Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - ivy90

Pages: [1] 2

Tech Clinic / DVD rom drive not working

« on: January 29, 2008, 10:44:41 PM »

[quote name=\'guestolo\' post=\'420382\' date=\'Jan 29 2008, 07:19 PM\']That's the benefit's of running registry cleaning programs, If your not sure what your removing it can do more harm than good
As it appears in your case

You can try uninstalling your DVD drive in Device manager and then reboot the computer
Let Windows reinstall it on startup and see if that helps[/quote]

okay i just uninstalled and restarted, i inserted another cd but nopeeeeeeeeeeee nada still. i hate this!

Tech Clinic / DVD rom drive not working

« on: January 29, 2008, 04:05:38 PM »

[quote name=\'guestolo\' post=\'420276\' date=\'Jan 28 2008, 11:17 PM\']http://www.liutilities.com/support/faq/articles/120/[/quote]

the thing is, i already deleted the program...

Tech Clinic / DVD rom drive not working

« on: January 28, 2008, 03:59:03 PM »

I recently bought a McAfee total protection program so i can protect my computer but once i put in the cd the cd/dvd rom drive began to make the noise like its reading it and about to open, but it will stop, redue that noise and then begin some grinding noise like it was stuck or not able to read the cd. On my system it says that the device is working properly and before installing the cd i downloaded uniblue registrybooster 2 to see if i had any problems in my registry, now im afraid that it might have deleted some registry keys that work with my cd/dvd rom drive. Pleaseeeeeeee someone help me

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Tech Clinic / JS/DOWNLOADER-AUD

« on: September 04, 2007, 01:38:31 AM »

i looked at other websites and it told me to disable my system recovery and to run the scan and it should be gone, that part is true buttttttt my windows update logo, the yellow symbol with the "!" in the middle, shows up but nothing happens when i click on it, and it's still 0%

Tech Clinic / JS/DOWNLOADER-AUD

« on: September 04, 2007, 01:30:35 AM »

[quote name=\'guestolo\' post=\'381785\' date=\'Aug 26 2007, 07:49 PM\']Follow my previous instructions to install and run the updated version of Hijackthis and post it's fresh log

Also,
supply an uninstall list from Hijackthis
After you post the updated hijackthis log, close it, then ReOpen Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents[/quote]

Logfile of HijackThis v1.99.1
Scan saved at 2:28:40 AM, on 9/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
c:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
C:\PROGRA~1\mcafee.com\agent\McDash.exe
C:\PROGRA~1\mcafee.com\shared\mghtml.exe
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MPFEXE] "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe"
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

------------------------------

ABBYY FineReader 6.0 Sprint
AC3Filter (remove only)
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0
Adobe Reader 7.0.9
Adobe Shockwave Player
AIM 6
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Instant Messenger
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
Ares 1.9.6
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Anti-Spyware 7.5
Belkin 802.11g Wireless Card
BigFix
BitComet 0.81
Broadcom 802.11 Network Adapter
Browser Address Error Redirector
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DVD Solution
Gateway Game Console
Google Desktop
gtw_logo
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB914906)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
iTunes
J2SE Runtime Environment 5.0 Update 10
Lexmark 2400 Series
Lexmark Fax Solutions
McAfee Uninstall Wizard
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Starter Edition 2006
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Motorola SM56 Data Fax Modem
Mozilla Firefox (2.0.0.2)
Mozilla Firefox (2.0.0.6)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Napster Burn Engine
Power2Go 4.0
PowerDVD
QuickTime
RealPlayer
REALTEK RTL8187 Wireless LAN Driver and Utility
Sandlot Games Client Services
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
SigmaTel Audio
Sonic Encoders
Spybot - Search & Destroy 1.4
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WildTangent Web Driver
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB889673
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
XviD MPEG-4 Video Codec

Tech Clinic / JS/DOWNLOADER-AUD

« on: August 26, 2007, 07:44:38 PM »

Logfile of HijackThis v1.99.1
Scan saved at 8:44:04 PM, on 8/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
c:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
c:\program files\aim6\anotify.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MPFEXE] "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe"
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Tech Clinic / JS/DOWNLOADER-AUD

« on: August 23, 2007, 10:04:23 PM »

i just ran my mcafee system scan and the trojan was detected, how do i remove the trojan? can someone please assist me with this problem

Tech Clinic / internet explorer doesn't work

« on: January 26, 2007, 12:43:56 AM »

i deleted internet explorer from my add and remove when i first got my computer, but it still has files on my computer, associated with bearflix because i also downloaded that but deleted it..now im trying to use the new 7.0 but it doesn't work correctly..i type in the address..then it freezes and i can't use it. help?

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 18, 2007, 06:04:20 PM »

everything else is fine with my compuer. the virus is gone!
but im having problems with my internet explorer..

i deleted internet explorer from my add and remove when i 1st got my laptop, i can still use it cause somehow it's still on my laptop just not on my add & remove..whenever i open it up, it freezes and doesn't load..i downloaded the new 7.0 verison and the same thing happens..i deleted the internet explorer 7.0..and the old icon appears on my desktop..my question is..how can i get it to start working again?

Tech Clinic / internet explorer doesnt work

« on: January 16, 2007, 02:36:38 PM »

i deleted internet explorer from my add and remove when i 1st got my laptop, i can still use it cause somehow it's still on my laptop just not on my add & remove..whenever i open it up, it freezes and doesn't load..i downloaded the new 7.0 verison and the same thing happens..i deleted the internet explorer 7.0..and the old icon appears on my desktop..my question is..how can i get it to start working again?

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 12, 2007, 01:12:08 AM »

this is the hijack:

Logfile of HijackThis v1.99.1
Scan saved at 10:24:09 PM, on 1/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRserv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MPFEXE] "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCRCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCRserv.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

i couldnt find the O4: stuff on hijack..but it shows on my processes that i still have them running...the ATI one freezes my computer every minute. and internet explorer freezes whenever i want to use it..so thats why i wanted to delete it..

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 12, 2007, 01:09:53 AM »

this is the spybot:--- Search result list ---Bearshare: Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E}WildTangent: Program directory (Directory, nothing done) C:\WINDOWS\wt\WildTangent: Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{1FAD572E-1A3D-44D9-9C23-A87F922DA8C0}WildTangent: Type library (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}WildTangent: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent CDAWildTangent: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Logger.LogSessionWildTangent: Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Logger.LogSession.1WildTangent: Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A62FA99E-922E-4ECA-A1D9-B54EF294A3CC}WildTangent: Library (File, nothing done) C:\WINDOWS\wt\webdriver.dllWildTangent: Program directory (Directory, nothing done) C:\WINDOWS\wt\wtupdates\WildTangent: Program directory (Directory, nothing done) C:\WINDOWS\wt\updater\WildTangent: Program directory (Directory, nothing done) C:\WINDOWS\wt\webdriver\Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0Advertising.com: Tracking cookie (Internet Explorer: Owner) (Cookie, nothing done) Avenue A, Inc.: Tracking cookie (Internet Explorer: Owner) (Cookie, nothing done) DoubleClick: Tracking cookie (Internet Explorer: Owner) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---2005-05-31 blindman.exe (1.0.0.1)2005-05-31 SpybotSD.exe (1.4.0.3)2005-05-31 TeaTimer.exe (1.4.0.2)2007-01-07 unins000.exe (51.41.0.0)2005-05-31 Update.exe (1.4.0.0)2006-02-06 advcheck.dll (1.0.2.0)2005-05-31 aports.dll (2.1.0.0)2005-05-31 borlndmm.dll (7.0.4.453)2005-05-31 delphimm.dll (7.0.4.453)2005-05-31 SDHelper.dll (1.4.0.0)2006-02-20 Tools.dll (2.0.0.2)2005-05-31 UnzDll.dll (1.73.1.1)2005-05-31 ZipDll.dll (1.73.2.0)2007-01-05 Includes\Cookies.sbi (*)2006-12-08 Includes\Dialer.sbi (*)2007-01-05 Includes\DialerC.sbi (*)2006-11-24 Includes\Hijackers.sbi (*)2007-01-05 Includes\HijackersC.sbi (*)2006-10-27 Includes\Keyloggers.sbi (*)2007-01-05 Includes\KeyloggersC.sbi (*)2004-11-29 Includes\LSP.sbi (*)2006-12-22 Includes\Malware.sbi (*)2007-01-05 Includes\MalwareC.sbi (*)2006-10-20 Includes\PUPS.sbi (*)2007-01-05 Includes\PUPSC.sbi (*)2007-01-05 Includes\Revision.sbi (*)2006-12-08 Includes\Security.sbi (*)2007-01-05 Includes\SecurityC.sbi (*)2006-10-13 Includes\Spybots.sbi (*)2007-01-05 Includes\SpybotsC.sbi (*)2005-02-17 Includes\Tracks.uti2006-12-08 Includes\Trojans.sbi (*)2007-01-05 Includes\TrojansC.sbi (*)--- System information ---Windows XP (Build: 2600) Service Pack 2 / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / Media Center 2005 / SP4: Update Rollup 2 for Windows XP Media Center Edition 2005 / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \nIf you later install a more recent service pack, this Security Update will be uninstalled automatically. \nFor more information, visit http://support.microsoft.com/kb/917283 / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \nIf you later install a more recent service pack, this Security Update will be uninstalled automatically. \nFor more information, visit http://support.microsoft.com/kb/922770 / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2 / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458) / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs / Windows / SP1: Microsoft National Language Support Downlevel APIs / Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565) / Windows Media Player 10: Update for Windows Media Player 10 (KB913800) / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734) / Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398) / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP / Windows XP / SP3: Windows XP Hotfix - KB834707 / Windows XP / SP3: Windows XP Hotfix - KB867282 / Windows XP / SP3: Windows XP Hotfix - KB873333 / Windows XP / SP3: Windows XP Hotfix - KB873339 / Windows XP / SP3: Security Update for Windows XP (KB883939) / Windows XP / SP3: Windows XP Hotfix - KB885250 / Windows XP / SP3: Windows XP Hotfix - KB885835 / Windows XP / SP3: Windows XP Hotfix - KB885836 / Windows XP / SP3: Windows XP Hotfix - KB886185 / Windows XP / SP3: Windows XP Hotfix - KB887472 / Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998) / Windows XP / SP3: Windows XP Hotfix - KB888113 / Windows XP / SP3: Windows XP Hotfix - KB888239 / Windows XP / SP3: Windows XP Hotfix - KB888302 / Windows XP / SP3: Hotfix for Windows XP (KB888795) / Windows XP / SP3: Windows XP Hotfix - KB889673 / Windows XP / SP3: Security Update for Windows XP (KB890046) / Windows XP / SP3: Windows XP Hotfix - KB890047 / Windows XP / SP3: Windows XP Hotfix - KB890175 / Windows XP / SP3: Windows XP Hotfix - KB890859 / Windows XP / SP3: Windows XP Hotfix - KB890923 / Windows XP / SP3: Hotfix for Windows XP (KB891593) / Windows XP / SP3: Windows XP Hotfix - KB891781 / Windows XP / SP3: Security Update for Windows XP (KB893066) / Windows XP / SP3: Windows XP Hotfix - KB893086 / Windows XP / SP3: Hotfix for Windows XP (KB893357) / Windows XP / SP3: Security Update for Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Update for Windows XP (KB894391) / Windows XP / SP3: Hotfix for Windows XP (KB895953) / Windows XP / SP3: Hotfix for Windows XP (KB896256) / Windows XP / SP3: Hotfix for Windows XP (KB896344) / Windows XP / SP3: Security Update for Windows XP (KB896358) / Windows XP / SP3: Security Update for Windows XP (KB896422) / Windows XP / SP3: Security Update for Windows XP (KB896423) / Windows XP / SP3: Security Update for Windows XP (KB896424) / Windows XP / SP3: Security Update for Windows XP (KB896428) / Windows XP / SP3: Security Update for Windows XP (KB896688) / Windows XP / SP3: Update for Windows XP (KB896727) / Windows XP / SP3: Update for Windows XP (KB898461) / Windows XP / SP3: Hotfix for Windows XP (KB899337) / Windows XP / SP3: Hotfix for Windows XP (KB899510) / Windows XP / SP3: Security Update for Windows XP (KB899587) / Windows XP / SP3: Security Update for Windows XP (KB899588) / Windows XP / SP3: Security Update for Windows XP (KB899589) / Windows XP / SP3: Security Update for Windows XP (KB899591) / Windows XP / SP3: Update for Windows XP (KB900485) / Windows XP / SP3: Security Update for Windows XP (KB900725) / Windows XP / SP3: Security Update for Windows XP (KB901017) / Windows XP / SP3: Security Update for Windows XP (KB901214) / Windows XP / SP3: Security Update for Windows XP (KB902400) / Windows XP / SP3: Hotfix for Windows XP (KB902841) / Windows XP / SP3: Security Update for Windows XP (KB903235) / Windows XP / SP3: Security Update for Windows XP (KB904706) / Windows XP / SP3: Update for Windows XP (KB904942) / Windows XP / SP3: Security Update for Windows XP (KB905414) / Windows XP / SP3: Security Update for Windows XP (KB905749) / Windows XP / SP3: Security Update for Windows XP (KB905915) / Windows XP / SP3: Hotfix for Windows XP (KB906569) / Windows XP / SP3: Security Update for Windows XP (KB908519) / Windows XP / SP3: Security Update for Windows XP (KB908531) / Windows XP / SP3: Hotfix for Windows XP (KB909095) / Windows XP / SP3: Update for Windows XP (KB910437) / Windows XP / SP3: Hotfix for Windows XP (KB910728) / Windows XP / SP3: Update for Windows XP (KB911280) / Windows XP / SP3: Security Update for Windows XP (KB911562) / Windows XP / SP3: Security Update for Windows XP (KB911567) / Windows XP / SP3: Security Update for Windows XP (KB911927) / Windows XP / SP3: Hotfix for Windows XP (KB912024) / Windows XP / SP3: Security Update for Windows XP (KB912812) / Windows XP / SP3: Security Update for Windows XP (KB912919) / Windows XP / SP3: Update for Windows XP (KB912945) / Windows XP / SP3: Security Update for Windows XP (KB913580) / Windows XP / SP3: Security Update for Windows XP (KB914388) / Windows XP / SP3: Security Update for Windows XP (KB914389) / Windows XP / SP3: Hotfix for Windows XP (KB914440) / Windows XP / SP3: Hotfix for Windows XP (KB914906) / Windows XP / SP3: Hotfix for Windows XP (KB915865) / Windows XP / SP3: Security Update for Windows XP (KB916281) / Windows XP / SP3: Update for Windows XP (KB916595) / Windows XP / SP3: Security Update for Windows XP (KB917159) / Windows XP / SP3: Security Update for Windows XP (KB917344) / Windows XP / SP3: Security Update for Windows XP (KB917422) / Windows XP / SP3: Security Update for Windows XP (KB917537) / Windows XP / SP3: Security Update for Windows XP (KB917953) / Windows XP / SP3: Security Update for Windows XP (KB918439) / Windows XP / SP3: Security Update for Windows XP (KB919007) / Windows XP / SP3: Security Update for Windows XP (KB920213) / Windows XP / SP3: Security Update for Windows XP (KB920214) / Windows XP / SP3: Security Update for Windows XP (KB920670) / Windows XP / SP3: Security Update for Windows XP (KB920683) / Windows XP / SP3: Security Update for Windows XP (KB920685) / Windows XP / SP3: Update for Windows XP (KB920872) / Windows XP / SP3: Security Update for Windows XP (KB921398) / Windows XP / SP3: Update for Windows XP (KB922582) / Windows XP / SP3: Security Update for Windows XP (KB922616) / Windows XP / SP3: Security Update for Windows XP (KB922760) / Windows XP / SP3: Security Update for Windows XP (KB922819) / Windows XP / SP3: Security Update for Windows XP (KB923191) / Windows XP / SP3: Security Update for Windows XP (KB923414) / Windows XP / SP3: Security Update for Windows XP (KB923694) / Windows XP / SP3: Security Update for Windows XP (KB923980) / Windows XP / SP3: Security Update for Windows XP (KB924191) / Windows XP / SP3: Security Update for Windows XP (KB924270) / Windows XP / SP3: Security Update for Windows XP (KB924496) / Windows XP / SP3: Security Update for Windows XP (KB925454) / Windows XP / SP3: Security Update for Windows XP (KB925486) / Windows XP / SP3: Hotfix for Windows XP (KB926239) / Windows XP / SP3: Security Update for Windows XP (KB926255)--- Startup entries list ---Located: HK_LM:Run, LXCRCATScommand: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 file:Located: HK_LM:Run, MCAgentExecommand: c:\PROGRA~1\mcafee.com\agent\McAgent.exe file: c:\PROGRA~1\mcafee.com\agent\McAgent.exe size: 303104 MD5: e8d2dcece015f4558aa3853514664f15Located: HK_LM:Run, MCUpdateExecommand: c:\PROGRA~1\mcafee.com\agent\mcupdate.exe file: c:\PROGRA~1\mcafee.com\agent\mcupdate.exe size: 212992 MD5: dec79e9887924b82837b9b7730ecaa1fLocated: HK_LM:Run, MPFEXEcommand: "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe" file: C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe size: 1005096 MD5: d76dcba1bce72093e00a4efa114a4e98Located: HK_LM:Run, MSKAGENTEXEcommand: C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe file: C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe size: 110592 MD5: cb760add3ca741dfd499e289dc682f02Located: HK_LM:Run, SunJavaUpdateSchedcommand: "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" file: C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe size: 49263 MD5: 3aa5d60b77ce19b1f2521f532ab986e7Located: HK_CU:Run, Aim6command: "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp file: C:\Program Files\AIM6\aim6.exe size: 50736 MD5: b6c1d859d1c25e80ab655bd5f4a6884bLocated: HK_CU:Run, MSMSGScommand: "C:\Program Files\Messenger\msmsgs.exe" /background file: C:\Program Files\Messenger\msmsgs.exe size: 1694208 MD5: 74e6e96c6f0e2eca4edbb7f7a468f259Located: System.ini, AtiExtEventcommand: Ati2evxx.dll file: Ati2evxx.dllLocated: System.ini, crypt32chaincommand: crypt32.dll file: crypt32.dllLocated: System.ini, cryptnetcommand: cryptnet.dll file: cryptnet.dllLocated: System.ini, cscdllcommand: cscdll.dll file: cscdll.dllLocated: System.ini, ScCertPropcommand: wlnotify.dll file: wlnotify.dllLocated: System.ini, Schedulecommand: wlnotify.dll file: wlnotify.dllLocated: System.ini, sclgntfycommand: sclgntfy.dll file: sclgntfy.dllLocated: System.ini, SensLogncommand: WlNotify.dll file: WlNotify.dllLocated: System.ini, termsrvcommand: wlnotify.dll file: wlnotify.dllLocated: System.ini, wlballooncommand: wlnotify.dll file: wlnotify.dll--- Browser helper object list ---{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture) BHO name: BitComet ClickCapture CLSID name: BitComet Helper Path: C:\Program Files\BitComet\tools\ Long name: BitCometBHO.dll Short name: BITCOM~2.DLL Date (created): 12/27/2006 10:00:32 AMDate (last access): 1/7/2007 8:54:46 PM Date (last write): 12/27/2006 10:00:32 AM Filesize: 325184 Attributes: archive MD5: 957D8A9EB70FD9A668E7BECAACD1F249 CRC32: 0FDD58F8 Version: 1.0.12.26{3EC8255F-E043-4cae-8B3B-B191550C2A22} (McAfee PopupKiller) BHO name: McAfee PopupKiller CLSID name: McAfee Privacy Service Popup Blocker Path: c:\program files\mcafee.com\mps\ Long name: PopupKiller.dll Short name: POPUPK~1.DLL Date (created): 12/17/2006 12:59:38 AMDate (last access): 1/7/2007 9:00:52 PM Date (last write): 9/28/2005 4:28:10 PM Filesize: 132648 Attributes: archive MD5: 77D107A323259FF27D6121CA30304C82 CRC32: ADBD1E43 Version: 8.1.0.120{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} (McAfee AntiPhishing Filter) BHO name: CLSID name: McAfee AntiPhishing Filter Path: c:\PROGRA~1\mcafee\SPAMKI~1\ Long name: McApfBHO.dll Short name: Date (created): 10/21/2006 10:08:56 PMDate (last access): 1/7/2007 9:00:52 PM Date (last write): 11/3/2005 2:10:32 PM Filesize: 348160 Attributes: archive MD5: D035A02257CEE3F6A1F6115AF5AD3F54 CRC32: 2EA64926 Version: 7.0.2.3{CA6319C0-31B7-401E-A518-A07C3DB8F777} (CBrowserHelperObject Object) BHO name: CLSID name: CBrowserHelperObject Object Path: c:\windows\system32\ Long name: bae.dll Short name: Date (created): 10/21/2006 9:44:52 PMDate (last access): 1/7/2007 9:00:52 PM Date (last write): 1/31/2006 1:54:30 PM Filesize: 94208 Attributes: archive MD5: 3467178AE878796650290CA54361C810 CRC32: 9C59917B Version: 1.1.0.1--- ActiveX list ---{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) DPF name: Java Runtime Environment 1.5.0 CLSID name: Java Plug-in 1.5.0_10 Installer: Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab Path: C:\Program Files\Java\jre1.5.0_10\bin\ Long name: NPJPI150_10.dll Short name: NPJPI1~1.DLL Date (created): 11/9/2006 3:07:34 PMDate (last access): 1/6/2007 2:49:06 AM Date (last write): 11/9/2006 3:21:54 PM Filesize: 75528 Attributes: archive MD5: 635F4B3A0F1C661B5CEDE628BA85E46B CRC32: 0C9B7145 Version: 5.0.100.3--- Process list ---PID: 0 ( 0) [System]PID: 868 ( 4) \SystemRoot\System32\smss.exePID: 940 ( 868) \??\C:\WINDOWS\system32\csrss.exePID: 968 ( 868) \??\C:\WINDOWS\system32\winlogon.exePID: 1016 ( 968) C:\WINDOWS\system32\services.exe size: 108032 MD5: C6CE6EEC82F187615D1002BB3BB50ED4PID: 1028 ( 968) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 84885F9B82F4D55C6146EBF6065D75D2PID: 1184 (1016) C:\WINDOWS\system32\Ati2evxx.exe size: 405504 MD5: 5784A06FDC2AC7954225A1A79E1A8F00PID: 1196 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 1280 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 1432 (1016) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 1488 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 1664 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 128 (1016) C:\WINDOWS\System32\WLTRYSVC.EXE size: 18944 MD5: 61E71BC3CD3530444000A9B68F7EE931PID: 252 ( 212) C:\WINDOWS\Explorer.EXE size: 1032192 MD5: A0732187050030AE399B241436565E64PID: 360 (1016) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9FPID: 744 (1016) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe size: 204800 MD5: E8FBDCC8D618D1BB84B828F247A6244BPID: 768 (1016) C:\WINDOWS\eHome\ehRecvr.exe size: 237568 MD5: 5D1347AA5AE6E2F77D7F4F8372D95AC9PID: 848 (1016) C:\WINDOWS\eHome\ehSched.exe size: 102912 MD5: A53243709439AC2A4C216B817F8D7411PID: 1156 (1016) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRserv.exe size: 61440 MD5: 2B12A8CCDFB6E9AAA978AED233972A70PID: 1360 (1016) c:\program files\mcafee.com\agent\mcdetect.exe size: 126976 MD5: F73B0F3EBD90B1C87A3B93BE94E831C7PID: 1400 (1016) c:\PROGRA~1\mcafee.com\vso\mcshield.exe size: 221184 MD5: FAE84A2F9C11B7C532950BF0AE1EC26APID: 1520 (1016) c:\PROGRA~1\mcafee.com\agent\mctskshd.exe size: 122368 MD5: A214E217784D1002411DCA8E9793D4A4PID: 1612 (1400) c:\PROGRA~1\mcafee.com\vso\OasClnt.exe size: 53248 MD5: 76E033F33912BFACA4A05BE8D1F3A740PID: 1968 (1016) C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe size: 548864 MD5: 316535E69181703D4CE4623DEA29FECBPID: 2012 (1196) c:\program files\mcafee.com\vso\mcvsshld.exe size: 163840 MD5: B154AC6DBD82F96476003E58E1625BD8PID: 1704 (2012) c:\program files\mcafee.com\agent\mcagent.exe size: 303104 MD5: E8D2DCECE015F4558AA3853514664F15PID: 272 (2012) c:\progra~1\mcafee.com\vso\mcvsescn.exe size: 483328 MD5: 3B1A1BAA8D7444DEFCE4093611212ED6PID: 1392 ( 252) C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe size: 110592 MD5: CB760ADD3CA741DFD499E289DC682F02PID: 1424 ( 252) C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe size: 1005096 MD5: D76DCBA1BCE72093E00A4EFA114A4E98PID: 2276 (1196) c:\progra~1\mcafee.com\vso\mcvsftsn.exe size: 299008 MD5: FBB63395BDE6DBE39D4D469A046D5311PID: 2372 (1016) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS size: 172032 MD5: 33D7285F12D934268A34206DFC4AD1B3PID: 2488 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 2644 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 2728 (1016) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716PID: 3096 (1016) C:\WINDOWS\ehome\mcrdsvc.exe size: 99328 MD5: DF0A511F38F16016BF658FCA0090CB87PID: 3744 (1016) C:\WINDOWS\system32\dllhost.exe size: 5120 MD5: DD87DB7387B9EB441C5674888A0D840CPID: 3884 (1016) C:\WINDOWS\system32\lxcrcoms.exe size: 495616 MD5: 0D61D164E07C514570D243FFA347C3A7PID: 1388 (1016) C:\WINDOWS\System32\alg.exe size: 44544 MD5: F1958FBF86D5C004CF19A5951A9514B7PID: 2064 (1196) C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe size: 524288 MD5: EFFC4B0F270FC1A6EDF49A274BF5CDF8PID: 648 ( 252) C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe size: 630872 MD5: 04D87406AE5C6E263BB14600B8891489PID: 2324 ( 252) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe size: 6266880 MD5: 01D90AE5DCCBCE0C7B52874FEC35A608PID: 3840 ( 128) C:\WINDOWS\System32\bcmwltry.exe size: 1093632 MD5: 9A0CE1DB25F1CDD3ED11236884800538PID: 3256 ( 252) C:\Program Files\BitComet\BitComet.exe size: 5146176 MD5: D92FA50866D4ED2E5F153C3772E8AF81PID: 3224 ( 252) C:\Program Files\AIM6\aim6.exe size: 50736 MD5: B6C1D859D1C25E80AB655BD5F4A6884BPID: 3952 (3224) C:\Program Files\AIM6\aolsoftware.exe size: 50736 MD5: C482C535CBFEFE722EC1EB7F11F680A3PID: 3216 ( 252) C:\Program Files\Mozilla Firefox\firefox.exe size: 7620696 MD5: 6D05E232DDE95D48FBF0D879559CD3CAPID: 1788 (3364) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 4393096 MD5: 09CA174A605B480318731E691DC98539PID: 1456 (2728) C:\WINDOWS\system32\wuauclt.exe size: 124184 MD5: EBF1AB7E4FC05CABF2F4680D2A45F827PID: 4 ( 0) System--- Browser start & search pages list ---Spybot - Search & Destroy browser pages report, 1/7/2007 9:16:02 PMHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htmHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.google.comHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar http://www.google.com/ieHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://google.bearflix.com/HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://www.google.com/ieHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ http://www.google.com/search?q=%sHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htmHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.google.com/ieHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://www.google.com/ieHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm--- Winsock Layered Service Provider list ---Protocol 0: MC_LAYERED MSAFD Tcpip [TCP/IP] GUID: {D67C2995-3395-44D8-A0AB-AFA15E7ACE03} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 1: MC_LAYERED MSAFD Tcpip [UDP/IP] GUID: {70A250BD-C191-4BC9-8638-EEABA1AFAC6E} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 2: MC_LAYERED MSAFD Tcpip [RAW/IP] GUID: {D947007D-2E30-4944-8FD1-D0B7FBA5B75F} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 3: MC_LAYERED RSVP UDP Service Provider GUID: {E176895C-5A4E-4E4A-A38A-28BED1CFFF29} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 4: MC_LAYERED RSVP TCP Service Provider GUID: {C06B2819-4A2F-4D46-8870-6D9C6CAAFF25} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 5: MC_LAYERED MSAFD Tcpip [TCP/IPv6] GUID: {91589EBE-A6DD-4E6C-A9D6-07C5466CF722} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 6: MC_LAYERED MSAFD Tcpip [UDP/IPv6] GUID: {A8B2B330-03AE-4382-83D3-3E01D0EEF99E} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 7: MC_LAYERED MSAFD Tcpip [RAW/IPv6] GUID: {5D2269D3-493C-4B9E-863D-C5911F07308F} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 8: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{556D76A8-7D8A-441E-81DD-9304BE16D690}] SEQPACKET 3 GUID: {11A3511F-F7EB-4EC2-A5CE-0461208F6AF6} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 9: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{556D76A8-7D8A-441E-81DD-9304BE16D690}] DATAGRAM 3 GUID: {98E0C868-4C7A-4D2A-ABB6-629CCE3E7590} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 10: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9CD3F08-360D-42E1-83E7-66BB6B884BFE}] SEQPACKET 6 GUID: {E55EE927-8B9C-4025-A688-E0C43BB3E3EF} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 11: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9CD3F08-360D-42E1-83E7-66BB6B884BFE}] DATAGRAM 6 GUID: {804CF46A-8E9C-4DD9-9B54-A344D1DD21C4} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 12: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C4D7CC61-449F-4A51-94CD-8A2D5DCEE408}] SEQPACKET 8 GUID: {8F9AB237-FDFE-471F-AF48-BD4D68B0B184} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 13: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C4D7CC61-449F-4A51-94CD-8A2D5DCEE408}] DATAGRAM 8 GUID: {BDF8890F-A4C1-4F56-88F7-2E1F682741AF} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 14: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{6B922398-5FF5-46B4-83E5-F9CC44D0D2E7}] SEQPACKET 9 GUID: {FBE2074C-F4CA-428F-BB6C-9DD52F332D8F} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 15: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip6_{6B922398-5FF5-46B4-83E5-F9CC44D0D2E7}] DATAGRAM 9 GUID: {9444A4EB-AE01-49E5-9ED6-34D6456A2ADF} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 16: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{556D76A8-7D8A-441E-81DD-9304BE16D690}] SEQPACKET 7 GUID: {1FE8C530-624F-42FA-9914-A9981BB4EC47} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 17: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{556D76A8-7D8A-441E-81DD-9304BE16D690}] DATAGRAM 7 GUID: {4582F35F-8135-40F2-8E15-9727E0BFDA99} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 18: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{C4D7CC61-449F-4A51-94CD-8A2D5DCEE408}] SEQPACKET 5 GUID: {3999996A-53CE-426C-907E-14BF09CDF1B0} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 19: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{C4D7CC61-449F-4A51-94CD-8A2D5DCEE408}] DATAGRAM 5 GUID: {3FC80E74-8CA7-474E-B8FE-B59400BA7A73} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 20: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{7430F5C6-E937-4602-9CCA-FC6D14443F70}] SEQPACKET 4 GUID: {5AC1BD26-A642-4CE5-A62A-8BB92C7CF002} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 21: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{7430F5C6-E937-4602-9CCA-FC6D14443F70}] DATAGRAM 4 GUID: {DF78F2B7-008F-4344-8E2B-7DF8D6D69D31} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 22: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9CD3F08-360D-42E1-83E7-66BB6B884BFE}] SEQPACKET 0 GUID: {C7770C0C-5435-48F8-BD0D-7C2730A602E6} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 23: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9CD3F08-360D-42E1-83E7-66BB6B884BFE}] DATAGRAM 0 GUID: {36469746-5152-4469-9744-F3D1553BB93F} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 24: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{506B92FB-A770-49DE-B465-8EA15A95D517}] SEQPACKET 1 GUID: {08988B84-EE13-4A07-AF58-19839B55718B} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 25: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{506B92FB-A770-49DE-B465-8EA15A95D517}] DATAGRAM 1 GUID: {96C54531-5996-4D68-A8B8-793CB01350A8} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 26: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{E02061F1-C8BA-4BD9-9327-9B0269DD363E}] SEQPACKET 2 GUID: {574877E3-8CD2-4012-BE92-58BBA96524E8} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 27: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{E02061F1-C8BA-4BD9-9327-9B0269DD363E}] DATAGRAM 2 GUID: {233D425B-EE2B-4241-846E-9BBC00B68B56} Filename: C:\WINDOWS\system32\mclsp.dllProtocol 56: McAfee.com Layered Provider GUID: {BEAA9090-2D12-11D4-9B80-00C04FF40D52} Filename: C:\WINDOWS\system32\mclsp.dll--- Uninstall list ---Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) 05/27/2006 1.3.2.0 (53F13DB4D9611FD63BE580F06F0729BF236ABE68) uninstall cmd: C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A086C7BC0C98B9A619782073FB7\amdk8.inf publisher: Advanced Micro DevicesAC3Filter (remove only) (AC3Filter) uninstall cmd: C:\Program Files\AC3Filter\uninstall.exeAd-Aware SE Personal 1.06 (Ad-Aware SE Personal) uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG publisher: Lavasoft help link: http://www.lavasoft.com (AddressBook)Adobe Photoshop 7.0 7.0 (Adobe Photoshop 7.0) version (major): 7install location: C:\Program Files\Adobe\Photoshop 7.0 install source: E:\Adobe Photoshop 7.0 Retail\ uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" publisher: Adobe Systems, Inc.Adobe Shockwave Player 10.1.4.20 (Adobe Shockwave Player) uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log publisher: Adobe Systems, Inc. help link: http://www.adobe.com/support/shockwaveAIM 6.0 (AIM_6.0) uninstall cmd: C:\Program Files\AIM6\uninst.exeATI - Software Uninstall Utility 6.14.10.1014 (All ATI Software)install location: C:\Program Files\ATI Technologies\UninstallAll uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exeAOL Instant Messenger (AOL Instant Messenger) uninstall cmd: C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=AOL You've Got Pictures Screensaver (AOL YGP Screensaver) uninstall cmd: C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exeAOL Coach Version 2.0(Build:20041026.5 en) (AolCoach2_en) uninstall cmd: C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDPAres 1.9.6 1.9.6-Build#3015 (Ares) uninstall cmd: "C:\Program Files\Ares\uninstall.exe" publisher: Ares Development GroupATI Display Driver 8.25-060404a1-035061C-Gateway (ATI Display Driver) uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -cleanAVG Anti-Spyware 7.5 (AVGAntiSpyware75)install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5 uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe publisher: Grisoft Ltd. help link: http://www.grisoft.comBigFix (BigFix) uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"BitComet 0.81 0.81 (BitComet) uninstall cmd: C:\Program Files\BitComet\uninst.exe publisher: ~RnySmile~ (Branding)Broadcom 802.11 Network Adapter 4.10.47.0 (Broadcom 802.11b Network Adapter) uninstall cmd: "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter" publisher: Broadcom Corporation (Connection Manager) (DirectAnimation) (DirectDrawEx)DivX Content Uploader 1.1.0 (DivX Content Uploader)install location: C:\Program Files\DivX uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER publisher: DivX, Inc. (DXM_Runtime) (Fontcore)Gateway Game Console (Gateway Game Console)install location: C:\Program Files\WildTangent\Apps\Gateway Game Console uninstall cmd: "C:\Program Files\WildTangent\Apps\Gateway Game Console\Uninstall.exe" publisher: WildTangent comments: OEM setup version GTWY0101 help link: http://support.wildgames.comGoogle Desktop - (Google Desktop) uninstall cmd: C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall publisher: Google help link: http://desktop.google.com/help.html?hl=engtw_logo (gtw_logo) uninstall cmd: C:\WINDOWS\system32\gtw_logo.scr /UNINSTALL "C:\WINDOWS\system32\gtw_logo.log"HijackThis 1.99.1 1.99.1 (HijackThis) uninstall cmd: C:\Program Files\HijackThis\HijackThis.exe /uninstall publisher: Soeperman Enterprises Ltd. (ICW)Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs) install date: 20061208 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" publisher: Microsoft Corporation (IE40) (IE4Data) (IE5BAKEX) (IEData) (InstallShield Uninstall Information)Texas Instruments PCIxx21/x515/xx12 drivers. 1.15.0000 (InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}) version: 17760256 version (major): 1 version (minor): 15 estimated size: 640 install date: 20061021 install source: D:\I386\APPS\APP11742\ uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033 publisher: Texas Instruments Inc. comments: TI PCIxx21/PCIx515/xx12 Software components contact: Customer Support Department help link: Please contact your vendor directly help telephone: ...Windows XP Hotfix - KB834707 20040929.110854 (KB834707) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=834707Windows XP Hotfix - KB867282 20050127.090417 (KB867282) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=867282Windows XP Hotfix - KB873333 20050114.005213 (KB873333) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873333Windows XP Hotfix - KB873339 20041117.092459 (KB873339) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873339Security Update for Windows XP (KB883939) 1 (KB883939) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=883939 (KB884016) (KB884267)Windows XP Hotfix - KB885250 20050118.202711 (KB885250) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885250 (KB885353)Windows XP Hotfix - KB885835 20041027.181713 (KB885835) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885835Windows XP Hotfix - KB885836 20041028.173203 (KB885836) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885836Windows XP Hotfix - KB886185 20041021.090540 (KB886185) uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=886185 (KB886612) (KB887078)Windows XP Hotfix - KB887472 20041014.162858 (KB887472) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887472 (KB887626)Microsoft .NET Framework 1.0 Hotfix (KB887998) (KB887998) uninstall cmd: "C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe" publisher: Microsoft CorporationHigh Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXPSP2) uninstall cmd: "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=KB888111Windows XP Hotfix - KB888113 20041116.131036 (KB888113) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888113Windows XP Hotfix - KB888239 20041124.162528 (KB888239) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888239Windows XP Hotfix - KB888302 20041207.111426 (KB888302) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888302 (KB888656)Hotfix for Windows XP (KB888795) 3 (KB888795) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888795Windows XP Hotfix - KB889673 20041116.085848 (KB889673) uninstall cmd: C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=889673 (KB889858)Security Update for Windows XP (KB890046) 1 (KB890046) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890046Windows XP Hotfix - KB890047 20041221.124506 (KB890047) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890047Windows XP Hotfix - KB890175 20041201.233338 (KB890175) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890175Windows XP Hotfix - KB890859 1 (KB890859) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890859Windows XP Hotfix - KB890923 1 (KB890923) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890923 (KB891122)Hotfix for Windows XP (KB891593) 2 (KB891593) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891593Windows XP Hotfix - KB891781 20050110.165439 (KB891781) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891781 (KB892313)Windows XP Hotfix - KB893066 1 (KB893066) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893066Windows XP Hotfix - KB893086 1 (KB893086) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893086 (KB893240) (KB893241)Hotfix for Windows XP (KB893357) 2 (KB893357) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893357Security Update for Windows XP (KB893756) 1 (KB893756) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893756Windows Installer 3.1 (KB893803) 3.1 (KB893803) publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467Windows Installer 3.1 (KB893803) 3.1 (KB893803v2) publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467Update for Windows XP (KB894391) 1 (KB894391) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=894391 (KB895181) (KB895316) (KB895572)Hotfix for Windows XP (KB895953) 4 (KB895953) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=895953Hotfix for Windows XP (KB895961) 1 (KB895961) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=895961Hotfix for Windows XP (KB896256) 3 (KB896256) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896256Hotfix for Windows XP (KB896344) 2 (KB896344) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896344Security Update for Windows XP (KB896358) 1 (KB896358) install date: 20060620 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896358Security Update for Windows XP (KB896422) 1 (KB896422) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896422Security Update for Windows XP (KB896423) 1 (KB896423) install date: 20060620 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896423Security Update for Windows XP (KB896424) 1 (KB896424) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896424Security Update for Windows XP (KB896428) 1 (KB896428) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896428Security Update for Windows XP (KB896688) 1 (KB896688) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896688Update for Windows XP (KB896727) 1 (KB896727) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896727 (KB897586)Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458) publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/898458Update for Windows XP (KB898461) 1 (KB898461) uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=898461 (KB898549)Hotfix for Windows XP (KB899337) 5 (KB899337) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899337Hotfix for Windows XP (KB899510) 1 (KB899510) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899510Security Update for Windows XP (KB899587) 1 (KB899587) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899587Security Update for Windows XP (KB899588) 1 (KB899588) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899588Security Update for Windows XP (KB899589) 1 (KB899589) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899589Security Update for Windows XP (KB899591) 1 (KB899591) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899591Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325) uninstall cmd: C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900325 (KB900399)Update for Windows XP (KB900485) 2 (KB900485) install date: 20060621 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900485Security Update for Windows XP (KB900725) 1 (KB900725) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900725Security Update for Windows XP (KB901017) 1 (KB901017) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901017Security Update for Windows XP (KB901214) 1 (KB901214) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901214 (KB902344)Security Update for Windows XP (KB902400) 1 (KB902400) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902400Hotfix for Windows XP (KB902841) 1 (KB902841) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902841Hotfix for Windows Media Player 10 (KB903157) (KB903157) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=903157Security Update for Windows XP (KB903235) 1 (KB903235) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=903235Security Update for Windows XP (KB904706) 2 (KB904706) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904706Update for Windows XP (KB904942) 2 (KB904942) install date: 20061208 uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904942Security Update for Windows XP (KB905414) 1 (KB905414) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905414Security Update for Windows XP (KB905749) 1 (KB905749) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905749Security Update for Windows XP (KB905915) 1 (KB905915) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905915Hotfix for Windows XP (KB906569) 2 (KB906569) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=906569 (KB907658)Security Update for Windows XP (KB908519) 1 (KB908519) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908519Security Update for Windows XP (KB908531) 1 (KB908531) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908531Hotfix for Windows XP (KB909095) 1 (KB909095) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB909095$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=909095Update for Windows Media Player 10 (KB910393) (KB910393) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=910393Update for Windows XP (KB910437) 1 (KB910437) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=910437Hotfix for Windows XP (KB910728) 1 (KB910728) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=910728Security Update for Windows XP (KB911280) 1 (KB911280) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911280Security Update for Windows XP (KB911562) 1 (KB911562) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911562Security Update for Windows Media Player (KB911564) (KB911564) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911564Security Update for Windows Media Player 10 (KB911565) (KB911565) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911565Security Update for Windows XP (KB911567) 1 (KB911567) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911567 (KB911854)Security Update for Windows XP (KB911927) 1 (KB911927) install date: 20060621 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911927Hotfix for Windows XP (KB912024) 2 (KB912024) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912024Security Update for Windows XP (KB912812) 1 (KB912812) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912812Security Update for Windows XP (KB912919) 1 (KB912919) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912919Update for Windows XP (KB912945) 1 (KB912945) install date: 20060618 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912945Security Update for Windows XP (KB913433) (KB913433) uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=913433Security Update for Windows XP (KB913580) 1 (KB913580) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=913580Update for Windows Media Player 10 (KB913800) (KB913800) install date: 20060621 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=913800Security Update for Windows XP (KB914388) 1 (KB914388) install date: 20061022 uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=914388Security Update for Windows XP (KB914389) 1 (KB914389) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=914389Hotfix for Windows XP (KB914440) 12 (KB914440) install date: 20061208 uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=914440Hotfix for Windows XP (KB914906) 1 (KB914906) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB914906$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=914906Hotfix for Windows XP (

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 12, 2007, 01:05:37 AM »

sorry for the late reply
it wasnt letting me post comments
because of a internel problem
did it happen to you?

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 06, 2007, 03:33:30 PM »

i remember i deleted internet explorer cause im just using firefox..but i found a folder named internet explorer with bearflix stuff..and under internet options, it says that my homepage is google.com but associated with bearflix..but im kind of lost?

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 06, 2007, 03:32:00 PM »

kk this is the unistall thing :

ABBYY FineReader 6.0 Sprint
AC3Filter (remove only)
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0
Adobe Reader 7.0.8
Adobe Shockwave Player
AIM 6.0
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Instant Messenger
AOL You've Got Pictures Screensaver
Apple Software Update
Ares 1.9.6
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Anti-Spyware 7.5
Belkin 802.11g Wireless Card
BigFix
BitComet 0.81
Broadcom 802.11 Network Adapter
Browser Address Error Redirector
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DVD Solution
Final Drive Fury
Gateway Game Console
Google Desktop
gtw_logo
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB914906)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 9
Lexmark 2400 Series
Lexmark Fax Solutions
McAfee Uninstall Wizard
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Starter Edition 2006
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Motorola SM56 Data Fax Modem
Mozilla Firefox (2.0.0.1)
MSXML 4.0 SP2 (KB927978)
Napster Burn Engine
Power2Go 4.0
PowerDVD
QuickTime
RealPlayer
REALTEK RTL8187 Wireless LAN Driver and Utility
Sandlot Games Client Services
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
SigmaTel Audio
Sonic Encoders
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE
Viewpoint Media Player
WildTangent Web Driver
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB889673
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
XviD MPEG-4 Video Codec
Yahoo! Toolbar for Internet Explorer

and for addons..i have..:

mcafee siteadvisor 26.1 and talkback 2.0.0.1
i can't view window media clips or videos on mozilla, do you know the plug in for that?

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 06, 2007, 02:12:54 AM »

Logfile of HijackThis v1.99.1
Scan saved at 2:09:42 AM, on 1/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRserv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [MPFEXE] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ares] "F:\Program Files\Ares Lite Edition\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin 802.11g Wireless Card Utility.lnk = ?
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCRCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCRserv.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 05, 2007, 08:01:56 PM »

here is hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 7:58:27 PM, on 1/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRserv.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6447
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [MPFEXE] "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe"
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCRCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCRserv.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

here is avg anti virus:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:54:43 PM 1/5/2007

+ Scan result:

C:\WINDOWS\system32\java52e.dll -> Adware.BHO : Cleaned with backup (quarantined).
[240] C:\WINDOWS\System32\java52e.dll -> Adware.BHO : Cleaned with backup (quarantined).
C:\WINDOWS\system32\msscsi.dll -> Adware.VB : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP62\A0029107.exe -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP62\A0030191.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP62\A0030192.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
:mozilla.125:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.197:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.198:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\owner@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\owner@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.34:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.35:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.36:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.37:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.19:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\owner@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.23:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.152:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.85:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\[email protected][1].txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.90:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.100:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.139:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.209:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.210:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.211:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.228:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.194:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned.
:mozilla.195:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned.
:mozilla.111:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.208:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.30:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.86:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.81:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.107:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.108:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.181:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.101:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.109:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.21:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.22:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.15:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.132:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.167:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.17:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.18:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Owner.LAPPY\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.91:C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla\Firefox\Profiles\c6x73bwi.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP62\A0029106.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP62\A0030194.exe -> Worm.VB.dw : Cleaned with backup (quarantined).

::Report end

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 05, 2007, 07:49:35 PM »

it found a couple more stuff, like... Worm.VB.dw, Backdoor.Rbot, Dropper.VB.lu

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 05, 2007, 07:19:33 PM »

when i was running the avg anti-virus program, a little screen popped up and it said it found a malware. WINDOWS\System32\java52e.dll

i didnt know what to do so it recommended that i ignored it, was that the right thing to do?

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

« on: January 05, 2007, 04:51:49 PM »

i believe i did copy and paste all
ctrl A then ctrl C then paste

here is from combofix

Owner - 07-01-05 16:49:39.56 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Owner.LAPPY\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Program Files\outlook

((((((((((((((((((((((((((((((( Files Created from 2006-12-05 to 2007-01-05 ))))))))))))))))))))))))))))))))))

2007-01-05   16:29   <DIR>   d--------   C:\Program Files\HijackThis
2007-01-04   03:01   <DIR>   d--------   C:\Program Files\Uniblue
2007-01-04   02:41   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Uniblue
2007-01-04   01:39   <DIR>   d--------   C:\Program Files\Lavasoft
2007-01-04   01:39   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Lavasoft
2007-01-03   16:05   <DIR>   d-a------   C:\Documents and Settings\All Users\Application Data\TEMP
2007-01-03   02:38   <DIR>   d--------   C:\WINDOWS\system32\appmgmt
2007-01-02   02:57   <DIR>   d--------   C:\Program Files\XviD
2007-01-02   02:51   <DIR>   d--------   C:\Program Files\AC3Filter
2007-01-02   02:40   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Azureus
2007-01-02   02:39   <DIR>   d--------   C:\Program Files\Azureus
2007-01-01   20:33   <DIR>   d--------   C:\Program Files\Ares
2007-01-01   01:19   147,456   --a------   C:\WINDOWS\system32\vbzip10.dll
2007-01-01   00:40   109,568   ---------   C:\WINDOWS\system32\pxinsi64.exe
2007-01-01   00:40   108,544   ---------   C:\WINDOWS\system32\pxcpyi64.exe
2007-01-01   00:40   <DIR>   d--------   C:\Program Files\DivX
2007-01-01   00:40   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\DivX
2006-12-31   23:47   <DIR>   d--------   C:\My Downloads
2006-12-31   23:17   0   --a------   C:\WINDOWS\b.exe
2006-12-31   22:44   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Incomplete
2006-12-31   22:43   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\LimeWire
2006-12-31   20:42   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\BitTorrent
2006-12-24   15:47   692,224   --a------   C:\WINDOWS\system32\lxcrdrs.dll
2006-12-24   15:47   65,536   --a------   C:\WINDOWS\system32\lxcrcaps.dll
2006-12-24   15:47   61,440   --a------   C:\WINDOWS\system32\lxcrcnv4.dll
2006-12-24   15:47   409,600   --a------   C:\WINDOWS\system32\lxcrinpa.dll
2006-12-24   15:47   40,960   --a------   C:\WINDOWS\system32\lxcrvs.dll
2006-12-24   15:47   393,216   --a------   C:\WINDOWS\system32\lxcriesc.dll
2006-12-24   15:47   303,104   --a------   C:\WINDOWS\system32\lxcrcoin.dll
2006-12-24   15:46   <DIR>   d--------   C:\Program Files\Lexmark 2400 Series
2006-12-24   15:45   995,328   --a------   C:\WINDOWS\system32\lxcrusb1.dll
2006-12-24   15:45   983,107   --a------   C:\WINDOWS\system32\lxcrgf.dll
2006-12-24   15:45   86,016   --a------   C:\WINDOWS\system32\lxcrcub.dll
2006-12-24   15:45   73,728   --a------   C:\WINDOWS\system32\lxcrcu.dll
2006-12-24   15:45   73,728   --a------   C:\WINDOWS\system32\LXCRcfg.dll
2006-12-24   15:45   667,648   --a------   C:\WINDOWS\system32\lxcrpmui.dll
2006-12-24   15:45   610,304   --a------   C:\WINDOWS\system32\lxcrcomc.dll
2006-12-24   15:45   536,576   --a------   C:\WINDOWS\system32\lxcrlmpm.dll
2006-12-24   15:45   495,616   --a------   C:\WINDOWS\system32\lxcrcoms.exe
2006-12-24   15:45   446,464   --a------   C:\WINDOWS\system32\lxcrutil.dll
2006-12-24   15:45   421,888   --a------   C:\WINDOWS\system32\lxcrcomm.dll
2006-12-24   15:45   380,928   --a------   C:\WINDOWS\system32\lxcrih.exe
2006-12-24   15:45   36,864   --a------   C:\WINDOWS\system32\lxcrcur.dll
2006-12-24   15:45   233,472   --a------   C:\WINDOWS\system32\LXCRinst.dll
2006-12-24   15:45   200,704   --a------   C:\WINDOWS\system32\lxcrinsb.dll
2006-12-24   15:45   163,840   --a------   C:\WINDOWS\system32\lxcrprox.dll
2006-12-24   15:45   155,648   --a------   C:\WINDOWS\system32\lxcrins.dll
2006-12-24   15:45   139,264   --a------   C:\WINDOWS\system32\lxcrjswr.dll
2006-12-24   15:45   114,688   --a------   C:\WINDOWS\system32\lxcrpplc.dll
2006-12-24   15:45   106,496   --a------   C:\WINDOWS\system32\lxcrinsr.dll
2006-12-24   15:45   1,183,744   --a------   C:\WINDOWS\system32\lxcrserv.dll
2006-12-23   01:06   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\HipSoft
2006-12-21   00:30   <DIR>   d--------   C:\Program Files\Common Files\Sandlot Shared
2006-12-21   00:30   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Sandlot Games
2006-12-20   03:46   <DIR>   d--hs----   C:\WINDOWS\ftpcache
2006-12-19   18:01   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\PlayFirst
2006-12-19   00:03   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\PlayFirst
2006-12-17   15:42   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\MSNInstaller
2006-12-17   14:17   <DIR>   d--------   C:\WINDOWS\pss
2006-12-17   12:46   <DIR>   d--------   C:\Config.Msi
2006-12-17   01:04   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Adobe
2006-12-17   00:59   90,112   --a------   C:\WINDOWS\system32\mcrtl32.dll
2006-12-17   00:59   32,768   --a------   C:\WINDOWS\system32\instlsp.exe
2006-12-17   00:59   131,072   --a------   C:\WINDOWS\system32\mclsp.dll
2006-12-17   00:59   11,264   --a------   C:\WINDOWS\system32\sporder.dll
2006-12-17   00:59   <DIR>   d--------   C:\WINDOWS\system32\mclsphlr
2006-12-13   19:46   <DIR>   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\AdobeUM
2006-12-12   11:30   520,192   --a------   C:\WINDOWS\system32\DivXsm.exe
2006-12-12   11:30   3,596,288   --a------   C:\WINDOWS\system32\qt-dx331.dll
2006-12-12   11:30   200,704   --a------   C:\WINDOWS\system32\ssldivx.dll
2006-12-12   11:30   1,044,480   --a------   C:\WINDOWS\system32\libdivx.dll
2006-12-12   11:25   806,912   --a------   C:\WINDOWS\system32\divx_xx0c.dll
2006-12-12   11:25   806,912   --a------   C:\WINDOWS\system32\divx_xx07.dll
2006-12-12   11:25   790,528   --a------   C:\WINDOWS\system32\divx_xx11.dll
2006-12-12   11:25   73,728   --a------   C:\WINDOWS\system32\dpl100.dll
2006-12-12   11:25   635,486   --a------   C:\WINDOWS\system32\DivX.dll
2006-12-12   11:25   593,920   --a------   C:\WINDOWS\system32\dpuGUI11.dll
2006-12-12   11:25   57,344   --a------   C:\WINDOWS\system32\dpv11.dll
2006-12-12   11:25   53,248   --a------   C:\WINDOWS\system32\dpuGUI10.dll
2006-12-12   11:25   344,064   --a------   C:\WINDOWS\system32\dpus11.dll
2006-12-12   11:25   294,912   --a------   C:\WINDOWS\system32\dpu11.dll
2006-12-12   11:25   294,912   --a------   C:\WINDOWS\system32\dpu10.dll
2006-12-12   11:25   196,608   --a------   C:\WINDOWS\system32\dtu100.dll
2006-12-12   11:24   12,288   --a------   C:\WINDOWS\system32\DivXWMPExtType.dll
2006-12-12   11:24   118,784   --a------   C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2006-12-08   20:37   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\CyberLink
2006-12-07   23:12   <DIR>   d---s----   C:\Documents and Settings\Owner.LAPPY\UserData
2006-12-07   20:59   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2006-12-07   20:55   <DIR>   d--h-----   C:\WINDOWS\msdownld.tmp
2006-12-07   20:55   <DIR>   d--------   C:\Program Files\Yahoo!
2006-12-07   19:23   <DIR>   d--------   C:\WINDOWS\WBEM
2006-12-07   19:23   <DIR>   d--------   C:\WINDOWS\system32\en-US
2006-12-07   19:19   121,856   ---------   C:\WINDOWS\system32\xmllite.dll
2006-12-07   19:18   <DIR>   d--------   C:\WINDOWS\network diagnostic
2006-12-07   19:07   <DIR>   d--------   C:\WINDOWS\Downloaded Installations
2006-12-07   19:07   <DIR>   d--------   C:\Start Menu
2006-12-07   19:07   <DIR>   d--------   C:\Program Files\MTV Networks

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-01-05 16:19   --------   d--------   C:\Program Files\Mozilla Firefox
2007-01-04 02:24   2030   --a------   C:\Documents and Settings\Owner.LAPPY\Application Data\wklnhst.dat
2007-01-03 02:30   --------   d--------   C:\Program Files\Napster
2007-01-02 03:24   --------   d--------   C:\Program Files\Gateway Games
2006-12-28 19:35   --------   d--------   C:\Program Files\lx_cats
2006-12-26 14:35   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Adobe
2006-12-26 14:32   --------   d--------   C:\Program Files\Common Files\Adobe
2006-12-26 14:32   --------   d--------   C:\Program Files\Adobe
2006-12-25 04:55   --------   d--------   C:\Program Files\Lexmark Fax Solutions
2006-12-24 15:46   --------   d--------   C:\Program Files\Lexmark Toolbar
2006-12-21 00:30   --------   d--------   C:\Program Files\Common Files
2006-12-19 00:03   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Macromedia
2006-12-18 00:09   --------   d---s----   C:\Documents and Settings\Owner.LAPPY\Application Data\Microsoft
2006-12-17 15:42   --------   d--------   C:\Program Files\MSN
2006-12-17 15:24   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\McAfee.com Personal Firewall
2006-12-17 00:59   --------   d--------   C:\Program Files\McAfee.com
2006-12-13 13:10   --------   d--------   C:\Program Files\Common Files\System
2006-12-13 13:03   --------   d--------   C:\Program Files\Internet Explorer
2006-12-13 13:01   --------   d--------   C:\Program Files\Outlook Express
2006-12-12 11:30   20640   ---------   C:\WINDOWS\system32\drivers\pxhelp20.sys
2006-12-07 23:22   --------   d--------   C:\Program Files\QuickTime
2006-12-07 20:50   --------   d--------   C:\Program Files\Google
2006-12-07 19:26   --------   d--------   C:\Program Files\WinRAR
2006-12-05 19:58   --------   d--------   C:\Program Files\Common Files\AOL
2006-12-04 02:20   --------   d--------   C:\Program Files\AIM6
2006-12-04 02:20   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\acccore
2006-12-04 02:18   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Mozilla
2006-12-03 02:31   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Apple Computer
2006-11-30 16:51   --------   d--------   C:\Program Files\AIM
2006-11-29 23:44   --------   d--------   C:\Program Files\Java
2006-11-29 23:34   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\FaxCtr
2006-11-29 23:31   --------   d--------   C:\Program Files\Windows Media Player
2006-11-29 23:12   --------   d--------   C:\Program Files\Windows Media Connect 2
2006-11-29 14:57   --------   d--------   C:\Program Files\iTunes
2006-11-29 14:57   --------   d--------   C:\Program Files\iPod
2006-11-29 14:55   --------   d--------   C:\Program Files\Apple Software Update
2006-11-29 13:26   --------   d--------   C:\Program Files\Abbyy FineReader 6.0 Sprint
2006-11-26 03:03   --------   d--------   C:\Program Files\MSXML 4.0
2006-11-26 01:43   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Real
2006-11-26 01:36   --------   d--------   C:\Program Files\Common Files\xing shared
2006-11-26 01:36   --------   d--------   C:\Program Files\Common Files\Real
2006-11-24 18:50   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Sun
2006-11-24 18:03   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Help
2006-11-24 15:47   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Google
2006-11-24 14:18   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\WildTangent
2006-11-24 13:19   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Aim
2006-11-24 13:18   --------   d--------   C:\Program Files\AOD
2006-11-24 13:09   15781   --a------   C:\WINDOWS\system32\drivers\mdc8021x.sys
2006-11-24 13:09   --------   d--h-----   C:\Program Files\InstallShield Installation Information
2006-11-24 13:09   --------   d--------   C:\Program Files\Belkin
2006-11-24 10:29   --------   d--------   C:\Documents and Settings\Owner.LAPPY\Application Data\Template
2006-11-24 10:24   --------   d--------   C:\Program Files\Pure Networks
2006-11-08 00:06   679424   --a------   C:\WINDOWS\system32\inetcomm.dll
2006-11-04 14:14   1245696   --a------   C:\WINDOWS\system32\msxml4.dll
2006-10-19 08:56   713216   --a------   C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58   8704   --a------   C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58   8704   --a------   C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47   99840   --a------   C:\WINDOWS\system32\wmpshell.dll
2006-10-18 21:47   991744   --a------   C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47   937984   --a------   C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47   8231936   --a------   C:\WINDOWS\system32\wmploc.dll
2006-10-18 21:47   767488   ---------   C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47   757248   --a------   C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47   7168   --a------   C:\WINDOWS\system32\asferror.dll
2006-10-18 21:47   656896   ---------   C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47   63488   --a------   C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47   629760   --a------   C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47   613376   ---------   C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47   603648   --a------   C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47   542720   --a------   C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47   535040   --a------   C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47   429056   ---------   C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47   414208   --a------   C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47   38400   ---------   C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 21:47   37376   --a------   C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47   35840   --a------   C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47   356352   --a------   C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47   348672   --a------   C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47   33792   --a------   C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47   321536   --a------   C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47   317440   ---------   C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47   314880   --a------   C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47   295936   ---------   C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47   284160   ---------   C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47   276992   --a------   C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47   27136   --a------   C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47   2603008   ---------   C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47   259072   ---------   C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47   259072   ---------   C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47   2450944   --a------   C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47   242688   --a------   C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47   229376   --a------   C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47   227328   --a------   C:\WINDOWS\system32\wmerror.dll
2006-10-18 21:47   222208   --a------   C:\WINDOWS\system32\WMASF.dll
2006-10-18 21:47   212992   --a------   C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47   211456   --a------   C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47   204288   --a------   C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47   199168   ---------   C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47   179712   --a------   C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47   175616   --a------   C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47   166912   ---------   C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47   1661440   --a------   C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47   1574912   ---------   C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47   157184   --a------   C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47   154624   --a------   C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47   1543680   ---------   C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47   1382912   ---------   C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47   133632   ---------   C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47   1329152   --a------   C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47   132096   ---------   C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47   130048   ---------   C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47   11264   --a------   C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47   1117696   --a------   C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47   101888   ---------   C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03   100864   --a------   C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00   249856   --a------   C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00   17408   ---------   C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 13:01   13312   --a------   C:\WINDOWS\system32\ieudinit.exe
2006-10-13 07:35   65536   --a------   C:\WINDOWS\system32\nwwks.dll
2006-10-13 07:35   64000   --a------   C:\WINDOWS\system32\nwapi32.dll
2006-10-13 07:35   142336   --a------   C:\WINDOWS\system32\nwprovau.dll
2006-10-09 16:15   1669632   --a------   C:\WINDOWS\system32\msvidctl.dll
2006-10-09 16:12   456192   --a------   C:\WINDOWS\system32\encdec.dll
2006-10-09 16:12   291840   --a------   C:\WINDOWS\system32\sbe.dll
2006-10-09 16:12   235008   ---------   C:\WINDOWS\system32\psisdecd.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ares"="\"C:\\Program Files\\Ares\\Ares.exe\" -h"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\McUpdate.exe"
"MCAgentExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\McAgent.exe"
"MPFEXE"="\"C:\\Program Files\\McAfee.com\\Personal Firewall\\MPFTray.exe\""
"lxcrmon.exe"="\"C:\\Program Files\\Lexmark 2400 Series\\lxcrmon.exe\""
"EzPrint"="\"C:\\Program Files\\Lexmark 2400 Series\\ezprint.exe\""
"FaxCenterServer"="\"C:\\Program Files\\Lexmark Fax Solutions\\fm3032.exe\" /s"
"LXCRCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXCRtime.dll,_RunDLLEntry@16"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"MSKAGENTEXE"="C:\\PROGRA~1\\mcafee\\SPAMKI~1\\mskagent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin 802.11g Wireless Card Utility.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Belkin 802.11g Wireless Card Utility.lnk"
"backup"="C:\\WINDOWS\\pss\\Belkin 802.11g Wireless Card Utility.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Belkin\\BELKIN~1.11G\\utility.exe "
"item"="Belkin 802.11g Wireless Card Utility"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\BigFix.lnk"
"backup"="C:\\WINDOWS\\pss\\BigFix.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\BigFix\\bigfix.exe /atstartup"
"item"="BigFix"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^REALTEK RTL8187 Wireless LAN Utility.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\REALTEK RTL8187 Wireless LAN Utility.lnk"
"backup"="C:\\WINDOWS\\pss\\REALTEK RTL8187 Wireless LAN Utility.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\REALTE~1\\RtWLan.exe /H"
"item"="REALTEK RTL8187 Wireless LAN Utility"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim6"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ares"
"hkey"="HKCU"
"command"="\"F:\\Program Files\\Ares Lite Edition\\Ares.exe\" -h"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="cli"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bittorrent"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WLTRAY"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\WLTRAY.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ehtray"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\ehome\\ehtray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ezprint"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Lexmark 2400 Series\\ezprint.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="fm3032"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Lexmark Fax Solutions\\fm3032.exe\" /s"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleDesktop"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lxcrmon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Lexmark 2400 Series\\lxcrmon.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="McAgent"
"hkey"="HKLM"
"command"="c:\\PROGRA~1\\mcafee.com\\agent\\McAgent.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="McUpdate"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\mcafee.com\\agent\\McUpdate.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MpfTray"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPSExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mscifapp"
"hkey"="HKLM"
"command"="c:\\PROGRA~1\\mcafee.com\\mps\\mscifapp.exe /embedding"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MskAgent"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSKDetct"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="oasclnt"
"hkey"="HKLM"
"command"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NA"
"hkey"="HKCU"
"command"="NA"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RECGUARD"
"hkey"="HKLM"
"command"="%WINDIR%\\SMINST\\RECGUARD.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Remind_XP"
"hkey"="HKLM"
"command"="%WINDIR%\\Creator\\Remind_XP.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="stsystra"
"hkey"="HKLM"
"command"="stsystra.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="sm56hlpr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPLpr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcvsshld"
"hkey"="HKLM"
"command"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcmnhdlr"
"hkey"="HKLM"
"command"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MskService"=dword:00000002
"MpfService"=dword:00000002
"mcupdmgr.exe"=dword:00000003
"McTskshd.exe"=dword:00000002
"McShield"=dword:00000002
"McDetect.exe"=dword:00000002
"lxcr_device"=dword:00000003
"Ati HotKey Poller"=dword:00000002
"ose"=dword:00000003
"PrismXL"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (LAPPY-Owner).job

Completion time: 07-01-05 16:50:21.22
C:\ComboFix.txt ... 07-01-05 16:50

Pages: [1] 2

TheTechGuide Forum

News:

Show Posts

Messages - ivy90

Tech Clinic / DVD rom drive not working

Tech Clinic / DVD rom drive not working

Tech Clinic / DVD rom drive not working

Tech Clinic / JS/DOWNLOADER-AUD

Tech Clinic / JS/DOWNLOADER-AUD

Tech Clinic / JS/DOWNLOADER-AUD

Tech Clinic / JS/DOWNLOADER-AUD

Tech Clinic / internet explorer doesn't work

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / internet explorer doesnt work

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please

Tech Clinic / Win32.Trojan.Mirc and Win32.P2P-Worm.Alcan.a removal please