ComputerForum.com ComputerForum.com  
TigerDirect
  
Go Back   Computer Forum > Computer Software > Computer Security
Internet explorer shut down/hijak log Internet explorer shut down/hijak log
Register FAQ Members List Calendar Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 03-09-2008, 06:55 PM   #1 (permalink)
Bronze Member
 
vagg's Avatar
 
Join Date: May 2006
Posts: 47
Default Internet explorer shut down/hijak log
My internet explorer has began to shut down or stop working when I right click to paste or save info.
Could someone plz have a look threw my hijak log and see if they see any errors I should be aware off.
tks..


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:04:04 AM, on 3/9/2008
Platform: Windows Vista ()
MSIE: Internet Explorer v8.00 ()
Boot mode: Normal

Running processes:
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svehost.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O3 - Toolbar: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe " -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PC Booster] "C:\Program Files\inKline Global\PC Booster\pcbooster.exe"
O4 - HKLM\..\Run: [RegSweep] "C:\Program Files\RegSweep\RegSweep.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SkinClock] "C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe"
O4 - HKCU\..\Run: [Super Utilities] "C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe" /min
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Fantastic Flame Agent.lnk = C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
O4 - Global Startup: LNSS Status Monitor.lnk = C:\Program Files\GFI\LANguard Network Security Scanner 8.0\statusmonitor.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe
O9 - Extra button: SmartWhois - {FD9DE2B4-C926-4460-81C4-FC58C6F1062E} - C:\Program Files\SmartWhois\swmsie.exe
O9 - Extra button: (no name) - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe
O9 - Extra 'Tools' menuitem: SmartWhois - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1202572740874
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: fsp_lmwl - C:\Windows\SYSTEM32\fsp_lmwl.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GFI LANguard N.S.S. 8.0 Attendant Service (gfi_lnss8_attservice) - GFI Software Ltd. - C:\Program Files\GFI\LANguard Network Security Scanner 8.0\lnssatt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Lock My PC Service (LmpcService) - Unknown owner - C:\Program Files\Lock My PC 4\LmpcServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 10591 bytes
Last edited by vagg; 03-09-2008 at 07:26 PM.
vagg is offline   Reply With Quote


Old 03-09-2008, 08:25 PM   #2 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,854
Default
There are some nasties over here, the ones I've never seen before.
But we will clean it and I don't think it can actually do what your problem is.
It is probably down to the IE 8.0 because it's Beta new version, not yet stable enough..

Please visit this webpage for instructions for downloading ComboFix at your DESKTOP:
http://www.bleepingcomputer.com/comb...o-use-combofix
  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new HijackThis log so we may continue cleaning the system.
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Old 03-09-2008, 10:14 PM   #3 (permalink)
Bronze Member
 
vagg's Avatar
 
Join Date: May 2006
Posts: 47
Default
ComboFix 08-03-09.1 - Vagg 2008-03-09 14:09:00.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium [GMT -7:00]
Running from: C:\Users\Vagg\Desktop\ComboFix.exe
* Created a new restore point
.
ADS - system32: deleted 12 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Vagg\AppData\Roaming\inst.exe
C:\Windows\system32\drivers\npf.sys
C:\Windows\system32\packet.dll
C:\Windows\system32\pthreadVC.dll
C:\Windows\system32\slootniw01.dll
C:\Windows\system32\svehost.exe
C:\Windows\system32\systeminfo3.dll
C:\Windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\NPF


((((((((((((((((((((((((( Files Created from 2008-02-09 to 2008-03-09 )))))))))))))))))))))))))))))))
.

2008-03-09 12:30 . 2008-03-09 12:30 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-03-09 12:27 . 2008-03-09 12:29 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-03-09 12:26 . 2008-03-09 13:02 <DIR> d-------- C:\Program Files\Sony Setup
2008-03-09 12:21 . 2008-03-09 13:02 <DIR> d-------- C:\Users\Vagg\AppData\Roaming\Sony
2008-03-09 12:21 . 2008-03-09 12:21 <DIR> d-------- C:\Users\Vagg\AppData\Roaming\Publish Providers
2008-03-09 12:17 . 2008-03-09 13:02 <DIR> d-------- C:\Users\All Users\Sony
2008-03-09 12:17 . 2008-03-09 13:02 <DIR> d-------- C:\ProgramData\Sony
2008-03-09 12:17 . 2008-03-09 12:17 <DIR> d-------- C:\Program Files\Vstplugins
2008-03-09 12:17 . 2008-03-09 12:17 <DIR> d-------- C:\Program Files\Sony
2008-03-09 10:48 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-03-09 10:48 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-03-09 10:48 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-03-09 10:48 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-03-09 10:48 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-03-09 10:46 . 2006-09-28 16:05 2,414,360 --a------ C:\Windows\System32\d3dx9_31.dll
2008-03-09 10:46 . 2006-09-28 16:05 237,848 --a------ C:\Windows\System32\xactengine2_4.dll
2008-03-09 10:46 . 2006-07-28 09:30 236,824 --a------ C:\Windows\System32\xactengine2_3.dll
2008-03-09 10:46 . 2006-07-28 09:30 62,744 --a------ C:\Windows\System32\xinput1_2.dll
2008-03-09 10:46 . 2007-03-05 12:42 15,128 --a------ C:\Windows\System32\x3daudio1_1.dll
2008-03-09 10:39 . 2008-03-09 10:42 <DIR> d--h----- C:\Windows\msdownld.tmp
2008-03-09 01:46 . 2008-03-09 01:46 <DIR> d-------- C:\Users\Vagg\AppData\Roaming\XemiComputers
2008-03-09 01:46 . 2008-03-09 01:46 <DIR> d-------- C:\Users\All Users\XemiComputers
2008-03-09 01:46 . 2008-03-09 01:46 <DIR> d-------- C:\ProgramData\XemiComputers
2008-03-09 01:46 . 2008-03-09 01:46 <DIR> d-------- C:\Program Files\XemiComputers
2008-03-08 23:06 . 2008-03-08 23:06 <DIR> d-------- C:\Program Files\PowerQuest
2008-03-08 15:49 . 2008-03-08 15:49 0 --a------ C:\Windows\opeAEF0.tmp
2008-03-08 15:48 . 2008-03-08 15:48 0 --a------ C:\Windows\ope2939.tmp
2008-03-08 15:47 . 2008-03-08 15:47 352,410 --a------ C:\Windows\System32\opeC51E.exe
2008-03-08 15:47 . 2008-03-08 15:47 0 --a------ C:\Windows\System32\opeC51E.tmp
2008-03-08 15:47 . 2008-03-08 15:47 0 --a------ C:\Windows\opeE375.tmp
2008-03-07 21:10 . 2008-03-07 21:10 <DIR> d-------- C:\Users\Vagg\AppData\Roaming\Smart PC Solutions
2008-03-07 21:08 . 2008-03-07 21:08 <DIR> d-------- C:\Program Files\Smart PC Solutions
2008-03-07 12:26 . 2008-03-07 12:26 <DIR> d-------- C:\Program Files\WMV9_VCM
2008-03-07 12:24 . 2008-03-07 12:24 <DIR> d-------- C:\Program Files\Xara
2008-03-07 12:24 . 2008-03-07 12:25 <DIR> d-------- C:\Program Files\Common Files\Xara
2008-03-07 11:25 . 2008-03-07 11:25 <DIR> d-------- C:\Program Files\Netscape
2008-03-06 09:45 . 2008-03-06 09:45 <DIR> d-------- C:\Program Files\Virtual Earth 3D
2008-03-05 23:29 . 2008-03-06 10:20 <DIR> d-------- C:\Program Files\Talisman 2
2008-03-05 21:19 . 2008-03-05 21:19 <DIR> d-------- C:\Program Files\SuperLogix
2008-03-05 21:19 . 2008-02-15 16:41 2,256,896 --a------ C:\Windows\System32\vbsbak.dat
2008-03-05 21:19 . 2008-01-02 20:48 1,636,864 --a------ C:\Windows\System32\context.dll
2008-03-05 21:19 . 2007-06-20 06:52 269,824 --a------ C:\Windows\System32\SuperMenuHook.dll
2008-03-05 21:19 . 2007-06-20 06:52 269,824 --a------ C:\Windows\System32\baksm.dat
2008-03-05 21:19 . 2003-10-11 11:24 89,088 --a------ C:\Windows\System32\Shreder.dll
2008-03-05 21:19 . 2003-09-06 23:32 73,728 --a------ C:\Windows\System32\smh.dat
2008-03-05 21:19 . 2007-03-11 22:39 44,000 --a------ C:\Windows\System32\drivers\AFPUni.sys
2008-03-05 21:19 . 2007-03-11 22:39 43,936 --a------ C:\Windows\System32\drivers\AFPAnsi.sys
2008-03-05 21:19 . 2003-10-16 23:56 6,144 --a------ C:\Windows\System32\SuperRes.dll
2008-03-05 21:19 . 2007-05-25 07:06 42 --a------ C:\Windows\System32\vb6sock.dll
2008-03-05 20:33 . 2008-03-05 20:34 49,089 --a------ C:\1.gif
2008-03-05 16:29 . 2008-03-05 16:29 54,156 --ah----- C:\Windows\QTFont.qfn
2008-03-05 16:29 . 2008-03-05 16:29 1,409 --a------ C:\Windows\QTFont.for
2008-03-05 15:50 . 2008-03-05 15:50 <DIR> d-------- C:\Program Files\xyr0x security
2008-03-05 13:58 . 2008-03-05 13:58 <DIR> d-------- C:\Program Files\Atomic Alarm Clock
2008-03-05 12:27 . 2008-03-05 12:27 <DIR> d-------- C:\Program Files\Nero
2008-03-05 09:20 . 2008-03-05 09:20 <DIR> d-------- C:\Users\Vagg\AppData\Roaming\ImgBurn
2008-03-05 09:17 . 2008-03-05 09:20 <DIR> d-------- C:\Program Files\ImgBurn
2008-03-04 16:03 . 2008-03-04 16:03 <DIR> d-------- C:\Windows\System32\tenarchlib
2008-03-04 16:03 . 2007-03-14 02:30 1,712,128 --a------ C:\Windows\System32\GdiPlus.dll
2008-03-04 16:03 . 2005-10-13 00:10 180,224 --a-s---- C:\Windows\System32\archlib.dll
2008-03-04 15:46 . 2008-03-04 15:46 2,923,520 --a------ C:\Windows\System32\sqlrcmd.dll
2008-03-04 15:16 . 2008-03-04 15:16 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared
2008-03-04 15:15 . 2007-11-26 15:47 194,888 --a------ C:\Windows\Unwash6.exe
2008-03-04 12:43 . 2008-03-04 12:43 <DIR> d-------- C:\Program Files\Absolute MP3 Splitter
2008-03-04 12:08 . 2008-03-04 15:43 <DIR> d-------- C:\VueScan
2008-03-04 09:35 . 2008-03-04 17:28 <DIR> d-------- C:\Program Files\WirelessMon
2008-03-04 09:14 . 2008-03-04 09:14 <DIR> d-------- C:\Program Files\Godlike Developers
2008-03-03 20:03 . 2008-03-03 20:03 <DIR> d-------- C:\Users\All Users\DVDXStudio
2008-03-03 20:03 . 2008-03-03 20:03 <DIR> d-------- C:\ProgramData\DVDXStudio
2008-03-03 20:03 . 2008-03-03 20:04 <DIR> d-------- C:\Program Files\CloneDVD
2008-03-03 15:33 . 2008-03-03 15:33 <DIR> d-------- C:\Users\All Users\PassMark
2008-03-03 15:33 . 2008-03-03 15:33 <DIR> d-------- C:\ProgramData\PassMark
2008-03-03 12:54 . 2008-03-03 12:54 <DIR> d-------- C:\Users\Vagg\AppData\Roaming\TamoSoft
2008-03-03 12:53 . 2008-03-03 12:54 <DIR> d-------- C:\Program Files\SmartWhois
2008-03-03 07:34 . 2008-03-03 12:54 <DIR> d-------- C:\Users\All Users\TamoSoft
2008-03-03 07:34 . 2008-03-03 12:54 <DIR> d-------- C:\ProgramData\TamoSoft
2008-03-03 07:34 . 2008-03-08 18:12 <DIR> d-------- C:\Program Files\CommView
2008-03-03 07:34 . 2007-01-19 14:17 27,432 --a------ C:\Windows\System32\drivers\tsvp.sys
2008-03-03 07:34 . 2006-12-11 14:36 20,264 --a------ C:\Windows\System32\drivers\tsvlb.sys
2008-03-03 07:34 . 2006-12-07 22:04 19,240 --a------ C:\Windows\System32\drivers\cv2k1.sys
2008-03-02 21:22 . 2008-03-02 21:22 <DIR> d-------- C:\Program Files\GFI
2008-03-02 21:09 . 2008-03-02 21:09 <DIR> d-------- C:\Windows\Downloaded Installations
2008-03-02 20:42 . 2008-03-02 20:42 <DIR> d-------- C:\Program Files\Lock My PC 4
2008-03-02 20:42 . 2007-11-29 12:42 44,400 --a------ C:\Windows\System32\fsp_lmwl.dll
2008-03-02 20:42 . 2007-10-08 23:59 10,096 --a------ C:\Windows\System32\drivers\lmpc4.sys
2008-03-02 20:31 . 2008-03-02 20:31 <DIR> d--hs---- C:\Diskeeper
2008-03-02 19:56 . 2008-03-02 19:56 <DIR> d-------- C:\Program Files\WinPcap
2008-03-02 18:48 . 2008-03-04 09:51 <DIR> d-------- C:\Program Files\Net Tools
2008-03-02 17:00 . 2008-03-02 17:00 <DIR> d-------- C:\Users\All Users\Diskeeper Corporation
2008-03-02 17:00 . 2008-03-02 17:00 <DIR> d-------- C:\ProgramData\Diskeeper Corporation
2008-03-01 14:13 . 2007-09-25 00:31 69,632 --a------ C:\Windows\System32\javacpl.cpl
2008-03-01 12:01 . 2008-03-01 12:01 <DIR> d-------- C:\Program Files\Common Files\Stardock
2008-03-01 09:47 . 2008-03-01 09:49 <DIR> d-------- C:\Program Files\Total Video Converter
2008-03-01 09:03 . 2008-03-01 09:03 <DIR> d-------- C:\v2d
2008-03-01 09:02 . 2008-03-01 09:02 <DIR> d-------- C:\Program Files\Total Video2DVD Author
2008-02-29 22:44 . 2008-03-05 15:36 <DIR> d-------- C:\Program Files\InterActual
2008-02-29 22:05 . 2008-02-29 22:21 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
2008-02-28 13:19 . 2008-02-28 13:19 <DIR> d-------- C:\Users\All Users\Pure Networks
2008-02-28 13:19 . 2008-02-28 13:19 <DIR> d-------- C:\ProgramData\Pure Networks
2008-02-22 11:14 . 2008-02-22 11:19 1,887 --a------ C:\Windows\diagwrn.xml

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-03-09 21:13 --------- d-----w C:\Users\Vagg\AppData\Roaming\BitTorrent
2008-03-09 20:25 --------- d---a-w C:\ProgramData\TEMP
2008-03-09 18:49 --------- d-----w C:\Program Files\Yahoo!
2008-03-09 06:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-05 22:35 --------- d-----w C:\Program Files\Roxio
2008-03-05 19:30 --------- d-----w C:\Program Files\Common Files\Nero
2008-03-05 19:27 --------- d-----w C:\ProgramData\Nero
2008-03-05 16:28 --------- d-----w C:\ProgramData\Roxio
2008-03-04 22:16 --------- d-----w C:\Users\Vagg\AppData\Roaming\Webroot
2008-03-04 22:16 --------- d-----w C:\ProgramData\Webroot
2008-03-04 22:16 --------- d-----w C:\Program Files\Webroot
2008-03-04 16:51 --------- d-----w C:\Users\Vagg\AppData\Roaming\LimeWire
2008-03-04 16:51 --------- d-----w C:\Users\Vagg\AppData\Roaming\BitTorrent DNA
2008-03-04 16:51 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-04 16:51 --------- d-----w C:\Program Files\MagicISO
2008-03-04 03:52 47,616 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-03-04 03:04 --------- d-----w C:\Users\Vagg\AppData\Roaming\Vso
2008-03-02 23:57 --------- d-----w C:\Program Files\Diskeeper Corporation
2008-03-01 21:12 --------- d-----w C:\Program Files\Java
2008-03-01 19:01 --------- d-----w C:\Program Files\Stardock
2008-03-01 05:24 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-03-01 05:19 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-02-20 21:37 --------- d-----w C:\Program Files\Your Uninstaller 2008
2008-02-18 23:35 --------- d-----w C:\Users\Vagg\AppData\Roaming\StumbleUpon
2008-02-15 13:27 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-15 13:27 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-15 13:27 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-15 13:27 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-15 13:27 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-15 13:27 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-15 13:27 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys
2008-02-15 13:27 15,872 ----a-w C:\Windows\system32\drivers\kbdhid.sys
2008-02-15 13:21 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-15 13:21 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-15 13:21 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-15 13:21 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-15 13:21 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-15 13:21 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-15 13:21 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-15 13:20 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-15 13:20 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-15 13:20 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-15 13:20 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-01 19:11 586,240 ----a-w C:\Windows\WLXPGSS.SCR
2008-01-31 18:43 --------- d-----w C:\Program Files\Belarc
2008-01-31 16:57 --------- d-----w C:\Program Files\MSNTools
2008-01-31 09:30 --------- d-----w C:\Users\Vagg\AppData\Roaming\TuneUp Software
2008-01-31 09:29 --------- d-----w C:\ProgramData\TuneUp Software
2008-01-31 09:27 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-31 05:16 --------- d-----w C:\Program Files\DivX
2008-01-31 05:07 --------- d-----w C:\Users\Vagg\AppData\Roaming\URSoft
2008-01-30 21:27 --------- d-----w C:\Users\Vagg\AppData\Roaming\Nero
2008-01-30 21:27 --------- d-----w C:\Program Files\Common Files\Simple Star Shared
2008-01-28 22:40 --------- d-----w C:\ProgramData\DVD Shrink
2008-01-28 22:40 --------- d-----w C:\Program Files\DVD Shrink
2008-01-05 04:56 1,526,640 ----a-w C:\Windows\WRSetup.dll
2007-12-29 18:59 47,360 ----a-w C:\Users\Vagg\AppData\Roaming\pcouffin.sys
2007-11-05 13:49 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a33fa729-d155-4b23-842b-2c665ecabdb6}]
2007-12-04 14:53 1502232 --a------ C:\Program Files\The_Pirate_Bay\tbThe_.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A33FA729-D155-4B23-842B-2C665ECABDB6}"= "C:\Program Files\The_Pirate_Bay\tbThe_.dll" [2007-12-04 14:53 1502232]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A33FA729-D155-4B23-842B-2C665ECABDB6}"= C:\Program Files\The_Pirate_Bay\tbThe_.dll [2007-12-04 14:53 1502232]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 14:54 961536]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-02-20 15:29 524800]
"Super Utilities"="C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe" [2008-02-15 16:41 2256896]
"Active Desktop Calendar"="C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe" [2007-10-19 12:08 3678208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-05 04:23 1006264]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-03-17 19:24 184320]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-07 21:47 98304]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2006-11-16 14:55 226224]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 05:40 86960]
"NvSvc"="RUNDLL32.exe" [2006-11-02 02:45 44544 C:\Windows\System32\rundll32.exe]
"NvCplDaemon"="RUNDLL32.exe" [2006-11-02 02:45 44544 C:\Windows\System32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2006-11-02 02:45 44544 C:\Windows\System32\rundll32.exe]
"SoundMan"="SOUNDMAN.EXE" [2007-03-09 17:28 598016 C:\Windows\SOUNDMAN.EXE]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"PC Booster"="C:\Program Files\inKline Global\PC Booster\pcbooster.exe" [2007-11-30 18:16 14450688]
"RegSweep"="C:\Program Files\RegSweep\RegSweep.exe" [2007-10-18 10:51 6309112]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 16:52 240112]
"DMXLauncher"="C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 04:44 113136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Microsoft Updates"="svehost.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 21:56 5367664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunServices]
"Microsoft Updates"="svehost.exe" []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Fantastic Flame Agent.lnk - C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe [2007-04-24 13:33:26 25088]
LNSS Status Monitor.lnk - C:\Program Files\GFI\LANguard Network Security Scanner 8.0\statusmonitor.exe [2008-01-21 10:47:28 974696]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoStartMenuPinnedList"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinterTabs"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoToolbarCustomize"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
"NoChangeKeyboardNavigationIndicators"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fsp_lmwl]
fsp_lmwl.dll 2007-11-29 12:42 44400 C:\Windows\System32\fsp_lmwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{43F6E845-A0D1-48D7-A0DC-0BB36CD4CA66}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{60C58807-9575-4265-ACDF-F541A8D2BDED}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{0D4DA8F1-A9ED-449F-8A5F-17CE45723B82}"= UDP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{56EFF1D7-2472-46AC-93B4-974DBBEB366E}"= TCP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{6937464C-AF70-48FE-9EC0-5D1D2D5DBCD5}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{C937BB83-1C12-4B02-B95B-5683BD87D3D4}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{5EF255CC-1D79-4F92-868B-6C7E1D751E4F}C:\users\vagg\program files\bittorrent_dna\dna.exe"= UDP:C:\users\vagg\program files\bittorrent_dna\dna.exe:dna.exe|Desc=dna.exe
"UDP Query User{C603F226-1543-4CFB-AC89-13DA6B95E814}C:\users\vagg\program files\bittorrent_dna\dna.exe"= TCP:C:\users\vagg\program files\bittorrent_dna\dna.exe:dna.exe|Desc=dna.exe
"TCP Query User{B607A12E-A65C-48CA-A590-AC53BDBD9325}C:\users\vagg\program files\bittorrent\bittorrent.exe"= UDP:C:\users\vagg\program files\bittorrent\bittorrent.exe:bittorrent.exe|Des c=bittorrent.exe
"UDP Query User{6C38A1F3-EB56-4FE8-A40B-B5689484B31E}C:\users\vagg\program files\bittorrent\bittorrent.exe"= TCP:C:\users\vagg\program files\bittorrent\bittorrent.exe:bittorrent.exe|Des c=bittorrent.exe
"{4B41233E-EAD6-4889-BCC9-F392DA55880C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{006231BB-70A0-4716-AD47-D2D7F89CBE44}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"UDP Query User{693D251F-C98B-49BE-8B90-2A5CAEEE6932}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"TCP Query User{10353306-4D21-4B76-AE3C-AADAA131B0D3}C:\program files\crs\battleground europe\ww2_sse2.exe"= UDP:C:\program files\crs\battleground europe\ww2_sse2.exe:WW2|Desc=WW2
"UDP Query User{6019EB5D-6ED5-4AB8-B215-31E0FEB8FA22}C:\program files\crs\battleground europe\ww2_sse2.exe"= TCP:C:\program files\crs\battleground europe\ww2_sse2.exe:WW2|Desc=WW2
"TCP Query User{E5747147-8AE1-4C0D-8EDE-BB6296B87A27}C:\program files\crs\battleground europe\ww2_sse2.exe"= UDP:C:\program files\crs\battleground europe\ww2_sse2.exe:WW2|Desc=WW2
"UDP Query User{5012B622-7300-4B17-8101-34C00A60225F}C:\program files\crs\battleground europe\ww2_sse2.exe"= TCP:C:\program files\crs\battleground europe\ww2_sse2.exe:WW2|Desc=WW2
"TCP Query User{FD912ECF-92F8-4B8B-9980-42F6C9D5CC64}C:\users\vagg\program files\bittorrent\bittorrent.exe"= UDP:C:\users\vagg\program files\bittorrent\bittorrent.exe:bittorrent.exe|Des c=bittorrent.exe
"UDP Query User{B7DE924A-EACA-40FE-8AE1-65CC4AEF19FA}C:\users\vagg\program files\bittorrent\bittorrent.exe"= TCP:C:\users\vagg\program files\bittorrent\bittorrent.exe:bittorrent.exe|Des c=bittorrent.exe
"TCP Query User{7A45BE6B-A3BA-4884-B43E-5F9E05DD87D4}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{43480E78-DD2D-45E7-80AC-643CCD1D073C}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"{2A8598CA-E324-474B-9E65-1909FE00F9AA}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{6B8EF12E-66E3-43E1-902E-B26458BC9A46}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"TCP Query User{547921B9-2833-4D60-B25A-1DA2DE35422C}C:\program files\common files\nero\nero web\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
"UDP Query User{BFDD5188-6571-42C3-AEFA-E36B4CD150AF}C:\program files\common files\nero\nero web\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
"TCP Query User{16297E77-2A9A-4EB5-ABDB-26778DB292C7}C:\program files\gfi\languard network security scanner 8.0\lnss.exe"= UDP:C:\program files\gfi\languard network security scanner 8.0\lnss.exe:lnss|Desc=lnss
"UDP Query User{9B39F344-AA6A-4D4B-A0C6-7E06D2451705}C:\program files\gfi\languard network security scanner 8.0\lnss.exe"= TCP:C:\program files\gfi\languard network security scanner 8.0\lnss.exe:lnss|Desc=lnss
"TCP Query User{1B438F83-8D67-4447-A691-EB011FC2FA7B}C:\program files\net tools\nettools5.exe"= UDP:C:\program files\net tools\nettools5.exe:Net Tools by Mohammad Ahmadi Bidakhvidi|Desc=Net Tools by Mohammad Ahmadi Bidakhvidi
"UDP Query User{036310C2-7631-4286-9741-AA1D2EC6A81C}C:\program files\net tools\nettools5.exe"= TCP:C:\program files\net tools\nettools5.exe:Net Tools by Mohammad Ahmadi Bidakhvidi|Desc=Net Tools by Mohammad Ahmadi Bidakhvidi
"{1CC9079A-F98C-47CD-94A9-9B3EDA0B5654}"= UDP:C:\Program Files\SmartWhois\sw.exe:SmartWhois
"{D9AFE528-52C1-4C01-A167-B99165B8268D}"= TCP:C:\Program Files\SmartWhois\sw.exe:SmartWhois

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorre nt

R0 AFPAnsi;Alfa File Protector Ansi;C:\Windows\system32\Drivers\AFPAnsi.sys [2007-03-11 22:39]
R0 Si3132r5;SiI-3132 SoftRaid 5 Controller;C:\Windows\system32\DRIVERS\Si3132r5.sy s [2007-06-01 19:28]
R1 TsVp;TsVp;C:\Windows\system32\DRIVERS\tsvp.sys [2007-01-19 14:17]
R2 LmpcService;Lock My PC Service;C:\Program Files\Lock My PC 4\LmpcServ.exe [2007-06-12 16:47]
R2 SQLWriter;SQL Server VSS Writer;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2006-11-02 02:45]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-11-26 15:47]
R3 LMPC4;LMPC4;C:\Windows\system32\drivers\LMPC4.sys [2007-10-08 23:59]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 10:51]
S2 gfi_lnss8_attservice;GFI LANguard N.S.S. 8.0 Attendant Service;"C:\Program Files\GFI\LANguard Network Security Scanner 8.0\lnssatt.exe" -service []
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe" [2007-08-24 16:53]
S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [2007-08-24 16:52]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" [2007-08-24 16:52]
S3 CV2K1;CommView Network Monitor;C:\Windows\system32\DRIVERS\cv2k1.sys [2006-12-07 22:04]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);"c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSONY_MEDIAMGR2 []
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [2007-08-24 16:53]
S3 RoxMediaDB10;RoxMediaDB10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [2007-08-24 16:52]
S3 TsVlb;TsVlb;C:\Windows\system32\DRIVERS\tsvlb.sys [2006-12-11 14:36]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-01-31 02:31]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2008-03-01 01:18:07 C:\Windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-03-06 02:58:54 C:\Windows\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-02-19 20:22:42 C:\Windows\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-03-08 11:30:02 C:\Windows\Tasks\RegSweep Scheduled Scan.job"
- C:\Program Files\RegSweep\RegSweep.ex
- C:\Program Files\RegSweep
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-09 14:16:41
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\Windows\Explorer.exe [6.00.6000.16549]
-> C:\Program Files\Atomic Alarm Clock\Clock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
.
************************************************** ************************
.
Completion time: 2008-03-09 14:18:49 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-09 21:18:45
.
2008-03-07 18:11:26 --- E O F ---


Ill post hijak seprate as it keeps shuting down.
vagg is offline   Reply With Quote
Old 03-09-2008, 10:15 PM   #4 (permalink)
Bronze Member
 
vagg's Avatar
 
Join Date: May 2006
Posts: 47
Default
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:21, on 2008-03-09
Platform: Windows Vista (WinNT )
MSIE: Internet Explorer v8.00 ()
Boot mode: Normal

Running processes:
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O3 - Toolbar: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe " -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PC Booster] "C:\Program Files\inKline Global\PC Booster\pcbooster.exe"
O4 - HKLM\..\Run: [RegSweep] "C:\Program Files\RegSweep\RegSweep.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SkinClock] "C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe"
O4 - HKCU\..\Run: [Super Utilities] "C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe" /min
O4 - HKCU\..\Run: [Active Desktop Calendar] "C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Fantastic Flame Agent.lnk = C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
O4 - Global Startup: LNSS Status Monitor.lnk = C:\Program Files\GFI\LANguard Network Security Scanner 8.0\statusmonitor.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe
O9 - Extra button: SmartWhois - {FD9DE2B4-C926-4460-81C4-FC58C6F1062E} - C:\Program Files\SmartWhois\swmsie.exe
O9 - Extra button: (no name) - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe
O9 - Extra 'Tools' menuitem: SmartWhois - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1202572740874
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: fsp_lmwl - C:\Windows\SYSTEM32\fsp_lmwl.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GFI LANguard N.S.S. 8.0 Attendant Service (gfi_lnss8_attservice) - GFI Software Ltd. - C:\Program Files\GFI\LANguard Network Security Scanner 8.0\lnssatt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Lock My PC Service (LmpcService) - Unknown owner - C:\Program Files\Lock My PC 4\LmpcServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 10732 bytes
vagg is offline   Reply With Quote
Old 03-09-2008, 10:47 PM   #5 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,854
Default
Please open up your HijackThis.
Choose Do a system scan only.
Check these items:
O4 - HKLM\..\Run: [RegSweep] "C:\Program Files\RegSweep\RegSweep.exe"

O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe

O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe

O4 - HKCU\..\Run: [Super Utilities] "C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe" /min

Click Fix checked.
Reboot your computer to the safe mode. http://www.computerhope.com/issues/chsafe.htm Explained.
http://www.xtra.co.nz/help/0,,4155-1916458,00.html
How to view hidden files and folders.

Now when done please search and find svehost.exe
. Delete it.
reboot to normal mode.
IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Ares

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

If you wish to keep them, please do not use them until your computer is cleaned.

Post a fresh HijackThis log and tell me is your system running any better?
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote


Old 03-09-2008, 11:41 PM   #6 (permalink)
Bronze Member
 
vagg's Avatar
 
Join Date: May 2006
Posts: 47
Default
Still running wrong.
Also..
Get error before IE opens before and still now:
Cannot find 2559A1F4-21D7-11D4-BDAF-00C04F60B9FO make sure path or internet address is correct.

Hijak log3:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49, on 2008-03-09
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O3 - Toolbar: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe " -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PC Booster] "C:\Program Files\inKline Global\PC Booster\pcbooster.exe"
O4 - HKLM\..\Run: [RegSweep] "C:\Program Files\RegSweep\RegSweep.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SkinClock] "C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe"
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Fantastic Flame Agent.lnk = C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
O4 - Global Startup: LNSS Status Monitor.lnk = C:\Program Files\GFI\LANguard Network Security Scanner 8.0\statusmonitor.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe
O9 - Extra button: SmartWhois - {FD9DE2B4-C926-4460-81C4-FC58C6F1062E} - C:\Program Files\SmartWhois\swmsie.exe
O9 - Extra button: (no name) - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe
O9 - Extra 'Tools' menuitem: SmartWhois - {FF983118-58C7-4AD4-B5A7-691C39CB7B42} - C:\Program Files\SmartWhois\swmsie.exe
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1202572740874
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: fsp_lmwl - C:\Windows\SYSTEM32\fsp_lmwl.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GFI LANguard N.S.S. 8.0 Attendant Service (gfi_lnss8_attservice) - GFI Software Ltd. - C:\Program Files\GFI\LANguard Network Security Scanner 8.0\lnssatt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Lock My PC Service (LmpcService) - Unknown owner - C:\Program Files\Lock My PC 4\LmpcServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 10339 bytes
Last edited by vagg; 03-09-2008 at 11:51 PM.
vagg is offline   Reply With Quote
Old 03-10-2008, 10:48 AM   #7 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,854
Default
Hello!
Don't even hope for a perfect Beta version browser.
Please reinstall IE 8.0 and get back to 7/6. Please be patient, I know there are millions of people who are waiting for 8 to be released.
I'm the one among them
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet Explorer problem! SmittenBySeigo Internet Discussion 9 03-12-2006 02:59 AM
Can't Print in Internet Explorer or Outlook Express spkmky General Software 0 03-04-2006 12:12 PM
Internet & Computer slow - HiJackThis Log skyhigh Computer Security 4 02-21-2006 06:44 AM
Explorer 6 deletes temp internet files when I shut down. compusa Operating Systems 3 09-27-2005 09:14 AM
Internet Explorer (crash dummy) vs Firefox Viper_86 Internet Discussion 11 07-25-2004 09:36 AM


All times are GMT +1. The time now is 08:08 PM.

Contact Us - Computer Forum - Sitemap - Top

Powered by: vBulletin Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.1.0 ©2007, Crawlability, Inc.
Copyright © 2002-2007 Computer Forum and Web Design Forum