1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Internet Explorer not working

Discussion in 'Malware and Virus Removal Archive' started by juddson, 2008/01/30.

  1. 2008/01/30
    juddson

    juddson Inactive Thread Starter

    Joined:
    2008/01/30
    Messages:
    44
    Likes Received:
    0
    Hi I was wondering if anyone could help me with this. My anti-virus detected a virus the other day and deleted all the infected files but now my Internet Explorer doesnt work anymore. Im posting my Hijackthis log below. and please don't close this one I know I double posted I didnt see the message that the thread had to be approvied sorry again
    Thanks for you help

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:14:02 PM, on 30/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\htpatch.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\EXSHOW95.EXE
    C:\WINDOWS\system32\EXSHOW.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe "
    O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe "
    O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe "
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe "
    O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\STOP WAVE.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
    O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [iCall Internet Phone] "C:\Program Files\iCall\iCall.exe" /startup
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-CA/.../GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1198027884140
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

    --
    End of file - 8693 bytes
     
    Last edited: 2008/01/30
    juddson,
    #1
  2. 2008/01/30
    juddson

    juddson Inactive Thread Starter

    Joined:
    2008/01/30
    Messages:
    44
    Likes Received:
    0
    edited
     
    Last edited: 2008/01/30
    juddson,
    #2


  3. to hide this advert.

  4. 2008/01/30
    juddson

    juddson Inactive Thread Starter

    Joined:
    2008/01/30
    Messages:
    44
    Likes Received:
    0
    Here is my DSS log


    Deckard's System Scanner v20071014.68
    Run by jid on 2008-01-30 21:26:04
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------



    -- HijackThis (run as jid.exe) -------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:26:09 PM, on 30/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\htpatch.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\EXSHOW95.EXE
    C:\WINDOWS\system32\EXSHOW.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Steam\Steam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Ventrilo\Ventrilo.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\jid\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\jid.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe "
    O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe "
    O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe "
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe "
    O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\STOP WAVE.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
    O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [iCall Internet Phone] "C:\Program Files\iCall\iCall.exe" /startup
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1198027884140
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

    --
    End of file - 8797 bytes

    -- Files created between 2007-12-30 and 2008-01-30 -----------------------------

    2008-01-30 13:56:19 0 d-------- C:\Program Files\HTTP-Tunnel
    2008-01-30 13:46:13 0 d-------- C:\WINDOWS\LastGood
    2008-01-25 21:46:05 0 d-------- C:\Program Files\QuickTime
    2008-01-25 13:59:33 0 d-------- C:\Program Files\Windows Journal Viewer
    2008-01-24 15:10:44 0 d-------- C:\Program Files\AdVantage
    2008-01-24 15:08:48 0 d-------- C:\Program Files\WinAce
    2008-01-24 11:56:01 0 d-------- C:\Documents and Settings\jid\Application Data\DivX
    2008-01-24 00:32:52 0 d-------- C:\Program Files\DivX
    2008-01-24 00:13:56 0 d-------- C:\Program Files\uTorrent
    2008-01-24 00:13:54 0 d-------- C:\Documents and Settings\jid\Application Data\uTorrent
    2008-01-22 10:54:14 0 d-------- C:\Documents and Settings\jid\Application Data\ATI
    2008-01-20 17:00:54 13484 --ah----- C:\WINDOWS\system32\mlfcache.dat
    2008-01-15 22:08:44 0 d-------- C:\Documents and Settings\jid\Application Data\mIRC
    2008-01-15 22:08:43 0 d-------- C:\Program Files\mIRC
    2008-01-15 15:46:49 0 d-------- C:\WINDOWS\Sun
    2008-01-15 15:46:49 0 d-------- C:\Documents and Settings\jid\Application Data\Sun
    2008-01-14 22:09:02 0 d-------- C:\PokerHound_SQL
    2008-01-14 21:54:24 0 d-------- C:\Program Files\Microsoft.NET
    2008-01-09 18:24:10 0 d-------- C:\Documents and Settings\jid\Application Data\Ventrilo
    2008-01-09 18:19:15 520192 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
    2008-01-09 18:17:22 0 d-------- C:\Program Files\Ventrilo
    2008-01-09 18:16:08 0 d-------- C:\ATI
    2008-01-09 17:30:13 0 d-------- C:\Program Files\Steam
    2008-01-08 21:23:48 0 d-------- C:\Program Files\Microsoft SQL Server
    2008-01-07 19:41:59 4 --a------ C:\WINDOWS\system32\proc625010911.bin
    2008-01-07 19:41:59 0 d-------- C:\Documents and Settings\jid\Application Data\GanymedeNet
    2008-01-07 19:41:58 1020 --a------ C:\WINDOWS\mozver.dat
    2008-01-07 12:33:54 0 d-------- C:\Program Files\iCall
    2008-01-04 18:56:37 0 d-------- C:\Documents and Settings\jid\Application Data\WinRAR
    2008-01-04 16:58:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2008-01-04 16:57:22 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
    2008-01-04 16:57:22 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
    2008-01-04 16:57:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
    2008-01-04 16:57:10 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
    2008-01-04 16:57:10 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
    2008-01-04 16:57:10 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
    2008-01-04 16:56:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-01-04 10:01:37 0 dr-h----- C:\$VAULT$.AVG
    2008-01-02 16:07:24 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-01-02 16:07:09 0 d-------- C:\Program Files\PokerAce Hud
    2008-01-02 16:05:58 0 d-------- C:\Program Files\Poker Tracker V2
    2008-01-02 15:25:24 0 --a------ C:\WINDOWS\nsreg.dat
    2008-01-02 15:25:15 0 d-------- C:\Documents and Settings\jid\Application Data\Mozilla
    2008-01-02 15:11:54 0 d-------- C:\Documents and Settings\All Users\Application Data\MSN6
    2008-01-02 15:11:53 0 d-------- C:\Documents and Settings\jid\Application Data\MSN6
    2007-12-31 01:40:09 60496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver>
    2007-12-31 01:40:08 21075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt>


    -- Find3M Report ---------------------------------------------------------------

    2008-01-30 19:53:44 0 d-------- C:\Program Files\Full Tilt Poker
    2008-01-30 15:52:31 0 d-------- C:\Program Files\PokerStars
    2008-01-30 14:11:59 0 d-------- C:\Program Files\Trend Micro
    2008-01-30 08:00:18 0 d-------- C:\Documents and Settings\jid\Application Data\AVG7
    2008-01-28 17:58:57 0 d-------- C:\Documents and Settings\jid\Application Data\PROXY TRUST MIX
    2008-01-25 20:44:07 0 d-------- C:\Program Files\FrostWire
    2008-01-23 21:18:27 0 d-------- C:\Documents and Settings\jid\Application Data\FrostWire
    2008-01-09 18:20:58 0 d-------- C:\Program Files\ATI Technologies
    2008-01-09 18:19:47 0 d-------- C:\Program Files\Common Files\InstallShield
    2008-01-09 18:15:53 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-01-08 20:45:57 0 d-------- C:\Program Files\Circle Developement
    2007-12-27 14:10:47 0 d-------- C:\Documents and Settings\jid\Application Data\Bell
    2007-12-27 14:10:39 0 d-------- C:\Program Files\Bell
    2007-12-26 23:24:06 0 d-------- C:\Documents and Settings\jid\Application Data\LimeWire
    2007-12-26 23:22:43 0 d-------- C:\Program Files\AskSBar
    2007-12-26 23:22:15 0 d-------- C:\Program Files\LimeWire
    2007-12-26 23:17:33 0 d-------- C:\Documents and Settings\jid\Application Data\Apple Computer
    2007-12-26 23:17:03 0 d-------- C:\Program Files\iTunes
    2007-12-26 23:16:24 0 d-------- C:\Program Files\iPod
    2007-12-26 23:11:22 0 d-------- C:\Program Files\Apple Software Update
    2007-12-26 23:10:00 0 d-------- C:\Program Files\Common Files
    2007-12-26 23:10:00 0 d-------- C:\Program Files\Common Files\Apple
    2007-12-26 22:47:50 0 d-------- C:\Program Files\Java
    2007-12-26 22:42:35 0 d-------- C:\Program Files\Common Files\Java
    2007-12-25 22:12:44 0 d-------- C:\Program Files\PROXY TRUST MIX
    2007-12-25 22:12:23 0 d-------- C:\Program Files\Messenger Plus! Live
    2007-12-23 14:16:44 0 d-------- C:\Program Files\Common Files\Adobe
    2007-12-19 19:46:29 0 d-------- C:\Program Files\AGN
    2007-12-19 19:26:58 0 d--h----- C:\Program Files\InstallShield Installation Information
    2007-12-19 18:55:09 0 d-------- C:\Program Files\Windows Live Toolbar
    2007-12-19 18:54:43 0 d-------- C:\Program Files\Windows Live Favorites
    2007-12-19 18:53:33 0 d-------- C:\Program Files\Windows Live
    2007-12-19 18:53:00 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
    2007-12-19 00:05:44 0 d-------- C:\Program Files\DIFX
    2007-12-18 23:44:58 0 d-------- C:\Program Files\Sygate
    2007-12-18 23:19:43 0 d-------- C:\Documents and Settings\jid\Application Data\Macromedia
    2007-12-18 23:19:43 0 d-------- C:\Documents and Settings\jid\Application Data\Adobe
    2007-12-18 23:16:08 0 d-------- C:\Program Files\MSXML 6.0
    2007-12-18 23:06:06 0 d-------- C:\Program Files\Messenger
    2007-12-18 22:58:10 0 d-------- C:\Program Files\MSBuild
    2007-12-18 22:54:06 0 d-------- C:\Program Files\Reference Assemblies
    2007-12-18 22:51:49 0 d-------- C:\Program Files\CONEXANT
    2007-12-18 22:50:29 0 d-------- C:\Program Files\Windows Media Connect 2
    2007-12-18 21:50:58 0 d-------- C:\Program Files\Movie Maker
    2007-12-18 21:48:14 0 d-------- C:\Program Files\Windows NT
    2007-12-07 15:35:24 0 d-------- C:\Documents and Settings\jid\Application Data\Help
    2007-12-04 03:18:53 0 d-------- C:\Documents and Settings\jid\Application Data\InterTrust
    2007-12-04 03:17:14 0 d-------- C:\Program Files\ASUS
    2007-12-04 03:16:39 0 d-------- C:\Program Files\SiSLan
    2007-12-04 03:15:43 0 d-------- C:\Program Files\Analog Devices
    2007-12-04 03:15:38 44 --a------ C:\WINDOWS\system32\msssc.dll
    2007-12-04 03:10:45 0 d-------- C:\Documents and Settings\jid\Application Data\Identities
    2007-12-03 21:42:23 0 d-------- C:\Program Files\microsoft frontpage
    2007-12-03 21:42:14 0 -rahs---- C:\MSDOS.SYS
    2007-12-03 21:42:14 0 -rahs---- C:\IO.SYS
    2007-12-03 21:42:14 0 --a------ C:\CONFIG.SYS
    2007-12-03 21:42:14 0 --a------ C:\AUTOEXEC.BAT
    2007-12-03 21:41:05 0 d-------- C:\Program Files\Online Services
    2007-12-03 21:39:51 0 d-------- C:\Program Files\Common Files\MSSoap
    2007-12-03 21:39:23 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
    2007-12-03 21:38:42 0 d--h----- C:\Program Files\WindowsUpdate
    2007-12-03 21:38:30 0 d-------- C:\Program Files\MSN Gaming Zone
    2007-12-03 11:26:37 0 d-------- C:\Program Files\Common Files\ODBC
    2007-12-03 11:26:33 0 d-------- C:\Program Files\Common Files\SpeechEngines
    2007-12-03 11:26:06 62 --ahs---- C:\Documents and Settings\jid\Application Data\desktop.ini


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
    26/12/2007 11:22 PM 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
    26/12/2007 11:22 PM 267592 --a------ C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} "= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [26/12/2007 11:22 PM 267592]

    [-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HTpatch "= "C:\WINDOWS\htpatch.exe" [30/10/2002 04:40 AM]
    "ASUS Probe "= "C:\Program Files\ASUS\Probe\AsusProb.exe" [06/12/2002 07:07 PM]
    "pccguide.exe "= "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe" [18/07/2002 10:18 AM]
    "PCCClient.exe "= "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe" [18/07/2002 10:12 AM]
    "Pop3trap.exe "= "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe" [18/07/2002 10:15 AM]
    "ATIPTA "= "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [13/10/2002 12:00 AM]
    "AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [21/12/2007 09:34 AM]
    "SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12/07/2007 04:00 AM]
    "Stupid Data Dart Wave "= "C:\Documents and Settings\All Users\Application Data\flag ace stupid data\STOP WAVE.exe" []
    "iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [11/12/2007 12:10 PM]
    "SSA.exe "= "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [27/03/2007 10:33 AM]
    "EXSHOW95.EXE "= "EXSHOW95.EXE" [07/09/2001 07:18 PM C:\WINDOWS\system32\exshow95.exe]
    "SmcService "= "C:\PROGRA~1\Sygate\SPF\smc.exe" [15/10/2004 07:40 PM]
    "iCall Internet Phone "= "C:\Program Files\iCall\iCall.exe" [28/08/2007 02:24 PM]
    "ATICCC "= "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [02/01/2006 04:41 PM]
    "KernelFaultCheck "= "C:\WINDOWS\system32\dumprep 0 -k" []
    "QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [10/01/2008 03:27 PM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 02:56 AM]
    "SpybotSD TeaTimer "= "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 04:46 PM]
    "msnmsgr "= "C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34 AM]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @= "Volume shadow copy "




    -- End of Deckard's System Scanner: finished at 2008-01-30 21:26:37 ------------
     
    Last edited: 2008/01/30
    juddson,
    #3
  5. 2008/01/30
    juddson

    juddson Inactive Thread Starter

    Joined:
    2008/01/30
    Messages:
    44
    Likes Received:
    0
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Home Edition (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) 4 CPU 2.66GHz
    Percentage of Memory in Use: 67%
    Physical Memory (total/avail): 511.53 MiB / 163.95 MiB
    Pagefile Memory (total/avail): 1250.21 MiB / 760.82 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1913.35 MiB

    A: is Removable (No Media)
    C: is Fixed (NTFS) - 74.55 GiB total, 52.77 GiB free.
    D: is CDROM (No Media)
    E: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - SAMSUNG SP8004H - 74.56 GiB - 1 partition
    \PARTITION0 (bootable) - Installable File System - 74.55 GiB - C:



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is enabled.

    FW: Sygate Personal Firewall v4.6 (Sygate Technologies, Inc.)
    AV: AVG 7.5.516 v7.5.516 (Grisoft)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPoli cy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enable d:mad:xpsp2res.dll,-22019 "
    "%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger "
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe "= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPoli cy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enable d:mad:xpsp2res.dll,-22019 "
    "C:\\Program Files\\Messenger\\msmsgs.exe "= "C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger "
    "%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "C:\\Program Files\\GRISOFT\\AVG7\\avginet.exe "= "C:\\Program Files\\GRISOFT\\AVG7\\avginet.exe:*:Enabled:avginet.exe "
    "C:\\Program Files\\GRISOFT\\AVG7\\avgamsvr.exe "= "C:\\Program Files\\GRISOFT\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe "
    "C:\\Program Files\\GRISOFT\\AVG7\\avgcc.exe "= "C:\\Program Files\\GRISOFT\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe "
    "C:\\Program Files\\GRISOFT\\AVG7\\avgemc.exe "= "C:\\Program Files\\GRISOFT\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe "
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger "
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe "= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
    "C:\\Program Files\\iTunes\\iTunes.exe "= "C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes "
    "C:\\Program Files\\FrostWire\\FrostWire.exe "= "C:\\Program Files\\FrostWire\\FrostWire.exe:*:Enabled:LimeWire "
    "C:\\Program Files\\iCall\\iCall.exe "= "C:\\Program Files\\iCall\\iCall.exe:*:Enabled:iCall "
    "C:\\Program Files\\Steam\\steamapps\\kani_way@emailaccount.com\\counter-strike\\hl.exe "= "C:\\Program Files\\Steam\\steamapps\\kani_way@emailaccount.com\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher "
    "C:\\Program Files\\Steam\\steamapps\\kani_way@emailaccount.com\\day of defeat\\hl.exe "= "C:\\Program Files\\Steam\\steamapps\\kani_way@emailaccount.com\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher "
    "C:\\Program Files\\Steam\\steamapps\\kani_way@emailaccount.com\\deathmatch classic\\hl.exe "= "C:\\Program Files\\Steam\\steamapps\\kani_way@emailaccount.com\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher "
    "C:\\Program Files\\mIRC\\mirc.exe "= "C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC "
    "C:\\Program Files\\uTorrent\\uTorrent.exe "= "C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent "
    "C:\\Program Files\\Steam\\steamapps\\headhunter@emailaccount.com\\counter-strike\\hl.exe "= "C:\\Program Files\\Steam\\steamapps\\headhunter@emailaccount.com\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher "
    "C:\\Program Files\\Steam\\Steam.exe "= "C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam "


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\jid\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=NHBA-2BE7FYK1LB
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\jid
    LOGONSERVER=\\NHBA-2BE7FYK1LB
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\ATI Technologies\ATI.ACE\;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0207
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\jid\LOCALS~1\Temp
    TMP=C:\DOCUME~1\jid\LOCALS~1\Temp
    USERDOMAIN=NHBA-2BE7FYK1LB
    USERNAME=jid
    USERPROFILE=C:\Documents and Settings\jid
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    jid (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
    Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c "C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll "
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    AdVantage (Powering WinAce) --> "C:\Program Files\AdVantage\AdVUninst.exe" /r WACE /d "AdVantage (Powering WinAce)" /m "AdVantage is safe advertising software that supports WinAce.\nWinAce may no longer function properly if you remove AdVantage support.\nAdVantage is certified by TRUSTe as a Trusted Download.\n\nAre you sure you wish to remove AdVantage support for WinAce? "
    Apple Mobile Device Support --> MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
    Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Ask Toolbar --> rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
    ASUS Probe V2.19.04 --> C:\WINDOWS\uninst.exe -f "C:\Program Files\ASUS\Probe\DeIsL1.isu" -c "C:\Program Files\ASUS\Probe\probunis.dll "
    AsusUpdate --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\ASUS\AsusUpdate\Uninst.isu "
    ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center --> MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}
    ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe "
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
    AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
    AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
    Counter-Strike --> "C:\Program Files\Steam\steam.exe" steam://uninstall/10
    Day of Defeat --> "C:\Program Files\Steam\steam.exe" steam://uninstall/30
    Deathmatch Classic --> "C:\Program Files\Steam\steam.exe" steam://uninstall/40
    DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    FrostWire 4.13.4 --> C:\Program Files\FrostWire\Uninstall.exe
    Full Tilt Poker --> "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x0009 -removeonly
    Highlight Viewer (Windows Live Toolbar) --> MsiExec.exe /X{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
    Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe "
    HTTP-Tunnel 2.10.0070 --> "C:\Program Files\HTTP-Tunnel\setup\uninst.exe "
    HydraVision --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe "
    iCall --> "C:\Program Files\iCall\unins000.exe "
    iTunes --> MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Map Button (Windows Live Toolbar) --> MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
    Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe "
    Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe "
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
    Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
    Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) --> MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
    Microsoft SQL Server 2005 Tools Express Edition --> MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
    Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
    Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
    Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
    Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
    mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
    Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    PC-cillin 2002 --> MsiExec.exe /X{C90F3E44-3BF6-11D4-A110-00500405613A}
    PCI SoftV92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_HSF\UIU32m.exe -U -IPSCRCSR5K.inf
    Poker Tracker Version 2.16.03d --> "C:\Program Files\Poker Tracker V2\unins000.exe "
    PokerAce Hud (remove only) --> "C:\Program Files\PokerAce Hud\uninstall.exe "
    PokerStars --> "C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:pokerStars
    QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
    Score Poker --> MsiExec.exe /X{F58BFB58-9943-4DC5-9EED-E9B01C103DD5}
    SiS 900 PCI Fast Ethernet Adapter Driver --> C:\Progra~1\SiSLan\Uninst.exe
    Smart Menus (Windows Live Toolbar) --> MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
    SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe "
    Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
    Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Sygate Personal Firewall --> MsiExec.exe /I{F34D9A5F-484A-4E31-A9D3-908CB265B289}
    Sympatico Security Advisor 1.5.11 --> "C:\Program Files\Bell\Sympatico Security Advisor\unins000.exe "
    Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
    WinAce Archiver - Powered by AdVantage --> "C:\Program Files\WinAce\SXUNINST.EXE" "C:\Program Files\WinAce\SXUNINST.INI "
    Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
    Windows Live Favorites for Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
    Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
    Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
    Windows Live Toolbar --> MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
    Windows Live Toolbar Extension (Windows Live Toolbar) --> MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
    Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe "
    Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    XML Paper Specification Shared Components Pack 1.0 -->


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type2520 / Success
    Event Submitted/Written: 01/30/2008 01:46:41 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type2491 / Warning
    Event Submitted/Written: 01/30/2008 01:43:15 PM
    Event ID/Source: 3 / SQLBrowser
    Event Description:
    The configuration of the AdminConnection\TCP protocol in the SQL instance SQLEXPRESS is not valid.

    Event Record #/Type2447 / Success
    Event Submitted/Written: 01/29/2008 03:57:46 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type2443 / Warning
    Event Submitted/Written: 01/29/2008 03:54:19 PM
    Event ID/Source: 3 / SQLBrowser
    Event Description:
    The configuration of the AdminConnection\TCP protocol in the SQL instance SQLEXPRESS is not valid.

    Event Record #/Type2396 / Success
    Event Submitted/Written: 01/28/2008 03:06:51 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type2270 / Error
    Event Submitted/Written: 01/30/2008 01:45:15 PM
    Event ID/Source: 7034 / Service Control Manager
    Event Description:
    The Trend NT Realtime Service service terminated unexpectedly. It has done this 1 time(s).

    Event Record #/Type2261 / Error
    Event Submitted/Written: 01/30/2008 10:58:18 AM
    Event ID/Source: 10010 / DCOM
    Event Description:
    The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register with DCOM within the required timeout.

    Event Record #/Type2258 / Warning
    Event Submitted/Written: 01/30/2008 05:34:16 AM
    Event ID/Source: 36 / W32Time
    Event Description:
    The time service has not been able to synchronize the system time
    for 49152 seconds because none of the time providers has been able to
    provide a usable time stamp. The system clock is unsynchronized.

    Event Record #/Type2257 / Warning
    Event Submitted/Written: 01/29/2008 07:08:38 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

    Event Record #/Type2256 / Warning
    Event Submitted/Written: 01/29/2008 06:01:02 PM / 01/29/2008 06:01:03 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.



    -- End of Deckard's System Scanner: finished at 2008-01-30 21:18:41 ------------
     
    juddson,
    #4
  6. 2008/01/31
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi juddson

    OK, You are running to many Anti-Virus and Firewalls.
    AVG 7.5
    PC-cillin 2002
    Sympatico Security Advisor

    Sygate Personal Firewall

    You need 1 Anti-virus program and 1 Firewall running, Pick the 1 you want and delete the others.

    Having any p2p file sharing apps such as Limewire, BitTorrent uTorrent etc.. is almost like inviting malware into your computer. There is absolutely no way for you to know which of the hundreds of thousands of users you are sharing files with are infected or not.
    I strongly recommend removing any P2P applications.


    Also the Poker sites are not good, good way to become infected.

    Geri
     
    Geri,
    #5
  7. 2008/01/31
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Edit: Geri and I posted at the same time. Please complete the steps he has given you before proceding with the following.


    You have a LOP infection, due to the installation of Messenger Plus! Live & Sponsor. It's the sponsor program that also infects users with LOP. You first need to uninstall Messenger Plus! Live & Sponsor via Add/Remove programs. You can re-install it, if you wish, without the sponsor once we get you cleaned up and working properly ( I personally don't recommend using any program whose sponsor infects your computer).

    Download Winsock XP Fix. Close all open programs and connections. Run Winsock XP Fix and select Fix. Reboot.

    If Internet Explorer works now, please go HERE to run Panda's ActiveScan
    • Once you are on the Panda site click the Scan your PC now button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Select the appropriate Yes or No to receiving marketing information
    • Click the Free Online Scan button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
    Post the contents of the ActiveScan report along with a fresh HijackThis log.
     
    noahdfear,
    #6
  8. 2008/02/05
    juddson

    juddson Inactive Thread Starter

    Joined:
    2008/01/30
    Messages:
    44
    Likes Received:
    0
    Hi sorry for taking so long to get back to you. I deleted the two extra anti-virus programs. Ran WinstockxpFix and now my Internet Explorer is working fine. I did the scan and it came back clean it didn't give me a log file or I closed it somehow im not sure so I don't have one but here in my new Hijackthis log.
    Thanks for all your help.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:14:39 PM, on 05/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\EXSHOW95.EXE
    C:\WINDOWS\system32\EXSHOW.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe "
    O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\STOP WAVE.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [iCall Internet Phone] "C:\Program Files\iCall\iCall.exe" /startup
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1198027884140
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 7694 bytes
     
    juddson,
    #7
  9. 2008/02/06
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Your log appears clean, so unless you are having other problems, I'd say we're done.
     
    noahdfear,
    #8

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...