Tech Support Forum - View Single Post

yahoot · 10-01-2006, 09:26 AM

Here they are:

Administrator - 06-10-01 11:11:05.62 Service Pack 2
ComboFix 06.09.28 - Running from: "C:\Documents and Settings\Administrator\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-01 to 2006-10-01 ))))))))))))))))))))))))))))))))))

2006-09-29 22:37 21,312 --a------ C:\WINNT\choice.exe
2006-09-27 08:30 <DIR> d-------- C:\WINNT\McAfee.com
2006-09-26 22:15 28,672 --a------ C:\WINNT\system32\drivers\CO_Mon.sys
2006-09-26 10:24 76,560 --a------ C:\WINNT\system32\drivers\tmcomm.sys

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-10-01 11:09 -------- d-------- C:\Program Files\SiteAdvisor
2006-09-30 13:31 -------- d-a------ C:\Program Files\Internet Explorer
2006-09-30 10:08 -------- d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor
2006-09-28 08:34 -------- d-------- C:\Program Files\Zone Labs
2006-08-21 08:21 16896 --a------ C:\WINNT\system32\fltlib.dll
2006-08-21 05:14 23040 --a------ C:\WINNT\system32\fltmc.exe
2006-08-21 05:14 128896 --------- C:\WINNT\system32\drivers\fltmgr.sys
2006-07-27 09:24 679424 --a------ C:\WINNT\system32\inetcomm.dll
2006-07-21 04:24 72704 --a------ C:\WINNT\system32\hlink.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINNT\\system32\\ctfmon.exe"
"Start WingMan Profiler"=""
"Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe /logon"
"LoadQM"="loadqm.exe"
"LTWinModem1"="ltmsg.exe 9"
"PrinTray"="C:\\WINNT\\System32\\spool\\DRIVERS\\W32X86\\2\\printray.exe"
"LVCOMS"="C:\\Program Files\\Common Files\\Logitech\\QCDriver\\LVCOMS.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"QuickTime Task"="C:\\WINNT\\System32\\qttask.exe"
"Microsoft Works Update Detection"="C:\\Program Files\\Microsoft Works\\WkDetect.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"AdaptecDirectCD"="C:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\DirectCD.exe"
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"!ewido"="\"D:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,a2,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]
"^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]
"^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=hex:ff,00,00,00
"CDRAutoRun"=dword:00000000
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"DisableCAD"=dword:00000000
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,zpasspc.dll

~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20060930-113144-150
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/0121a662d7d130a...p/RdxIE601.cab
backup-20060930-113144-265
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/20...eInstaller.exe
backup-20060930-113144-348
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank

Completion time: 06-10-01 11:11:56.94
ComboFix.txt

*******************HJT uninstall list********************

Ad-Aware SE Personal
Adobe Acrobat 4.0, 5.0
AFPL Ghostscript 7.00
AFPL Ghostscript Fonts
Age of Mythology
Aladdin Expander 5.1
Ansoft Ensemble SV
Backup Dell-Installed Programs
BCA
Belarc Advisor 5.0
Black and White
Chessmaster 8000
Civilization III
Civilization III: Conquests
Comanche Gold
Dellnet Signup
DivX Codec
DivX Player 2.1
Easy CD Creator 5 Basic
ewido anti-spyware 4.0
F-16 MRF
F-22 Lightning 3
Flash for TI-89
FoneSync
Galactic Civilizations
Galactic Civilizations BonusPak
Google Video Player
GSview 4.0
HijackThis 1.99.1
Hummingbird Exceed 3D V7.1.1
Hummingbird Exceed V7.1.1
IBS
Java 2 Runtime Environment, SE v1.4.1_02
Java 2 Runtime Environment, SE v1.4.2
Java Web Start
Lavasoft VX2 Cleaner
Logitech QuickCam
Lucent Win Modem
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash MX
Macromedia Flash Player 8
Macromedia FreeHand MX
Macromedia Shockwave Player
MagicTune 2.5
Maple 6
Mathematica 4.1 for Students
MathType 5
MATLAB Student 6.0
McAfee SiteAdvisor for Internet Explorer
McAfee VirusScan
Microsoft Encarta Encyclopedia Standard 2001
Microsoft Flight Simulator 2002
Microsoft FrontPage 2000
Microsoft Money 2001
Microsoft Office 2000 Professional
Microsoft Office XP Professional
Microsoft Picture It! Publishing 2001
Microsoft Press Interactive Training
Microsoft Streets and Trips 2001
Microsoft Visual Studio 6.0 Professional Edition
Microsoft Web Publishing Wizard 1.53
Microsoft Works 2001 Setup Launcher
Microsoft Works 6.0
MiG-29 Fulcrum
MiKTeX
MiKTeX 2
Modem Test
Modem User Guide
MSDN Library - Visual Studio 6.0a
MSN Gaming Zone
MSXML4 Parser
MusicMatch Jukebox
Natural Color
NVIDIA Drivers
Panda ActiveScan
PhoneTools
Probability and Statistics for Engineering and the Sciences 6e
QuickTime
RealPlayer
Sample Programs for TI-89
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB925486)
Serenade SV 8.5
Serious Sam: The Second Encounter
Shockwave
Shogun Total War
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
SpywareGuard v2.2
SSH Secure Shell
TI Connect(TM) 1.1
TI-Black Link
TI-Graph Link 89
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VanDyke Software SecureFX 2.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows XP Application Compatibility Update[Q313484]
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Hotfix (SP1) [See Q309521 for more information]
Windows XP Service Pack 2
WinEdt
WingMan Software
ZoneAlarm

10-01-2006, 09:26 AM	#7 (permalink)
yahoot Registered User Join Date: Sep 2006 Posts: 23 OS: WinXP SP2	Here they are: Administrator - 06-10-01 11:11:05.62 Service Pack 2 ComboFix 06.09.28 - Running from: "C:\Documents and Settings\Administrator\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-09-01 to 2006-10-01 )))))))))))))))))))))))))))))))))) 2006-09-29 22:37 21,312 --a------ C:\WINNT\choice.exe 2006-09-27 08:30 <DIR> d-------- C:\WINNT\McAfee.com 2006-09-26 22:15 28,672 --a------ C:\WINNT\system32\drivers\CO_Mon.sys 2006-09-26 10:24 76,560 --a------ C:\WINNT\system32\drivers\tmcomm.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-01 11:09 -------- d-------- C:\Program Files\SiteAdvisor 2006-09-30 13:31 -------- d-a------ C:\Program Files\Internet Explorer 2006-09-30 10:08 -------- d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor 2006-09-28 08:34 -------- d-------- C:\Program Files\Zone Labs 2006-08-21 08:21 16896 --a------ C:\WINNT\system32\fltlib.dll 2006-08-21 05:14 23040 --a------ C:\WINNT\system32\fltmc.exe 2006-08-21 05:14 128896 --------- C:\WINNT\system32\drivers\fltmgr.sys 2006-07-27 09:24 679424 --a------ C:\WINNT\system32\inetcomm.dll 2006-07-21 04:24 72704 --a------ C:\WINNT\system32\hlink.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "ctfmon.exe"="C:\\WINNT\\system32\\ctfmon.exe" "Start WingMan Profiler"="" "Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe /logon" "LoadQM"="loadqm.exe" "LTWinModem1"="ltmsg.exe 9" "PrinTray"="C:\\WINNT\\System32\\spool\\DRIVERS\\W32X86\\2\\printray.exe" "LVCOMS"="C:\\Program Files\\Common Files\\Logitech\\QCDriver\\LVCOMS.EXE" "NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\System32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "QuickTime Task"="C:\\WINNT\\System32\\qttask.exe" "Microsoft Works Update Detection"="C:\\Program Files\\Microsoft Works\\WkDetect.exe" "Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers" "AdaptecDirectCD"="C:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\DirectCD.exe" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "!ewido"="\"D:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,a2,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] "^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop" "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] "^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop" "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=hex:ff,00,00,00 "CDRAutoRun"=dword:00000000 "NoActiveDesktop"=dword:00000000 "ClassicShell"=dword:00000000 "ForceActiveDesktopOn"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "DisableCAD"=dword:00000000 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,zpasspc.dll ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20060930-113144-150 O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/0121a662d7d130a...p/RdxIE601.cab backup-20060930-113144-265 O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/20...eInstaller.exe backup-20060930-113144-348 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank Completion time: 06-10-01 11:11:56.94 ComboFix.txt *****************HJT uninstall list****************** Ad-Aware SE Personal Adobe Acrobat 4.0, 5.0 AFPL Ghostscript 7.00 AFPL Ghostscript Fonts Age of Mythology Aladdin Expander 5.1 Ansoft Ensemble SV Backup Dell-Installed Programs BCA Belarc Advisor 5.0 Black and White Chessmaster 8000 Civilization III Civilization III: Conquests Comanche Gold Dellnet Signup DivX Codec DivX Player 2.1 Easy CD Creator 5 Basic ewido anti-spyware 4.0 F-16 MRF F-22 Lightning 3 Flash for TI-89 FoneSync Galactic Civilizations Galactic Civilizations BonusPak Google Video Player GSview 4.0 HijackThis 1.99.1 Hummingbird Exceed 3D V7.1.1 Hummingbird Exceed V7.1.1 IBS Java 2 Runtime Environment, SE v1.4.1_02 Java 2 Runtime Environment, SE v1.4.2 Java Web Start Lavasoft VX2 Cleaner Logitech QuickCam Lucent Win Modem Macromedia Dreamweaver MX Macromedia Extension Manager Macromedia Fireworks MX Macromedia Flash MX Macromedia Flash Player 8 Macromedia FreeHand MX Macromedia Shockwave Player MagicTune 2.5 Maple 6 Mathematica 4.1 for Students MathType 5 MATLAB Student 6.0 McAfee SiteAdvisor for Internet Explorer McAfee VirusScan Microsoft Encarta Encyclopedia Standard 2001 Microsoft Flight Simulator 2002 Microsoft FrontPage 2000 Microsoft Money 2001 Microsoft Office 2000 Professional Microsoft Office XP Professional Microsoft Picture It! Publishing 2001 Microsoft Press Interactive Training Microsoft Streets and Trips 2001 Microsoft Visual Studio 6.0 Professional Edition Microsoft Web Publishing Wizard 1.53 Microsoft Works 2001 Setup Launcher Microsoft Works 6.0 MiG-29 Fulcrum MiKTeX MiKTeX 2 Modem Test Modem User Guide MSDN Library - Visual Studio 6.0a MSN Gaming Zone MSXML4 Parser MusicMatch Jukebox Natural Color NVIDIA Drivers Panda ActiveScan PhoneTools Probability and Statistics for Engineering and the Sciences 6e QuickTime RealPlayer Sample Programs for TI-89 Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows XP (KB883939) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB896688) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899588) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB903235) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Security Update for Windows XP (KB911280) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB916281) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB925486) Serenade SV 8.5 Serious Sam: The Second Encounter Shockwave Shogun Total War Spybot - Search & Destroy 1.4 SpywareBlaster v3.5.1 SpywareGuard v2.2 SSH Secure Shell TI Connect(TM) 1.1 TI-Black Link TI-Graph Link 89 Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB910437) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) VanDyke Software SecureFX 2.0 Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows XP Application Compatibility Update[Q313484] Windows XP Hotfix - KB834707 Windows XP Hotfix - KB867282 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB885884 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890047 Windows XP Hotfix - KB890175 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB890923 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB893066 Windows XP Hotfix - KB893086 Windows XP Hotfix (SP1) [See Q309521 for more information] Windows XP Service Pack 2 WinEdt WingMan Software ZoneAlarm