 1/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Belkin\F5D7001v2000\Belkinwcui.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\HJT\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4061205
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4061205
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin Wireless Utility.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1165638423328
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://www.imgag.com/cp/install/AxCtp2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...943/mcfscan.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

4

Tech Clinic / SpySheiff and PestControl

« on: November 14, 2006, 05:28:54 PM »

thanks for the help everything is now working as it should. http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'\' />

5

Tech Clinic / SpySheiff and PestControl

« on: November 14, 2006, 05:52:12 AM »

Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)

Thats all it says for both of them.

6

Tech Clinic / SpySheiff and PestControl

« on: November 13, 2006, 08:41:37 PM »

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"Class"="CDROM"
@="DVD/CD-ROM drives"
"EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider"
"Installer32"="storprop.dll,DvdClassInstaller"
"SilentInstall"="1"
"NoInstallClass"="1"
"TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm"
"Icon"="-51"
"UpperFilters"=hex(7):47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,\
  00,4d,00,00,00,69,00,6e,00,63,00,64,00,72,00,6d,00,00,00,70,00,77,00,64,00,\
  5f,00,32,00,6b,00,00,00,00,00
"LowerFilters"=hex(7):50,00,78,00,48,00,65,00,6c,00,70,00,32,00,30,00,00,00,64,\
  00,72,00,76,00,6d,00,63,00,64,00,62,00,00,00,00,00
"UpperFilters_1"=hex(7):47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,\
  44,00,4d,00,00,00,49,00,6e,00,43,00,44,00,50,00,61,00,73,00,73,00,00,00,69,\
  00,6e,00,63,00,64,00,72,00,6d,00,00,00,70,00,77,00,64,00,5f,00,32,00,6b,00,\
  00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}000]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}000\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}001]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}001\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}002]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}003]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}003\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}004]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}005]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

7

Tech Clinic / SpySheiff and PestControl

« on: November 09, 2006, 06:08:20 PM »

Yes my CD and DvD drives are not working still they both open and close but wont run anything see my post in the hardware forums for more details please I need to fix them.  I ran the anti-virus software and found nothing here is the list.


Logfile of HijackThis v1.99.1
Scan saved at 4:02:28 PM, on 11/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/version2/w...en/AMClient.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe

8

Hardware / CD drives not working/not in the My computer folder

« on: October 25, 2006, 07:52:32 PM »

well I went down the list and nothing there seems to be whats happening.  When I uninstall both them and do a scan for new hardware it finds them and then a windows says a problem occured during hardware installation. Your new hardware may not be working correctly.

9

Tech Clinic / SpySheiff and PestControl

« on: October 25, 2006, 01:44:16 AM »

First off I would like to thank you very much for your prompt and right on the nail help.  I'm currently not having any more problems.  I do have a question though.  Is it ok to set my Startup apps back to the way I had them before so I can save ram for gaming?  I don't have any AV protection ATM.  I made my last few computers myself and I have never had a problem like this before.  If you have any AV protection that are free and are good programs that would be great.  What do I do with all these programs I downloaded to fix this problem toss or keep?  I removed the viewpoint using the add/remove program.  When I went into the program file the viewpoint folder was not there to remove.  The spybot only found 1 thing that it needed to repair. Once again thank you http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' /> .

Logfile of HijackThis v1.99.1
Scan saved at 12:21:32 AM, on 10/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/version2/w...en/AMClient.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe

10

Tech Clinic / SpySheiff and PestControl

« on: October 24, 2006, 03:56:00 PM »

Logfile of HijackThis v1.99.1
Scan saved at 2:48:38 PM, on 10/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/version2/w...en/AMClient.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe


Uninstall list
"Doras Carnival Adventure (remove only)"
3D Groove Playback Engine
Ace Utilities 2.4.1
Ad-Aware SE Personal
Adobe Reader 6.0.1
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Anti-Spyware 7.5
Canon Digital Camera USB WIA Driver
Canon Utilities RemoteCapture 2.7
ClueFinders 4th Grade Adventures
DivX
ERUNT 1.1j
HijackThis 1.99.1
iPod for Windows 2006-03-23
iTunes
J2SE Runtime Environment 5.0 Update 9
Joint Operations: Escalation
Joint Operations: Typhoon Rising
Kazaa Lite K++ v2.4.3
Macromedia Flash Player
Macromedia Flash Player 8
Macromedia Shockwave Player
Marvell Miniport Driver
MathPlayer
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Data Access Components KB870669
Miss Spider
NVIDIA Drivers
Panda ActiveScan
PowerDVD
PunkBuster for Joint Operations: Typhoon Rising
QuickTime
RealArcade
Roxio Easy Media Creator 8 Content
Roxio Easy Media Creator 8 Suite
Samsung CamCorder Driver
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Spybot - Search & Destroy 1.4
TuneUp Utilities 2006
Ulead Photo Express 4.0 SE
Ulead VideoStudio 7 SE DVD
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Ventrilo Client
Ventrilo Server
Viewpoint Media Player
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
World of Warcraft
ZyGoVideo 2.0


 
Spybot version 1.4
latest detection update date 2006-10-20

11

Tech Clinic / SpySheiff and PestControl

« on: October 24, 2006, 01:45:33 AM »

I have done all the things you said. I am not seeing the pop-up at this moment.

Logfile of HijackThis v1.99.1
Scan saved at 12:34:59 AM, on 10/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jucheck.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [gwiz] C:\WINDOWS\system32\ntsystem.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SAHAgent] C:\WINDOWS\system32\SahAgent.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pcsv] C:\WINDOWS\system32\pcs\pcsvc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PestTrap] C:\Program Files\PestTrap\PestTrap.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [L0oFRRf6X] mrvcx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/version2/w...en/AMClient.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

 + Created at: 12:29:25 AM 10/24/2006

 + Scan result:

 

C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP582\A0161140.exe -> Adware.Apropos : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP580\A0159907.dll -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP580\A0159910.ocx -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP582\A0161125.dll -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP582\A0161128.ocx -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\Program Files\filesubmit\windows2005screen.zip\NNEZTA388.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161716.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161755.dll -> Adware.Pesttrap : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP582\A0161134.exe -> Adware.Quick : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161756.dll -> Adware.SearchAssistant : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161699.exe -> Adware.Spysheriff : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161764.exe -> Adware.Spysheriff : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP582\A0161151.exe -> Downloader.VB.cw : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161704.exe -> Dropper.Small.sc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP580\A0159937.dll -> Hijacker.StartPage.hi : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP582\A0161157.dll -> Hijacker.StartPage.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\Zane\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-17d434ef-2b2b32de.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161703.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161762.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161843.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161844.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161845.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161691.exe -> Trojan.Agent.rx : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F1B35A00-4F9C-4AA8-8C67-F41C4CB2C9A2}\RP610\A0161821.dll -> Trojan.Agent.rx : Cleaned with backup (quarantined).
C:\Documents and Settings\Zane\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-7e891482-791b43b2.class -> Trojan.Femad : Cleaned with backup (quarantined).

::Report end


SmitFraudFix v2.113

Scan done at 23:27:41.32, Mon 10/23/2006
Run from C:\Documents and Settings\Zane\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\DOCUME~1\Zane\STARTM~1\Programs\PestTrap Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
 
Registry Cleaning done.
 
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

12

Tech Clinic / SpySheiff and PestControl

« on: October 23, 2006, 10:46:17 PM »

I thought I might as well show you what keeps poping up every 20 sec and if you do click pesttrap starts running even though it has been uninstalled

13

Tech Clinic / SpySheiff and PestControl

« on: October 23, 2006, 10:38:26 PM »

I do have PestTrap in my add/remove list. I have removed it many times but when the Red circle pops up it reinstalls it http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/mad.gif\' class=\'bbc_emoticon\' alt=\':angry:\' /> .  I did not pay for it nor install it on purpose by any means I was surfing the web and the red circle just popped up in my running apps. Maybe I misclicked a pop-up. I have went in safe mode to try to remove everything I could but it has not worked.

SmitFraudFix v2.113

Scan done at 21:24:27.53, Mon 10/23/2006
Run from C:\Documents and Settings\Zane\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Zane


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Zane\Application Data

C:\Documents and Settings\Zane\Application Data\Install.dat FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

C:\DOCUME~1\Zane\STARTM~1\Programs\PestTrap FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Zane\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]
"Source"="http://www.daily-desktops.com/calendar/mem...t04/800/n19.jpg"
"SubscribedURL"="http://www.daily-desktops.com/calendar/mem...t04/800/n19.jpg"
"FriendlyName"=""
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


 

Zane - 06-10-23 21:29:16.64    Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Zane\Desktop"

((((((((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
 

C:\Documents and Settings\Zane\Application Data\Install.dat

 
(((((((((((((((((((((((((((((((   Files Created from 2006-09-23 to 2006-10-23  ))))))))))))))))))))))))))))))))))
 
 
2006-10-23 21:24 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-23 21:24 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-23 21:24 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-23 21:24 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-23 16:05 29,184 --a------ C:\Documents and Settings\Zane\uwfgtncy.exe
2006-10-23 15:20 29,184 --a------ C:\Documents and Settings\Zane\ykoqqmrx.exe
2006-10-23 04:24 4,096 --a------ C:\WINDOWS\system32\ntsystem.exe
2006-10-23 04:11 29,184 --a------ C:\Documents and Settings\Zane\uqgnabqc.exe


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-23 20:33 -------- d-------- C:\Program Files\WinRAR
2006-10-23 20:29 -------- d-------- C:\Program Files\Internet Explorer
2006-10-23 20:02 -------- d-------- C:\Program Files\BFG
2006-10-23 05:07 -------- d-------- C:\Program Files\Common Files
2006-10-23 04:46 -------- d-------- C:\Program Files\Lavasoft
2006-10-23 04:46 -------- d-------- C:\Documents and Settings\Zane\Application Data\Lavasoft
2006-10-23 04:36 -------- d-------- C:\Documents and Settings\Zane\Application Data\Registry Booster
2006-09-26 17:10 -------- d-------- C:\Program Files\World of Warcraft
2006-09-18 01:12 14472 --a------ C:\WINDOWS\system32\drivers\MTK.SYS
2006-09-16 00:30 -------- d-------- C:\Documents and Settings\Zane\Application Data\PC Tools
2006-09-13 15:10 -------- d-------- C:\Program Files\PCPitstop
2006-09-12 23:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-12 17:58 -------- d-------- C:\Program Files\PartyPoker
2006-09-12 17:58 -------- d-------- C:\Program Files\Ahead
2006-09-12 17:30 -------- d-------- C:\Program Files\TuneUp Utilities 2006
2006-09-12 17:29 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2006-09-12 17:29 -------- d-------- C:\Documents and Settings\Zane\Application Data\TuneUp Software
2006-09-12 17:28 -------- d-------- C:\Program Files\ERUNT
2006-09-06 21:56 -------- d-------- C:\Documents and Settings\Zane\Application Data\ATI
2006-09-06 21:50 -------- d-------- C:\Program Files\CoffeeTycoon_at
2006-08-25 09:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 06:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 03:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 05:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-02 17:27 520192 --------- C:\WINDOWS\system32\ati2sgag.exe
2006-08-02 16:12 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2006-08-02 16:08 258048 --a------ C:\WINDOWS\system32\ati2dvag.dll
2006-08-02 16:02 86016 --a------ C:\WINDOWS\system32\ati2evxx.dll
2006-08-02 16:02 77824 --a------ C:\WINDOWS\system32\Oemdspif.dll
2006-08-02 16:02 41984 --a------ C:\WINDOWS\system32\ati2edxx.dll
2006-08-02 16:02 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2006-08-02 16:02 114688 --a------ C:\WINDOWS\system32\atipdlxx.dll
2006-08-02 16:01 401408 --a------ C:\WINDOWS\system32\ati2evxx.exe
2006-08-02 16:00 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2006-08-02 15:55 2373088 --a------ C:\WINDOWS\system32\ati3duag.dll
2006-08-02 15:51 2354720 --a------ C:\WINDOWS\system32\ativvaxx.dll
2006-08-02 15:49 6684672 --a------ C:\WINDOWS\system32\atioglx1.dll
2006-08-02 15:45 5136384 --a------ C:\WINDOWS\system32\atioglxx.dll
2006-08-02 15:41 208896 --a------ C:\WINDOWS\system32\atikvmag.dll
2006-08-02 15:40 303104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll
2006-08-02 15:40 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2006-08-02 15:35 286720 --a------ C:\WINDOWS\system32\ati2cqag.dll
2006-07-27 07:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
 
 
((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATITool"="\"C:\\Program Files\\ATITool\\ATITool.exe\" -s"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"gwiz"="C:\\WINDOWS\\system32\\ntsystem.exe"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="http://www.daily-desktops.com/calendar/mem...t04/800/n19.jpg"
"SubscribedURL"="http://www.daily-desktops.com/calendar/mem...t04/800/n19.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,52,01,00,00,23,00,00,00,7c,00,00,00,72,00,00,00,e8,\
  03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,6a,02,00,00,e1,00,00,00,20,03,00,00,80,02,\
  00,00,01,00,00,40
"RestoredStateInfo"=hex:14,6d,16,04,41,c0,b4,74,d0,71,b9,03,68,de,16,04,20,6d,\
  16,04,39,6b,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,ea,\
  03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
  ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
  00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"Wallpaper"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000
"NoDrives"=hex:00,00,00,00
"NoSharedDocuments"=hex:00,00,00,00
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma Loader"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
"backup"="C:\\WINDOWS\\pss\\ATI CATALYST System Tray.lnkCommon Startup"
"location"="Common Startup"
"item"="ATI CATALYST System Tray"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ulead Photo Express 4.0 SE Calendar Checker .lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Ulead Photo Express 4.0 SE Calendar Checker .lnk"
"backup"="C:\\WINDOWS\\pss\\Ulead Photo Express 4.0 SE Calendar Checker .lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\ULEADS~1\\ULEADP~1.0SE\\CalCheck.exe "
"item"="Ulead Photo Express 4.0 SE Calendar Checker "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Zane^Start Menu^Programs^Startup^Joint Operations Typhoon Rising Registration.lnk]
"path"="C:\\Documents and Settings\\Zane\\Start Menu\\Programs\\Startup\\Joint Operations Typhoon Rising Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\Joint Operations Typhoon Rising Registration.lnkStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\Zane\\Local Settings\\Temp\\{92B3B9ED-97AA-4F96-8EFD-F441DDD9835B}\\{0325F1C1-883A-41AB-8981-B27359ABDFAF}\\NOVG.EXE /remind /language=ENU /PRNM=\"Joint Operations Typhoon Rising\""
"item"="Joint Operations Typhoon Rising Registration"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="atiptaxx"
"hkey"="HKLM"
"command"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATITool]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ATITool"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ATITool\\ATITool.exe\" -s"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClrSchLoader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Loader"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eZmmod]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mmod"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eZWO]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wo"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InCD"
"hkey"="HKLM"
"command"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L0oFRRf6X]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mrvcx"
"hkey"="HKCU"
"command"="mrvcx.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MsnMsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCCClient.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PCCClient"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="pccguide"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pcsv]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="pcsvc"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\pcs\\pcsvc.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestTrap]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PestTrap"
"hkey"="HKCU"
"command"="C:\\Program Files\\PestTrap\\PestTrap.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop3trap.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Pop3trap"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DrgToDsc"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy Media Creator 8\\Drag to Disc\\DrgToDsc.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RoxWatchTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Roxio Shared\\SharedCOM8\\RoxWatchTray.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rzu]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Rzu"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAHAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SahAgent"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\SahAgent.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StyleXP"
"hkey"="HKCU"
"command"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\j2re1.4.2_05\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="tgcmd"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Support.com\\bin\\tgcmd.exe\" /server /startmonitor /deaf"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\"  -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UFSA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UFSA"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue Registry Booster]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RegistryBooster"
"hkey"="HKCU"
"command"="C:\\Program Files\\Uniblue\\Registry Booster\\RegistryBooster.exe /S"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updater]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wupdater"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common files\\updater\\wupdater.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ViewMgr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebRebates0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WebRebates0"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows installer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winstall"
"hkey"="HKCU"
"command"="C:\\winstall.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=dword:00000002
"RoxWatch"=dword:00000002
"RoxUpnpServer"=dword:00000002
"RoxUPnPRenderer"=dword:00000003
"RoxMediaDB"=dword:00000003
"InCDsrvR"=dword:00000002
"InCDsrv"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll"

 
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

Completion time: 06-10-23 21:29:40.26
C:\ComboFix.txt ... 06-10-23 21:29

14

Hardware / CD drives not working/not in the My computer folder

« on: October 23, 2006, 08:04:18 PM »

I dunno what happend but both my CD drives or not working. When I go into my device manager it shows both of them with a ! next to them. My asus CD-S520/A4 and Sony DVD RW DRU-820A both say "Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)" I tride to put new drives for them but didnt work. Any help would be very nice.

15

Tech Clinic / SpySheiff and PestControl

« on: October 23, 2006, 07:56:30 PM »

Hello I just started having a problem with this last night. A litte red circle with a X come up in my running apps in the right corner.  It say that my computer is infected and to download protection now. If you do click it opens Pesttrap.  I cannot get rid of them they just keep on redownloading them selfs. Please help.

Logfile of HijackThis v1.99.1
Scan saved at 6:48:54 PM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\Zane\uwfgtncy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [gwiz] C:\WINDOWS\system32\ntsystem.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [PestTrap] C:\Program Files\PestTrap\PestTrap.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/version2/w...en/AMClient.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe