Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Zaundra Gray

Pages: [1]
1
Tech Clinic / I think I have a trojan
« on: March 19, 2005, 08:42:05 AM »
Hi thank responding so fast.  After I saw what you told some one else I did stop the process of w?nlogon.exe because my securty firewall has been asking for it to have acess to my computer over and over again.  And even when I say no it just ask again.  I did not know what it was so a couple of times I just said yes because it looked like windows of some kind.  But since I stopped the process it has not asked me.  Thanks here is the scan log:

An unexpected error has occurred at procedure: modMain_CheckOther4Item()
Error #6 - Overflow

Please email me at [email protected], reporting the following:
* What you were trying to fix when the error occurred, if applicable
* How you can reproduce the error
* A complete HijackThis scan log, if possible

Windows version: Windows NT 5.01.2600
MSIE version: 6.0.2900.2180
HijackThis version: 1.99.1

This message has been copied to your clipboard.
Click OK to continue the rest of the scan.

I got this message but I will copy the log now:

It will now let me copy, I think it is to long.  How do I get it to you?

2
Tech Clinic / I think I have a trojan
« on: March 17, 2005, 09:04:47 AM »
Hello,

I have been reading and it seems I do not understand as much about my computer as others but I have a real problem and would like to fix it.  I live in Africa and I can not get help, in English, that I need.  After reading one posting I installed Hijackthis and Security Task Manager.  I will place the report that I got on this.  Could you please help me fix it.  Things on my computer just pop up and dissappear.  It takes about 12 hours to bootup after a restart.  The microphone is not working and Activex is haveing problems, Cds will not load and I get some message about fat32 and msdos and them not being compataible.  Please tell me what to do.  Thanks Zizi

Here is the log:

Process list saved on 2:00:18 PM, on 3/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)

[pid]   [full path to filename]      [file version]   [company name]
436   C:\WINDOWS\System32\smss.exe      5.1.2600.2180   Microsoft Corporation
512   C:\WINDOWS\system32\csrss.exe      5.1.2600.2180   Microsoft Corporation
536   C:\WINDOWS\system32\winlogon.exe      5.1.2600.2180   Microsoft Corporation
580   C:\WINDOWS\system32\services.exe      5.1.2600.2180   Microsoft Corporation
592   C:\WINDOWS\system32\lsass.exe      5.1.2600.2180   Microsoft Corporation
732   C:\WINDOWS\system32\svchost.exe      5.1.2600.2180   Microsoft Corporation
780   C:\WINDOWS\system32\svchost.exe      5.1.2600.2180   Microsoft Corporation
816   C:\WINDOWS\System32\svchost.exe      5.1.2600.2180   Microsoft Corporation
888   C:\WINDOWS\System32\svchost.exe      5.1.2600.2180   Microsoft Corporation
976   C:\WINDOWS\System32\svchost.exe      5.1.2600.2180   Microsoft Corporation
1096   C:\WINDOWS\system32\spoolsv.exe      5.1.2600.2180   Microsoft Corporation
1196   C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE      2.0.20.1   America Online, Inc.
1216   C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe      1.0.3.4   Symantec Corporation
1284   C:\Program Files\Roxio\GoBack\GBPoll.exe      3.1.1.59   Roxio, Inc.
1316   C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE      2003.0.0.775   Symantec Corporation
1380   C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe      4.1.0.1   McAfee Corporation
1420   C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe      9.0.5.1015   Symantec Corporation
1472   C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE      16.0.0.22   Symantec Corporation
1600   C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe      7.0.0.24   Symantec Corporation
1624   C:\WINDOWS\System32\svchost.exe      5.1.2600.2180   Microsoft Corporation
1656   C:\WINDOWS\wanmpsvc.exe      9.0.0.0   America Online, Inc.
1716   C:\Program Files\Common Files\WinTools\WToolsS.exe      1.0.3.2   
2000   C:\WINDOWS\System32\alg.exe      5.1.2600.2180   Microsoft Corporation
2092   C:\WINDOWS\Explorer.EXE      6.0.2900.2180   Microsoft Corporation
2252   C:\Program Files\Common Files\Symantec Shared\ccApp.exe      1.0.10.6   Symantec Corporation
2268   C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe      2003.0.0.775   Symantec Corporation
2280   C:\Program Files\windows music player\Winampa.exe         
2288   C:\WINDOWS\gtwatch.exe         
2308   C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe      2.80.0.0   HP
2316   C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe      8.20.0.107   MUSICMATCH, Inc.
2324   C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe      1.0.0.1   TODO: <Company name>
2332   C:\Program Files\websx\int139749.exe      3.0.2.0   http://www.alife.de
2340   C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe      300.7.0.2   THOMSON
2348   C:\PROGRA~1\COMMON~2\Toolbar\winnet.exe      4.6.1.0   CommonName
2372   C:\PROGRA~1\mcafee.com\agent\mcagent.exe      4.3.0.10   Networks Associates Technology, Inc
2388   C:\Program Files\Common Files\Real\Update_OB\realsched.exe      0.1.0.3018   RealNetworks, Inc.
2428   C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe      1.0.7.14   
2508   c:\progra~1\mcafee.com\vso\mcvsescn.exe      8.0.0.30   Networks Associates Technology, Inc
2596   C:\Program Files\Common Files\AOL\ACS\AOLDial.exe      2.0.20.1   America Online, Inc
2620   C:\PROGRA~1\COMMON~2\Toolbar\comwiz.exe         
2652   C:\Program Files\QuickTime\qttask.exe      6.5.0.48   Apple Computer, Inc.
2668   C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe      1.0.0.69   
2776   C:\WINDOWS\System32\msvcmm32.exe      2.9.0.135   Movielink LLC
2832   C:\Program Files\Movielink\MovielinkManager\Movielink Manager.exe      2.9.0.135   Movielink LLC
2908   C:\WINDOWS\system32\rundll32.exe      5.1.2600.2180   Microsoft Corporation
2936   C:\Program Files\Windows SyncroAd\SyncroAd.exe         
3000   C:\program files\180solutions\sais.exe      5.15.15.0   180solutions, Inc.
3112   C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe      1.2.3000.1001   Microsoft Corporation
3144   C:\PROGRA~1\WRTUOR~1\UOSVPO~1.exe      5.5.0.1   CommonName
3196   C:\Program Files\Windows SyncroAd\WinSync.exe         
3432   C:\Program Files\Common Files\WinTools\WSup.exe      1.0.7.14   
3724   C:\Program Files\Messenger\msmsgs.exe      4.7.0.3001   Microsoft Corporation
3920   c:\progra~1\mcafee.com\vso\mcvsftsn.exe      8.0.0.20   Networks Associates Technology, Inc
2856   C:\WINDOWS\System32\wbem\wmiprvse.exe      5.1.2600.2180   Microsoft Corporation
1580   C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE      4.5.4.40   McAfee Security
2532   C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFAGENT.EXE      4.1.0.1   McAfee Security
3236   C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe      1.5.0.10   Sun Microsystems, Inc.
3392   C:\Program Files\PC MightyMax\pcmm.exe      9.1.0.2   PC MightyMax
3232   C:\WINDOWS\system32\rundll32.exe      5.1.2600.2180   Microsoft Corporation
392   C:\WINDOWS\system32\ctfmon.exe      5.1.2600.2180   Microsoft Corporation
2632   C:\Documents and Settings\USER1\Application Data\apwt.exe         
4044   C:\Program Files\Yahoo!\Messenger\ypager.exe      6.0.0.1922   Yahoo! Inc.
3760   C:\Program Files\Skype\Phone\Skype.exe      1.1.0.79   
3656   C:\Program Files\Roxio\GoBack\GBTray.exe      3.1.1.59   Roxio, Inc.
2664   C:\WINDOWS\twain_32\A6U16K\WATCH.exe      2.3.5.0   Common Group
1000   C:\WINDOWS\DvzCommon\DvzMsgr.exe         
3572   C:\Program Files\America Online 9.0a\aoltray.exe      9.0.0.1   America Online, Inc.
4008   C:\Program Files\MightyFax\MFNTCTL.EXE         
2740   C:\Program Files\Labtec Wireless Desktop\MagicKey.exe      1.0.0.1   
2872   C:\Program Files\AOL Companion\companion.exe      1.6.2.0   
3800   C:\Everything for My Palm\HOTSYNC.EXE      4.0.0.0   Palm, Inc.
3628   C:\Program Files\Labtec Wireless Desktop\MulMouse.exe         
4084   C:\Program Files\Labtec Wireless Desktop\OSD.EXE      1.0.0.0   WayTech Development, Inc.
1128   C:\Program Files\America Online 9.0a\wEmail Removedexe      9.0.0.2   America Online, Inc.
3876   C:\Program Files\America Online 9.0a\shellmon.exe      9.0.0.1   America Online, Inc.
2576   c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe      8.0.0.15   Networks Associates Technology, Inc
868   c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe      8.0.0.12   Networks Associates Technology, Inc
1124   c:\PROGRA~1\mcafee.com\vso\mcshield.exe      6.0.0.100   
400   C:\Program Files\Hijackthis\HijackThis.exe      1.99.0.1   Soeperman Enterprises Ltd.
2960   C:\Program Files\Internet Explorer\iexplore.exe      6.0.2900.2180   Microsoft Corporation
3404   C:\Program Files\Common Files\Aol\aoltpspd.exe      1.1.1.0   America Online Inc


StartupList report, 3/17/2005, 2:04:19 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Hijackthis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\windows music player\Winampa.exe
C:\WINDOWS\gtwatch.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\websx\int139749.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\COMMON~2\Toolbar\winnet.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~2\Toolbar\comwiz.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\System32\msvcmm32.exe
C:\Program Files\Movielink\MovielinkManager\Movielink Manager.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows SyncroAd\SyncroAd.exe
C:\program files\180solutions\sais.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\PROGRA~1\WRTUOR~1\UOSVPO~1.exe
C:\Program Files\Windows SyncroAd\WinSync.exe
C:\Program Files\Common Files\WinTools\WSup.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFAGENT.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\PC MightyMax\pcmm.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\USER1\Application Data\apwt.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Roxio\GoBack\GBTray.exe
C:\WINDOWS\twain_32\A6U16K\WATCH.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\America Online 9.0a\aoltray.exe
C:\Program Files\MightyFax\MFNTCTL.EXE
C:\Program Files\Labtec Wireless Desktop\MagicKey.exe
C:\Program Files\AOL Companion\companion.exe
C:\Everything for My Palm\HOTSYNC.EXE
C:\Program Files\Labtec Wireless Desktop\MulMouse.exe
C:\Program Files\Labtec Wireless Desktop\OSD.EXE
C:\Program Files\America Online 9.0a\wEmail Removedexe
C:\Program Files\America Online 9.0a\shellmon.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\WINDOWS\system32\w?nlogon.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\USER1\Start Menu\Programs\Startup]
HotSync Manager.lnk = C:\Everything for My Palm\HOTSYNC.EXE
PowerReg Scheduler.exe
Norton Disk Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
Watch.lnk = C:\WINDOWS\twain_32\A6U16K\WATCH.exe
DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
MightyFAX Controller.lnk = C:\Program Files\MightyFax\MFNTCTL.EXE
Enable Labtec Wireless Desktop.lnk = C:\Program Files\Labtec Wireless Desktop\MagicKey.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
GhostStartTrayApp = C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
WinampAgent = "C:\Program Files\windows music player\Winampa.exe"
Gtwatch = C:\WINDOWS\gtwatch.exe
(Default) =
HPDJ Taskbar Utility = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
MMTray = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
mmtask = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
websx = C:\Program Files\websx\int139749.exe -auto
SpeedTouch USB Diagnostics = "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
winnet = C:\PROGRA~1\COMMON~2\Toolbar\winnet.exe
VSOCheckTask = "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
VirusScan Online = "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe
MCUpdateExe = C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
WinTools = C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
NeroCheck = C:\WINDOWS\system32\NeroCheck.exe
AOLDialer = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
AOL Spyware Protection = "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
Pure Networks Port Magic = "C:\PROGRA~1\PURENE~1\PORTMA~1\PortEmail Removedexe" -Run
LoadMSvcmm = C:\WINDOWS\System32\msvcmm32.exe
M3Tray = C:\Program Files\Movielink\MovielinkManager\Movielink Manager.exe /WNDSTART /Tray
New.net Startup = rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
Windows SyncroAd = C:\Program Files\Windows SyncroAd\SyncroAd.exe
sais = c:\program files\180solutions\sais.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
Instant Access = rundll32.exe EGCOMSERVICE_1049.dll,InstantAccess
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
Lsot = C:\Documents and Settings\USER1\Application Data\apwt.exe
Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
Skype = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\TRANQU~1.SCR
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

BabeIE - C:\PROGRA~1\COMMON~2\Toolbar\cnbabe.dll - {00000000-0000-0000-0000-000000000000}
(no name) - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL - {04079851-5845-4dea-848C-3ECD647AA554}
(no name) - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\ANONYMIZER\CORE\Anonymizer.dll - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62}
(no name) - C:\Program Files\NewDotNet\newdotnet6_38.dll - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
(no name) - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
(no name) - (no file) - {62881128-BD6F-6EEE-875E-6C557FF92D18}
(no name) - C:\PROGRA~1\COMMON~1\WinTools\btiein.dll - {63B78BC1-A711-4D46-AD2F-C581AC420D41}
(no name) - C:\WINDOWS\system32\bvvbplpl.dll - {77996C23-D3CE-901D-C467-D57847B59F98}
(no name) - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll - {87766247-311C-43B4-8499-3D5FEC94A183}
(no name) - C:\PROGRA~1\Toolbar\toolbar.dll - {8952A998-1E7E-4716-B23D-3DBE03910972}
(no name) - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
(no name) - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
(no name) - (no file) - {D14D6793-9B65-11D3-80B6-00500487BDBA}
(no name) - (no file) - {ED8DB0FD-D8F4-4b2c-BB5B-9EF040FE104D}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Norton SystemWorks One Button Checkup.job
Norton AntiVirus - Scan my computer.job
Symantec NetDetect.job
McAfee.com Scan for Viruses - My Computer (USER-USER1).job
McAfee.com Update Check (USER-USER1).job
McAfee.com Update Check (USER-PowerUser).job

--------------------------------------------------

Enumerating Download Program Files:

[{10954C80-4F0F-11D3-B17C-00C0DFE39736}]
CODEBASE = http://hot.thebugs.ws/fav.exe

[iPIX ActiveX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ipixx.ocx
CODEBASE = http://www.ipix.com/download/ipixx.cab

[{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6}]
CODEBASE = http://public.windupdates.com/get_file.php...28695168af3c74a

[{2AEEAC34-FD74-4142-B891-4B05C0C03C87}]
CODEBASE = http://akamai.downloadv3.com/binaries/Dial...049_pack_XP.cab

[Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ISTactivex.dll
CODEBASE = http://www.xxxtoolbar.com/ist/softwares/v4...006_regular.cab

[{469C7080-8EC8-43A6-AD97-45848113743C}]
CODEBASE = http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab

[QDiagAOLCCUpdateObj Class]
InProcServer32 = C:\WINDOWS\System32\qdiagcc.ocx
CODEBASE = http://aolcc.Email Removed/computercheckup/qdiagcc.cab

[McAfee.com Operating System Class]
InProcServer32 = C:\WINDOWS\System32\mcinsctl.dll
CODEBASE = http://download.av.Email Removed/molbin/shared/m...77/mcinsctl.cab

[Sinstaller Class]
InProcServer32 = C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll
CODEBASE = http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab

[MediaTicketsInstaller Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\MEDIAT~1.OCX
CODEBASE = http://www.mt-download.com/MediaTicketsInstaller.cab

[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
CODEBASE = http://messenger.msn.com/download/MsnMesse...pDownloader.cab

[DwnldGroupMgr Class]
InProcServer32 = C:\WINDOWS\System32\mcgdmgr.dll
CODEBASE = http://download.av.Email Removed/molbin/shared/m...,18/mcgdmgr.cab

[{D52D92F2-3650-439C-AA18-03EE4F6859DE}]
CODEBASE = http://dialer.dialerxp.com/getdialer/L112.exe

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #4: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol #1: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol #2: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol #18: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol #19: C:\Program Files\NewDotNet\newdotnet6_38.dll

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\USER1\LOCALS~1\Temp\~805466.tmp|||A

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
End of report, 14,112 bytes
Report generated in 0.843 seconds

Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only

Pages: [1]