View Full Version : Services and Controller App has encountered a problem...
Mondie
10-29-2006, 10:24 AM
Help please!
This message box keeps popping up:
"Services and Controller App has encountered a problem and needs to close. We are sorry for the inconvenience.
If you were in the middle of something the information you were working on might be lost.
For more information about this error, click here. Close"
When I click on more info:
"Generic Host Process for Win32 Services Error Signature
szAppName: scvhost.exe szAppVer: 5.1.2600.0 szModName:unknown
szModVer: 0.0.0.0 offset 00000000
The following files will be included in the report
C:\DOCUME~1\Mondie\LOCALS~1\Temp\WER484.tmp.dir00\ svchost.exe.mdmp
C:\DOCUME~1\Mondie\LOCALS~1\Temp\WER484.tmp.dir00\ appcomat.txt"
thanks!
Mondie
10-29-2006, 10:29 AM
I did a HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 7:25:33 AM, on 10/29/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\9129837.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\mcafee\msc\mcupdui.exe
C:\WINDOWS\System32\dwwin.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://encarta.msn.com/teleport/activate/default.asp?pid=51957HP1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
Mondie
10-29-2006, 10:34 AM
O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
O4 - HKCU\..\Run: [158031.exe] C:\WINDOWS\158031.exe
O4 - HKCU\..\Run: [561296.exe] C:\WINDOWS\561296.exe
O4 - HKCU\..\Run: [961656.exe] C:\WINDOWS\961656.exe
O4 - HKCU\..\Run: [1362453.exe] C:\WINDOWS\1362453.exe
O4 - HKCU\..\Run: [1763000.exe] C:\WINDOWS\1763000.exe
O4 - HKCU\..\Run: [2163703.exe] C:\WINDOWS\2163703.exe
O4 - HKCU\..\Run: [2565125.exe] C:\WINDOWS\2565125.exe
O4 - HKCU\..\Run: [2969015.exe] C:\WINDOWS\2969015.exe
O4 - HKCU\..\Run: [3369828.exe] C:\WINDOWS\3369828.exe
O4 - HKCU\..\Run: [3770281.exe] C:\WINDOWS\3770281.exe
O4 - HKCU\..\Run: [4171437.exe] C:\WINDOWS\4171437.exe
O4 - HKCU\..\Run: [4571859.exe] C:\WINDOWS\4571859.exe
O4 - HKCU\..\Run: [4972359.exe] C:\WINDOWS\4972359.exe
O4 - HKCU\..\Run: [5372718.exe] C:\WINDOWS\5372718.exe
O4 - HKCU\..\Run: [5773218.exe] C:\WINDOWS\5773218.exe
O4 - HKCU\..\Run: [6173937.exe] C:\WINDOWS\6173937.exe
O4 - HKCU\..\Run: [6574625.exe] C:\WINDOWS\6574625.exe
O4 - HKCU\..\Run: [6975781.exe] C:\WINDOWS\6975781.exe
O4 - HKCU\..\Run: [7376218.exe] C:\WINDOWS\7376218.exe
O4 - HKCU\..\Run: [7776984.exe] C:\WINDOWS\7776984.exe
O4 - HKCU\..\Run: [9570906.exe] C:\WINDOWS\9570906.exe
O4 - HKCU\..\Run: [9974406.exe] C:\WINDOWS\9974406.exe
O4 - HKCU\..\Run: [10375171.exe] C:\WINDOWS\10375171.exe
O4 - HKCU\..\Run: [10776109.exe] C:\WINDOWS\10776109.exe
O4 - HKCU\..\Run: [11176640.exe] C:\WINDOWS\11176640.exe
O4 - HKCU\..\Run: [11577687.exe] C:\WINDOWS\11577687.exe
O4 - HKCU\..\Run: [11978093.exe] C:\WINDOWS\11978093.exe
O4 - HKCU\..\Run: [18813281.exe] C:\WINDOWS\18813281.exe
O4 - HKCU\..\Run: [19213750.exe] C:\WINDOWS\19213750.exe
O4 - HKCU\..\Run: [19614171.exe] C:\WINDOWS\19614171.exe
O4 - HKCU\..\Run: [20014734.exe] C:\WINDOWS\20014734.exe
O4 - HKCU\..\Run: [20415546.exe] C:\WINDOWS\20415546.exe
O4 - HKCU\..\Run: [74984312.exe] C:\WINDOWS\74984312.exe
O4 - HKCU\..\Run: [75385953.exe] C:\WINDOWS\75385953.exe
O4 - HKCU\..\Run: [75787031.exe] C:\WINDOWS\75787031.exe
O4 - HKCU\..\Run: [76187890.exe] C:\WINDOWS\76187890.exe
O4 - HKCU\..\Run: [76590468.exe] C:\WINDOWS\76590468.exe
O4 - HKCU\..\Run: [76992546.exe] C:\WINDOWS\76992546.exe
O4 - HKCU\..\Run: [77394156.exe] C:\WINDOWS\77394156.exe
O4 - HKCU\..\Run: [77795953.exe] C:\WINDOWS\77795953.exe
O4 - HKCU\..\Run: [78196718.exe] C:\WINDOWS\78196718.exe
O4 - HKCU\..\Run: [78597453.exe] C:\WINDOWS\78597453.exe
O4 - HKCU\..\Run: [78999625.exe] C:\WINDOWS\78999625.exe
O4 - HKCU\..\Run: [79401156.exe] C:\WINDOWS\79401156.exe
O4 - HKCU\..\Run: [79802187.exe] C:\WINDOWS\79802187.exe
O4 - HKCU\..\Run: [80204703.exe] C:\WINDOWS\80204703.exe
O4 - HKCU\..\Run: [80605656.exe] C:\WINDOWS\80605656.exe
O4 - HKCU\..\Run: [81006656.exe] C:\WINDOWS\81006656.exe
O4 - HKCU\..\Run: [86334953.exe] C:\WINDOWS\86334953.exe
O4 - HKCU\..\Run: [86735906.exe] C:\WINDOWS\86735906.exe
O4 - HKCU\..\Run: [87136968.exe] C:\WINDOWS\87136968.exe
O4 - HKCU\..\Run: [87537640.exe] C:\WINDOWS\87537640.exe
O4 - HKCU\..\Run: [87939593.exe] C:\WINDOWS\87939593.exe
O4 - HKCU\..\Run: [88340234.exe] C:\WINDOWS\88340234.exe
O4 - HKCU\..\Run: [88740812.exe] C:\WINDOWS\88740812.exe
O4 - HKCU\..\Run: [89141718.exe] C:\WINDOWS\89141718.exe
O4 - HKCU\..\Run: [89542484.exe] C:\WINDOWS\89542484.exe
O4 - HKCU\..\Run: [89943531.exe] C:\WINDOWS\89943531.exe
O4 - HKCU\..\Run: [90344515.exe] C:\WINDOWS\90344515.exe
O4 - HKCU\..\Run: [90745140.exe] C:\WINDOWS\90745140.exe
O4 - HKCU\..\Run: [91146718.exe] C:\WINDOWS\91146718.exe
O4 - HKCU\..\Run: [91547296.exe] C:\WINDOWS\91547296.exe
O4 - HKCU\..\Run: [91948171.exe] C:\WINDOWS\91948171.exe
O4 - HKCU\..\Run: [92348796.exe] C:\WINDOWS\92348796.exe
O4 - HKCU\..\Run: [92752656.exe] C:\WINDOWS\92752656.exe
O4 - HKCU\..\Run: [93153625.exe] C:\WINDOWS\93153625.exe
O4 - HKCU\..\Run: [93554828.exe] C:\WINDOWS\93554828.exe
O4 - HKCU\..\Run: [93955875.exe] C:\WINDOWS\93955875.exe
O4 - HKCU\..\Run: [94357187.exe] C:\WINDOWS\94357187.exe
O4 - HKCU\..\Run: [94757781.exe] C:\WINDOWS\94757781.exe
O4 - HKCU\..\Run: [95158703.exe] C:\WINDOWS\95158703.exe
O4 - HKCU\..\Run: [95559281.exe] C:\WINDOWS\95559281.exe
O4 - HKCU\..\Run: [95959890.exe] C:\WINDOWS\95959890.exe
O4 - HKCU\..\Run: [96360765.exe] C:\WINDOWS\96360765.exe
O4 - HKCU\..\Run: [96761296.exe] C:\WINDOWS\96761296.exe
O4 - HKCU\..\Run: [97161890.exe] C:\WINDOWS\97161890.exe
O4 - HKCU\..\Run: [97562468.exe] C:\WINDOWS\97562468.exe
O4 - HKCU\..\Run: [97963078.exe] C:\WINDOWS\97963078.exe
O4 - HKCU\..\Run: [98363968.exe] C:\WINDOWS\98363968.exe
O4 - HKCU\..\Run: [98764625.exe] C:\WINDOWS\98764625.exe
O4 - HKCU\..\Run: [99165875.exe] C:\WINDOWS\99165875.exe
O4 - HKCU\..\Run: [99566500.exe] C:\WINDOWS\99566500.exe
O4 - HKCU\..\Run: [99967312.exe] C:\WINDOWS\99967312.exe
O4 - HKCU\..\Run: [100367937.exe] C:\WINDOWS\100367937.exe
O4 - HKCU\..\Run: [100768562.exe] C:\WINDOWS\100768562.exe
O4 - HKCU\..\Run: [101169187.exe] C:\WINDOWS\101169187.exe
O4 - HKCU\..\Run: [101569781.exe] C:\WINDOWS\101569781.exe
O4 - HKCU\..\Run: [101970781.exe] C:\WINDOWS\101970781.exe
O4 - HKCU\..\Run: [102372312.exe] C:\WINDOWS\102372312.exe
O4 - HKCU\..\Run: [102774984.exe] C:\WINDOWS\102774984.exe
O4 - HKCU\..\Run: [103175906.exe] C:\WINDOWS\103175906.exe
O4 - HKCU\..\Run: [103576859.exe] C:\WINDOWS\103576859.exe
O4 - HKCU\..\Run: [103977796.exe] C:\WINDOWS\103977796.exe
O4 - HKCU\..\Run: [104378703.exe] C:\WINDOWS\104378703.exe
O4 - HKCU\..\Run: [104779203.exe] C:\WINDOWS\104779203.exe
O4 - HKCU\..\Run: [105179734.exe] C:\WINDOWS\105179734.exe
O4 - HKCU\..\Run: [105580359.exe] C:\WINDOWS\105580359.exe
O4 - HKCU\..\Run: [105981187.exe] C:\WINDOWS\105981187.exe
O4 - HKCU\..\Run: [106382093.exe] C:\WINDOWS\106382093.exe
O4 - HKCU\..\Run: [106782640.exe] C:\WINDOWS\106782640.exe
O4 - HKCU\..\Run: [107183453.exe] C:\WINDOWS\107183453.exe
O4 - HKCU\..\Run: [107583968.exe] C:\WINDOWS\107583968.exe
O4 - HKCU\..\Run: [107984750.exe] C:\WINDOWS\107984750.exe
O4 - HKCU\..\Run: [108385625.exe] C:\WINDOWS\108385625.exe
O4 - HKCU\..\Run: [108786125.exe] C:\WINDOWS\108786125.exe
O4 - HKCU\..\Run: [109186437.exe] C:\WINDOWS\109186437.exe
O4 - HKCU\..\Run: [109587046.exe] C:\WINDOWS\109587046.exe
O4 - HKCU\..\Run: [109987578.exe] C:\WINDOWS\109987578.exe
O4 - HKCU\..\Run: [110388515.exe] C:\WINDOWS\110388515.exe
O4 - HKCU\..\Run: [110789078.exe] C:\WINDOWS\110789078.exe
O4 - HKCU\..\Run: [111190062.exe] C:\WINDOWS\111190062.exe
O4 - HKCU\..\Run: [111590734.exe] C:\WINDOWS\111590734.exe
O4 - HKCU\..\Run: [111991421.exe] C:\WINDOWS\111991421.exe
O4 - HKCU\..\Run: [112394125.exe] C:\WINDOWS\112394125.exe
Mondie
10-29-2006, 10:35 AM
O4 - HKCU\..\Run: [149421.exe] C:\WINDOWS\149421.exe
O4 - HKCU\..\Run: [551968.exe] C:\WINDOWS\551968.exe
O4 - HKCU\..\Run: [953468.exe] C:\WINDOWS\953468.exe
O4 - HKCU\..\Run: [1353937.exe] C:\WINDOWS\1353937.exe
O4 - HKCU\..\Run: [20927718.exe] C:\WINDOWS\20927718.exe
O4 - HKCU\..\Run: [21328828.exe] C:\WINDOWS\21328828.exe
O4 - HKCU\..\Run: [21730375.exe] C:\WINDOWS\21730375.exe
O4 - HKCU\..\Run: [22130968.exe] C:\WINDOWS\22130968.exe
O4 - HKCU\..\Run: [22531515.exe] C:\WINDOWS\22531515.exe
O4 - HKCU\..\Run: [22932703.exe] C:\WINDOWS\22932703.exe
O4 - HKCU\..\Run: [23333656.exe] C:\WINDOWS\23333656.exe
O4 - HKCU\..\Run: [23734187.exe] C:\WINDOWS\23734187.exe
O4 - HKCU\..\Run: [24135015.exe] C:\WINDOWS\24135015.exe
O4 - HKCU\..\Run: [24535843.exe] C:\WINDOWS\24535843.exe
O4 - HKCU\..\Run: [24936734.exe] C:\WINDOWS\24936734.exe
O4 - HKCU\..\Run: [29256625.exe] C:\WINDOWS\29256625.exe
O4 - HKCU\..\Run: [29658046.exe] C:\WINDOWS\29658046.exe
O4 - HKCU\..\Run: [30058703.exe] C:\WINDOWS\30058703.exe
O4 - HKCU\..\Run: [30459531.exe] C:\WINDOWS\30459531.exe
O4 - HKCU\..\Run: [30860390.exe] C:\WINDOWS\30860390.exe
O4 - HKCU\..\Run: [31260890.exe] C:\WINDOWS\31260890.exe
O4 - HKCU\..\Run: [31661609.exe] C:\WINDOWS\31661609.exe
O4 - HKCU\..\Run: [34603046.exe] C:\WINDOWS\34603046.exe
O4 - HKCU\..\Run: [35003718.exe] C:\WINDOWS\35003718.exe
O4 - HKCU\..\Run: [35404265.exe] C:\WINDOWS\35404265.exe
O4 - HKCU\..\Run: [35805109.exe] C:\WINDOWS\35805109.exe
O4 - HKCU\..\Run: [36205625.exe] C:\WINDOWS\36205625.exe
O4 - HKCU\..\Run: [36605937.exe] C:\WINDOWS\36605937.exe
O4 - HKCU\..\Run: [37006328.exe] C:\WINDOWS\37006328.exe
O4 - HKCU\..\Run: [174046.exe] C:\WINDOWS\174046.exe
O4 - HKCU\..\Run: [576359.exe] C:\WINDOWS\576359.exe
O4 - HKCU\..\Run: [977093.exe] C:\WINDOWS\977093.exe
O4 - HKCU\..\Run: [1377375.exe] C:\WINDOWS\1377375.exe
O4 - HKCU\..\Run: [1777859.exe] C:\WINDOWS\1777859.exe
O4 - HKCU\..\Run: [2178765.exe] C:\WINDOWS\2178765.exe
O4 - HKCU\..\Run: [2579015.exe] C:\WINDOWS\2579015.exe
O4 - HKCU\..\Run: [2979828.exe] C:\WINDOWS\2979828.exe
O4 - HKCU\..\Run: [3380453.exe] C:\WINDOWS\3380453.exe
O4 - HKCU\..\Run: [3780734.exe] C:\WINDOWS\3780734.exe
O4 - HKCU\..\Run: [4181031.exe] C:\WINDOWS\4181031.exe
O4 - HKCU\..\Run: [4581468.exe] C:\WINDOWS\4581468.exe
O4 - HKCU\..\Run: [4981640.exe] C:\WINDOWS\4981640.exe
O4 - HKCU\..\Run: [5382453.exe] C:\WINDOWS\5382453.exe
O4 - HKCU\..\Run: [5782828.exe] C:\WINDOWS\5782828.exe
O4 - HKCU\..\Run: [6183156.exe] C:\WINDOWS\6183156.exe
O4 - HKCU\..\Run: [6583687.exe] C:\WINDOWS\6583687.exe
O4 - HKCU\..\Run: [6984140.exe] C:\WINDOWS\6984140.exe
O4 - HKCU\..\Run: [7384468.exe] C:\WINDOWS\7384468.exe
O4 - HKCU\..\Run: [7785125.exe] C:\WINDOWS\7785125.exe
O4 - HKCU\..\Run: [8185828.exe] C:\WINDOWS\8185828.exe
O4 - HKCU\..\Run: [8586343.exe] C:\WINDOWS\8586343.exe
O4 - HKCU\..\Run: [8986687.exe] C:\WINDOWS\8986687.exe
O4 - HKCU\..\Run: [9387421.exe] C:\WINDOWS\9387421.exe
O4 - HKCU\..\Run: [9787765.exe] C:\WINDOWS\9787765.exe
O4 - HKCU\..\Run: [10188140.exe] C:\WINDOWS\10188140.exe
O4 - HKCU\..\Run: [10591531.exe] C:\WINDOWS\10591531.exe
O4 - HKCU\..\Run: [10991781.exe] C:\WINDOWS\10991781.exe
O4 - HKCU\..\Run: [11392281.exe] C:\WINDOWS\11392281.exe
O4 - HKCU\..\Run: [11792703.exe] C:\WINDOWS\11792703.exe
O4 - HKCU\..\Run: [12192937.exe] C:\WINDOWS\12192937.exe
O4 - HKCU\..\Run: [12593656.exe] C:\WINDOWS\12593656.exe
O4 - HKCU\..\Run: [12994234.exe] C:\WINDOWS\12994234.exe
O4 - HKCU\..\Run: [13394609.exe] C:\WINDOWS\13394609.exe
O4 - HKCU\..\Run: [13794984.exe] C:\WINDOWS\13794984.exe
O4 - HKCU\..\Run: [14195390.exe] C:\WINDOWS\14195390.exe
O4 - HKCU\..\Run: [14595781.exe] C:\WINDOWS\14595781.exe
O4 - HKCU\..\Run: [14996187.exe] C:\WINDOWS\14996187.exe
O4 - HKCU\..\Run: [15396937.exe] C:\WINDOWS\15396937.exe
O4 - HKCU\..\Run: [15800203.exe] C:\WINDOWS\15800203.exe
O4 - HKCU\..\Run: [16200578.exe] C:\WINDOWS\16200578.exe
O4 - HKCU\..\Run: [16600890.exe] C:\WINDOWS\16600890.exe
O4 - HKCU\..\Run: [17001296.exe] C:\WINDOWS\17001296.exe
O4 - HKCU\..\Run: [155203.exe] C:\WINDOWS\155203.exe
O4 - HKCU\..\Run: [560171.exe] C:\WINDOWS\560171.exe
O4 - HKCU\..\Run: [960890.exe] C:\WINDOWS\960890.exe
O4 - HKCU\..\Run: [1361343.exe] C:\WINDOWS\1361343.exe
O4 - HKCU\..\Run: [1761687.exe] C:\WINDOWS\1761687.exe
O4 - HKCU\..\Run: [2162750.exe] C:\WINDOWS\2162750.exe
O4 - HKCU\..\Run: [3618468.exe] C:\WINDOWS\3618468.exe
O4 - HKCU\..\Run: [4018765.exe] C:\WINDOWS\4018765.exe
O4 - HKCU\..\Run: [4419296.exe] C:\WINDOWS\4419296.exe
O4 - HKCU\..\Run: [4819984.exe] C:\WINDOWS\4819984.exe
O4 - HKCU\..\Run: [5220687.exe] C:\WINDOWS\5220687.exe
O4 - HKCU\..\Run: [5621000.exe] C:\WINDOWS\5621000.exe
O4 - HKCU\..\Run: [6021687.exe] C:\WINDOWS\6021687.exe
O4 - HKCU\..\Run: [6422000.exe] C:\WINDOWS\6422000.exe
O4 - HKCU\..\Run: [6822296.exe] C:\WINDOWS\6822296.exe
O4 - HKCU\..\Run: [7223171.exe] C:\WINDOWS\7223171.exe
O4 - HKCU\..\Run: [7624125.exe] C:\WINDOWS\7624125.exe
O4 - HKCU\..\Run: [133812.exe] C:\WINDOWS\133812.exe
O4 - HKCU\..\Run: [536218.exe] C:\WINDOWS\536218.exe
O4 - HKCU\..\Run: [936500.exe] C:\WINDOWS\936500.exe
O4 - HKCU\..\Run: [1336859.exe] C:\WINDOWS\1336859.exe
O4 - HKCU\..\Run: [1737171.exe] C:\WINDOWS\1737171.exe
O4 - HKCU\..\Run: [2137484.exe] C:\WINDOWS\2137484.exe
O4 - HKCU\..\Run: [2538125.exe] C:\WINDOWS\2538125.exe
O4 - HKCU\..\Run: [2938437.exe] C:\WINDOWS\2938437.exe
O4 - HKCU\..\Run: [3338703.exe] C:\WINDOWS\3338703.exe
O4 - HKCU\..\Run: [136390.exe] C:\WINDOWS\136390.exe
O4 - HKCU\..\Run: [540468.exe] C:\WINDOWS\540468.exe
O4 - HKCU\..\Run: [160593.exe] C:\WINDOWS\160593.exe
O4 - HKCU\..\Run: [561875.exe] C:\WINDOWS\561875.exe
O4 - HKCU\..\Run: [962531.exe] C:\WINDOWS\962531.exe
O4 - HKCU\..\Run: [1362953.exe] C:\WINDOWS\1362953.exe
O4 - HKCU\..\Run: [1763296.exe] C:\WINDOWS\1763296.exe
O4 - HKCU\..\Run: [2163968.exe] C:\WINDOWS\2163968.exe
O4 - HKCU\..\Run: [2564531.exe] C:\WINDOWS\2564531.exe
O4 - HKCU\..\Run: [2965234.exe] C:\WINDOWS\2965234.exe
O4 - HKCU\..\Run: [3365828.exe] C:\WINDOWS\3365828.exe
O4 - HKCU\..\Run: [3766578.exe] C:\WINDOWS\3766578.exe
O4 - HKCU\..\Run: [4166984.exe] C:\WINDOWS\4166984.exe
O4 - HKCU\..\Run: [4567671.exe] C:\WINDOWS\4567671.exe
O4 - HKCU\..\Run: [4968171.exe] C:\WINDOWS\4968171.exe
O4 - HKCU\..\Run: [5368843.exe] C:\WINDOWS\5368843.exe
O4 - HKCU\..\Run: [5769125.exe] C:\WINDOWS\5769125.exe
O4 - HKCU\..\Run: [6172718.exe] C:\WINDOWS\6172718.exe
O4 - HKCU\..\Run: [6573000.exe] C:\WINDOWS\6573000.exe
O4 - HKCU\..\Run: [6973578.exe] C:\WINDOWS\6973578.exe
O4 - HKCU\..\Run: [7374140.exe] C:\WINDOWS\7374140.exe
O4 - HKCU\..\Run: [7774750.exe] C:\WINDOWS\7774750.exe
O4 - HKCU\..\Run: [8175015.exe] C:\WINDOWS\8175015.exe
O4 - HKCU\..\Run: [8575375.exe] C:\WINDOWS\8575375.exe
O4 - HKCU\..\Run: [8976265.exe] C:\WINDOWS\8976265.exe
O4 - HKCU\..\Run: [9376546.exe] C:\WINDOWS\9376546.exe
O4 - HKCU\..\Run: [9776750.exe] C:\WINDOWS\9776750.exe
O4 - HKCU\..\Run: [10177031.exe] C:\WINDOWS\10177031.exe
O4 - HKCU\..\Run: [10577468.exe] C:\WINDOWS\10577468.exe
O4 - HKCU\..\Run: [10978140.exe] C:\WINDOWS\10978140.exe
O4 - HKCU\..\Run: [11378859.exe] C:\WINDOWS\11378859.exe
O4 - HKCU\..\Run: [11779140.exe] C:\WINDOWS\11779140.exe
O4 - HKCU\..\Run: [12179421.exe] C:\WINDOWS\12179421.exe
O4 - HKCU\..\Run: [12580218.exe] C:\WINDOWS\12580218.exe
O4 - HKCU\..\Run: [12980515.exe] C:\WINDOWS\12980515.exe
O4 - HKCU\..\Run: [13381312.exe] C:\WINDOWS\13381312.exe
O4 - HKCU\..\Run: [143890.exe] C:\WINDOWS\143890.exe
Mondie
10-29-2006, 10:36 AM
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://qus8l.hpwis.com
O16 - DPF: {04B6182D-FB75-11D4-90D2-0000B4948C7C} (cre8tiv 3Di ATL Control (Internet)) - http://www.quick-step.com/distribution/cre8tiv3dix.cab
O16 - DPF: {099513A2-15DE-49B2-B543-45DE6254DC00} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6aa.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3020a04a5c2a6f324321/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124761854453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161841830781
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://babydeluna.multiply.com/photos/uploader.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv2.view22.com/view22/app/view22rte.cab
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
classicsoftware
10-29-2006, 10:42 AM
Wow, what a mess.
Lets start with AVG AS (Ewido) scan:
Please download, install, and update Ewido anti-spyware (http://www.ewido.net/en/download/)
Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Close ewido. Do not run it yet.
Please reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.
In Safe Mode, load Ewido and click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
Restart back into Normal Mode.
Please perform another scan with Hijack This, and then post back with a copy of the Ewido log and the new HijackThis log.
Mondie
10-29-2006, 10:44 AM
I'm also getting this message box:
"Generic Host Process for Win32 Services
Generic Host Process for Win32 has encountered a prolem and needs to close. We are sorry for the inconvenience."
Mondie
10-29-2006, 10:46 AM
Thanks for the quick response Classicsoftware. I'll try your advice.
Mondie
10-29-2006, 11:20 AM
I can't even seem to install AVG. Whenever it's around 90% installed, it hangs.
classicsoftware
10-29-2006, 11:33 AM
Try this in safe mode with networking support...
Budfred
10-29-2006, 12:12 PM
Try this in safe mode with networking support...
If you go into Safe Mode with networking support, be sure to IMMEDIATELY turn on your antivirus and firewall manually... They will generally not load in Safe Mode...
Mondie
10-29-2006, 02:32 PM
here's the ewido log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:15:36 AM 10/29/2006
+ Scan result:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.56:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.148:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.181:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.243:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.278:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.374:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.391:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.508:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.63:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.65:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.66:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.67:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.68:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.69:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.74:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.75:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.76:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.77:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.80:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.81:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.83:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.84:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.531:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.92:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.93:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.94:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.95:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.100:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.704:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.705:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.706:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.707:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.643:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.644:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.105:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.106:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.19:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.22:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.53:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\LocalService\Cookies\mondie@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
Mondie
10-29-2006, 02:33 PM
:mozilla.678:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.679:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.680:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.778:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.156:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.779:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.173:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.193:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.194:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.184:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.220:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.221:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.98:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.115:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.119:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.120:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.121:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.799:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.800:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.717:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.718:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.719:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.435:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.436:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.445:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.101:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.102:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.103:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.104:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.454:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.455:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.456:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.458:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.459:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.460:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.230:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.231:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.155:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.509:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.510:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.511:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.512:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.513:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.99:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.546:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
Mondie
10-29-2006, 02:33 PM
:mozilla.547:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.573:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.574:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.575:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.576:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.577:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.578:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.579:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.580:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.581:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.582:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.583:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.586:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.479:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.480:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.481:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.482:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.483:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.656:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.657:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.658:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.645:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.646:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0034322.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0035310.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0036309.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0037310.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0038319.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0039330.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0040321.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0041320.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0042365.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0042603.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0042799.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
::Report end
Mondie
10-29-2006, 02:34 PM
...and here's the new highjackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 11:22:45 AM, on 10/29/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://encarta.msn.com/teleport/activate/default.asp?pid=51957HP1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
Mondie
10-29-2006, 02:35 PM
O4 - HKCU\..\Run: [158031.exe] C:\WINDOWS\158031.exe
O4 - HKCU\..\Run: [561296.exe] C:\WINDOWS\561296.exe
O4 - HKCU\..\Run: [961656.exe] C:\WINDOWS\961656.exe
O4 - HKCU\..\Run: [1362453.exe] C:\WINDOWS\1362453.exe
O4 - HKCU\..\Run: [1763000.exe] C:\WINDOWS\1763000.exe
O4 - HKCU\..\Run: [2163703.exe] C:\WINDOWS\2163703.exe
O4 - HKCU\..\Run: [2565125.exe] C:\WINDOWS\2565125.exe
O4 - HKCU\..\Run: [2969015.exe] C:\WINDOWS\2969015.exe
O4 - HKCU\..\Run: [3369828.exe] C:\WINDOWS\3369828.exe
O4 - HKCU\..\Run: [3770281.exe] C:\WINDOWS\3770281.exe
O4 - HKCU\..\Run: [4171437.exe] C:\WINDOWS\4171437.exe
O4 - HKCU\..\Run: [4571859.exe] C:\WINDOWS\4571859.exe
O4 - HKCU\..\Run: [4972359.exe] C:\WINDOWS\4972359.exe
O4 - HKCU\..\Run: [5372718.exe] C:\WINDOWS\5372718.exe
O4 - HKCU\..\Run: [5773218.exe] C:\WINDOWS\5773218.exe
O4 - HKCU\..\Run: [6173937.exe] C:\WINDOWS\6173937.exe
O4 - HKCU\..\Run: [6574625.exe] C:\WINDOWS\6574625.exe
O4 - HKCU\..\Run: [6975781.exe] C:\WINDOWS\6975781.exe
O4 - HKCU\..\Run: [7376218.exe] C:\WINDOWS\7376218.exe
O4 - HKCU\..\Run: [7776984.exe] C:\WINDOWS\7776984.exe
O4 - HKCU\..\Run: [9570906.exe] C:\WINDOWS\9570906.exe
O4 - HKCU\..\Run: [9974406.exe] C:\WINDOWS\9974406.exe
O4 - HKCU\..\Run: [10375171.exe] C:\WINDOWS\10375171.exe
O4 - HKCU\..\Run: [10776109.exe] C:\WINDOWS\10776109.exe
O4 - HKCU\..\Run: [11176640.exe] C:\WINDOWS\11176640.exe
O4 - HKCU\..\Run: [11577687.exe] C:\WINDOWS\11577687.exe
O4 - HKCU\..\Run: [11978093.exe] C:\WINDOWS\11978093.exe
O4 - HKCU\..\Run: [18813281.exe] C:\WINDOWS\18813281.exe
O4 - HKCU\..\Run: [19213750.exe] C:\WINDOWS\19213750.exe
O4 - HKCU\..\Run: [19614171.exe] C:\WINDOWS\19614171.exe
O4 - HKCU\..\Run: [20014734.exe] C:\WINDOWS\20014734.exe
O4 - HKCU\..\Run: [20415546.exe] C:\WINDOWS\20415546.exe
O4 - HKCU\..\Run: [74984312.exe] C:\WINDOWS\74984312.exe
O4 - HKCU\..\Run: [75385953.exe] C:\WINDOWS\75385953.exe
O4 - HKCU\..\Run: [75787031.exe] C:\WINDOWS\75787031.exe
O4 - HKCU\..\Run: [76187890.exe] C:\WINDOWS\76187890.exe
O4 - HKCU\..\Run: [76590468.exe] C:\WINDOWS\76590468.exe
O4 - HKCU\..\Run: [76992546.exe] C:\WINDOWS\76992546.exe
O4 - HKCU\..\Run: [77394156.exe] C:\WINDOWS\77394156.exe
O4 - HKCU\..\Run: [77795953.exe] C:\WINDOWS\77795953.exe
O4 - HKCU\..\Run: [78196718.exe] C:\WINDOWS\78196718.exe
O4 - HKCU\..\Run: [78597453.exe] C:\WINDOWS\78597453.exe
O4 - HKCU\..\Run: [78999625.exe] C:\WINDOWS\78999625.exe
O4 - HKCU\..\Run: [79401156.exe] C:\WINDOWS\79401156.exe
O4 - HKCU\..\Run: [79802187.exe] C:\WINDOWS\79802187.exe
O4 - HKCU\..\Run: [80204703.exe] C:\WINDOWS\80204703.exe
O4 - HKCU\..\Run: [80605656.exe] C:\WINDOWS\80605656.exe
O4 - HKCU\..\Run: [81006656.exe] C:\WINDOWS\81006656.exe
O4 - HKCU\..\Run: [86334953.exe] C:\WINDOWS\86334953.exe
O4 - HKCU\..\Run: [86735906.exe] C:\WINDOWS\86735906.exe
O4 - HKCU\..\Run: [87136968.exe] C:\WINDOWS\87136968.exe
O4 - HKCU\..\Run: [87537640.exe] C:\WINDOWS\87537640.exe
O4 - HKCU\..\Run: [87939593.exe] C:\WINDOWS\87939593.exe
O4 - HKCU\..\Run: [88340234.exe] C:\WINDOWS\88340234.exe
O4 - HKCU\..\Run: [88740812.exe] C:\WINDOWS\88740812.exe
O4 - HKCU\..\Run: [89141718.exe] C:\WINDOWS\89141718.exe
O4 - HKCU\..\Run: [89542484.exe] C:\WINDOWS\89542484.exe
O4 - HKCU\..\Run: [89943531.exe] C:\WINDOWS\89943531.exe
O4 - HKCU\..\Run: [90344515.exe] C:\WINDOWS\90344515.exe
O4 - HKCU\..\Run: [90745140.exe] C:\WINDOWS\90745140.exe
O4 - HKCU\..\Run: [91146718.exe] C:\WINDOWS\91146718.exe
O4 - HKCU\..\Run: [91547296.exe] C:\WINDOWS\91547296.exe
O4 - HKCU\..\Run: [91948171.exe] C:\WINDOWS\91948171.exe
O4 - HKCU\..\Run: [92348796.exe] C:\WINDOWS\92348796.exe
O4 - HKCU\..\Run: [92752656.exe] C:\WINDOWS\92752656.exe
O4 - HKCU\..\Run: [93153625.exe] C:\WINDOWS\93153625.exe
O4 - HKCU\..\Run: [93554828.exe] C:\WINDOWS\93554828.exe
O4 - HKCU\..\Run: [93955875.exe] C:\WINDOWS\93955875.exe
O4 - HKCU\..\Run: [94357187.exe] C:\WINDOWS\94357187.exe
O4 - HKCU\..\Run: [94757781.exe] C:\WINDOWS\94757781.exe
O4 - HKCU\..\Run: [95158703.exe] C:\WINDOWS\95158703.exe
O4 - HKCU\..\Run: [95559281.exe] C:\WINDOWS\95559281.exe
O4 - HKCU\..\Run: [95959890.exe] C:\WINDOWS\95959890.exe
Mondie
10-29-2006, 02:36 PM
O4 - HKCU\..\Run: [96360765.exe] C:\WINDOWS\96360765.exe
O4 - HKCU\..\Run: [96761296.exe] C:\WINDOWS\96761296.exe
O4 - HKCU\..\Run: [97161890.exe] C:\WINDOWS\97161890.exe
O4 - HKCU\..\Run: [97562468.exe] C:\WINDOWS\97562468.exe
O4 - HKCU\..\Run: [97963078.exe] C:\WINDOWS\97963078.exe
O4 - HKCU\..\Run: [98363968.exe] C:\WINDOWS\98363968.exe
O4 - HKCU\..\Run: [98764625.exe] C:\WINDOWS\98764625.exe
O4 - HKCU\..\Run: [99165875.exe] C:\WINDOWS\99165875.exe
O4 - HKCU\..\Run: [99566500.exe] C:\WINDOWS\99566500.exe
O4 - HKCU\..\Run: [99967312.exe] C:\WINDOWS\99967312.exe
O4 - HKCU\..\Run: [100367937.exe] C:\WINDOWS\100367937.exe
O4 - HKCU\..\Run: [100768562.exe] C:\WINDOWS\100768562.exe
O4 - HKCU\..\Run: [101169187.exe] C:\WINDOWS\101169187.exe
O4 - HKCU\..\Run: [101569781.exe] C:\WINDOWS\101569781.exe
O4 - HKCU\..\Run: [101970781.exe] C:\WINDOWS\101970781.exe
O4 - HKCU\..\Run: [102372312.exe] C:\WINDOWS\102372312.exe
O4 - HKCU\..\Run: [102774984.exe] C:\WINDOWS\102774984.exe
O4 - HKCU\..\Run: [103175906.exe] C:\WINDOWS\103175906.exe
O4 - HKCU\..\Run: [103576859.exe] C:\WINDOWS\103576859.exe
O4 - HKCU\..\Run: [103977796.exe] C:\WINDOWS\103977796.exe
O4 - HKCU\..\Run: [104378703.exe] C:\WINDOWS\104378703.exe
O4 - HKCU\..\Run: [104779203.exe] C:\WINDOWS\104779203.exe
O4 - HKCU\..\Run: [105179734.exe] C:\WINDOWS\105179734.exe
O4 - HKCU\..\Run: [105580359.exe] C:\WINDOWS\105580359.exe
O4 - HKCU\..\Run: [105981187.exe] C:\WINDOWS\105981187.exe
O4 - HKCU\..\Run: [106382093.exe] C:\WINDOWS\106382093.exe
O4 - HKCU\..\Run: [106782640.exe] C:\WINDOWS\106782640.exe
O4 - HKCU\..\Run: [107183453.exe] C:\WINDOWS\107183453.exe
O4 - HKCU\..\Run: [107583968.exe] C:\WINDOWS\107583968.exe
O4 - HKCU\..\Run: [107984750.exe] C:\WINDOWS\107984750.exe
O4 - HKCU\..\Run: [108385625.exe] C:\WINDOWS\108385625.exe
O4 - HKCU\..\Run: [108786125.exe] C:\WINDOWS\108786125.exe
O4 - HKCU\..\Run: [109186437.exe] C:\WINDOWS\109186437.exe
O4 - HKCU\..\Run: [109587046.exe] C:\WINDOWS\109587046.exe
O4 - HKCU\..\Run: [109987578.exe] C:\WINDOWS\109987578.exe
O4 - HKCU\..\Run: [110388515.exe] C:\WINDOWS\110388515.exe
O4 - HKCU\..\Run: [110789078.exe] C:\WINDOWS\110789078.exe
O4 - HKCU\..\Run: [111190062.exe] C:\WINDOWS\111190062.exe
O4 - HKCU\..\Run: [111590734.exe] C:\WINDOWS\111590734.exe
O4 - HKCU\..\Run: [111991421.exe] C:\WINDOWS\111991421.exe
O4 - HKCU\..\Run: [112394125.exe] C:\WINDOWS\112394125.exe
O4 - HKCU\..\Run: [149421.exe] C:\WINDOWS\149421.exe
O4 - HKCU\..\Run: [551968.exe] C:\WINDOWS\551968.exe
O4 - HKCU\..\Run: [953468.exe] C:\WINDOWS\953468.exe
O4 - HKCU\..\Run: [1353937.exe] C:\WINDOWS\1353937.exe
O4 - HKCU\..\Run: [20927718.exe] C:\WINDOWS\20927718.exe
O4 - HKCU\..\Run: [21328828.exe] C:\WINDOWS\21328828.exe
O4 - HKCU\..\Run: [21730375.exe] C:\WINDOWS\21730375.exe
O4 - HKCU\..\Run: [22130968.exe] C:\WINDOWS\22130968.exe
O4 - HKCU\..\Run: [22531515.exe] C:\WINDOWS\22531515.exe
O4 - HKCU\..\Run: [22932703.exe] C:\WINDOWS\22932703.exe
O4 - HKCU\..\Run: [23333656.exe] C:\WINDOWS\23333656.exe
O4 - HKCU\..\Run: [23734187.exe] C:\WINDOWS\23734187.exe
O4 - HKCU\..\Run: [24135015.exe] C:\WINDOWS\24135015.exe
O4 - HKCU\..\Run: [24535843.exe] C:\WINDOWS\24535843.exe
O4 - HKCU\..\Run: [24936734.exe] C:\WINDOWS\24936734.exe
O4 - HKCU\..\Run: [29256625.exe] C:\WINDOWS\29256625.exe
O4 - HKCU\..\Run: [29658046.exe] C:\WINDOWS\29658046.exe
O4 - HKCU\..\Run: [30058703.exe] C:\WINDOWS\30058703.exe
O4 - HKCU\..\Run: [30459531.exe] C:\WINDOWS\30459531.exe
O4 - HKCU\..\Run: [30860390.exe] C:\WINDOWS\30860390.exe
O4 - HKCU\..\Run: [31260890.exe] C:\WINDOWS\31260890.exe
O4 - HKCU\..\Run: [31661609.exe] C:\WINDOWS\31661609.exe
O4 - HKCU\..\Run: [34603046.exe] C:\WINDOWS\34603046.exe
O4 - HKCU\..\Run: [35003718.exe] C:\WINDOWS\35003718.exe
O4 - HKCU\..\Run: [35404265.exe] C:\WINDOWS\35404265.exe
O4 - HKCU\..\Run: [35805109.exe] C:\WINDOWS\35805109.exe
O4 - HKCU\..\Run: [36205625.exe] C:\WINDOWS\36205625.exe
O4 - HKCU\..\Run: [36605937.exe] C:\WINDOWS\36605937.exe
O4 - HKCU\..\Run: [37006328.exe] C:\WINDOWS\37006328.exe
O4 - HKCU\..\Run: [174046.exe] C:\WINDOWS\174046.exe
O4 - HKCU\..\Run: [576359.exe] C:\WINDOWS\576359.exe
O4 - HKCU\..\Run: [977093.exe] C:\WINDOWS\977093.exe
O4 - HKCU\..\Run: [1377375.exe] C:\WINDOWS\1377375.exe
O4 - HKCU\..\Run: [1777859.exe] C:\WINDOWS\1777859.exe
O4 - HKCU\..\Run: [2178765.exe] C:\WINDOWS\2178765.exe
O4 - HKCU\..\Run: [2579015.exe] C:\WINDOWS\2579015.exe
O4 - HKCU\..\Run: [2979828.exe] C:\WINDOWS\2979828.exe
O4 - HKCU\..\Run: [3380453.exe] C:\WINDOWS\3380453.exe
O4 - HKCU\..\Run: [3780734.exe] C:\WINDOWS\3780734.exe
O4 - HKCU\..\Run: [4181031.exe] C:\WINDOWS\4181031.exe
O4 - HKCU\..\Run: [4581468.exe] C:\WINDOWS\4581468.exe
O4 - HKCU\..\Run: [4981640.exe] C:\WINDOWS\4981640.exe
O4 - HKCU\..\Run: [5382453.exe] C:\WINDOWS\5382453.exe
O4 - HKCU\..\Run: [5782828.exe] C:\WINDOWS\5782828.exe
O4 - HKCU\..\Run: [6183156.exe] C:\WINDOWS\6183156.exe
O4 - HKCU\..\Run: [6583687.exe] C:\WINDOWS\6583687.exe
O4 - HKCU\..\Run: [6984140.exe] C:\WINDOWS\6984140.exe
O4 - HKCU\..\Run: [7384468.exe] C:\WINDOWS\7384468.exe
O4 - HKCU\..\Run: [7785125.exe] C:\WINDOWS\7785125.exe
O4 - HKCU\..\Run: [8185828.exe] C:\WINDOWS\8185828.exe
O4 - HKCU\..\Run: [8586343.exe] C:\WINDOWS\8586343.exe
O4 - HKCU\..\Run: [8986687.exe] C:\WINDOWS\8986687.exe
O4 - HKCU\..\Run: [9387421.exe] C:\WINDOWS\9387421.exe
O4 - HKCU\..\Run: [9787765.exe] C:\WINDOWS\9787765.exe
O4 - HKCU\..\Run: [10188140.exe] C:\WINDOWS\10188140.exe
O4 - HKCU\..\Run: [10591531.exe] C:\WINDOWS\10591531.exe
O4 - HKCU\..\Run: [10991781.exe] C:\WINDOWS\10991781.exe
O4 - HKCU\..\Run: [11392281.exe] C:\WINDOWS\11392281.exe
O4 - HKCU\..\Run: [11792703.exe] C:\WINDOWS\11792703.exe
O4 - HKCU\..\Run: [12192937.exe] C:\WINDOWS\12192937.exe
O4 - HKCU\..\Run: [12593656.exe] C:\WINDOWS\12593656.exe
O4 - HKCU\..\Run: [12994234.exe] C:\WINDOWS\12994234.exe
O4 - HKCU\..\Run: [13394609.exe] C:\WINDOWS\13394609.exe
O4 - HKCU\..\Run: [13794984.exe] C:\WINDOWS\13794984.exe
O4 - HKCU\..\Run: [14195390.exe] C:\WINDOWS\14195390.exe
O4 - HKCU\..\Run: [14595781.exe] C:\WINDOWS\14595781.exe
O4 - HKCU\..\Run: [14996187.exe] C:\WINDOWS\14996187.exe
O4 - HKCU\..\Run: [15396937.exe] C:\WINDOWS\15396937.exe
O4 - HKCU\..\Run: [15800203.exe] C:\WINDOWS\15800203.exe
O4 - HKCU\..\Run: [16200578.exe] C:\WINDOWS\16200578.exe
O4 - HKCU\..\Run: [16600890.exe] C:\WINDOWS\16600890.exe
O4 - HKCU\..\Run: [17001296.exe] C:\WINDOWS\17001296.exe
O4 - HKCU\..\Run: [155203.exe] C:\WINDOWS\155203.exe
O4 - HKCU\..\Run: [560171.exe] C:\WINDOWS\560171.exe
O4 - HKCU\..\Run: [960890.exe] C:\WINDOWS\960890.exe
O4 - HKCU\..\Run: [1361343.exe] C:\WINDOWS\1361343.exe
O4 - HKCU\..\Run: [1761687.exe] C:\WINDOWS\1761687.exe
O4 - HKCU\..\Run: [2162750.exe] C:\WINDOWS\2162750.exe
O4 - HKCU\..\Run: [3618468.exe] C:\WINDOWS\3618468.exe
O4 - HKCU\..\Run: [4018765.exe] C:\WINDOWS\4018765.exe
O4 - HKCU\..\Run: [4419296.exe] C:\WINDOWS\4419296.exe
O4 - HKCU\..\Run: [4819984.exe] C:\WINDOWS\4819984.exe
O4 - HKCU\..\Run: [5220687.exe] C:\WINDOWS\5220687.exe
O4 - HKCU\..\Run: [5621000.exe] C:\WINDOWS\5621000.exe
O4 - HKCU\..\Run: [6021687.exe] C:\WINDOWS\6021687.exe
O4 - HKCU\..\Run: [6422000.exe] C:\WINDOWS\6422000.exe
O4 - HKCU\..\Run: [6822296.exe] C:\WINDOWS\6822296.exe
O4 - HKCU\..\Run: [7223171.exe] C:\WINDOWS\7223171.exe
O4 - HKCU\..\Run: [7624125.exe] C:\WINDOWS\7624125.exe
O4 - HKCU\..\Run: [133812.exe] C:\WINDOWS\133812.exe
O4 - HKCU\..\Run: [536218.exe] C:\WINDOWS\536218.exe
O4 - HKCU\..\Run: [936500.exe] C:\WINDOWS\936500.exe
O4 - HKCU\..\Run: [1336859.exe] C:\WINDOWS\1336859.exe
O4 - HKCU\..\Run: [1737171.exe] C:\WINDOWS\1737171.exe
O4 - HKCU\..\Run: [2137484.exe] C:\WINDOWS\2137484.exe
O4 - HKCU\..\Run: [2538125.exe] C:\WINDOWS\2538125.exe
O4 - HKCU\..\Run: [2938437.exe] C:\WINDOWS\2938437.exe
O4 - HKCU\..\Run: [3338703.exe] C:\WINDOWS\3338703.exe
O4 - HKCU\..\Run: [136390.exe] C:\WINDOWS\136390.exe
O4 - HKCU\..\Run: [540468.exe] C:\WINDOWS\540468.exe
O4 - HKCU\..\Run: [160593.exe] C:\WINDOWS\160593.exe
O4 - HKCU\..\Run: [561875.exe] C:\WINDOWS\561875.exe
O4 - HKCU\..\Run: [962531.exe] C:\WINDOWS\962531.exe
O4 - HKCU\..\Run: [1362953.exe] C:\WINDOWS\1362953.exe
O4 - HKCU\..\Run: [1763296.exe] C:\WINDOWS\1763296.exe
O4 - HKCU\..\Run: [2163968.exe] C:\WINDOWS\2163968.exe
O4 - HKCU\..\Run: [2564531.exe] C:\WINDOWS\2564531.exe
O4 - HKCU\..\Run: [2965234.exe] C:\WINDOWS\2965234.exe
O4 - HKCU\..\Run: [3365828.exe] C:\WINDOWS\3365828.exe
O4 - HKCU\..\Run: [3766578.exe] C:\WINDOWS\3766578.exe
O4 - HKCU\..\Run: [4166984.exe] C:\WINDOWS\4166984.exe
O4 - HKCU\..\Run: [4567671.exe] C:\WINDOWS\4567671.exe
O4 - HKCU\..\Run: [4968171.exe] C:\WINDOWS\4968171.exe
O4 - HKCU\..\Run: [5368843.exe] C:\WINDOWS\5368843.exe
O4 - HKCU\..\Run: [5769125.exe] C:\WINDOWS\5769125.exe
O4 - HKCU\..\Run: [6172718.exe] C:\WINDOWS\6172718.exe
O4 - HKCU\..\Run: [6573000.exe] C:\WINDOWS\6573000.exe
O4 - HKCU\..\Run: [6973578.exe] C:\WINDOWS\6973578.exe
O4 - HKCU\..\Run: [7374140.exe] C:\WINDOWS\7374140.exe
O4 - HKCU\..\Run: [7774750.exe] C:\WINDOWS\7774750.exe
O4 - HKCU\..\Run: [8175015.exe] C:\WINDOWS\8175015.exe
O4 - HKCU\..\Run: [8575375.exe] C:\WINDOWS\8575375.exe
O4 - HKCU\..\Run: [8976265.exe] C:\WINDOWS\8976265.exe
O4 - HKCU\..\Run: [9376546.exe] C:\WINDOWS\9376546.exe
O4 - HKCU\..\Run: [9776750.exe] C:\WINDOWS\9776750.exe
O4 - HKCU\..\Run: [10177031.exe] C:\WINDOWS\10177031.exe
O4 - HKCU\..\Run: [10577468.exe] C:\WINDOWS\10577468.exe
O4 - HKCU\..\Run: [10978140.exe] C:\WINDOWS\10978140.exe
O4 - HKCU\..\Run: [11378859.exe] C:\WINDOWS\11378859.exe
O4 - HKCU\..\Run: [11779140.exe] C:\WINDOWS\11779140.exe
O4 - HKCU\..\Run: [12179421.exe] C:\WINDOWS\12179421.exe
O4 - HKCU\..\Run: [12580218.exe] C:\WINDOWS\12580218.exe
O4 - HKCU\..\Run: [12980515.exe] C:\WINDOWS\12980515.exe
O4 - HKCU\..\Run: [13381312.exe] C:\WINDOWS\13381312.exe
O4 - HKCU\..\Run: [143890.exe] C:\WINDOWS\143890.exe
Mondie
10-29-2006, 02:36 PM
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://qus8l.hpwis.com
O16 - DPF: {04B6182D-FB75-11D4-90D2-0000B4948C7C} (cre8tiv 3Di ATL Control (Internet)) - http://www.quick-step.com/distribution/cre8tiv3dix.cab
O16 - DPF: {099513A2-15DE-49B2-B543-45DE6254DC00} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6aa.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3020a04a5c2a6f324321/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124761854453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161841830781
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://babydeluna.multiply.com/photos/uploader.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv2.view22.com/view22/app/view22rte.cab
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Mondie
10-29-2006, 02:39 PM
...and yes, that "Services and Controller app box" is still popping up.
classicsoftware
10-30-2006, 12:19 AM
Open Hijackthis and place a check next to:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
O4 - HKCU\..\Run: [158031.exe] C:\WINDOWS\158031.exe
O4 - HKCU\..\Run: [561296.exe] C:\WINDOWS\561296.exe
O4 - HKCU\..\Run: [961656.exe] C:\WINDOWS\961656.exe
O4 - HKCU\..\Run: [1362453.exe] C:\WINDOWS\1362453.exe
O4 - HKCU\..\Run: [1763000.exe] C:\WINDOWS\1763000.exe
O4 - HKCU\..\Run: [2163703.exe] C:\WINDOWS\2163703.exe
O4 - HKCU\..\Run: [2565125.exe] C:\WINDOWS\2565125.exe
O4 - HKCU\..\Run: [2969015.exe] C:\WINDOWS\2969015.exe
O4 - HKCU\..\Run: [3369828.exe] C:\WINDOWS\3369828.exe
O4 - HKCU\..\Run: [3770281.exe] C:\WINDOWS\3770281.exe
O4 - HKCU\..\Run: [4171437.exe] C:\WINDOWS\4171437.exe
O4 - HKCU\..\Run: [4571859.exe] C:\WINDOWS\4571859.exe
O4 - HKCU\..\Run: [4972359.exe] C:\WINDOWS\4972359.exe
O4 - HKCU\..\Run: [5372718.exe] C:\WINDOWS\5372718.exe
O4 - HKCU\..\Run: [5773218.exe] C:\WINDOWS\5773218.exe
O4 - HKCU\..\Run: [6173937.exe] C:\WINDOWS\6173937.exe
O4 - HKCU\..\Run: [6574625.exe] C:\WINDOWS\6574625.exe
O4 - HKCU\..\Run: [6975781.exe] C:\WINDOWS\6975781.exe
O4 - HKCU\..\Run: [7376218.exe] C:\WINDOWS\7376218.exe
O4 - HKCU\..\Run: [7776984.exe] C:\WINDOWS\7776984.exe
O4 - HKCU\..\Run: [9570906.exe] C:\WINDOWS\9570906.exe
O4 - HKCU\..\Run: [9974406.exe] C:\WINDOWS\9974406.exe
O4 - HKCU\..\Run: [10375171.exe] C:\WINDOWS\10375171.exe
O4 - HKCU\..\Run: [10776109.exe] C:\WINDOWS\10776109.exe
O4 - HKCU\..\Run: [11176640.exe] C:\WINDOWS\11176640.exe
O4 - HKCU\..\Run: [11577687.exe] C:\WINDOWS\11577687.exe
O4 - HKCU\..\Run: [11978093.exe] C:\WINDOWS\11978093.exe
O4 - HKCU\..\Run: [18813281.exe] C:\WINDOWS\18813281.exe
O4 - HKCU\..\Run: [19213750.exe] C:\WINDOWS\19213750.exe
O4 - HKCU\..\Run: [19614171.exe] C:\WINDOWS\19614171.exe
O4 - HKCU\..\Run: [20014734.exe] C:\WINDOWS\20014734.exe
O4 - HKCU\..\Run: [20415546.exe] C:\WINDOWS\20415546.exe
O4 - HKCU\..\Run: [74984312.exe] C:\WINDOWS\74984312.exe
O4 - HKCU\..\Run: [75385953.exe] C:\WINDOWS\75385953.exe
O4 - HKCU\..\Run: [75787031.exe] C:\WINDOWS\75787031.exe
O4 - HKCU\..\Run: [76187890.exe] C:\WINDOWS\76187890.exe
O4 - HKCU\..\Run: [76590468.exe] C:\WINDOWS\76590468.exe
O4 - HKCU\..\Run: [76992546.exe] C:\WINDOWS\76992546.exe
O4 - HKCU\..\Run: [77394156.exe] C:\WINDOWS\77394156.exe
O4 - HKCU\..\Run: [77795953.exe] C:\WINDOWS\77795953.exe
O4 - HKCU\..\Run: [78196718.exe] C:\WINDOWS\78196718.exe
O4 - HKCU\..\Run: [78597453.exe] C:\WINDOWS\78597453.exe
O4 - HKCU\..\Run: [78999625.exe] C:\WINDOWS\78999625.exe
O4 - HKCU\..\Run: [79401156.exe] C:\WINDOWS\79401156.exe
O4 - HKCU\..\Run: [79802187.exe] C:\WINDOWS\79802187.exe
O4 - HKCU\..\Run: [80204703.exe] C:\WINDOWS\80204703.exe
O4 - HKCU\..\Run: [80605656.exe] C:\WINDOWS\80605656.exe
O4 - HKCU\..\Run: [81006656.exe] C:\WINDOWS\81006656.exe
O4 - HKCU\..\Run: [86334953.exe] C:\WINDOWS\86334953.exe
O4 - HKCU\..\Run: [86735906.exe] C:\WINDOWS\86735906.exe
O4 - HKCU\..\Run: [87136968.exe] C:\WINDOWS\87136968.exe
O4 - HKCU\..\Run: [87537640.exe] C:\WINDOWS\87537640.exe
O4 - HKCU\..\Run: [87939593.exe] C:\WINDOWS\87939593.exe
O4 - HKCU\..\Run: [88340234.exe] C:\WINDOWS\88340234.exe
O4 - HKCU\..\Run: [88740812.exe] C:\WINDOWS\88740812.exe
O4 - HKCU\..\Run: [89141718.exe] C:\WINDOWS\89141718.exe
O4 - HKCU\..\Run: [89542484.exe] C:\WINDOWS\89542484.exe
O4 - HKCU\..\Run: [89943531.exe] C:\WINDOWS\89943531.exe
O4 - HKCU\..\Run: [90344515.exe] C:\WINDOWS\90344515.exe
O4 - HKCU\..\Run: [90745140.exe] C:\WINDOWS\90745140.exe
O4 - HKCU\..\Run: [91146718.exe] C:\WINDOWS\91146718.exe
O4 - HKCU\..\Run: [91547296.exe] C:\WINDOWS\91547296.exe
O4 - HKCU\..\Run: [91948171.exe] C:\WINDOWS\91948171.exe
O4 - HKCU\..\Run: [92348796.exe] C:\WINDOWS\92348796.exe
O4 - HKCU\..\Run: [92752656.exe] C:\WINDOWS\92752656.exe
O4 - HKCU\..\Run: [93153625.exe] C:\WINDOWS\93153625.exe
O4 - HKCU\..\Run: [93554828.exe] C:\WINDOWS\93554828.exe
O4 - HKCU\..\Run: [93955875.exe] C:\WINDOWS\93955875.exe
O4 - HKCU\..\Run: [94357187.exe] C:\WINDOWS\94357187.exe
O4 - HKCU\..\Run: [94757781.exe] C:\WINDOWS\94757781.exe
O4 - HKCU\..\Run: [95158703.exe] C:\WINDOWS\95158703.exe
O4 - HKCU\..\Run: [95559281.exe] C:\WINDOWS\95559281.exe
O4 - HKCU\..\Run: [95959890.exe] C:\WINDOWS\95959890.exe
classicsoftware
10-30-2006, 12:22 AM
O4 - HKCU\..\Run: [96360765.exe] C:\WINDOWS\96360765.exe
O4 - HKCU\..\Run: [96761296.exe] C:\WINDOWS\96761296.exe
O4 - HKCU\..\Run: [97161890.exe] C:\WINDOWS\97161890.exe
O4 - HKCU\..\Run: [97562468.exe] C:\WINDOWS\97562468.exe
O4 - HKCU\..\Run: [97963078.exe] C:\WINDOWS\97963078.exe
O4 - HKCU\..\Run: [98363968.exe] C:\WINDOWS\98363968.exe
O4 - HKCU\..\Run: [98764625.exe] C:\WINDOWS\98764625.exe
O4 - HKCU\..\Run: [99165875.exe] C:\WINDOWS\99165875.exe
O4 - HKCU\..\Run: [99566500.exe] C:\WINDOWS\99566500.exe
O4 - HKCU\..\Run: [99967312.exe] C:\WINDOWS\99967312.exe
O4 - HKCU\..\Run: [100367937.exe] C:\WINDOWS\100367937.exe
O4 - HKCU\..\Run: [100768562.exe] C:\WINDOWS\100768562.exe
O4 - HKCU\..\Run: [101169187.exe] C:\WINDOWS\101169187.exe
O4 - HKCU\..\Run: [101569781.exe] C:\WINDOWS\101569781.exe
O4 - HKCU\..\Run: [101970781.exe] C:\WINDOWS\101970781.exe
O4 - HKCU\..\Run: [102372312.exe] C:\WINDOWS\102372312.exe
O4 - HKCU\..\Run: [102774984.exe] C:\WINDOWS\102774984.exe
O4 - HKCU\..\Run: [103175906.exe] C:\WINDOWS\103175906.exe
O4 - HKCU\..\Run: [103576859.exe] C:\WINDOWS\103576859.exe
O4 - HKCU\..\Run: [103977796.exe] C:\WINDOWS\103977796.exe
O4 - HKCU\..\Run: [104378703.exe] C:\WINDOWS\104378703.exe
O4 - HKCU\..\Run: [104779203.exe] C:\WINDOWS\104779203.exe
O4 - HKCU\..\Run: [105179734.exe] C:\WINDOWS\105179734.exe
O4 - HKCU\..\Run: [105580359.exe] C:\WINDOWS\105580359.exe
O4 - HKCU\..\Run: [105981187.exe] C:\WINDOWS\105981187.exe
O4 - HKCU\..\Run: [106382093.exe] C:\WINDOWS\106382093.exe
O4 - HKCU\..\Run: [106782640.exe] C:\WINDOWS\106782640.exe
O4 - HKCU\..\Run: [107183453.exe] C:\WINDOWS\107183453.exe
O4 - HKCU\..\Run: [107583968.exe] C:\WINDOWS\107583968.exe
O4 - HKCU\..\Run: [107984750.exe] C:\WINDOWS\107984750.exe
O4 - HKCU\..\Run: [108385625.exe] C:\WINDOWS\108385625.exe
O4 - HKCU\..\Run: [108786125.exe] C:\WINDOWS\108786125.exe
O4 - HKCU\..\Run: [109186437.exe] C:\WINDOWS\109186437.exe
O4 - HKCU\..\Run: [109587046.exe] C:\WINDOWS\109587046.exe
O4 - HKCU\..\Run: [109987578.exe] C:\WINDOWS\109987578.exe
O4 - HKCU\..\Run: [110388515.exe] C:\WINDOWS\110388515.exe
O4 - HKCU\..\Run: [110789078.exe] C:\WINDOWS\110789078.exe
O4 - HKCU\..\Run: [111190062.exe] C:\WINDOWS\111190062.exe
O4 - HKCU\..\Run: [111590734.exe] C:\WINDOWS\111590734.exe
O4 - HKCU\..\Run: [111991421.exe] C:\WINDOWS\111991421.exe
O4 - HKCU\..\Run: [112394125.exe] C:\WINDOWS\112394125.exe
O4 - HKCU\..\Run: [149421.exe] C:\WINDOWS\149421.exe
O4 - HKCU\..\Run: [551968.exe] C:\WINDOWS\551968.exe
O4 - HKCU\..\Run: [953468.exe] C:\WINDOWS\953468.exe
O4 - HKCU\..\Run: [1353937.exe] C:\WINDOWS\1353937.exe
O4 - HKCU\..\Run: [20927718.exe] C:\WINDOWS\20927718.exe
O4 - HKCU\..\Run: [21328828.exe] C:\WINDOWS\21328828.exe
O4 - HKCU\..\Run: [21730375.exe] C:\WINDOWS\21730375.exe
O4 - HKCU\..\Run: [22130968.exe] C:\WINDOWS\22130968.exe
O4 - HKCU\..\Run: [22531515.exe] C:\WINDOWS\22531515.exe
O4 - HKCU\..\Run: [22932703.exe] C:\WINDOWS\22932703.exe
O4 - HKCU\..\Run: [23333656.exe] C:\WINDOWS\23333656.exe
O4 - HKCU\..\Run: [23734187.exe] C:\WINDOWS\23734187.exe
O4 - HKCU\..\Run: [24135015.exe] C:\WINDOWS\24135015.exe
O4 - HKCU\..\Run: [24535843.exe] C:\WINDOWS\24535843.exe
O4 - HKCU\..\Run: [24936734.exe] C:\WINDOWS\24936734.exe
O4 - HKCU\..\Run: [29256625.exe] C:\WINDOWS\29256625.exe
O4 - HKCU\..\Run: [29658046.exe] C:\WINDOWS\29658046.exe
O4 - HKCU\..\Run: [30058703.exe] C:\WINDOWS\30058703.exe
O4 - HKCU\..\Run: [30459531.exe] C:\WINDOWS\30459531.exe
O4 - HKCU\..\Run: [30860390.exe] C:\WINDOWS\30860390.exe
O4 - HKCU\..\Run: [31260890.exe] C:\WINDOWS\31260890.exe
O4 - HKCU\..\Run: [31661609.exe] C:\WINDOWS\31661609.exe
O4 - HKCU\..\Run: [34603046.exe] C:\WINDOWS\34603046.exe
O4 - HKCU\..\Run: [35003718.exe] C:\WINDOWS\35003718.exe
O4 - HKCU\..\Run: [35404265.exe] C:\WINDOWS\35404265.exe
O4 - HKCU\..\Run: [35805109.exe] C:\WINDOWS\35805109.exe
O4 - HKCU\..\Run: [36205625.exe] C:\WINDOWS\36205625.exe
O4 - HKCU\..\Run: [36605937.exe] C:\WINDOWS\36605937.exe
O4 - HKCU\..\Run: [37006328.exe] C:\WINDOWS\37006328.exe
O4 - HKCU\..\Run: [174046.exe] C:\WINDOWS\174046.exe
O4 - HKCU\..\Run: [576359.exe] C:\WINDOWS\576359.exe
O4 - HKCU\..\Run: [977093.exe] C:\WINDOWS\977093.exe
O4 - HKCU\..\Run: [1377375.exe] C:\WINDOWS\1377375.exe
O4 - HKCU\..\Run: [1777859.exe] C:\WINDOWS\1777859.exe
O4 - HKCU\..\Run: [2178765.exe] C:\WINDOWS\2178765.exe
O4 - HKCU\..\Run: [2579015.exe] C:\WINDOWS\2579015.exe
O4 - HKCU\..\Run: [2979828.exe] C:\WINDOWS\2979828.exe
O4 - HKCU\..\Run: [3380453.exe] C:\WINDOWS\3380453.exe
O4 - HKCU\..\Run: [3780734.exe] C:\WINDOWS\3780734.exe
O4 - HKCU\..\Run: [4181031.exe] C:\WINDOWS\4181031.exe
O4 - HKCU\..\Run: [4581468.exe] C:\WINDOWS\4581468.exe
O4 - HKCU\..\Run: [4981640.exe] C:\WINDOWS\4981640.exe
O4 - HKCU\..\Run: [5382453.exe] C:\WINDOWS\5382453.exe
O4 - HKCU\..\Run: [5782828.exe] C:\WINDOWS\5782828.exe
O4 - HKCU\..\Run: [6183156.exe] C:\WINDOWS\6183156.exe
O4 - HKCU\..\Run: [6583687.exe] C:\WINDOWS\6583687.exe
O4 - HKCU\..\Run: [6984140.exe] C:\WINDOWS\6984140.exe
O4 - HKCU\..\Run: [7384468.exe] C:\WINDOWS\7384468.exe
O4 - HKCU\..\Run: [7785125.exe] C:\WINDOWS\7785125.exe
O4 - HKCU\..\Run: [8185828.exe] C:\WINDOWS\8185828.exe
O4 - HKCU\..\Run: [8586343.exe] C:\WINDOWS\8586343.exe
O4 - HKCU\..\Run: [8986687.exe] C:\WINDOWS\8986687.exe
O4 - HKCU\..\Run: [9387421.exe] C:\WINDOWS\9387421.exe
O4 - HKCU\..\Run: [9787765.exe] C:\WINDOWS\9787765.exe
O4 - HKCU\..\Run: [10188140.exe] C:\WINDOWS\10188140.exe
O4 - HKCU\..\Run: [10591531.exe] C:\WINDOWS\10591531.exe
O4 - HKCU\..\Run: [10991781.exe] C:\WINDOWS\10991781.exe
O4 - HKCU\..\Run: [11392281.exe] C:\WINDOWS\11392281.exe
O4 - HKCU\..\Run: [11792703.exe] C:\WINDOWS\11792703.exe
O4 - HKCU\..\Run: [12192937.exe] C:\WINDOWS\12192937.exe
O4 - HKCU\..\Run: [12593656.exe] C:\WINDOWS\12593656.exe
O4 - HKCU\..\Run: [12994234.exe] C:\WINDOWS\12994234.exe
O4 - HKCU\..\Run: [13394609.exe] C:\WINDOWS\13394609.exe
O4 - HKCU\..\Run: [13794984.exe] C:\WINDOWS\13794984.exe
O4 - HKCU\..\Run: [14195390.exe] C:\WINDOWS\14195390.exe
O4 - HKCU\..\Run: [14595781.exe] C:\WINDOWS\14595781.exe
O4 - HKCU\..\Run: [14996187.exe] C:\WINDOWS\14996187.exe
O4 - HKCU\..\Run: [15396937.exe] C:\WINDOWS\15396937.exe
O4 - HKCU\..\Run: [15800203.exe] C:\WINDOWS\15800203.exe
O4 - HKCU\..\Run: [16200578.exe] C:\WINDOWS\16200578.exe
O4 - HKCU\..\Run: [16600890.exe] C:\WINDOWS\16600890.exe
O4 - HKCU\..\Run: [17001296.exe] C:\WINDOWS\17001296.exe
O4 - HKCU\..\Run: [155203.exe] C:\WINDOWS\155203.exe
O4 - HKCU\..\Run: [560171.exe] C:\WINDOWS\560171.exe
O4 - HKCU\..\Run: [960890.exe] C:\WINDOWS\960890.exe
O4 - HKCU\..\Run: [1361343.exe] C:\WINDOWS\1361343.exe
O4 - HKCU\..\Run: [1761687.exe] C:\WINDOWS\1761687.exe
O4 - HKCU\..\Run: [2162750.exe] C:\WINDOWS\2162750.exe
O4 - HKCU\..\Run: [3618468.exe] C:\WINDOWS\3618468.exe
O4 - HKCU\..\Run: [4018765.exe] C:\WINDOWS\4018765.exe
O4 - HKCU\..\Run: [4419296.exe] C:\WINDOWS\4419296.exe
O4 - HKCU\..\Run: [4819984.exe] C:\WINDOWS\4819984.exe
O4 - HKCU\..\Run: [5220687.exe] C:\WINDOWS\5220687.exe
O4 - HKCU\..\Run: [5621000.exe] C:\WINDOWS\5621000.exe
O4 - HKCU\..\Run: [6021687.exe] C:\WINDOWS\6021687.exe
O4 - HKCU\..\Run: [6422000.exe] C:\WINDOWS\6422000.exe
O4 - HKCU\..\Run: [6822296.exe] C:\WINDOWS\6822296.exe
O4 - HKCU\..\Run: [7223171.exe] C:\WINDOWS\7223171.exe
O4 - HKCU\..\Run: [7624125.exe] C:\WINDOWS\7624125.exe
O4 - HKCU\..\Run: [133812.exe] C:\WINDOWS\133812.exe
O4 - HKCU\..\Run: [536218.exe] C:\WINDOWS\536218.exe
O4 - HKCU\..\Run: [936500.exe] C:\WINDOWS\936500.exe
O4 - HKCU\..\Run: [1336859.exe] C:\WINDOWS\1336859.exe
O4 - HKCU\..\Run: [1737171.exe] C:\WINDOWS\1737171.exe
O4 - HKCU\..\Run: [2137484.exe] C:\WINDOWS\2137484.exe
O4 - HKCU\..\Run: [2538125.exe] C:\WINDOWS\2538125.exe
O4 - HKCU\..\Run: [2938437.exe] C:\WINDOWS\2938437.exe
O4 - HKCU\..\Run: [3338703.exe] C:\WINDOWS\3338703.exe
O4 - HKCU\..\Run: [136390.exe] C:\WINDOWS\136390.exe
O4 - HKCU\..\Run: [540468.exe] C:\WINDOWS\540468.exe
O4 - HKCU\..\Run: [160593.exe] C:\WINDOWS\160593.exe
O4 - HKCU\..\Run: [561875.exe] C:\WINDOWS\561875.exe
O4 - HKCU\..\Run: [962531.exe] C:\WINDOWS\962531.exe
O4 - HKCU\..\Run: [1362953.exe] C:\WINDOWS\1362953.exe
O4 - HKCU\..\Run: [1763296.exe] C:\WINDOWS\1763296.exe
O4 - HKCU\..\Run: [2163968.exe] C:\WINDOWS\2163968.exe
O4 - HKCU\..\Run: [2564531.exe] C:\WINDOWS\2564531.exe
O4 - HKCU\..\Run: [2965234.exe] C:\WINDOWS\2965234.exe
O4 - HKCU\..\Run: [3365828.exe] C:\WINDOWS\3365828.exe
O4 - HKCU\..\Run: [3766578.exe] C:\WINDOWS\3766578.exe
O4 - HKCU\..\Run: [4166984.exe] C:\WINDOWS\4166984.exe
O4 - HKCU\..\Run: [4567671.exe] C:\WINDOWS\4567671.exe
O4 - HKCU\..\Run: [4968171.exe] C:\WINDOWS\4968171.exe
O4 - HKCU\..\Run: [5368843.exe] C:\WINDOWS\5368843.exe
O4 - HKCU\..\Run: [5769125.exe] C:\WINDOWS\5769125.exe
O4 - HKCU\..\Run: [6172718.exe] C:\WINDOWS\6172718.exe
O4 - HKCU\..\Run: [6573000.exe] C:\WINDOWS\6573000.exe
O4 - HKCU\..\Run: [6973578.exe] C:\WINDOWS\6973578.exe
O4 - HKCU\..\Run: [7374140.exe] C:\WINDOWS\7374140.exe
O4 - HKCU\..\Run: [7774750.exe] C:\WINDOWS\7774750.exe
O4 - HKCU\..\Run: [8175015.exe] C:\WINDOWS\8175015.exe
O4 - HKCU\..\Run: [8575375.exe] C:\WINDOWS\8575375.exe
O4 - HKCU\..\Run: [8976265.exe] C:\WINDOWS\8976265.exe
O4 - HKCU\..\Run: [9376546.exe] C:\WINDOWS\9376546.exe
O4 - HKCU\..\Run: [9776750.exe] C:\WINDOWS\9776750.exe
O4 - HKCU\..\Run: [10177031.exe] C:\WINDOWS\10177031.exe
O4 - HKCU\..\Run: [10577468.exe] C:\WINDOWS\10577468.exe
O4 - HKCU\..\Run: [10978140.exe] C:\WINDOWS\10978140.exe
O4 - HKCU\..\Run: [11378859.exe] C:\WINDOWS\11378859.exe
O4 - HKCU\..\Run: [11779140.exe] C:\WINDOWS\11779140.exe
O4 - HKCU\..\Run: [12179421.exe] C:\WINDOWS\12179421.exe
classicsoftware
10-30-2006, 12:23 AM
O4 - HKCU\..\Run: [12580218.exe] C:\WINDOWS\12580218.exe
O4 - HKCU\..\Run: [12980515.exe] C:\WINDOWS\12980515.exe
O4 - HKCU\..\Run: [13381312.exe] C:\WINDOWS\13381312.exe
O4 - HKCU\..\Run: [143890.exe] C:\WINDOWS\143890.exe
Close all program and browser windows and click fix checked.
Re-boot and post a fresh HJT log.
vBulletin v3.6.1, Copyright ©2000-2010, Jelsoft Enterprises Ltd.