Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page IE Problems & Clean-Up
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
 
LinkBack Thread Tools
Old 07-06-2005, 12:10 PM   #1 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
Arrow IE Problems & Clean-Up
Hey everyone!

There's been a while i'm having a big IE problem - right click doesn't work. No matter what I do when i'm on webpages, and for exemple i want to open a link on a new window, after i press right click nothing happens.

I've been checking the internet settings and in the programs tab, if I press the rollback web options to default, I get an error message with the famous yellow exclamation mark, and the error box doesn't has any text on it.

I've already run an Ad-aware and Spybot - Search and Destroy scan and made a full mcafee virus scan too. No problems at all. I've run also the IEFix tool, and the problem remained.

If you could too, please tell me if my HijackThis log is clean of another problems.

I used KRC HijackThis Analyzer for the results, after doing a normal HijackThis scan.

-----------------------------------------

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 6/3/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 20:04:26, on 06-07-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\ATKKBService.exe
C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [CTDVDDET] C:\Programas\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Programas\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programas\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [Name of App] C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Browser Adjustment - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programas\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} - http://www.seagate.com/support/disc/...npseatools.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CDD939B-1FE7-4F0D-85F3-C1D9DF3ADB91}: NameServer = 194.65.100.117,194.65.5.2
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: LBTServ - C:\Programas\Ficheiros comuns\Logitech\Bluetooth\lbtserv.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programas\Ficheiros comuns\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programas\TuneUp Utilities 2004\WinStylerThemeSvc.exe


End of KRC HijackThis Analyzer Log.
====================================================================


Thanks in advance!

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Sponsored Links
Old 07-06-2005, 05:47 PM   #2 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,965
OS: Windows XP-Pro SP2


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Hi and Welcome to TSF

Before attacking an adware/spyware problem with hijackthis make sure you have already run ad-aware SE with VX2 add-on cleaner, Spybot Search & Destroy (with updated database) and CWShredder as these programs will clean a lot of the crap out first. All links to programs are in my signature.

There is a few entrys in the log...but lets fix one thing and look deeper for the others...

Download the file located here.. http://www.bleepingcomputer.com/files/reg/smitfraud.reg

Doubleclick that smitfraud.reg on your desktop and confirm you want to merge it with the registry. See if that fixs your "Right Click" issue.

Download: StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'Mark All'

UN-Check the 'NT-Services & NT-Kernel...' boxes only:
Press 'Ok'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread..

**Note** If your using a hosts file list (like IESPYAD) remove all the hosts file's entrys for the log as it will be to big to post.

Download Silent runners.Vbs http://www.silentrunners.org/
1. Make sure you have any script blocking software disabled
2. Run the program. It will take a few minutes to complete.
3. Once complete it will produce a log named “StartupPrograms” with Your user and date in the filename. Open that txt file and posts it contents in your next post.

Run an online scan at http://www.pandasoftware.com/actives..._principal.htm
Make sure to check the "AutoFix" option. Save the activescan log and post it in this thread.

So I need...

Silentrunners log
Panda scans log
Startdreck log
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-07-2005, 07:06 AM   #3 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
StartDreck Log
First of all thanks for your time. :)

So I've run a CWShredder scan and it didn't report any problem.. I've run the Silentrunners and Startdreck programs too, but to my surprise, IE hangs when i try to make a Panda activescan. It download and start the program without problems but when i press "Scan All my computer" or "Scan Hard disk only" it hangs and the only way to exit is to shutdown the application by CTRL+ALT+DEL..

Here's the startdreck log:

--------------------------------------------

StartDreck (build 2.1.7 public stable) - 2005-07-07 @ 14:39:24 (GMT +01:00)
Platform: Windows XP (Win NT 5.1.2600 Service Pack 2)
Internet Explorer: 6.0.2900.2180
Logged in as Daniel at DANIEL

»Registry
»Run Keys
»Current User
»Run
*ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
»RunOnce
»Default User
»Run
*CTFMON.EXE=C:\WINDOWS\System32\CTFMON.EXE
»RunOnce
»Local Machine
»Run
*VSOCheckTask="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
*VirusScan Online="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
*MCAgentExe=c:\PROGRA~1\mcafee.com\agent\mcagent.exe
*MCUpdateExe=C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
*CTDVDDET=C:\Programas\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
*SBDrvDet=C:\Programas\Creative\SB Drive Det\SBDrvDet.exe /r
*NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
*NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
*Outpost Firewall=C:\Programas\Agnitum\Outpost Firewall\outpost.exe /waitservice
*Name of App=C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
*CleanUp=C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Programas\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\system32\mshta.exe "%1" %*
+.htm
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.html
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.js
*JSFile="C:\Programas\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
+Personalizações do browser/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Windows Messenger 4.7/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
+Livro de endereços 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Actualização do 'Ambiente de trabalho' do Windows/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
»Browser Helper Objects (LM)
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
*{53707962-6F74-2D53-2644-206D7942484F}
`InprocServer32=C:\PROGRA~1\SPYBOT~1\SDHelper.dll
»Internet Explorer
»Current User
*Local Page=C:\WINDOWS\system32\blank.htm
*Search Bar=http://search.msn.com/spbasic.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.google.pt/
+SearchUrl
*provider=
*=http://home.microsoft.com/access/autosearch.asp?p=%s
»Default User
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
»Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=%SystemRoot%\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
*CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\system32\userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Daniel\Menu Iniciar\Programas\Arranque\desktop.ini
»Default User
*C:\WINDOWS\system32\config\systemprofile\Menu Iniciar\Programas\Arranque\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\Adobe Reader Speed Launch.lnk
*C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\desktop.ini
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\system32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\system32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
*C:\WINDOWS\system32\drivers\etc\hosts
`127.0.0.1 localhost
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\system32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\WINDOWS\system32\notepad.exe
*C:\WINDOWS\notepad.exe
+C:\WINDOWS\system32\slrundll.exe
*C:\WINDOWS\slrundll.exe
+C:\WINDOWS\system32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\system32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+696=\SystemRoot\System32\smss.exe
*C:\WINDOWS\system32\ntdll.dll
+744=\??\C:\WINDOWS\system32\csrss.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\CSRSRV.dll
*C:\WINDOWS\system32\basesrv.dll
*C:\WINDOWS\system32\winsrv.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\KERNEL32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\VERSION.dll
+768=\??\C:\WINDOWS\system32\winlogon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NDdeApi.dll
*C:\WINDOWS\system32\PROFMAP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
*C:\WINDOWS\system32\dbghelp.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hdlr.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\SHSVCS.dll
*C:\WINDOWS\system32\sfc.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\WINSCARD.DLL
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\cscdll.dll
*C:\Programas\Ficheiros comuns\Logitech\Bluetooth\lbtserv.dll
*C:\WINDOWS\system32\HID.DLL
*C:\WINDOWS\system32\MSIMG32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\Programas\Ficheiros comuns\Logitech\Bluetooth\lbtintw.dll
*C:\WINDOWS\system32\BtCoreIf.dll
*C:\WINDOWS\system32\MFC42.DLL
*C:\WINDOWS\system32\MFC42LOC.DLL
*C:\WINDOWS\system32\WlNotify.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\cscui.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\midimap.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
+820=C:\WINDOWS\system32\services.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\SCESRV.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\umpnpmgr.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\eventlog.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\wtsapi32.dll
+832=C:\WINDOWS\system32\lsass.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\LSASRV.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SAMSRV.dll
*C:\WINDOWS\system32\cryptdll.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\msprivs.dll
*C:\WINDOWS\system32\kerberos.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netlogon.dll
*C:\WINDOWS\system32\w32time.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\wdigest.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\setupapi.dll
*C:\WINDOWS\system32\scecli.dll
*C:\WINDOWS\system32\ipsecsvc.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\oakley.DLL
*C:\WINDOWS\system32\WINIPSEC.DLL
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\pstorsvc.dll
*C:\WINDOWS\system32\psbase.dll
*C:\WINDOWS\system32\dssenh.dll
+988=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*c:\windows\system32\rpcss.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*c:\windows\system32\termsrv.dll
*c:\windows\system32\ICAAPI.dll
*c:\windows\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\mstlsapi.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\Apphelp.dll
+1056=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\rpcss.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
+1144=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\xpsp2res.dll
*c:\windows\system32\shsvcs.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*c:\windows\system32\dhcpcsvc.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\Secur32.dll
*C:\WINDOWS\System32\rsaenh.dll
*c:\windows\system32\wzcsvc.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\WMI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\ESENT.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\System32\SETUPAPI.DLL
*C:\WINDOWS\System32\rastls.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\System32\SCHANNEL.dll
*C:\WINDOWS\System32\WinSCard.dll
*C:\WINDOWS\System32\raschap.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*c:\windows\system32\schedsvc.dll
*c:\windows\system32\NTDSAPI.dll
*C:\WINDOWS\System32\MSIDLE.DLL
*c:\windows\system32\audiosrv.dll
*c:\windows\system32\wkssvc.dll
*c:\windows\system32\cryptsvc.dll
*c:\windows\system32\certcli.dll
*c:\windows\system32\dmserver.dll
*c:\windows\system32\ersvc.dll
*c:\windows\system32\es.dll
*c:\windows\pchealth\helpctr\binaries\pchsvc.dll
*c:\windows\system32\hidserv.dll
*c:\windows\system32\HID.DLL
*c:\windows\system32\srvsvc.dll
*C:\WINDOWS\System32\HNETCFG.DLL
*c:\windows\system32\netman.dll
*c:\windows\system32\netshell.dll
*c:\windows\system32\credui.dll
*c:\windows\system32\WZCSAPI.DLL
*c:\windows\system32\seclogon.dll
*c:\windows\system32\sens.dll
*c:\windows\system32\srsvc.dll
*c:\windows\system32\POWRPROF.dll
*C:\WINDOWS\System32\SXS.DLL
*c:\windows\system32\trkwks.dll
*c:\windows\system32\w32time.dll
*c:\windows\system32\MSVCP60.dll
*c:\windows\system32\wbem\wmisvc.dll
*C:\WINDOWS\system32\VSSAPI.DLL
*c:\windows\system32\wuauserv.dll
*C:\WINDOWS\system32\wuaueng.dll
*C:\WINDOWS\System32\ADVPACK.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\WINHTTP.dll
*C:\WINDOWS\System32\Cabinet.dll
*C:\WINDOWS\System32\mspatcha.dll
*C:\WINDOWS\System32\sfc.dll
*C:\WINDOWS\System32\sfc_os.dll
*c:\windows\system32\browser.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*c:\windows\system32\ipnathlp.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\wscsvc.dll
*c:\windows\system32\msi.dll
*C:\WINDOWS\System32\wbem\wbemcomn.dll
*C:\WINDOWS\System32\Wbem\wbemcore.dll
*C:\WINDOWS\System32\Wbem\esscli.dll
*C:\WINDOWS\System32\Wbem\FastProx.dll
*C:\WINDOWS\system32\comsvcs.dll
*C:\WINDOWS\system32\MTXCLU.DLL
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\colbact.DLL
*C:\WINDOWS\System32\CLUSAPI.DLL
*C:\WINDOWS\System32\RESUTILS.DLL
*C:\WINDOWS\System32\wbem\wmiutils.dll
*C:\WINDOWS\System32\wbem\repdrvfs.dll
*C:\WINDOWS\System32\wbem\wmiprvsd.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\System32\wbem\wbemess.dll
*C:\WINDOWS\System32\wbem\ncprov.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\WINDOWS\System32\netcfgx.dll
*C:\WINDOWS\System32\upnp.dll
*C:\WINDOWS\System32\SSDPAPI.dll
*C:\WINDOWS\System32\rasmans.dll
*C:\WINDOWS\System32\WINIPSEC.DLL
*c:\windows\system32\tapisrv.dll
*c:\windows\system32\PSAPI.DLL
*C:\WINDOWS\System32\rastapi.dll
*C:\WINDOWS\System32\unimdm.tsp
*C:\WINDOWS\System32\uniplat.dll
*C:\WINDOWS\System32\unimdmat.dll
*C:\WINDOWS\system32\modemui.dll
*C:\WINDOWS\System32\kmddsp.tsp
*C:\WINDOWS\System32\ndptsp.tsp
*C:\WINDOWS\System32\ipconf.tsp
*C:\WINDOWS\System32\h323.tsp
*C:\WINDOWS\System32\hidphone.tsp
*C:\WINDOWS\System32\rasppp.dll
*C:\WINDOWS\System32\ntlsapi.dll
*C:\WINDOWS\system32\kerberos.dll
*C:\WINDOWS\System32\cryptdll.dll
*C:\WINDOWS\System32\RASDLG.dll
*C:\WINDOWS\System32\msxml3.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\wups.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\System32\dssenh.dll
*C:\WINDOWS\System32\cryptnet.dll
*C:\WINDOWS\System32\SensApi.dll
+1244=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\dnsrslvr.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1408=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\xpsp2res.dll
*c:\windows\system32\lmhsvc.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\webclnt.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\System32\wsock32.dll
*c:\windows\system32\regsvc.dll
*c:\windows\system32\ssdpsrv.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\System32\httpapi.dll
*C:\WINDOWS\System32\WINHTTP.dll
+1540=C:\WINDOWS\system32\spoolsv.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\SPOOLSS.DLL
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\localspl.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\winspool.drv
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\cnbjmon.dll
*C:\WINDOWS\system32\mdimon.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\pjlmon.dll
*C:\WINDOWS\system32\bthcrp.dll
*C:\WINDOWS\system32\WidcommSdk.dll
*C:\WINDOWS\system32\wbtapi.dll
*C:\WINDOWS\system32\CFGMGR32.dll
*C:\WINDOWS\system32\setupapi.dll
*C:\WINDOWS\system32\MFC42.DLL
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\MFC42LOC.DLL
*C:\WINDOWS\system32\tcpmon.dll
*C:\WINDOWS\system32\usbmon.dll
*C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\win32spl.dll
*C:\WINDOWS\system32\NETRAP.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\inetpp.dll
*C:\WINDOWS\system32\xpsp2res.dll
+1760=C:\WINDOWS\Explorer.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\BROWSEUI.dll
*C:\WINDOWS\system32\SHDOCVW.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\System32\themeui.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\MSIMG32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\System32\msutb.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\PROGRA~1\WINDOW~2\wmpband.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\MLANG.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\System32\webcheck.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\stobject.dll
*C:\WINDOWS\System32\BatMeter.dll
*C:\WINDOWS\System32\POWRPROF.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\Programas\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
*C:\WINDOWS\system32\nvcpl.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\OLEACC.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\nvshell.dll
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\system32\browselc.dll
*C:\WINDOWS\system32\DUSER.dll
*C:\WINDOWS\System32\shmedia.dll
*C:\WINDOWS\System32\MSVFW32.dll
*C:\WINDOWS\System32\AVIFIL32.dll
*C:\WINDOWS\system32\wmvcore.dll
*C:\WINDOWS\system32\WMASF.DLL
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\System32\sti.dll
*C:\WINDOWS\System32\CFGMGR32.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\Programas\PowerArchiver\PASHLEXT.DLL
*c:\progra~1\mcafee.com\vso\mcvsshl.dll
*c:\progra~1\mcafee.com\vso\ShlRes.dll
*C:\Programas\McAfee\McAfee Shared Components\Shredder 5\Shredder.dll
*C:\Programas\McAfee\McAfee Shared Components\Shredder 5\ShredENU.dll
*C:\WINDOWS\system32\SXS.DLL
+1876=C:\WINDOWS\ATKKBService.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
+1888=C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\HID.DLL
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\Secur32.dll
+1900=C:\WINDOWS\system32\CTsvcCDA.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
+1988=C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\psapi.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
+176=C:\WINDOWS\system32\nvsvc32.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\POWRPROF.dll
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\iphlpapi.dll
+192=C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\engine.dll
*C:\WINDOWS\system32\MFC42.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\op_ctrls.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\op_utils.dll
*C:\WINDOWS\system32\MFC42LOC.DLL
*C:\PROGRA~1\Agnitum\OUTPOS~1\op_cmn.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\op_data.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\Plugins\Content\cnt_int.ofp
*C:\WINDOWS\system32\comdlg32.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\Plugins\Dns\dns_int.ofp
*C:\PROGRA~1\Agnitum\OUTPOS~1\Plugins\File\file_int.ofp
*C:\PROGRA~1\Agnitum\OUTPOS~1\Plugins\Web\web_int.ofp
*C:\PROGRA~1\Agnitum\OUTPOS~1\Plugins\Protect\prot_int.ofp
*C:\WINDOWS\system32\WINMM.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\netstat.ofp
*C:\PROGRA~1\Agnitum\OUTPOS~1\Plugins\BrowserBar\op_hdlr.dll
*C:\WINDOWS\system32\odbccp32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\odbc32.dll
*C:\WINDOWS\System32\odbcjt32.dll
*C:\WINDOWS\System32\msjet40.dll
*C:\WINDOWS\System32\mswstr10.dll
*C:\WINDOWS\System32\odbcji32.dll
*C:\WINDOWS\System32\msjter40.dll
*C:\WINDOWS\System32\MSJINT40.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\System32\msjtes40.dll
*C:\WINDOWS\system32\VBAJET32.DLL
*C:\WINDOWS\system32\expsrv.dll
*C:\WINDOWS\system32\Iphlpapi.dll
*C:\WINDOWS\system32\rasapi32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\Programas\Agnitum\Outpost Firewall\opst_ui.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wbem\wbemprox.dll
*C:\WINDOWS\System32\wbem\wbemcomn.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\System32\wbem\wbemsvc.dll
*C:\WINDOWS\System32\wbem\fastprox.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\PROGRA~1\Agnitum\OUTPOS~1\PSAPI.DLL
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\sensapi.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\winrnr.dll
+296=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\wiaservc.dll
*c:\windows\system32\CFGMGR32.dll
*c:\windows\system32\setupapi.DLL
*c:\windows\system32\mscms.dll
*c:\windows\system32\WINSPOOL.DRV
*c:\windows\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\System32\xpsp2res.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\System32\wiavusd.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\system32\Actxprxy.dll
*C:\WINDOWS\System32\sti.dll
+396=C:\WINDOWS\system32\wdfmgr.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
+1268=C:\WINDOWS\System32\alg.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSWSOCK.DLL
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\xpsp2res.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
+652=C:\PROGRA~1\mcafee.com\agent\mcagent.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\PROGRA~1\mcafee.com\agent\SCRes.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\System32\msxml3.dll
*C:\WINDOWS\system32\WINHTTP.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*c:\programas\mcafee.com\agent\mcagntps.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
+1128=c:\progra~1\mcafee.com\vso\mcvsescn.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\SXS.DLL
*c:\progra~1\mcafee.com\vso\ashldres.dll
*c:\progra~1\mcafee.com\vso\EmScnRes.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\WINHTTP.dll
*C:\WINDOWS\system32\Ws2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*c:\PROGRA~1\mcafee.com\vso\vsoupd.dll
*c:\programas\mcafee.com\agent\McUILib.DLL
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\riched32.dll
*C:\WINDOWS\system32\RICHED20.dll
*C:\WINDOWS\system32\winmm.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*c:\progra~1\mcafee.com\vso\McVsWorm.dll
*C:\Programas\McAfee.com\VSO\VsCfgW32.dll
*c:\progra~1\mcafee.com\vso\WormRes.dll
*C:\WINDOWS\system32\MSCTF.dll
*c:\programas\mcafee.com\agent\mcagntps.dll
*c:\progra~1\mcafee.com\vso\NTClient.dll
+1768=C:\WINDOWS\system32\RUNDLL32.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NvMcTray.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSCTF.dll
+1692=C:\WINDOWS\system32\ctfmon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\MSUTB.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
+2268=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\xpsp2res.dll
*c:\windows\system32\w3ssl.dll
*C:\WINDOWS\System32\strmfilt.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\HTTPAPI.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
+2968=c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\Programas\McAfee.com\VSO\VsCfgW32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*c:\programas\mcafee.com\agent\submgr\5,1,0,1\mcsubmgr.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\System32\msxml3.dll
*C:\WINDOWS\system32\WINHTTP.dll
*c:\PROGRA~1\mcafee.com\vso\ashldres.dll
*c:\programas\mcafee.com\agent\mcagntps.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
+3000=c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*c:\PROGRA~1\mcafee.com\vso\vsoupd.dll
*C:\WINDOWS\system32\xpsp2res.dll
*c:\programas\mcafee.com\agent\mcagntps.dll
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\Apphelp.dll
*c:\PROGRA~1\mcafee.com\vso\NtClient.dll
*c:\PROGRA~1\mcafee.com\vso\MCSCAN32.DLL
+3028=c:\PROGRA~1\mcafee.com\vso\mcshield.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*c:\PROGRA~1\mcafee.com\vso\Res00\McShield.DLL
*c:\PROGRA~1\mcafee.com\vso\naiann.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
*c:\PROGRA~1\mcafee.com\vso\MCSCAN32.DLL
*C:\WINDOWS\system32\Secur32.dll
*c:\PROGRA~1\mcafee.com\vso\scanserv.dll
+4040=C:\Programas\Mozilla Firefox\firefox.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Programas\Mozilla Firefox\js3250.dll
*C:\Programas\Mozilla Firefox\nspr4.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\Programas\Mozilla Firefox\xpcom.dll
*C:\Programas\Mozilla Firefox\plc4.dll
*C:\Programas\Mozilla Firefox\plds4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\Programas\Mozilla Firefox\smime3.dll
*C:\Programas\Mozilla Firefox\nss3.dll
*C:\Programas\Mozilla Firefox\softokn3.dll
*C:\Programas\Mozilla Firefox\ssl3.dll
*C:\Programas\Mozilla Firefox\xpcom_compat.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Programas\Mozilla Firefox\components\qfaservices.dll
*C:\Programas\Mozilla Firefox\components\FULLSOFT.DLL
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\msimtf.dll
*C:\Programas\Java\jre1.5.0_01\bin\NPOJI610.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Programas\Java\jre1.5.0_01\bin\jpioji.dll
*C:\Programas\Java\jre1.5.0_01\bin\jpinscp.dll
*C:\Programas\Java\jre1.5.0_01\bin\jpishare.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\Programas\Mozilla Firefox\components\jar50.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msimg32.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
+1228=C:\Startdreck\StartDreck.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Startdreck\VB40032.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\MSVCRT20.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Startdreck\VB4DE32.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*c:\progra~1\mcafee.com\vso\McVSSkt.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\Startdreck\PSAPI.DLL
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User

----------------------------------

I don't have IESPYAD installed, though the log looks huge..
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-07-2005, 07:09 AM   #4 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
Silent Runners Log
And here's the silent runners log as you asked:

----------------------------------------------------

"Silent Runners.vbs", revision 39, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"VSOCheckTask" = ""c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask" ["McAfee, Inc."]
"VirusScan Online" = ""c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"" ["McAfee, Inc."]
"MCAgentExe" = "c:\PROGRA~1\mcafee.com\agent\mcagent.exe" ["McAfee, Inc"]
"MCUpdateExe" = "C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" ["McAfee, Inc"]
"CTDVDDET" = "C:\Programas\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" ["Creative Technology Ltd"]
"SBDrvDet" = "C:\Programas\Creative\SB Drive Det\SBDrvDet.exe /r" ["Creative Technology Ltd"]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]
"Outpost Firewall" = "C:\Programas\Agnitum\Outpost Firewall\outpost.exe /waitservice" ["Agnitum Ltd."]
"Name of App" = "C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe" [file not found]
"CleanUp" = "C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup" ["McAfee, Inc"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extensão de ícone HyperTerminal"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "Minhas figuras Logitech"
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\Logitech\Video\Namespc2.dll" ["Logitech Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" [file not found]
"{B8323370-FF27-11D2-97B6-204C4F4F5020}" = "SmartFTP Shell Extension DLL"
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\SmartFTP\smarthook.dll" ["SmartFTP"]
"{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\btneighborhood.dll" ["Broadcom Corporation"]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}" = "TuneUp Shredder Shell Context Menu Extension"
-> {CLSID}\InProcServer32\(Default) = ""C:\Programas\TuneUp Utilities 2004\sdshelex.dll"" ["TuneUp Software GmbH"]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
INFECTION WARNING! "AppInit_DLLs" = "C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll" [null data]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! LBTServ\DLLName = "C:\Programas\Ficheiros comuns\Logitech\Bluetooth\lbtserv.dll" ["Logitech Inc."]

HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Startup items in "Daniel" & "All Users" startup folders:
--------------------------------------------------------

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque
"Adobe Reader Speed Launch" -> shortcut to: "C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]


Enabled Scheduled Tasks:
------------------------

"1-Click Maintenance" -> launches: "C:\Programas\TuneUp Utilities 2004\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]
"McAfee.com Update Check (COMPUTADOR-Administrador)" -> launches: "C:\PROGRA~1\mcafee.com\agent\mcupdate.exe /Schedule" ["McAfee, Inc"]
"McAfee.com Update Check (COMPUTADOR-Daniel)" -> launches: "C:\PROGRA~1\mcafee.com\agent\mcupdate.exe /Schedule" ["McAfee, Inc"]
"McAfee.com Update Check (DANIEL-Daniel)" -> launches: "C:\PROGRA~1\mcafee.com\agent\mcupdate.exe /Schedule" ["McAfee, Inc"]
"McAfee.com Update Check (DANIEL-RedeD)" -> launches: "C:\PROGRA~1\mcafee.com\agent\mcupdate.exe /Schedule" ["McAfee, Inc"]
"McAfee.com Update Check (DANIEL1-Daniel)" -> launches: "C:\PROGRA~1\mcafee.com\agent\mcupdate.exe /Schedule" ["McAfee, Inc"]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 20
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{BA52B914-B692-46C4-B683-905236F6F655}" = "McAfee VirusScan"
-> {CLSID}\InProcServer32\(Default) = "c:\progra~1\mcafee.com\vso\mcvsshl.dll" ["McAfee, Inc."]

Explorer Bars

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{A1A7E22D-1587-4230-8F16-081C68D21448}\ = "Browser Adjustment" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Programas\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll" ["Agnitum Ltd."]

Dormant Explorer Bars in "View, Explorer Bar" menu

HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\ = "&Pesquisar"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{44627E97-789B-40D4-B5C2-58BD171129A1}\
"ButtonText" = "Browser Adjustment"

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Pesquisar"

{CCA281CA-C863-46EF-9331-5C8D4460577F}\
"ButtonText" = "@btrez.dll,-4015"
"MenuText" = "@btrez.dll,-4017"
"Script" = "C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm" [null data]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Programas\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

HKLM\Software\Microsoft\Internet Explorer\AboutURLs\

Missing lines (compared with English-language version):
HIJACK WARNING! "TuneUp" = "file://C|/Documents and Settings/All Users/Application Data/TuneUp Software/Common/base.css" [file not found]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

ATK Keyboard Service, ATKKeyboardService, "C:\WINDOWS\ATKKBService.exe" ["ASUSTeK COMPUTER INC."]
Bluetooth Service, btwdins, "C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe" ["Broadcom Corporation"]
Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTsvcCDA.exe" ["Creative Technology Ltd"]
Machine Debug Manager, MDM, ""C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
McAfee.com McShield, McShield, "c:\PROGRA~1\mcafee.com\vso\mcshield.exe" ["Network Associates, Inc."]
McAfee.com VirusScan Online Realtime Engine, MCVSRte, "c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe /Embedding" ["McAfee, Inc"]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
Outpost Firewall Service, OutpostFirewall, "C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /service" ["Agnitum Ltd."]
SSL de HTTP, HTTPFilter, "C:\WINDOWS\System32\svchost.exe -k HTTPFilter" {"C:\WINDOWS\System32\w3ssl.dll" [MS]}
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 31 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 8 seconds.
---------- (total run time: 56 seconds)

-----------------------------------------------------

I did install the smitfraud.reg file, though the problem remains. :(

Thanks so much for your work,

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-07-2005, 07:39 PM   #5 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,965
OS: Windows XP-Pro SP2


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Ok.

Since you can't get Panda to run..let's try another approach. Concerning your "Right Click" issues...is this just on web pages..or anywere? Can you right click on your desktop...files, icons..ect ok? Run hijackthis and fix the following entrys...

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CDD939B-1FE7-4F0D-85F3-C1D9DF3ADB91}: NameServer = 194.65.100.117,194.65.5.2


Download, install, and update Ewido Security Suite
  • Install ewido security suite
  • Launch ewido, there should be a big E icon on your desktop, double-click it.
  • The program will prompt you to update click the OK button
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
The update will start and a progress bar will show the updates being installed.
After the updates are installed, exit Ewido


Reboot into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Run Ewido:
  • Click [Scanner]
  • Click [Complete System Scan] to begin scanning.
  • Click [OK] when prompted to clean files
  • With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click [OK].
  • Once finished, click the [Save report] button
  • Save the report to your desktop
Close Ewido

Reboot back to normal mode..and post that Ewido log and another hijackthis log.
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-08-2005, 07:37 AM   #6 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
About Problem
Only on websites.. i don't have any problem on desktop, files, icons, you name it.

Only on the internet explorer program the right click doesn't work. Not on all the parts though. The place where you see the sites, i can't right click. But in the "Home", "Refresh" Tool bar, right click works...

And i still have that problem with the "Programs tab" in IE options. Would that be the problem? Maybe some plugin that damaged the registry key, or .dll file that manages the left, right click of the program? Just my opinion..

And i already tried disabling the "Disable third party extensions" option on advanced. Sorry if it's not really that name, my Windows XP is not english. :)

I cleaned the Hijackthis keys you said, but after deleting this one:

O17 - HKLM\System\CCS\Services\Tcpip\..\{7CDD939B-1FE7-4F0D-85F3-C1D9DF3ADB91}: NameServer = 194.65.100.117,194.65.5.2

I lost internet access.. as those are my DNS servers. No problem though, i have them on a text file specially for when this happens. :P

I'll check the Ewido Security Suite program you said now.

Thanks for your help. ;)
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-08-2005, 08:46 AM   #7 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
Ewido Log
Here is the Ewido log, it detected 143 spyware files:

---------------------------------------------------------
ewido security suite - Relatório de verificação
---------------------------------------------------------

+ Criado em: 16:38:34, 08-07-2005
+ Relatório-Checksum: 349E0E3B

+ Scan result:

:mozilla.28:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpo com backup
:mozilla.96:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpo com backup
:mozilla.129:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Limpo com backup
:mozilla.137:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.138:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.139:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.140:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.141:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.142:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.143:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.144:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.145:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.146:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.147:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.148:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.149:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.150:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.151:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.152:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.153:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.154:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.155:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.156:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.157:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.158:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.159:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.160:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.161:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.162:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.163:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.164:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.165:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.166:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.167:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.168:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.169:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.170:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.171:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.172:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.173:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.174:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.175:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.176:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.177:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.178:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.179:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup
:mozilla.186:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpo com backup
:mozilla.187:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpo com backup
:mozilla.199:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Limpo com backup
:mozilla.220:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Valuead : Limpo com backup
:mozilla.221:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Valuead : Limpo com backup
:mozilla.222:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Valuead : Limpo com backup
:mozilla.223:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Valuead : Limpo com backup
:mozilla.224:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Valuead : Limpo com backup
:mozilla.227:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Valuead : Limpo com backup
:mozilla.231:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup
:mozilla.232:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup
:mozilla.233:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup
:mozilla.234:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.235:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.236:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.237:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.238:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.239:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.240:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup
:mozilla.241:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpo com backup
:mozilla.356:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.357:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.358:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.359:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.360:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.361:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.362:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.363:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.364:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.365:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.366:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.367:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.368:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.369:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.370:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.371:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.372:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.373:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.374:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.375:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.376:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.377:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.378:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.379:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.380:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.381:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.382:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.383:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup
:mozilla.408:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Overture : Limpo com backup
:mozilla.428:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup
:mozilla.429:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup
:mozilla.430:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup
:mozilla.431:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup
:mozilla.450:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Weborama : Limpo com backup
:mozilla.451:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Weborama : Limpo com backup
:mozilla.452:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Weborama : Limpo com backup
:mozilla.456:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Bfast : Limpo com backup
:mozilla.457:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Bfast : Limpo com backup
:mozilla.468:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Limpo com backup
:mozilla.526:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup
:mozilla.527:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup
:mozilla.528:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup
:mozilla.529:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup
:mozilla.530:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Limpo com backup
:mozilla.539:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Limpo com backup
:mozilla.540:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Limpo com backup
:mozilla.552:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Centrport : Limpo com backup
:mozilla.578:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Ivwbox : Limpo com backup
:mozilla.585:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Goldenpalace : Limpo com backup
:mozilla.590:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Bluestreak : Limpo com backup
:mozilla.601:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Spylog : Limpo com backup
:mozilla.611:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hotlog : Limpo com backup
:mozilla.629:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup
:mozilla.630:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup
:mozilla.651:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup
:mozilla.666:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup
:mozilla.688:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup
:mozilla.689:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup
:mozilla.690:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup
:mozilla.691:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup
:mozilla.692:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup
:mozilla.712:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Qksrv : Limpo com backup
:mozilla.713:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Qksrv : Limpo com backup
:mozilla.741:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.247realmedia : Limpo com backup
:mozilla.742:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.247realmedia : Limpo com backup
:mozilla.743:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.247realmedia : Limpo com backup
:mozilla.750:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Targetnet : Limpo com backup
:mozilla.765:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup
:mozilla.766:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup
:mozilla.775:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Overture : Limpo com backup
:mozilla.801:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Realtracker : Limpo com backup
:mozilla.888:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Trafficmp : Limpo com backup
:mozilla.889:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Trafficmp : Limpo com backup
:mozilla.890:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Trafficmp : Limpo com backup
:mozilla.891:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\i1idzlon.default\cookies.txt -> Spyware.Cookie.Trafficmp : Limpo com backup
C:\Documents and Settings\Daniel\Cookies\daniel@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Limpo com backup
C:\Documents and Settings\Daniel\Cookies\daniel@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Limpo com backup


::Fim do Relatório
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-08-2005, 08:48 AM   #8 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
Second Hijackthis Log
And here is the normal Hijackthis log:

------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 16:44:05, on 08-07-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programas\ewido\security suite\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Programas\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Programas\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programas\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [Name of App] C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programas\Diskeeper Pro\DkIcon.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Browser Adjustment - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programas\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} - http://www.seagate.com/support/disc/...npseatools.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CDD939B-1FE7-4F0D-85F3-C1D9DF3ADB91}: NameServer = 194.65.100.117,194.65.5.2
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: LBTServ - C:\Programas\Ficheiros comuns\Logitech\Bluetooth\lbtserv.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programas\ewido\security suite\ewidoctrl.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programas\Ficheiros comuns\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programas\TuneUp Utilities 2004\WinStylerThemeSvc.exe

-------------------------------------------


And this is the KRC HijackThis Analyzer log:


====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 6/3/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 16:44:05, on 08-07-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\ATKKBService.exe
C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
C:\Programas\ewido\security suite\ewidoctrl.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [CTDVDDET] C:\Programas\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Programas\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programas\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [Name of App] C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programas\Diskeeper Pro\DkIcon.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Browser Adjustment - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programas\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} - http://www.seagate.com/support/disc/...npseatools.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CDD939B-1FE7-4F0D-85F3-C1D9DF3ADB91}: NameServer = 194.65.100.117,194.65.5.2
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: LBTServ - C:\Programas\Ficheiros comuns\Logitech\Bluetooth\lbtserv.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programas\ewido\security suite\ewidoctrl.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programas\Ficheiros comuns\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programas\TuneUp Utilities 2004\WinStylerThemeSvc.exe


End of KRC HijackThis Analyzer Log.
====================================================================


Thanks for your time,

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-08-2005, 01:05 PM   #9 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,965
OS: Windows XP-Pro SP2


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Sorry bout that. Just saw your from Europe. Anyway your clean except for this right click issue. Does this happen on ALL web sites..or just a few?

I need you to enter the registry. Navigate to each of the following keys and see if you have them. If so export them. Save them as a txt file..and post them here...

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\
Restrictions

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\
Restrictions
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-08-2005, 01:51 PM   #10 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
Nop, nothing at all
No, I don't have these keys on my registry..

And yes i can't right click on ALL the websites. Though i've just discovered that if the content is flash, for exemple, flash games, i can right click to access the flash options..

Really I don't know what to do next.. maybe reinstalling IE? I already tried but when i'm running the setup it says I already have it installed..

Thanks again for your work,

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-09-2005, 01:34 AM   #11 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,965
OS: Windows XP-Pro SP2


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Dan:

Please download and install thie following registry fixs..

http://www.kellys-korner-xp.com/regs...properties.reg
http://www.kellys-korner-xp.com/regs...ontextmenu.reg
http://www.kellys-korner-xp.com/regs...htclickspy.reg


If none of those work...Try reinstalling IE6. You have to trick windows into thinking it's not installed by changeing an entry flag in the registry. Here's the procedure...

http://www.bleepingcomputer.com/foru...ess-tut71.html
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-09-2005, 10:11 AM   #12 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
More bad news...
Well, I installed the registry keys but no luck at all. :(

Then finally i decided to reinstall IE. Made the registry changes, downloaded the installation file, run and:

"A more recent version of IE has found, blah blah, setup will not continue."

Well I was decided to resolve this once and for all so I did a google search and found a person in a forum saying that I just needed to add /Q to the file destiny.

I did and it run up. Installed, no problems, then restarted. Loading up and bang, "The ******** doesn't match with *****". The same error appeared again. Then "msgina.dll failure to download, please reinstall the file".

And the only option microsoft leaves me is a "Restart" button that of course lead me to the same error.

What I tried? Load that menu where you start in safe mode and selected "Last correct Configuration". Computer restarted and everything was working fine. Believe me, it did scared me...

Now i don't have any IE shortcut, in the IE's programs folder there's no file related to the main file itself.. Only a .exe file for reporting files.

In the add/remove programs there's an "Internet Explorer Service Pack 1" Entry where if you click "remove/modify" pop ups a menu with "repair IE" and "roll back to correct configuration".

Well if I try repair.. guess what, error. But now i'm a little afraid of rolling back to this "correct" configuration..

Really, i don't know what to do next.. I hope you can give me some tips please..

Thanks for your time,

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-09-2005, 10:50 AM   #13 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
Great News!! (Atleast)
Great news atleast..

IE is working fine and... right click works!

Ahah it was indeed a funny discover. I didn't had any IE shortcuts, so i couldn't open the program. Then i open MSN Messenger and I remember, MSN automatically launchs IE by default when pressing the mail button.

So I just click it and it launchs the program.. and right click and the "programs" tab program got resolved. Now I just need to put back the shortcuts by adding them myself, and running windows update to update IE to service pack 2 right?

Thanks for all your work, :)

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-09-2005, 04:40 PM   #14 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,965
OS: Windows XP-Pro SP2


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Correct. So MSN disabled right click in IE?
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-10-2005, 11:01 AM   #15 (permalink)
Registered User
 
Join Date: Mar 2005
Location: Europe
Posts: 16
OS: Windows XP


Send a message via MSN to eXtreme
No, I don't know what did disable the IE right click. I used MSN Messenger to start up IE cause i didn't had any shortcut and the main .exe file was not in the programs/Internet Explorer/iexplore.exe

Then after seeing that everything was working fine I run that little tool that defines which program is the default and selected IE to default. After that Windows automatically created the shortcuts and the .exe file on the program folder.

And as you already said that my log is clean, looks like it finally got resolved.

Thanks for all your help and support,

Dan
__________________
Intel Pentium 4 3.2GHz Socket 775 | AsusTek P5GD1 | NVIDIA 6600GT PCI-E 128MB DDR3 | 2x Kingston 512MB DDR PC3200 (1GB)

LG L1720B TFT | Seagate 160GB ST3160827AS Serial ATA | Creative Inspire 5.1 P5800 | Logitech Desktop MX Bluetooth
Last edited by eXtreme; 07-10-2005 at 11:03 AM.
eXtreme is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 01:17 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84