Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

WIN403~1.EXE (win4036.tmp?)

Started by Miami , Nov 23 2007 01:38 PM

  • Please log in to reply
43 replies to this topic

#16 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 28 November 2007 - 02:18 PM

Download Superantispyware (SAS) free home version.

SAS Free

Install it and double-click the icon on your desktop to run it.
� It will ask if you want to update the program definitions, click Yes.
� Under Configuration and Preferences, click the Preferences button.
� Click the Scanning Control tab.
� Under Scanner Options make sure the following are checked:
  • Close browsers before scanning
  • Scan for tracking cookies
  • Terminate memory threats before quarantining.
  • Please leave the others unchecked.
  • Click the Close button to leave the control center screen.
� On the main screen, under Scan for Harmful Software click Scan your computer.
� On the left check C:\Fixed Drive.
� On the right, under Complete Scan, choose Perform Complete Scan.
� Click Next to start the scan. Please be patient while it scans your computer.
� After the scan is complete a summary box will appear. Click OK.
� Make sure everything in the white box has a check next to it, then click Next.
� It will quarantine what it found and if it asks if you want to reboot, click Yes.
� To retrieve the removal information for me please do the following:
  • After reboot, double-click the SUPERAntispyware icon on your desktop.
  • Click Preferences. Click the Statistics/Logs tab.
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
  • It will open in your default text editor (such as Notepad/Wordpad).
  • Please highlight everything in the notepad, then right-click and choose copy.
� Click close and close again to exit the program.
� Please paste that information here for me with a new HijackThis log.
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

    Advertisements

Register to Remove

#17 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 30 November 2007 - 12:00 AM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/30/2007 at 00:45 AM

Application Version : 3.9.1008

Core Rules Database Version : 3352
Trace Rules Database Version: 1351

Scan type : Complete Scan
Total Scan Time : 04:31:24

Memory items scanned : 462
Memory threats detected : 0
Registry items scanned : 8854
Registry threats detected : 128
File items scanned : 119763
File threats detected : 215

Unclassified.Unknown Origin
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74CD40EA-EF77-4BAD-808A-B5982DA73F20}

Adware.MyWay
HKU\S-1-5-21-1085031214-343818398-682003330-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}

Browser Hijacker.Internet Explorer Zone Hijack
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#http
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#https

Adware.Tracking Cookie
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@precisionclick[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@cracktohack.blogspot[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@imrworldwide[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adultadworld[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.as4x.tmcs[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@my.2.cqcounter[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ad.yieldmanager[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@h.starware[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@directtrack[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@zedo[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@tribalfusion[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adultfriendfinder[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@cf-db01.clickfacts[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-newegg.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ad2.ip[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@media.adrevolver[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@anat.tacoda[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.pointroll[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.gamershell[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[3].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@atdmt[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@try.starware[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ad1.clickhype[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.glispa[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@tripod[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@apmebf[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-warnerbrothers.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@paypal.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@mediaplex[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.techguy[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@cgm.adbureau[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adinterax[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@bizrate[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@livemercial.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@eas.apm.emediate[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@atwola[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@bs.serving-sys[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@tremor.adbureau[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@media.adrevolver[3].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@stats.gamestop[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ar.atwola[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[11].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.adbrite[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@questionmarket[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adrevolver[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@stats.adbrite[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@youporn[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.googleadservices[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.warez-bb[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.addynamix[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@clicksor[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adopt.specificclick[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@tmmedia.mylocalbands[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@doubleclick[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@specificclick[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@edge.ru4[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@crackserialkeygen[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-bestbuy.hitbox[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@xiti[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@view.atdmt[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@fastclick[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@revsci[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@azjmp[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@richmedia.yahoo[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adlegend[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@webpower[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[4].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@bluestreak[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.revsci[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adbrite[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-youtube.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@realmedia[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@serving-sys[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@dealtime[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adserver.toptenreviews[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[10].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adserver.over3hours[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adserver.softwareonline[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@counter.hitslink[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@trafficmp[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@gametracker[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@warez-bb[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@clickaider[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.cpmstar[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@nextag[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@statcounter[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@anad.tacoda[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@advertising[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@e-2dj6wjnywlazchq.stats.esomniture[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@statse.webtrendslive[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@track.bestbuy[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.halstats[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@sixapart.adbureau[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@3.adbrite[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@teensagainstporn[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads3.blastro[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@e-2dj6wjny-1gajsh.stats.esomniture[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.mkgmedia[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.adengage[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@hotlog[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@weborama[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www7.addfreestats[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads4.blastro[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@as1.falkag[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.popuptraffic[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[8].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@msnportal.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@casalemedia[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@partner2profit[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@focalex[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@shopping.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[5].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@youporngay[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@tradedoubler[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@gomyhit[3].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.pcantiviruspro[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@eb.adbureau[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.realtechnetwork[3].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.burstbeacon[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@hc2.humanclick[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@stat.dealtime[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-dig.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@counter14.sextracker[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@youporngay[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@itxt.vibrantmedia[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.blizzard[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@smartadserver[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.joinaxxess[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adecn[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@mediamgr.ugo[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-globalgamingleague.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.ppctracking[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adopt.euroclick[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@prospect.adbureau[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@try.screensavers[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[6].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@247realmedia[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@interclick[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.bridgetrack[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@screensavers[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@counter.inkfrog[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-kasperskylab.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ns.hiphopcrack[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[9].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@media6degrees[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@gaiainteractive.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adtech[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@freeze.directtrack[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.clickfax[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@spylog[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@cannamedia[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@megastats[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@gomyhit[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.burstnet[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-j2.hitbox[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@eyewonder[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adserver.filefront[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@server.iad.liveperson[7].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ad2.bbmedia[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@sexlist[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-tigerdirect2.hitbox[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@fenixxx[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.googleadservices[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@gcc-00.googleadservices[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@xxxcounter[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@www.googleadservices[3].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@iacas.adbureau[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@e-2dj6wjkowgcpoco.stats.esomniture[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@clicktorrent[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@4.adbrite[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@web-stat[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@sextracker[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ads.realtechnetwork[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ehg-viacom.hitbox[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@networksolutions.112.2o7[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@adopt.euroclick[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@ar.atwola[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@bluestreak[2].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@realmedia[1].txt
C:\Documents and Settings\ERIK A. GRIFFIN\Cookies\erik_a._griffin@revsci[2].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@2o7[2].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@albertoculver.122.2o7[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@apnonline.112.2o7[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@bs.serving-sys[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@ford.112.2o7[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@hulu.112.2o7[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@linksynergy[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@mediaplex[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@overture[2].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@richmedia.yahoo[2].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@serving-sys[2].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@upi.112.2o7[1].txt
C:\Documents and Settings\VANESSA J. GRIFFIN\Cookies\vanessa_j._griffin@www.googleadservices[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@atdmt[2].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@atwola[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@click.alltheweb[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@commission-junction[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@edge.ru4[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@linksynergy[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@megastats[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@qksrv[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@questionmarket[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Cookies\vanjac_1120@revenue[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Local Settings\Temp\Cookies\vanjac_1120@2o7[2].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Local Settings\Temp\Cookies\vanjac_1120@atdmt[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Local Settings\Temp\Cookies\vanjac_1120@mywebsearch[1].txt
C:\Documents and Settings\VANJAC_1120.DGBL2411\Local Settings\Temp\Cookies\vanjac_1120@www.postaltracking[1].txt

Adware.Ezula
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#AppID
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#wVuyhUbbabx
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#beyjpjplvgebq
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#iAoifnqXflDx
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#khNsolyxl
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#tGcky
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#gtvcodeRrQshr
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}#tIOzp
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}\LocalServer32
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}\ProgID
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}\Programmable
HKCR\CLSID\{0288B94B-0288-B94B-0288-B94B0288B94B}\VersionIndependentProgID

Trojan.SpyFalcon
HKCR\Interface\{001501E7-C970-4CB1-9740-E055BF3DDFD6}
HKCR\Interface\{001501E7-C970-4CB1-9740-E055BF3DDFD6}\ProxyStubClsid
HKCR\Interface\{001501E7-C970-4CB1-9740-E055BF3DDFD6}\ProxyStubClsid32
HKCR\Interface\{001501E7-C970-4CB1-9740-E055BF3DDFD6}\TypeLib
HKCR\Interface\{001501E7-C970-4CB1-9740-E055BF3DDFD6}\TypeLib#Version
HKCR\Interface\{0FBBBC44-296D-4A2F-AF45-BE1EE387F569}
HKCR\Interface\{0FBBBC44-296D-4A2F-AF45-BE1EE387F569}\ProxyStubClsid
HKCR\Interface\{0FBBBC44-296D-4A2F-AF45-BE1EE387F569}\ProxyStubClsid32
HKCR\Interface\{0FBBBC44-296D-4A2F-AF45-BE1EE387F569}\TypeLib
HKCR\Interface\{0FBBBC44-296D-4A2F-AF45-BE1EE387F569}\TypeLib#Version
HKCR\Interface\{163469FD-6009-48E2-AD8C-47BB2E0D88BE}
HKCR\Interface\{163469FD-6009-48E2-AD8C-47BB2E0D88BE}\ProxyStubClsid
HKCR\Interface\{163469FD-6009-48E2-AD8C-47BB2E0D88BE}\ProxyStubClsid32
HKCR\Interface\{163469FD-6009-48E2-AD8C-47BB2E0D88BE}\TypeLib
HKCR\Interface\{163469FD-6009-48E2-AD8C-47BB2E0D88BE}\TypeLib#Version
HKCR\Interface\{1694E5C6-9E1F-4C3B-B79A-828C2FC40003}
HKCR\Interface\{1694E5C6-9E1F-4C3B-B79A-828C2FC40003}\ProxyStubClsid
HKCR\Interface\{1694E5C6-9E1F-4C3B-B79A-828C2FC40003}\ProxyStubClsid32
HKCR\Interface\{1694E5C6-9E1F-4C3B-B79A-828C2FC40003}\TypeLib
HKCR\Interface\{1694E5C6-9E1F-4C3B-B79A-828C2FC40003}\TypeLib#Version
HKCR\Interface\{200BD3A6-A02B-4BAC-A364-A9D8017E3C4E}
HKCR\Interface\{200BD3A6-A02B-4BAC-A364-A9D8017E3C4E}\ProxyStubClsid
HKCR\Interface\{200BD3A6-A02B-4BAC-A364-A9D8017E3C4E}\ProxyStubClsid32
HKCR\Interface\{200BD3A6-A02B-4BAC-A364-A9D8017E3C4E}\TypeLib
HKCR\Interface\{200BD3A6-A02B-4BAC-A364-A9D8017E3C4E}\TypeLib#Version
HKCR\Interface\{20C59F9F-33CB-4B1B-AFB6-B710DB845709}
HKCR\Interface\{20C59F9F-33CB-4B1B-AFB6-B710DB845709}\ProxyStubClsid
HKCR\Interface\{20C59F9F-33CB-4B1B-AFB6-B710DB845709}\ProxyStubClsid32
HKCR\Interface\{20C59F9F-33CB-4B1B-AFB6-B710DB845709}\TypeLib
HKCR\Interface\{20C59F9F-33CB-4B1B-AFB6-B710DB845709}\TypeLib#Version
HKCR\Interface\{23D80835-4A3A-4572-9F5F-3F24A7A28AE5}
HKCR\Interface\{23D80835-4A3A-4572-9F5F-3F24A7A28AE5}\ProxyStubClsid
HKCR\Interface\{23D80835-4A3A-4572-9F5F-3F24A7A28AE5}\ProxyStubClsid32
HKCR\Interface\{23D80835-4A3A-4572-9F5F-3F24A7A28AE5}\TypeLib
HKCR\Interface\{23D80835-4A3A-4572-9F5F-3F24A7A28AE5}\TypeLib#Version
HKCR\Interface\{255CDDA3-576B-44C9-B944-46EAC18D5D6F}
HKCR\Interface\{255CDDA3-576B-44C9-B944-46EAC18D5D6F}\ProxyStubClsid
HKCR\Interface\{255CDDA3-576B-44C9-B944-46EAC18D5D6F}\ProxyStubClsid32
HKCR\Interface\{255CDDA3-576B-44C9-B944-46EAC18D5D6F}\TypeLib
HKCR\Interface\{255CDDA3-576B-44C9-B944-46EAC18D5D6F}\TypeLib#Version
HKCR\Interface\{3261F690-1CA4-4839-928B-F4F898B74EB7}
HKCR\Interface\{3261F690-1CA4-4839-928B-F4F898B74EB7}\ProxyStubClsid
HKCR\Interface\{3261F690-1CA4-4839-928B-F4F898B74EB7}\ProxyStubClsid32
HKCR\Interface\{3261F690-1CA4-4839-928B-F4F898B74EB7}\TypeLib
HKCR\Interface\{3261F690-1CA4-4839-928B-F4F898B74EB7}\TypeLib#Version
HKCR\Interface\{37B9988B-1997-41F4-A832-DAE42CC3F7C2}
HKCR\Interface\{37B9988B-1997-41F4-A832-DAE42CC3F7C2}\ProxyStubClsid
HKCR\Interface\{37B9988B-1997-41F4-A832-DAE42CC3F7C2}\ProxyStubClsid32
HKCR\Interface\{37B9988B-1997-41F4-A832-DAE42CC3F7C2}\TypeLib
HKCR\Interface\{37B9988B-1997-41F4-A832-DAE42CC3F7C2}\TypeLib#Version
HKCR\Interface\{5B861FB8-903C-4996-B1D3-E9A86ED4BBCF}
HKCR\Interface\{5B861FB8-903C-4996-B1D3-E9A86ED4BBCF}\ProxyStubClsid
HKCR\Interface\{5B861FB8-903C-4996-B1D3-E9A86ED4BBCF}\ProxyStubClsid32
HKCR\Interface\{5B861FB8-903C-4996-B1D3-E9A86ED4BBCF}\TypeLib
HKCR\Interface\{5B861FB8-903C-4996-B1D3-E9A86ED4BBCF}\TypeLib#Version
HKCR\Interface\{6876543E-DA55-4F90-9CD2-5ED380D9516C}
HKCR\Interface\{6876543E-DA55-4F90-9CD2-5ED380D9516C}\ProxyStubClsid
HKCR\Interface\{6876543E-DA55-4F90-9CD2-5ED380D9516C}\ProxyStubClsid32
HKCR\Interface\{6876543E-DA55-4F90-9CD2-5ED380D9516C}\TypeLib
HKCR\Interface\{6876543E-DA55-4F90-9CD2-5ED380D9516C}\TypeLib#Version
HKCR\Interface\{701E8C3A-7910-4CCD-A9F8-7B9A5F5B3947}
HKCR\Interface\{701E8C3A-7910-4CCD-A9F8-7B9A5F5B3947}\ProxyStubClsid
HKCR\Interface\{701E8C3A-7910-4CCD-A9F8-7B9A5F5B3947}\ProxyStubClsid32
HKCR\Interface\{701E8C3A-7910-4CCD-A9F8-7B9A5F5B3947}\TypeLib
HKCR\Interface\{701E8C3A-7910-4CCD-A9F8-7B9A5F5B3947}\TypeLib#Version
HKCR\Interface\{850300D6-D53B-4720-9372-6D31B85537E1}
HKCR\Interface\{850300D6-D53B-4720-9372-6D31B85537E1}\ProxyStubClsid
HKCR\Interface\{850300D6-D53B-4720-9372-6D31B85537E1}\ProxyStubClsid32
HKCR\Interface\{850300D6-D53B-4720-9372-6D31B85537E1}\TypeLib
HKCR\Interface\{850300D6-D53B-4720-9372-6D31B85537E1}\TypeLib#Version
HKCR\Interface\{8C803228-BD61-4744-8B79-949E3F512DDC}
HKCR\Interface\{8C803228-BD61-4744-8B79-949E3F512DDC}\ProxyStubClsid
HKCR\Interface\{8C803228-BD61-4744-8B79-949E3F512DDC}\ProxyStubClsid32
HKCR\Interface\{8C803228-BD61-4744-8B79-949E3F512DDC}\TypeLib
HKCR\Interface\{8C803228-BD61-4744-8B79-949E3F512DDC}\TypeLib#Version
HKCR\Interface\{B7C685F0-1804-4382-A8EF-17D33DF97069}
HKCR\Interface\{B7C685F0-1804-4382-A8EF-17D33DF97069}\ProxyStubClsid
HKCR\Interface\{B7C685F0-1804-4382-A8EF-17D33DF97069}\ProxyStubClsid32
HKCR\Interface\{B7C685F0-1804-4382-A8EF-17D33DF97069}\TypeLib
HKCR\Interface\{B7C685F0-1804-4382-A8EF-17D33DF97069}\TypeLib#Version

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID

Adware.MediaMediatickets
HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}
HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}\ProxyStubClsid
HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}\ProxyStubClsid32
HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}\TypeLib
HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}\TypeLib#Version
HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}
HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}\ProxyStubClsid
HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}\ProxyStubClsid32
HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}\TypeLib
HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}\TypeLib#Version

Adware.TrustInCash
HKCR\Se_spoof.SpoofBHO.1
HKCR\Se_spoof.SpoofBHO.1\CLSID

Adware.ClickSpring/Yazzle
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx#{74CD40EA-EF77-4BAD-808A-B5982DA73F20}

Trojan.Spyware Stormer
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}#SystemComponent
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}#Installer
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\Contains
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\DownloadInformation
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\DownloadInformation#CODEBASE
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\InstalledVersion
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\InstalledVersion#LastModified

Trojan.BrowseUI
C:\WINDOWS\SYSTEM32\BROWSEUI.EXE

Malware.SpywareNuker
C:\WINDOWS\SYSTEM32\DRIVERS\PSHOOK11.SYS

Trojan.Unknown Origin
C:\WINDOWS\SYSTEM32\OT.ICO
C:\WINDOWS\SYSTEM32\TS.ICO



Deckard's System Scanner v20071014.68
Run by ERIK A. GRIFFIN on 2007-11-30 00:58:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 84% (more than 75%).
Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as ERIK A. GRIFFIN.exe) -------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-30 00:58:53
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MDM.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\WINDOWS\Integrator.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\RunOnceEx: [lsass] C:\WINDOWS\Fonts\lsass.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O4 - Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
O4 - Startup: YouTube Uploader.lnk = C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
O4 - Startup: Zoom.lnk = C:\Program Files\Dachshund Software\Zoom\Zoom.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\VANESSA J. GRIFFIN\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O16 - DPF: ActiveGS.cab () - http://www.virtualap...rg/activegs.cab
O16 - DPF: Yahoo! Chat () - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Checkers () - http://download.game...nts/y/kt4_x.cab
O16 - DPF: {00001023-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter23 Class) - http://download.netm...NMStarter23.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.micros...tes/ieawsdc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akama...ex/qtplugin.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.micr.../OGAControl.cab
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} () - http://survey.otxres...m/Preloader.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.micr...heckControl.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540002} (CInstall Class) - http://www.wildtange...ave/Install.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} () - http://www.fileplane...C_2.3.6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} (MalwareCleaner Class) - http://www.microsoft.../WebCleaner.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail....es/MSNPUpld.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - https://www.webiqonl...Q/bin/WebIQ.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatro...an/pestscan.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1135819770910
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.ma...t/ultrashim.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...kdfense8237.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ent/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O16 - DPF: {FF452CFC-7056-4A5D-A327-1DFEC8EDC82A} (Upload Class) - http://www.neptune.c...ad/ms40upld.ocx
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: iexplorer - C:\WINDOWS\system32\iexplorer.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPWDSVC.EXE
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Service Support - Unknown owner - C:\WINDOWS\system32\srvsupp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe


--
End of file - 15147 bytes

-- Files created between 2007-10-30 and 2007-11-30 -----------------------------

2007-11-29 20:09:16 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2007-11-29 20:08:59 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-29 20:08:59 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\SUPERAntiSpyware.com
2007-11-29 20:08:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-28 13:07:34 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2007-11-27 01:15:31 64512 --ah----- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\dach100.dll
2007-11-26 12:35:45 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2007-11-26 12:35:42 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-25 01:14:12 0 d-------- C:\WINDOWS\ERUNT
2007-11-24 17:00:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2007-11-24 17:00:22 0 d-------- C:\Program Files\Google
2007-11-23 21:46:00 0 d-------- C:\Program Files\UnH Solutions
2007-11-18 19:14:51 0 d-------- C:\Program Files\Common Files\Nero
2007-11-18 14:59:34 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Nero
2007-11-18 14:53:33 0 d-------- C:\Program Files\Nero
2007-11-18 14:53:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-11-17 18:02:01 0 d-------- C:\Program Files\Converter
2007-11-15 18:55:44 0 d-------- C:\b
2007-11-13 02:47:43 0 d-------- C:\Program Files\LegacyGamers
2007-11-09 08:12:53 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\IrfanView
2007-11-08 23:41:17 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2007-11-06 11:17:54 0 d-------- C:\Program Files\Brittle Bullet - Private Gunz Server
2007-11-06 00:48:46 0 d-------- C:\Program Files\iPod
2007-11-06 00:47:55 0 d-------- C:\Program Files\iTunes
2007-11-06 00:39:59 0 d-------- C:\Program Files\Common Files\Apple
2007-11-04 00:41:33 0 d-------- C:\Program Files\IrfanView
2007-11-01 16:55:52 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Media Player Classic
2007-11-01 16:53:09 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA
2007-11-01 16:30:36 0 d-------- C:\Program Files\SystemRequirementsLab
2007-11-01 15:14:16 157696 --a------ C:\WINDOWS\system32\unrar.dll
2007-11-01 09:01:33 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Atari
2007-11-01 08:52:38 0 d-------- C:\Program Files\Atari
2007-10-31 23:20:16 0 d-------- C:\Program Files\Steam
2007-10-30 22:10:01 0 d-------- C:\Program Files\Apple Software Update
2007-10-30 22:10:00 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2007-10-30 19:34:34 394240 --a------ C:\WINDOWS\system32\Smab.dll
2007-10-30 19:34:34 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2007-10-30 19:34:34 318976 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2007-10-30 19:34:33 70656 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2007-10-30 19:34:33 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec>
2007-10-30 19:34:33 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-10-30 19:34:33 66560 --a------ C:\WINDOWS\MOTA113.exe
2007-10-30 19:34:33 217073 --a------ C:\WINDOWS\meta4.exe
2007-10-30 19:34:31 0 d-------- C:\Program Files\AviSynth 2.5
2007-10-30 19:32:13 31232 -r-hs---- C:\WINDOWS\system32\msfDX.dll <Not Verified; Hans Mayerl; msfDX.dll>
2007-10-30 19:32:13 163328 -r-hs---- C:\WINDOWS\system32\flvDX.dll <Not Verified; Gabest; FLV Splitter>
2007-10-30 19:32:03 0 d-------- C:\Program Files\eRightSoft


-- Find3M Report ---------------------------------------------------------------

2007-11-30 00:56:46 66 --a------ C:\WINDOWS\anticrash.dat
2007-11-30 00:56:43 60 --a------ C:\WINDOWS\zoom.dat
2007-11-30 00:56:42 61 --a------ C:\WINDOWS\hare.dat
2007-11-30 00:54:10 0 d-------- C:\Program Files\Common Files
2007-11-30 00:51:08 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\mIRC
2007-11-29 21:00:25 341 --ah----- C:\WINDOWS\winshell.dat
2007-11-29 20:04:54 0 d-------- C:\Program Files\mIRC
2007-11-28 18:17:55 0 d-------- C:\Program Files\Real
2007-11-28 02:34:23 73088 --ah----- C:\WINDOWS\system32\mlfcache.dat
2007-11-27 02:25:46 589 --ah----- C:\WINDOWS\WININF.DAT
2007-11-24 12:15:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-20 12:46:35 0 d-------- C:\Program Files\AvPropPlugin
2007-11-19 03:07:21 32 --a----c- C:\WINDOWS\go
2007-11-09 18:23:02 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-11-09 17:42:00 0 d-------- C:\Program Files\Skyhook Wireless
2007-11-07 14:50:21 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Registry Help Pro
2007-11-07 14:22:51 430 --ah----- C:\WINDOWS\sysdata.dat
2007-11-07 12:45:28 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-07 12:25:00 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Adobe
2007-11-06 00:44:52 0 d-------- C:\Program Files\QuickTime
2007-11-04 00:42:45 0 d-------- C:\Program Files\Microsoft Picture It! PhotoPub
2007-10-29 15:24:12 0 d-------- C:\Program Files\AIM6
2007-10-29 15:22:18 0 d-------- C:\Program Files\Viewpoint
2007-10-29 15:21:09 0 d-------- C:\Program Files\Common Files\AOL
2007-10-29 13:28:34 32700 --a----c- C:\WINDOWS\system32\tcpipbak.reg
2007-10-29 12:41:56 0 d-------- C:\Program Files\Dachshund Software
2007-10-29 12:16:45 0 d-------- C:\Program Files\Winamp


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f015f320-ab08-11db-abbd-0800200c9a66}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 11:22 AM]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [12/31/2006 07:46 PM]
"nwiz"="nwiz.exe" [10/22/2006 11:22 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 11:22 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/19/2007 08:16 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/02/2007 06:36 PM]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [11/05/2007 12:05 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [09/20/2007 09:51 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 04:45 PM]
"EasyLinkAdvisor"="C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" [04/02/2006 08:07 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]
"ares"="C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\Ares\Ares.exe" []
"Google Update"="C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe" [11/18/2007 03:02 PM]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]

C:\Documents and Settings\ERIK A. GRIFFIN\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7/19/2005 1:41:37 AM]
AntiCrash.lnk - C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe [12/17/2002 11:00:44 AM]
Hare.lnk - C:\Program Files\Dachshund Software\Hare\Hare.exe [9/21/2002 11:26:40 AM]
YouTube Uploader.lnk - C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [11/9/2007 1:33:08 PM]
Zoom.lnk - C:\Program Files\Dachshund Software\Zoom\Zoom.exe [9/21/2002 11:27:14 AM]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [11/24/2007 5:00:31 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoInstrumentation"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iexplorer]
iexplorer.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
"HPHUPD05"=C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"WinampAgent"=C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\AUTORUN\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bed2a1c8-1847-11db-9374-0080add18772}]
AutoRun\command- H:\setupSNK.exe




-- End of Deckard's System Scanner: finished at 2007-11-30 01:00:41 ------------

Edit: There's things in my cookies that I've never even done/been to/seen XD rofl. Sorry I just find some of the stuff of funny :P

Edited by Miami, 30 November 2007 - 12:04 AM.

#18 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 30 November 2007 - 03:53 AM

Hi

Run HijackThis, select Do a system scan only and place checks against the following entries (if they are still present):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (file missing)
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} () - http://survey.otxres...m/Preloader.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540002} (CInstall Class) - http://www.wildtange...ave/Install.cab
O20 - Winlogon Notify: iexplorer - C:\WINDOWS\system32\iexplorer.dll (file missing)


WITH ALL OTHER WINDOWS CLOSED Click on Fix Checked exit HijackThis and reboot the computer.


1 - Update Adobe Reader
Earlier versions of Adobe Reader have known security flaws so it is recommended that you update your copy
  • Go to Start > Control Panel > Add/Remove Programs
  • Remove ALL instances of Adobe Reader
  • Re-boot your computer as required.
  • Once ALL versions of Adobe Reader have been uninstalled, visit: www.adobe.com/uk/products/acrobat/readstep2.html and download the latest version of Adobe Reader
OR, after uninstalling Adobe Reader, you could try installing Foxit Reader from >here<
Foxit Reader has fewer add-ons therefore loads more quickly.


Delete the older versions of Java and download the newest.
Please follow these steps to remove older version Java components.
  • Close any programmes you may have running, ESPECIALLY your web browser
  • Click Start > Control Panel.
  • Click Add/Remove Programs.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove all versions of Java.
  • Reboot your computer once all Java components are removed.
Then download the latest version of Java Runtime Environment (JRE) (4th one down the list), which is JRE6u3, and click Yes at the page warning, then accept the Licence Agreement before downloading the Offline file.


Post back with a new Deckards log when you are finished the above.
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

#19 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 01 December 2007 - 02:41 PM

Okay well I was only able to remove 2 java things, and so I took a screenshot to show you which ones I couldn't remove, because there is no remove button, so I haven't bothered re-installing anything java yet until you give the go-ahead.

http://i9.tinypic.com/72gjz84.jpg

And here's a deckards log:

Deckard's System Scanner v20071014.68
Run by ERIK A. GRIFFIN on 2007-12-01 15:40:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 85% (more than 75%).
Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as ERIK A. GRIFFIN.exe) -------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 3:40:33 PM, on 12/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\mdm.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Integrator.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\ERIKAG~1.EXE
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O4 - Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
O4 - Startup: YouTube Uploader.lnk = C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
O4 - Startup: Zoom.lnk = C:\Program Files\Dachshund Software\Zoom\Zoom.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\VANESSA J. GRIFFIN\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Pictures - {C7486E80-B111-4768-995E-23CF307346FC} - C:\Program Files\UnH Solutions\Flash and Pics Control\FPCButton.dll (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: ActiveGS.cab - http://www.virtualap...rg/activegs.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Checkers - http://download.game...nts/y/kt4_x.cab
O16 - DPF: {00001023-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter23 Class) - http://download.netm...NMStarter23.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akama...ex/qtplugin.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplane...C_2.3.6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail....es/MSNPUpld.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - https://www.webiqonl...Q/bin/WebIQ.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatro...an/pestscan.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1135819770910
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...kdfense8237.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O16 - DPF: {FF452CFC-7056-4A5D-A327-1DFEC8EDC82A} (Upload Class) - http://www.neptune.c...ad/ms40upld.ocx
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Service Support - Unknown owner - C:\WINDOWS\system32\srvsupp.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Conexant - (no file)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Visual Studio Analyzer RPC bridge - Viewpoint Corporation - (no file)


-- Files created between 2007-11-01 and 2007-12-01 -----------------------------

2007-12-01 15:09:32 0 d-------- C:\Program Files\Foxit Software
2007-11-29 20:09:16 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2007-11-29 20:08:59 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-29 20:08:59 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\SUPERAntiSpyware.com
2007-11-29 20:08:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-28 13:07:34 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2007-11-27 01:15:31 64512 --ah----- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\dach100.dll
2007-11-26 12:35:42 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-25 01:14:12 0 d-------- C:\WINDOWS\ERUNT
2007-11-24 17:00:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2007-11-24 17:00:22 0 d-------- C:\Program Files\Google
2007-11-23 21:46:00 0 d-------- C:\Program Files\UnH Solutions
2007-11-18 19:14:51 0 d-------- C:\Program Files\Common Files\Nero
2007-11-18 14:59:34 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Nero
2007-11-18 14:53:33 0 d-------- C:\Program Files\Nero
2007-11-18 14:53:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-11-17 18:02:01 0 d-------- C:\Program Files\Converter
2007-11-15 18:55:44 0 d-------- C:\b
2007-11-13 02:47:43 0 d-------- C:\Program Files\LegacyGamers
2007-11-09 08:12:53 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\IrfanView
2007-11-08 23:41:17 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2007-11-06 11:17:54 0 d-------- C:\Program Files\Brittle Bullet - Private Gunz Server
2007-11-06 00:48:46 0 d-------- C:\Program Files\iPod
2007-11-06 00:47:55 0 d-------- C:\Program Files\iTunes
2007-11-06 00:39:59 0 d-------- C:\Program Files\Common Files\Apple
2007-11-04 00:41:33 0 d-------- C:\Program Files\IrfanView
2007-11-01 16:55:52 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Media Player Classic
2007-11-01 16:53:09 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA
2007-11-01 16:30:36 0 d-------- C:\Program Files\SystemRequirementsLab
2007-11-01 15:14:16 157696 --a------ C:\WINDOWS\system32\unrar.dll
2007-11-01 09:01:33 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Atari
2007-11-01 08:52:38 0 d-------- C:\Program Files\Atari


-- Find3M Report ---------------------------------------------------------------

2007-12-01 15:38:48 60 --a------ C:\WINDOWS\zoom.dat
2007-12-01 15:38:46 61 --a------ C:\WINDOWS\hare.dat
2007-12-01 15:38:46 66 --a------ C:\WINDOWS\anticrash.dat
2007-12-01 15:37:35 0 d-------- C:\Program Files\Common Files
2007-12-01 15:15:30 0 d-------- C:\Program Files\Java
2007-12-01 14:36:13 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\mIRC
2007-12-01 13:35:09 341 --ah----- C:\WINDOWS\winshell.dat
2007-11-30 01:44:54 0 d-------- C:\Program Files\Steam
2007-11-30 01:08:10 0 d-------- C:\Program Files\mIRC
2007-11-28 18:17:55 0 d-------- C:\Program Files\Real
2007-11-28 02:34:23 73088 --ah----- C:\WINDOWS\system32\mlfcache.dat
2007-11-27 02:25:46 589 --ah----- C:\WINDOWS\WININF.DAT
2007-11-24 12:15:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-20 12:46:35 0 d-------- C:\Program Files\AvPropPlugin
2007-11-19 03:07:21 32 --a----c- C:\WINDOWS\go
2007-11-09 18:23:02 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-11-09 17:42:00 0 d-------- C:\Program Files\Skyhook Wireless
2007-11-07 14:50:21 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Registry Help Pro
2007-11-07 14:22:51 430 --ah----- C:\WINDOWS\sysdata.dat
2007-11-07 12:45:28 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-07 12:25:00 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Adobe
2007-11-06 00:44:52 0 d-------- C:\Program Files\QuickTime
2007-11-04 00:42:45 0 d-------- C:\Program Files\Microsoft Picture It! PhotoPub
2007-10-30 22:10:03 0 d-------- C:\Program Files\Apple Software Update
2007-10-30 19:34:31 0 d-------- C:\Program Files\AviSynth 2.5
2007-10-30 19:32:03 0 d-------- C:\Program Files\eRightSoft
2007-10-29 15:24:12 0 d-------- C:\Program Files\AIM6
2007-10-29 15:22:18 0 d-------- C:\Program Files\Viewpoint
2007-10-29 15:21:09 0 d-------- C:\Program Files\Common Files\AOL
2007-10-29 13:28:34 32700 --a----c- C:\WINDOWS\system32\tcpipbak.reg
2007-10-29 12:41:56 0 d-------- C:\Program Files\Dachshund Software
2007-10-29 12:16:45 0 d-------- C:\Program Files\Winamp


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 11:22 AM]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [12/31/2006 07:46 PM]
"nwiz"="nwiz.exe" [10/22/2006 11:22 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 11:22 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/19/2007 08:16 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/02/2007 06:36 PM]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [11/05/2007 12:05 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [09/20/2007 09:51 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [11/09/2006 03:07 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"EasyLinkAdvisor"="C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" [04/02/2006 08:07 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]
"ares"="C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\Ares\Ares.exe" []
"Google Update"="C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe" [11/18/2007 03:02 PM]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]

C:\Documents and Settings\ERIK A. GRIFFIN\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7/19/2005 1:41:37 AM]
AntiCrash.lnk - C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe [12/17/2002 11:00:44 AM]
Hare.lnk - C:\Program Files\Dachshund Software\Hare\Hare.exe [9/21/2002 11:26:40 AM]
YouTube Uploader.lnk - C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [11/9/2007 1:33:08 PM]
Zoom.lnk - C:\Program Files\Dachshund Software\Zoom\Zoom.exe [9/21/2002 11:27:14 AM]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [11/24/2007 5:00:31 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoInstrumentation"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
"HPHUPD05"=C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"WinampAgent"=C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\AUTORUN\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bed2a1c8-1847-11db-9374-0080add18772}]
AutoRun\command- H:\setupSNK.exe




-- End of Deckard's System Scanner: finished at 2007-12-01 15:41:13 ------------

Edited by Miami, 01 December 2007 - 02:43 PM.

#20 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 01 December 2007 - 05:25 PM

Hi

Try removing them with HijackThis.

  • Start HijackThis
  • Click on the Config button
  • Click on the Misc Tools button
  • Click on the Open Uninstall Manager button.
  • To delete a program simply click on the program you would like to remove and then click on the Delete this entry button.

It's important they go, so let me know how that goes.
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

#21 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 01 December 2007 - 07:21 PM

Would you believe it if I told you they didn't show up? I guess they're just like ghosts. Shells. Lol sorry. What next?

#22 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 07 December 2007 - 06:28 PM

Hi Sorry, Ive been having major probs with my emails and never knew you had replied. If you still require my help, post a new Deckards log.
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

#23 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 07 December 2007 - 06:56 PM

I've since then removed all the things of Java with "windows install cleaner" thing, and re-installed java... Should I still post a deckerds log?

#24 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 08 December 2007 - 11:05 AM

Hi Glad to hear they are gone. Post one more log to let me be sure you are clean. :thumbup:
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

#25 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 08 December 2007 - 11:19 AM

Deckard's System Scanner v20071014.68
Run by ERIK A. GRIFFIN on 2007-12-08 12:18:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 81% (more than 75%).
Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as ERIK A. GRIFFIN.exe) -------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-08 12:18:53
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MDM.EXE
C:\Program Files\mIRC\mirc.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\WINDOWS\Integrator.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ERIK A. GRIFFIN\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O4 - Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
O4 - Startup: YouTube Uploader.lnk = C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
O4 - Startup: Zoom.lnk = C:\Program Files\Dachshund Software\Zoom\Zoom.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O16 - DPF: ActiveGS.cab () - http://www.virtualap...rg/activegs.cab
O16 - DPF: Yahoo! Chat () - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Checkers () - http://download.game...nts/y/kt4_x.cab
O16 - DPF: {00001023-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter23 Class) - http://download.netm...NMStarter23.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.micros...tes/ieawsdc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akama...ex/qtplugin.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.micr.../OGAControl.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.micr...heckControl.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} () - http://www.fileplane...C_2.3.6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {4A116A80-85B6-4299-A018-A717FD7AC66A} (AXIDMDCP Class) - http://m1.cdn.gaiaon...ns/IDMFlash.cab
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} (MalwareCleaner Class) - http://www.microsoft.../WebCleaner.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail....es/MSNPUpld.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - https://www.webiqonl...Q/bin/WebIQ.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatro...an/pestscan.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1135819770910
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.ma...t/ultrashim.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...kdfense8237.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ent/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O16 - DPF: {FF452CFC-7056-4A5D-A327-1DFEC8EDC82A} (Upload Class) - http://www.neptune.c...ad/ms40upld.ocx
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPWDSVC.EXE
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


--
End of file - 13751 bytes

-- Files created between 2007-11-08 and 2007-12-08 -----------------------------

2007-12-08 01:10:48 64512 --ah----- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\dach100.dll
2007-12-07 03:04:33 0 d-------- C:\Program Files\Alcohol Soft
2007-12-07 02:44:14 174592 --a------ C:\WINDOWS\system32\framedyn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-03 22:18:08 0 d-------- C:\Program Files\Windows Installer Clean Up
2007-12-03 22:17:41 0 d-------- C:\Program Files\MSECACHE
2007-12-03 15:35:31 164352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-03 15:35:27 1559040 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-12-03 15:35:26 282624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-12-03 15:35:25 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-12-03 15:35:25 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-12-03 15:35:25 739840 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 15:35:20 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-12-03 15:13:42 0 d-------- C:\Program Files\Ringz Studio
2007-12-01 15:09:32 0 d-------- C:\Program Files\Foxit Software
2007-11-29 20:09:16 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2007-11-29 20:08:59 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-29 20:08:59 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\SUPERAntiSpyware.com
2007-11-29 20:08:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-28 13:07:34 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2007-11-26 12:35:42 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-25 01:14:12 0 d-------- C:\WINDOWS\ERUNT
2007-11-24 17:00:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2007-11-24 17:00:22 0 d-------- C:\Program Files\Google
2007-11-23 21:46:00 0 d-------- C:\Program Files\UnH Solutions
2007-11-18 19:14:51 0 d-------- C:\Program Files\Common Files\Nero
2007-11-18 14:59:34 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Nero
2007-11-18 14:53:33 0 d-------- C:\Program Files\Nero
2007-11-18 14:53:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-11-17 18:02:01 0 d-------- C:\Program Files\Converter
2007-11-15 18:55:44 0 d-------- C:\b
2007-11-13 02:47:43 0 d-------- C:\Program Files\LegacyGamers
2007-11-09 08:12:53 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\IrfanView
2007-11-08 23:41:17 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET


-- Find3M Report ---------------------------------------------------------------

2007-12-08 01:11:07 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\mIRC
2007-12-08 01:10:49 66 --a------ C:\WINDOWS\anticrash.dat
2007-12-08 01:10:48 0 d-------- C:\Program Files\mIRC
2007-12-08 01:10:47 60 --a------ C:\WINDOWS\zoom.dat
2007-12-08 01:10:46 61 --a------ C:\WINDOWS\hare.dat
2007-12-08 01:07:12 0 d-------- C:\Program Files\Common Files
2007-12-08 01:03:23 341 --ah----- C:\WINDOWS\winshell.dat
2007-12-07 13:31:32 0 d-------- C:\Program Files\Steam
2007-12-03 18:07:55 0 d-------- C:\Program Files\Java
2007-12-03 15:19:01 0 d-------- C:\Program Files\Common Files\Real
2007-12-01 14:53:48 0 d-------- C:\Program Files\Brittle Bullet - Private Gunz Server
2007-11-28 18:17:55 0 d-------- C:\Program Files\Real
2007-11-28 02:34:23 73088 --ah----- C:\WINDOWS\system32\mlfcache.dat
2007-11-27 02:25:46 589 --ah----- C:\WINDOWS\WININF.DAT
2007-11-24 12:15:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-20 12:46:35 0 d-------- C:\Program Files\AvPropPlugin
2007-11-19 03:07:21 32 --a----c- C:\WINDOWS\go
2007-11-18 15:12:21 0 d-------- C:\Program Files\IrfanView
2007-11-09 18:23:02 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-11-09 17:42:00 0 d-------- C:\Program Files\Skyhook Wireless
2007-11-07 14:50:21 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Registry Help Pro
2007-11-07 14:22:51 430 --ah----- C:\WINDOWS\sysdata.dat
2007-11-07 12:45:28 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-07 12:25:00 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Adobe
2007-11-06 00:49:08 0 d-------- C:\Program Files\iTunes
2007-11-06 00:48:46 0 d-------- C:\Program Files\iPod
2007-11-06 00:44:52 0 d-------- C:\Program Files\QuickTime
2007-11-06 00:39:59 0 d-------- C:\Program Files\Common Files\Apple
2007-11-04 00:42:45 0 d-------- C:\Program Files\Microsoft Picture It! PhotoPub
2007-11-01 16:56:05 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Media Player Classic
2007-11-01 16:30:36 0 d-------- C:\Program Files\SystemRequirementsLab
2007-11-01 09:01:33 0 d-------- C:\Documents and Settings\ERIK A. GRIFFIN\Application Data\Atari
2007-11-01 08:52:38 0 d-------- C:\Program Files\Atari
2007-10-30 22:10:03 0 d-------- C:\Program Files\Apple Software Update
2007-10-30 19:34:31 0 d-------- C:\Program Files\AviSynth 2.5
2007-10-30 19:32:03 0 d-------- C:\Program Files\eRightSoft
2007-10-29 15:24:12 0 d-------- C:\Program Files\AIM6
2007-10-29 15:22:18 0 d-------- C:\Program Files\Viewpoint
2007-10-29 15:21:09 0 d-------- C:\Program Files\Common Files\AOL
2007-10-29 13:28:34 32700 --a----c- C:\WINDOWS\system32\tcpipbak.reg
2007-10-29 12:41:56 0 d-------- C:\Program Files\Dachshund Software
2007-10-29 12:16:45 0 d-------- C:\Program Files\Winamp


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 11:22 AM]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [12/31/2006 07:46 PM]
"nwiz"="nwiz.exe" [10/22/2006 11:22 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 11:22 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/19/2007 08:16 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/02/2007 06:36 PM]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [11/05/2007 12:05 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [09/20/2007 09:51 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 12:31 AM]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [08/18/2001 07:00 AM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/04/2004 12:31 AM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 12:32 AM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 12:32 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"="C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" [04/02/2006 08:07 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]
"Google Update"="C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe" [11/18/2007 03:02 PM]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]

C:\Documents and Settings\ERIK A. GRIFFIN\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7/19/2005 1:41:37 AM]
AntiCrash.lnk - C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe [12/17/2002 11:00:44 AM]
Hare.lnk - C:\Program Files\Dachshund Software\Hare\Hare.exe [9/21/2002 11:26:40 AM]
YouTube Uploader.lnk - C:\Documents and Settings\ERIK A. GRIFFIN\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [11/9/2007 1:33:08 PM]
Zoom.lnk - C:\Program Files\Dachshund Software\Zoom\Zoom.exe [9/21/2002 11:27:14 AM]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [11/24/2007 5:00:31 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)
"ClearRecentDocsOnExit"=0000000000000000
"NoLowDiskSpaceChecks"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"NoSaveSettings"=00000000
"NoActiveDesktop"=00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
"HPHUPD05"=C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\AUTORUN\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bed2a1c8-1847-11db-9374-0080add18772}]
AutoRun\command- H:\setupSNK.exe




-- End of Deckard's System Scanner: finished at 2007-12-08 12:20:19 ------------

    Advertisements

Register to Remove

#26 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 08 December 2007 - 11:33 AM

Hi

Lets just run a quick check on a file.

To enable the viewing of Hidden files follow these steps:
  • Close all programs so that you are at your desktop.
  • Double-click on the My Computer icon (or click Start, then select My Computer)
  • Select the Tools menu and click Folder Options.
  • After the new window appears select the View tab.
  • Put a checkmark in the checkbox labeled Display the contents of system folders.
  • Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
  • Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
  • Remove the checkmark from the checkbox labeled Hide protected operating system files.
  • Press the Apply button and then the OK button and shutdown My Computer.
    Now your computer is configured to show all hidden files.


Upload a File to Jotti
Please visit http://virusscan.jotti.org/
Click on Browse... and navigate to the following file: C:\WINDOWS\system32\tcpipbak.reg
Click Open and submit the file.
Please let me know the results.


I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player’s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto‑updating for the Viewpoint Manager ‑‑ the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.

To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components (Viewpoint, Viewpoint Manager, Viewpoint Media Player):
  • Click Start, point to Settings, and then click Control Panel.
  • In Control Panel, double-click Add or Remove Programs.
  • In Add or Remove Programs, highlight >>Viewpoint component<< , click Remove.
  • Do the same for each Viewpoint component.

You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

#27 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 10 December 2007 - 01:36 PM

Before we do anything, I keep getting this error when I try to install/uninstall anything. "The Windows installer service could not be accessed." And some other stuff after it. I've googled solutioins and stuff, but nothing I've tried has work and this is very upsetting. Edit: Also, I need to tell you that when I run the computer in normal mode and log into my user, nothing but my wallpaper shows up. No task bar, or anything. I did ctrl+alt+del and saw that explorer.exe was running so I'm confused. The only way I'm even on right now is because I'm running in Safe Mode with Networking. Please help, this is just getting insane. Edit 2: Okay I don't know, but when I started up the computer in normal mode, logged into my user, I started up iTunes through task manager, so I can sync+update my new iPod touch, and I just walked away the computer to let it update, then I come back and I see the start bar, and everything back. I mean, it took longer than it should have, but it's there again. I'm confused. Do you have any advice or solutions as to avoid this extremely long delay again? Edit 3: It not only takes about 5 or so minutes for the start bar and all the desktop things to show up, but it also takes a very long time for them to even start or be used when you double click them. For example, something so simple as clicking Start; I click it, and it takes a minute or two for it to even show up, THEN, once you're on it, it just freezes up. Something like mIRC, it took about 3 - 5 minutes for it to even show up after I double clicked it.

Edited by Miami, 11 December 2007 - 06:05 AM.

#28 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 11 December 2007 - 04:38 PM

Hi

Sorry for the delay.
Do you have the Windows CD handy? Or a Recovery Partition? If so, go to Start>Run and type in sfc /scannow (note the space between "c" & "s")
If you do not have a Recovery Partition, you will be asked to insert the Windows CD, then Windows will replace any missing or corrupt system files.
Let me know how that goes.
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

#29 Miami

Miami

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 11 December 2007 - 07:35 PM

Okay. I ran it. What was it supposed to do or what was supposed to happen when it finished or was I supposed to restart my computer?

#30 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 12 December 2007 - 03:51 AM

Hi It doesnt say anything when it's finished, I believe. Restart the pc, if you havent already, and let me know if that has made a difference.
You too could train to help others- Join the Classroom

Posted Image

Posted Image
Posted Image

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·