Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - alucard19

Pages: [1] 2 3
1
Tech Clinic / SPYWARE,HELP!
« on: November 10, 2008, 06:38:53 AM »
I did a reformat,but i still can't see any of my programs! HELP!!


Edit: for some reason i can see the new programs i just installed,but none of the ones that came with the installation of xp.

2
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 07:34:43 PM »
diidn't work. I guess i'll just reformat my hard drive.

Thanks for taking your time and trying to help.

3
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 06:58:54 PM »
i did everything you said but when i  i tried to the delete the first program,i didn't see anything there.

http://i3.photobucket.com/albums/y55/aluca.../noprograms.jpg

4
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 06:10:14 PM »
I think so.not sure. i use it as a virus scanner

5
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 05:55:17 PM »
oh i see. ok

heres the post from the first 5 errors

0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 69 65 78   ure  iex
0018: 70 6c 6f 72 65 2e 65 78   plore.ex
0020: 65 20 37 2e 30 2e 36 30   e 7.0.60
0028: 30 30 2e 31 36 37 33 35   00.16735
0030: 20 69 6e 20 75 6e 6b 6e    in unkn
0038: 6f 77 6e 20 30 2e 30 2e   own 0.0.
0040: 30 2e 30 20 61 74 20 6f   0.0 at o
0048: 66 66 73 65 74 20 30 30   ffset 00
0050: 30 30 30 30 30 30 0d 0a   000000..



0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 73 76 63   ure  svc
0018: 68 6f 73 74 2e 65 78 65   host.exe
0020: 20 35 2e 31 2e 32 36 30    5.1.260
0028: 30 2e 35 35 31 32 20 69   0.5512 i
0030: 6e 20 75 6e 6b 6e 6f 77   n unknow
0038: 6e 20 30 2e 30 2e 30 2e   n 0.0.0.
0040: 30 20 61 74 20 6f 66 66   0 at off
0048: 73 65 74 20 30 30 30 30   set 0000
0050: 30 30 30 30               0000    



0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 66 69 72   ure  fir
0018: 65 66 6f 78 2e 65 78 65   efox.exe
0020: 20 31 2e 39 2e 30 2e 33    1.9.0.3
0028: 31 38 38 20 69 6e 20 75   188 in u
0030: 6e 6b 6e 6f 77 6e 20 30   nknown 0
0038: 2e 30 2e 30 2e 30 20 61   .0.0.0 a
0040: 74 20 6f 66 66 73 65 74   t offset
0048: 20 30 30 30 30 30 30 30    0000000
0050: 30 0d 0a                  0..    



0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 61 7a 75   ure  azu
0018: 72 65 75 73 2e 65 78 65   reus.exe
0020: 20 33 2e 30 2e 30 2e 30    3.0.0.0
0028: 20 69 6e 20 75 6e 6b 6e    in unkn
0030: 6f 77 6e 20 30 2e 30 2e   own 0.0.
0038: 30 2e 30 20 61 74 20 6f   0.0 at o
0040: 66 66 73 65 74 20 30 30   ffset 00
0048: 30 30 30 30 30 30 0d 0a   000000..


0000: 6d 00 70 00 74 00 65 00   m.p.t.e.
0008: 6c 00 65 00 6d 00 65 00   l.e.m.e.
0010: 74 00 72 00 79 00 2c 00   t.r.y.,.
0018: 20 00 38 00 30 00 30 00    .8.0.0.
0020: 38 00 30 00 30 00 30 00   8.0.0.0.
0028: 35 00 2c 00 20 00 75 00   5.,. .u.
0030: 70 00 64 00 61 00 74 00   p.d.a.t.
0038: 65 00 73 00 65 00 72 00   e.s.e.r.
0040: 76 00 69 00 63 00 65 00   v.i.c.e.
0048: 6d 00 61 00 6e 00 61 00   m.a.n.a.
0050: 67 00 65 00 72 00 2d 00   g.e.r.-.
0058: 5f 00 67 00 65 00 74 00   _.g.e.t.
0060: 5f 00 73 00 65 00 72 00   _.s.e.r.
0068: 76 00 69 00 63 00 65 00   v.i.c.e.
0070: 73 00 2c 00 20 00 66 00   s.,. .f.
0078: 61 00 6c 00 6c 00 62 00   a.l.l.b.
0080: 61 00 63 00 6b 00 63 00   a.c.k.c.
0088: 68 00 65 00 63 00 6b 00   h.e.c.k.
0090: 2c 00 20 00 31 00 2e 00   ,. .1...
0098: 31 00 2e 00 31 00 35 00   1...1.5.
00a0: 39 00 33 00 2e 00 30 00   9.3...0.
00a8: 2c 00 20 00 6d 00 70 00   ,. .m.p.
00b0: 73 00 69 00 67 00 64 00   s.i.g.d.
00b8: 77 00 6e 00 2e 00 64 00   w.n...d.
00c0: 6c 00 6c 00 2c 00 20 00   l.l.,. .
00c8: 31 00 2e 00 31 00 2e 00   1...1...
00d0: 31 00 35 00 39 00 33 00   1.5.9.3.
00d8: 2e 00 30 00 2c 00 20 00   ..0.,. .
00e0: 77 00 69 00 6e 00 64 00   w.i.n.d.
00e8: 6f 00 77 00 73 00 20 00   o.w.s. .
00f0: 64 00 65 00 66 00 65 00   d.e.f.e.
00f8: 6e 00 64 00 65 00 72 00   n.d.e.r.
0100: 2c 00 20 00 4e 00 49 00   ,. .N.I.
0108: 4c 00 2c 00 20 00 4e 00   L.,. .N.
0110: 49 00 4c 00 20 00 4e 00   I.L. .N.
0118: 49 00 4c 00 0d 00 0a 00   I.L.....

6
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 05:34:36 PM »
http://i3.photobucket.com/albums/y55/alucardxxx/1-2.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/2-3.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/3-1.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/4.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/5.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/6.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/7.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/8.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/9.jpg
http://i3.photobucket.com/albums/y55/alucardxxx/10.jpg


for some reason that method(copy and pasting those files) isn't working.

7
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 05:21:44 PM »
Ok. i'm not sure how can i copy and paste the the errors i have in that "Application" file thing so i'm going to take some pictures and load them up.

8
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 05:09:12 PM »
I'm gettin this error when i try to post the rest of the "log".


Here's a picture of the error.

http://i3.photobucket.com/albums/y55/alucardxxx/error2.jpg


Heres the rest of the log(i had to take pictures of the rest).


Part 3: http://i3.photobucket.com/albums/y55/alucardxxx/logpart4.jpg

Part4: http://i3.photobucket.com/albums/y55/alucardxxx/logpart4.jpg

Part5: http://i3.photobucket.com/albums/y55/alucardxxx/Logpart5.jpg

9
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 05:06:16 PM »
[quote name=\'guestolo\' post=\'446653\' date=\'Nov 9 2008, 04:52 PM\']I also forgot to mention, I don't use Avira Premium, but I assume it also has anti-spyware protection
Is that correct on your version, and is it active?[/quote]


Yeah i got that along with:

spybot
windows defender
spyware doctor
spyware blaster

10
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 04:41:48 PM »
LOG(part 2)


======List of files/folders created in the last 1 months======

2008-11-09 16:32:21 ----D---- C:\rsit
2008-11-09 14:22:57 ----D---- C:\Program Files\Trend Micro
2008-11-09 12:29:45 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-11-09 07:55:51 ----D---- C:\Program Files\SpywareBlaster
2008-11-09 07:55:01 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-09 07:54:54 ----D---- C:\Program Files\Spyware Doctor
2008-11-09 07:54:54 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\PC Tools
2008-11-09 07:05:54 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-09 07:05:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-09 06:46:31 ----A---- C:\WINDOWS\system32\securenet.dll
2008-11-09 06:45:34 ----D---- C:\Program Files\Hide My IP 2008
2008-11-09 06:30:49 ----A---- C:\WINDOWS\WORDPAD.INI
2008-11-09 02:37:54 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Media Player Classic
2008-11-09 00:12:29 ----D---- C:\WINDOWS\Sun
2008-11-09 00:12:28 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Sun
2008-11-08 23:55:45 ----A---- C:\WINDOWS\ARCHPR4.INI
2008-11-08 17:36:35 ----D---- C:\Program Files\ElcomSoft
2008-11-08 17:32:38 ----D---- C:\WINDOWS\Prefetch
2008-11-08 17:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-08 17:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-08 17:30:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-08 17:30:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-08 17:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-08 17:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-08 17:30:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-08 17:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-08 17:29:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-08 17:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-08 17:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-08 17:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-08 17:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-08 17:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-08 17:24:24 ----D---- C:\WINDOWS\system32\scripting
2008-11-08 17:24:23 ----D---- C:\WINDOWS\system32\en
2008-11-08 17:24:23 ----D---- C:\WINDOWS\system32\bits
2008-11-08 17:24:23 ----D---- C:\WINDOWS\l2schemas
2008-11-08 17:22:12 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-08 17:16:39 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-08 17:13:05 ----HDC---- C:\WINDOWS\$NtUninstallKB926251$
2008-11-08 17:07:12 ----D---- C:\WINDOWS\ie7updates
2008-11-08 17:06:39 ----D---- C:\WINDOWS\WBEM
2008-11-08 17:06:34 ----D---- C:\WINDOWS\system32\en-US
2008-11-08 17:04:36 ----HDC---- C:\WINDOWS\ie7
2008-11-08 17:04:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-08 17:03:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-08 17:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-08 17:02:27 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-11-08 17:00:57 ----D---- C:\WINDOWS\network diagnostic
2008-11-08 17:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-08 17:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-08 16:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-11-08 16:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-11-08 16:47:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-11-08 16:47:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-11-08 16:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2008-11-08 16:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-08 16:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-11-08 16:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-11-08 16:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-11-08 16:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-11-08 16:46:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-11-08 16:45:08 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-08 16:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2008-11-08 16:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-11-08 16:23:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-11-08 16:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-08 16:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-11-08 16:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-11-08 16:22:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-11-08 16:22:04 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2008-11-08 16:21:43 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-11-08 16:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-11-08 16:21:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-08 16:21:07 ----D---- C:\Program Files\MSXML 4.0
2008-11-08 16:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-08 16:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-11-08 16:18:21 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-11-08 16:18:20 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-11-08 16:18:19 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-11-08 16:18:19 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-11-08 16:18:18 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-11-08 16:18:14 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-11-08 16:18:14 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-11-08 16:18:10 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-11-08 16:18:10 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-11-08 16:18:07 ----N---- C:\WINDOWS\system32\slserv.exe
2008-11-08 16:18:07 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-11-08 16:18:07 ----N---- C:\WINDOWS\system32\slgen.dll
2008-11-08 16:18:07 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-11-08 16:18:07 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-11-08 16:18:07 ----N---- C:\WINDOWS\slrundll.exe
2008-11-08 16:18:06 ----N---- C:\WINDOWS\system32\setupn.exe
2008-11-08 16:18:05 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-11-08 16:18:05 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-11-08 16:18:03 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-11-08 16:18:03 ----N---- C:\WINDOWS\system32\qutil.dll
2008-11-08 16:18:03 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-11-08 16:18:03 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-11-08 16:18:03 ----N---- C:\WINDOWS\system32\qagent.dll
2008-11-08 16:18:02 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-11-08 16:18:01 ----N---- C:\WINDOWS\system32\onex.dll
2008-11-08 16:18:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-11-08 16:17:57 ----N---- C:\WINDOWS\system32\napstat.exe
2008-11-08 16:17:57 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-11-08 16:17:57 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-11-08 16:17:57 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-11-08 16:17:56 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-11-08 16:17:56 ----N---- C:\WINDOWS\system32\mssha.dll
2008-11-08 16:17:56 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-11-08 16:17:50 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-11-08 16:17:50 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-11-08 16:17:50 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-11-08 16:17:50 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-11-08 16:17:49 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-11-08 16:17:44 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-11-08 16:17:44 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-11-08 16:17:44 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-11-08 16:17:44 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-11-08 16:17:43 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-11-08 16:17:43 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-11-08 16:17:37 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-11-08 16:17:37 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-11-08 16:17:35 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-11-08 16:17:34 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-11-08 16:17:31 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-11-08 16:17:31 ----A---- C:\WINDOWS\003017_.tmp
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-11-08 16:17:30 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-11-08 16:17:29 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-11-08 16:17:28 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-11-08 16:17:27 ----N---- C:\WINDOWS\system32\credssp.dll
2008-11-08 16:17:22 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-11-08 16:17:22 ----N---- C:\WINDOWS\system32\azroles.dll
2008-11-08 16:17:21 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-11-08 16:17:21 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-11-08 16:17:21 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-11-08 16:17:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-11-08 16:14:45 ----D---- C:\Program Files\Common Files\Adobe
2008-11-08 16:08:55 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-11-08 16:08:47 ----D---- C:\Program Files\NOS
2008-11-08 16:07:10 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\AdobeUM
2008-11-08 06:45:51 ----A---- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
2008-11-08 06:45:42 ----A---- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
2008-11-08 06:45:29 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-11-08 06:43:11 ----D---- C:\SystemRoot
2008-11-08 06:41:38 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\WinBatch
2008-11-08 06:40:42 ----D---- C:\temp
2008-11-08 06:38:56 ----A---- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
2008-11-08 03:18:27 ----D---- C:\Program Files\OpenSource Flash Video Splitter
2008-11-08 03:18:05 ----D---- C:\Program Files\Haali
2008-11-08 03:17:55 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-11-08 03:17:50 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-11-08 03:17:43 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2008-11-08 03:17:32 ----D---- C:\Program Files\ffdshow
2008-11-08 03:17:21 ----D---- C:\Program Files\DirectVobSub
2008-11-08 03:16:53 ----D---- C:\Program Files\Zoom Player
2008-11-08 03:06:53 ----N---- C:\WINDOWS\kb913800.exe
2008-11-08 03:00:27 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-08 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-07 19:50:18 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-07 18:23:55 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Leadertech
2008-11-07 18:23:46 ----D---- C:\Program Files\Diskeeper Corporation
2008-11-07 18:23:03 ----D---- C:\WINDOWS\Downloaded Installations
2008-11-07 18:20:39 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\HPQ
2008-11-07 17:48:52 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\com.doubleperfect.ggpo.0753AD3679DBFCA1E7F470171B7D0DB8B404A7EA.1
2008-11-07 17:40:59 ----D---- C:\Program Files\GGPO
2008-11-07 09:02:41 ----RASH---- C:\BOOT.BAK
2008-11-07 09:02:29 ----RSHD---- C:\cmdcons
2008-11-07 09:02:29 ----A---- C:\WINDOWS\UPGRADE.TXT
2008-11-07 09:02:27 ----D---- C:\WINDOWS\setup.pss
2008-11-07 08:59:35 ----ASH---- C:\Documents and Settings\HP_Administrator\Application Data\desktop.ini
2008-11-07 08:59:31 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
2008-11-07 08:59:31 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Identities
2008-11-07 08:59:30 ----SD---- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
2008-11-07 08:59:30 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Real
2008-11-07 08:53:15 ----SHD---- C:\System Volume Information
2008-11-07 08:26:54 ----D---- C:\Program Files\PeerGuardian2
2008-11-07 08:17:40 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Comodo
2008-11-07 08:17:38 ----D---- C:\Documents and Settings\All Users\Application Data\comodo
2008-11-07 08:17:38 ----A---- C:\WINDOWS\system32\guard32.dll
2008-11-07 08:17:37 ----D---- C:\Program Files\COMODO
2008-11-07 08:16:39 ----D---- C:\Program Files\MONOGRAM AMR SplitterDecoder
2008-11-07 08:16:38 ----D---- C:\Program Files\CD Audio Reader Filter
2008-11-07 08:16:37 ----D---- C:\Program Files\DScaler5
2008-11-07 08:16:31 ----D---- C:\Program Files\RealMedia
2008-11-07 08:16:20 ----D---- C:\Program Files\SHOUTcast Source
2008-11-07 08:16:18 ----D---- C:\Program Files\DSP-worx
2008-11-07 08:14:51 ----D---- C:\Program Files\7-Zip
2008-11-07 08:11:11 ----D---- C:\Program Files\Windows Defender
2008-11-07 08:10:23 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-11-07 08:09:18 ----D---- C:\Program Files\WinRAR
2008-11-07 08:09:07 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\vlc
2008-11-07 08:08:49 ----D---- C:\Program Files\VideoLAN
2008-11-07 08:08:21 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2008-11-07 08:06:21 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-07 08:06:21 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-07 08:06:21 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-07 08:06:21 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-07 08:06:20 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-07 08:06:20 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-07 08:06:20 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-07 08:06:20 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-07 08:06:20 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-07 08:06:19 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-07 08:06:19 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-07 08:06:19 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-07 08:06:19 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-07 08:06:18 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-11-07 08:06:18 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-11-07 08:06:17 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-07 08:06:17 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-11-07 08:06:17 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-07 08:06:16 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-11-07 08:06:16 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-11-07 08:06:14 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-11-07 08:06:14 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-11-07 08:06:14 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-11-07 08:06:13 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-11-07 08:06:13 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-11-07 08:06:13 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-11-07 08:06:12 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-11-07 08:06:12 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-11-07 08:06:12 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-11-07 08:06:11 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-11-07 08:06:11 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-11-07 08:06:11 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-11-07 08:06:11 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-11-07 08:06:10 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-11-07 08:06:10 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-11-07 08:06:10 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-11-07 08:06:09 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-11-07 08:06:08 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-11-07 08:06:08 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-11-07 08:06:08 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-11-07 08:06:07 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-11-07 08:06:07 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-11-07 08:06:07 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-11-07 08:06:06 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-11-07 08:06:06 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-07 08:06:06 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-11-07 08:06:06 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-11-07 08:06:05 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-11-07 08:06:03 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-11-07 08:06:03 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-11-07 08:06:03 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-11-07 08:06:02 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-07 08:06:02 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-07 08:06:02 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-11-07 08:06:01 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-07 08:06:01 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-07 08:06:00 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-07 08:05:59 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-07 08:04:36 ----D---- C:\WINDOWS\Logs
2008-11-07 08:00:43 ----A---- C:\WINDOWS\system32\avsda.dll
2008-11-07 08:00:42 ----D---- C:\Program Files\Avira
2008-11-07 08:00:42 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-11-07 07:58:16 ----D---- C:\Program Files\Combined Community Codec Pack
2008-11-07 07:44:53 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2008-11-07 07:44:47 ----D---- C:\Program Files\Mozilla Firefox
2008-11-07 07:44:15 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-11-07 07:44:13 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Azureus
2008-11-07 07:42:42 ----D---- C:\Program Files\Vuze
2008-11-07 07:33:48 ----RSD---- C:\WINDOWS\assembly
2008-11-07 07:33:41 ----RD---- C:\WINDOWS\Offline Web Pages
2008-11-07 07:30:04 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-07 07:08:11 ----SHD---- C:\RECYCLER
2008-11-07 07:01:22 ----D---- C:\98689976 574
2008-11-07 06:45:22 ----D---- C:\Program Files\VID_0E8F&PID_0003
2008-11-07 06:32:17 ----A---- C:\WINDOWS\system32\LuResult.txt
2008-11-07 06:30:40 ----D---- C:\WINDOWS\system32\appmgmt
2008-11-07 06:24:27 ----A---- C:\WINDOWS\system32\Icam3EXT.dll
2008-11-07 06:19:31 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-11-07 06:16:41 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
2008-11-07 06:16:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-07 06:15:05 ----D---- C:\Program Files\Microsoft IntelliPoint
2008-11-07 06:13:43 ----D---- C:\Program Files\MSXML 6.0
2008-11-07 06:09:47 ----D---- C:\WINDOWS\system32\SoftwareDistribution

11
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 04:40:10 PM »
LOG (part 1)



Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Administrator at 2008-11-09 16:32:21
Microsoft Windows XP Professional Service Pack 3
System drive C: has 168 GB (61%) free of 278 GB
Total RAM: 1982 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:32:29 PM, on 11/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O20 - AppInit_DLLs:  C:\WINDOWS\system32\guard32.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SecureSrv - Unknown owner - C:\Program Files\Hide My IP 2008\SecureSrv.exe

--
End of file - 11489 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
PCTools Site Guard - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll [2006-08-01 825528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}]
PCTools Browser Monitor - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll [2006-08-01 850104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2005-08-03 77312]
"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-02 49152]
"DISCover"=C:\Program Files\DISC\DISCover.exe [2005-11-11 1064960]
"DiscUpdateManager"=C:\Program Files\DISC\DiscUpdateMgr.exe [2005-11-11 61440]
"DMAScheduler"=c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe [2005-11-01 90112]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-23 237568]
"PCDrProfiler"= []
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2005-11-09 249856]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe [2008-06-12 266497]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"COMODO Firewall Pro"=C:\Program Files\COMODO\Firewall\cfp.exe [2008-11-07 1797880]
"COMODO Internet Security"=C:\Program Files\COMODO\Firewall\cfp.exe [2008-11-07 1797880]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-04-19 319488]
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368]
"Spyware Doctor"=C:\Program Files\Spyware Doctor\swdoctor.exe [2006-12-11 2115728]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-13 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\DISC\DISCover.exe"="C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System"
"C:\Program Files\DISC\DiscStreamHub.exe"="C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub"
"C:\Program Files\DISC\myFTP.exe"="C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Documents and Settings\HP_Administrator\My Documents\Video Games\GGPO(v2)\ggpo.exe"="C:\Documents and Settings\HP_Administrator\My Documents\Video Games\GGPO(v2)\ggpo.exe:*:Enabled:ggpo"
"C:\Documents and Settings\HP_Administrator\My Documents\Video Games\GGPO(v2)\ggpofba.exe"="C:\Documents and Settings\HP_Administrator\My Documents\Video Games\GGPO(v2)\ggpofba.exe:*:Enabled:Emulator for MC68000/Z80 based arcade games"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{316e5b24-acbe-11dd-b290-0013d3ffee22}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{402b14a9-acd3-11dd-b28d-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

12
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 04:38:29 PM »
----------INFO-----------
info.txt logfile of random's system information tool 1.04 2008-11-09 16:32:34

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Agere Systems PCI-SV92PP Soft Modem-->agrsmdel
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Premium-->C:\Program Files\Avira\AntiVir PersonalEdition Premium\SETUP.EXE /REMOVE
CD Audio Reader Filter (remove only)-->"C:\Program Files\CD Audio Reader Filter\uninstall.exe"
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
DC-Bass Source 1.1.1-->"C:\Program Files\DSP-worx\DC-Bass Source\Uninstall.exe"
DirectVobSub (remove only)-->"C:\Program Files\DirectVobSub\uninstall.exe"
DISCover-->"C:\Program Files\DISC\uninstall.exe"
Diskeeper Professional Premier Edition-->MsiExec.exe /X{7D8CC2F9-6787-4354-A709-8EE9FD3D8AFF}
DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
ffdshow [rev 1685] [2007-12-06]-->"C:\Program Files\ffdshow\unins000.exe"
getPlus® for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
GGPO-->MsiExec.exe /X{68BD9036-0952-4849-AE7A-963BB53EDB71}
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
Hide My IP 2008-->"C:\Program Files\Hide My IP 2008\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstall
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Cameras 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
MONOGRAM AMR Splitter/Decoder (remove only)-->"C:\Program Files\MONOGRAM AMR SplitterDecoder\uninstall.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x9
muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x9
OpenSource Flash Video Splitter (remove only)-->"C:\Program Files\OpenSource Flash Video Splitter\uninstall.exe"
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RealMedia (remove only)-->"C:\Program Files\RealMedia\uninstall.exe"
Remove IntelliMover Demo-->c:\hp\bin\cloaker.exe c:\hp\bin\commands.exe /c "C:\Program Files\IntelliMoverDemo\clean.bat"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SHOUTcast Source (remove only)-->"C:\Program Files\SHOUTcast Source\uninstall.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 4.0-->C:\Program Files\Spyware Doctor\unins000.exe
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
USB Dual Vibration Joystick-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39A68007-970B-4A78-9519-64D4B13824F9}\setup.exe" -l0x9
VideoLAN VLC media player 0.8.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Media Center Edition 2005 KB908250-->"C:\WINDOWS\$NtUninstallKB908250$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Zoom Player (remove only)-->"C:\Program Files\Zoom Player\uninstall.exe"

======Security center information======

AV: Avira AntiVir PersonalEdition
FW: COMODO Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Diskeeper Corporation\Diskeeper\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\

-----------------EOF-----------------

13
Tech Clinic / SPYWARE,HELP!
« on: November 09, 2008, 02:39:15 PM »
Well, i downloaded this BS program called convert surfer or something like that and i noticed as soon as i downloaded my pc way acting funny. so i tried to delete ,but i couldn't find it at first(it wasn't in "add or remove programs"),but I found it
after i found it in a hidden file!I also had downloaded another BS program,but i'm not sure if it caused any harm to my pc.

I noticed a big difference tho as soon as i restarted my pc and i got this error every time i start up my pc.Now my internet feels slow and some of my programs won't load(only bit torrent so far).PLz help someone.






Here is my hijacl log



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:23:17 PM, on 11/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O20 - AppInit_DLLs:  C:\WINDOWS\system32\guard32.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SecureSrv - Unknown owner - C:\Program Files\Hide My IP 2008\SecureSrv.exe

--
End of file - 11508 bytes

14
Tech Clinic / Help after System recovery!!!
« on: February 25, 2007, 07:25:23 PM »
that's not really helping guys. How do i get to my files before the system recovery?I don't mean system restore either.


Edit: and for some reason i can't delete the files that are on my desktop after the system recovery.

15
Tech Clinic / Help after System recovery!!!
« on: February 23, 2007, 04:16:46 PM »
someone plz help me

16
Tech Clinic / Help after System recovery!!!
« on: February 23, 2007, 04:31:26 AM »
if i can't get my old files back is there away to delete the old files without  doing a full system restore(somehow their there but i can't find them)? In other words, how do u delete file that are left behind system recovery?

17
Tech Clinic / Help after System recovery!!!
« on: February 23, 2007, 02:06:57 AM »
Well my time is running short on the internet so plz if someone that see this topic plz help as soon as possible.Well to make a long story short/ i'm a idiot and i thought System recovery was going to fix my problems.Now i see just about everything i every had on my pc is gone.well i'm pretty sure it isn't because i still see i have the same amount of disk space left(20 Gb out of 270)and i even see my programs in my "All programs" but some how their not working and i can't find and of my old stuff(i could see some doc however).So my question is is there a program to help me return my stuff back where i can see them/use them again?

18
Hardware / trouble burning data DVD's
« on: February 23, 2007, 01:59:06 AM »
Someone plz delete this topic i have a bigger problem now.*lol*

19
Hardware / trouble burning data DVD's
« on: February 22, 2007, 11:16:37 PM »
I'm extremely frustrated with this problem.I've been trying all day to burn a data DVD but i keep getting this error.I don't know what's going on here.I'm using nero to make my data DVD and i've been using this thing for years(the program)  with no problems(well maybe a little but not like this). I'm not sure what's going on.All I know is.. nero won't recognize one of my DVD drives and with the other, i'm getting that error.I usually use the one nero USE to  recognize but now that won't work.*Sighs*i'm not sure what's going on here.well, maybe it's because my drives might be out of date but i already tried upgrading with no luck(I have no idea what i'm doing).Someone please help me out!I don't know what to do and yes I tried system restore(that won't even work anymore).


Here's a picture of my DVD drives

http://i132.photobucket.com/albums/q18/jon...ze19/drives.jpg

20
Tech Clinic / weird problem plz help.
« on: February 19, 2007, 10:12:29 PM »
Okay,I did what u told me to do.



Logfile of HijackThis v1.99.1
Scan saved at 10:10:29 PM, on 2/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://adelphia.net/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe"  -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1149067430103
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

Pages: [1] 2 3