Tech Support banner

Status
Not open for further replies.
1 - 9 of 9 Posts

·
Registered
Joined
·
9 Posts
Discussion Starter #1
Yeah i just read about how we're not meant to post Hijack this logs in another forum so im just copying what i wrote there into here.

hey ive got an acer laptop aspire 1680i centrio 1.6Hz 512mb 60gigs, 4gigs left on C drive, around 1.5gigs on d drive.

the problem is that the whole computer runs very slow, and when ever i use IE ad mangaer yeild pop up comes up and or Win Fix pop-up...

another problem is that i can open up any applications like power...such as Acer E-powermangement

well anyway, im hopeing ive provided enough information to fix the problems, here Hijack this report

Logfile of HijackThis v1.99.1
Scan saved at 7:26:48 PM, on 28/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H 2.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Acer\ePM\ePM.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.optusnet.com.au/?brand=ODSL&panel=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {38E50367-98D3-E400-82FE-CC6932F5D9BA} - C:\WINDOWS\system32\lzefcwj.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\msntb.dll
O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H 2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB001" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H 2.EXE /P30 "EPSON Stylus Photo R210 Series" /M "Stylus Photo R210" /EF "HKCU"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binar...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...nt.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binar...ro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binar...ot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Program Files\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program\Nero\InCD\InCDsrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe


Thanks for ur time
 

·
Registered
Joined
·
6,574 Posts
Download Ewido Security Suite - Install & Update it's database but do not run it yet.
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

REBOOT TO SAFE MODE
  1. Restart the computer. The computer begins processing a set of instructions known as BIOS.
  2. As soon as the BIOS has finished loading, begin tapping the F8 key on your keyboard.
  3. Continue to do so until the 'Windows Advanced Options' menu appears.
  4. Using the arrow keys on the keyboard, scroll to and select the menu item - Safe Mode.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


** Please disable all other antivirus programs before proceeding.**

Run Ewido:
  • Click Scanner
  • Click Complete System Scan to begin scanning.
  • Click OK when prompted to clean files
  • With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click OK
  • Once finished, click the Save report button
  • Save the report to your desktop
Close Ewido
* Ewido scan would require at least an hour. I suggest that you go grab a cup of coffee & do something else while you wait for it to complete.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

REBOOT TO NORMAL MODE

Please download Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).
  • Save it to your desktop.
  • Double-click the new icon on your desktop (tmas-web-scan.exe)
  • It will say "Loading TrendMicro definitions".
  • Once the definitions are loaded, the program will appear to close then re-open.
  • Click "Start Scan"
  • After it's done scanning, click "Scan Results"
  • Make sure all items found have a check next to them, then click "Clean Threats Now".
  • Click Exit.
Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them in your next post.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

In your next post, please include fresh logs from:
  1. a NEW HiJackThis
  2. Ewido Results
  3. antispyware.log from TMAS
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now
 

·
Registered
Joined
·
9 Posts
Discussion Starter #3
Did it all

HijackThis Results


Logfile of HijackThis v1.99.1
Scan saved at 9:43:39 PM, on 29/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\tmas-web-scan.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.optusnet.com.au/?brand=ODSL&panel=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {38E50367-98D3-E400-82FE-CC6932F5D9BA} - C:\WINDOWS\system32\lzefcwj.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\msntb.dll
O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB001" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /M "Stylus Photo R210" /EF "HKCU"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Program Files\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program\Nero\InCD\InCDsrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe


antispyware.log


Started Scanning
Internet Cookies
Found 'imrworldwide.com' in 'Internet Explorer Cache'
Programs in Memory
Found 'DAP.exe' in 'C:\Program Files\DAP'
Windows Registry
Found '' in 'SOFTWARE\LimeWire'
Found '' in 'Software\SpeedBit\Download Accelerator\IEBar'
Found '' in 'Software\SpeedBit\Download Accelerator'
Found '' in 'Software\SpeedBit\Download Accelerator\ADS'
Found '' in 'Software\SpeedBit\Download Accelerator\ADS\Default'
Found '' in 'Software\SpeedBit\Download Accelerator\NoTrigger'
Found '' in 'Software\SpeedBit\Download Accelerator\NoTrigger\Always'
Found '' in 'Software\SpeedBit\Download Accelerator\NoTrigger\WhenFound'
Found '' in 'Software\SpeedBit\Download Accelerator\NoTrigger\WhenNotFound'
Found '' in 'SOFTWARE\Classes\ed2k'
Found '' in 'SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}'
Found '' in 'SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\InprocServer32'
Found '' in 'SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\ProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\TypeLib'
Found '' in 'SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\VersionIndependentProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}'
Found '' in 'SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\InprocServer32'
Found '' in 'SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\ProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\TypeLib'
Found '' in 'SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\VersionIndependentProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}'
Found '' in 'SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\InprocServer32'
Found '' in 'SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\ProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\TypeLib'
Found '' in 'SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\VersionIndependentProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}'
Found '' in 'SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}\InprocServer32'
Found '' in 'SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}\ProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}\VersionIndependentProgID'
Found '' in 'SOFTWARE\Classes\CLSID\{9738B9E6-8AFA-11D2-959E-444553540002}'
Found '' in 'SOFTWARE\Classes\CLSID\{9738B9E6-8AFA-11D2-959E-444553540002}\InProcServer32'
Found '' in 'SOFTWARE\Classes\CLSID\{9738B9E6-8AFA-11D2-959E-444553540002}\ProgID'
Found '' in 'SOFTWARE\Classes\DAPIE.Catcher.1\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIE.Catcher\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE.1'
Found '' in 'SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE.1\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE\CurVer'
Found '' in 'SOFTWARE\Classes\DAPIEBar.CBAREventer'
Found '' in 'SOFTWARE\Classes\DAPIEBar.CBAREventer.1'
Found '' in 'SOFTWARE\Classes\DAPIEBar.CBAREventer.1\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIEBar.CBAREventer\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIEBar.CBAREventer\CurVer'
Found '' in 'SOFTWARE\Classes\DAPIEBar.DAPIEBarBand'
Found '' in 'SOFTWARE\Classes\DAPIEBar.DAPIEBarBand.1'
Found '' in 'SOFTWARE\Classes\DAPIEBar.DAPIEBarBand.1\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIEBar.DAPIEBarBand\CLSID'
Found '' in 'SOFTWARE\Classes\DAPIEBar.DAPIEBarBand\CurVer'
Found '' in 'SOFTWARE\Classes\DAPNS.Protocol.1'
Found '' in 'SOFTWARE\Classes\DAPNS.Protocol.1\CLSID'
Found '' in 'SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}'
Found '' in 'SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}\ProxyStubClsid'
Found '' in 'SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}\ProxyStubClsid32'
Found '' in 'SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}\TypeLib'
Found '' in 'SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}'
Found '' in 'SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}\ProxyStubClsid'
Found '' in 'SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}\ProxyStubClsid32'
Found '' in 'SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}\TypeLib'
Found '' in 'SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0'
Found '' in 'SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0\0\win32'
Found '' in 'SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0\FLAGS'
Found '' in 'SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0\HELPDIR'
Found '' in 'SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0'
Found '' in 'SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0\0\win32'
Found '' in 'SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0\FLAGS'
Found '' in 'SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0\HELPDIR'
Found '' in 'SOFTWARE\SpeedBit\Download Accelerator\Updates'
Found '' in 'SOFTWARE\Magnet'
Found '' in 'SOFTWARE\Classes\magnet'
Found '' in 'SOFTWARE\Classes\magnet\shell\open\command'
Found 'URL Protocol' in 'SOFTWARE\Classes\magnet'
Found '' in 'Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}'
Found '' in 'Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}'
Found '' in 'SOFTWARE\Classes\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}'
Found '' in 'Interface\{3517FB25-305D-4012-B531-186E3851E7ED}'
Found '' in 'SOFTWARE\Classes\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}'
Internet URL Shortcuts
Files and Directories
Found 'wnscpcc.exe' in 'C:\WINDOWS\system32'
Found 'DAP.exe' in 'C:\Program Files\DAP'
Found 'WiseUpdt.EXE' in 'D:\3dsmax6\updater'
Finished Scanning
Started Backup
Finished Backup
Started Restore
Extracting backup files from 'Clean Session - 1127993562.ssb'.
WARNING: Unable to delete file 'C:\Program Files\DAP\DAP.exe'. Error=5.
Unable to extract the file 'C:\Program Files\DAP\DAP.exe'. [SCANMODS] errno=13.
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg2' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg3' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg4' (32768 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg5' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg6' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg7' (12288 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg8' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg9' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg10' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg11' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg12' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg13' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg14' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg15' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg16' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg17' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg18' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg19' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg20' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg21' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg22' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg23' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg24' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg25' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg26' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg27' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg28' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg29' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg30' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg31' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg32' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg33' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg34' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg35' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg36' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg37' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg38' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg39' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg40' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg41' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg42' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg43' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg44' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg45' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg46' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg47' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg48' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg49' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg50' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg51' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg52' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg53' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg54' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg55' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg56' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg57' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg58' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg59' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg60' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg61' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg62' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg63' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg64' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg65' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg66' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg67' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg68' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg69' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg70' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg71' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg72' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg73' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg74' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg75' (8192 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\Reg76' (8192 bytes).
Extracting file 'C:\WINDOWS\system32\wnscpcc.exe' (2 bytes).
WARNING: Unable to delete file 'C:\Program Files\DAP\DAP.exe'. Error=5.
Unable to extract the file 'C:\Program Files\DAP\DAP.exe'. [SCANMODS] errno=13.
Extracting file 'D:\3dsmax6\updater\WiseUpdt.EXE' (169058 bytes).
Extracting file 'C:\DOCUME~1\user\LOCALS~1\Temp\session.ini' (14061 bytes).
Finished extracting files
Restoring file 'C:\Program Files\DAP\DAP.exe'.
Restoring registry key 'HKLM\SOFTWARE\LimeWire'
Restoring registry key 'HKCU\Software\SpeedBit\Download Accelerator\IEBar'
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator'
Unable to restore the registry keys under HKLM\Software\SpeedBit\Download Accelerator. [SCANMODS] RegRestoreKey returned Error=5.
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator\ADS'
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator\ADS\Default'
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator\NoTrigger'
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator\NoTrigger\Always'
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator\NoTrigger\WhenFound'
Restoring registry key 'HKLM\Software\SpeedBit\Download Accelerator\NoTrigger\WhenNotFound'
Restoring registry key 'HKLM\SOFTWARE\Classes\ed2k'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\InprocServer32'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\ProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\TypeLib'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{235D7A27-DE65-49F0-BFCF-D5C3BC3B2E67}\VersionIndependentProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\InprocServer32'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\ProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\TypeLib'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}\VersionIndependentProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\InprocServer32'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\ProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\TypeLib'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{62999427-33FC-4baf-9C9C-BCE6BD127F08}\VersionIndependentProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}\InprocServer32'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}\ProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E}\VersionIndependentProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{9738B9E6-8AFA-11D2-959E-444553540002}'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{9738B9E6-8AFA-11D2-959E-444553540002}\InProcServer32'
Restoring registry key 'HKLM\SOFTWARE\Classes\CLSID\{9738B9E6-8AFA-11D2-959E-444553540002}\ProgID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIE.Catcher.1\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIE.Catcher\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE.1'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE.1\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIE.DownloadAcceleratorIE\CurVer'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.CBAREventer'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.CBAREventer.1'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.CBAREventer.1\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.CBAREventer\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.CBAREventer\CurVer'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.DAPIEBarBand'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.DAPIEBarBand.1'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.DAPIEBarBand.1\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.DAPIEBarBand\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPIEBar.DAPIEBarBand\CurVer'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPNS.Protocol.1'
Restoring registry key 'HKLM\SOFTWARE\Classes\DAPNS.Protocol.1\CLSID'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}\ProxyStubClsid'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}\ProxyStubClsid32'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{5BFA1DAE-5EDC-11D2-959E-00C00C02DA5E}\TypeLib'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}\ProxyStubClsid'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}\ProxyStubClsid32'
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{7892BA33-7984-43A5-A8F5-27ED0AFE6143}\TypeLib'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0\0\win32'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0\FLAGS'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{5BFA1DA1-5EDC-11D2-959E-00C00C02DA5E}\1.0\HELPDIR'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0\0\win32'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0\FLAGS'
Restoring registry key 'HKLM\SOFTWARE\Classes\TypeLib\{79516451-3E3E-453A-8968-37942F7979F3}\1.0\HELPDIR'
Restoring registry key 'HKLM\SOFTWARE\SpeedBit\Download Accelerator\Updates'
Restoring registry key 'HKLM\SOFTWARE\Magnet'
Restoring registry key 'HKLM\SOFTWARE\Classes\magnet'
Restoring registry key 'HKLM\SOFTWARE\Classes\magnet\shell\open\command'
Restoring registry key 'HKLM\SOFTWARE\Classes\magnet'
Restoring registry key 'HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}'
Restoring registry key 'HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}'
Unable to restore the registry keys under HKCR\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}. [SCANMODS] RegRestoreKey returned Error=5.
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{4781DAA6-4DE5-47A1-B02A-945F0D017A9E}'
Restoring registry key 'HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}'
Unable to restore the registry keys under HKCR\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}. [SCANMODS] RegRestoreKey returned Error=5.
Restoring registry key 'HKLM\SOFTWARE\Classes\Interface\{3517FB25-305D-4012-B531-186E3851E7ED}'
Restoring file 'C:\WINDOWS\system32\wnscpcc.exe'.
Restoring file 'C:\Program Files\DAP\DAP.exe'.
Restoring file 'D:\3dsmax6\updater\WiseUpdt.EXE'.
Finished Restore
Started Cleaning
Checking for 'C:\Program Files\DAP\DAP.exe' in shortcut areas.
Found 'Download Accelerator.lnk' in 'C:\Documents and Settings\All Users\Start Menu\Programs\Download Accelerator\'
Found 'Download Accelerator Plus.lnk' in 'C:\Documents and Settings\user\Desktop\SHORTCUTS\'
Checking for 'C:\Program Files\DAP\DAP.exe' in startup areas.
Cleaning 'C:\Program Files\DAP\DAP.exe'
Checking for 'C:\WINDOWS\system32\wnscpcc.exe' in shortcut areas.
Checking for 'C:\WINDOWS\system32\wnscpcc.exe' in startup areas.
Cleaning 'C:\WINDOWS\system32\wnscpcc.exe'
Checking for 'C:\Program Files\DAP\DAP.exe' in shortcut areas.
Checking for 'C:\Program Files\DAP\DAP.exe' in startup areas.
Cleaning 'C:\Program Files\DAP\DAP.exe'
[SCANMODS] The file 'C:\Program Files\DAP\DAP.exe' was not found. Most likely already cleaned by another scanner module.
Checking for 'D:\3dsmax6\updater\WiseUpdt.EXE' in shortcut areas.
Found 'Check for 3ds max 6 updates.lnk' in 'C:\Documents and Settings\All Users\Start Menu\Programs\Graphic Programs\discreet\3ds max 6\'
Checking for 'D:\3dsmax6\updater\WiseUpdt.EXE' in startup areas.
Cleaning 'D:\3dsmax6\updater\WiseUpdt.EXE'
Finished Cleaning


Ewido Results


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 8:59:42 PM, 29/09/2005
+ Report-Checksum: 189997DB

+ Scan result:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKU\S-1-5-21-2326369520-1238661117-741939197-1005\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Cleaned with backup
HKU\S-1-5-21-2326369520-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-C1EC-0345-6EC2-4D0300000000} -> Spyware.Transponder : Cleaned with backup
HKU\S-1-5-21-2326369520-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-C1EC-0345-6EC2-4D0300000000} -> Spyware.Transponder : Cleaned with backup
HKU\S-1-5-21-2326369520-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Cleaned with backup
HKU\S-1-5-21-2326369520-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42B8-B3F7-832E75EDD959} -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-2326369520-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
C:\WINDOWS\system32\lzefcwj.dll -> Spyware.PurityScan : Cleaned with backup
C:\Documents and Settings\user\Local Settings\Temp\!update.exe -> TrojanDownloader.PurityScan.af : Cleaned with backup
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\9APQNVH6\!update-2595[1].0000 -> TrojanDownloader.PurityScan.af : Cleaned with backup
:mozilla.13:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.30:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.31:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.32:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.33:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.34:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.35:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.36:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.55:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.56:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.57:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.58:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.63:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.64:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.65:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.66:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.67:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.91:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.92:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.93:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.94:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.95:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.96:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.97:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.100:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.102:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.103:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.104:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.105:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.108:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Cj : Cleaned with backup
:mozilla.109:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.111:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.133:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.135:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\mdjquzwp.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.22:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.23:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.24:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.25:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.26:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.27:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.29:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.46:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.52:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.53:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.54:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.55:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.56:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.59:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.73:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.74:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.75:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.88:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.95:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.99:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.100:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.102:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.103:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.104:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.105:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.106:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.115:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.116:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.122:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.124:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.126:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.127:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\z8az9mng.Default User\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\OTHERS\Cookies\[email protected][2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.8:C:\Documents and Settings\OTHERS\Application Data\Mozilla\Firefox\Profiles\3el7f8s3.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\oest\mdtr.exe -> TrojanDownloader.PurityScan.af : Cleaned with backup


::Report End



Thanks once again
 

·
Registered
Joined
·
6,574 Posts
Hi and Welcome to TSF!

Please subscribe to this thread to be notified of fixes as soon as they are posted by our Team. To do this, please click the "Thread Tools" button located in the original thread line and selecting "Subscribe to this Thread".

Save the next instructions in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then. You should not have any browsers on.

If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are carrying out the procedures below.

It is also important you don't miss a step and perform everything in the right order!!. .

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

REBOOT TO SAFE MODE
  1. Restart the computer. The computer begins processing a set of instructions known as BIOS.
  2. As soon as the BIOS has finished loading, begin tapping the F8 key on your keyboard.
  3. Continue to do so until the 'Windows Advanced Options' menu appears.
  4. Using the arrow keys on the keyboard, scroll to and select the menu item - Safe Mode.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Enable the viewing of Hidden files
  1. From Windows Explorer, go to Tools>Folder Options>View tab.
  2. Enable the option for `Show hidden files and folder´
  3. Disable the option for `Hide file extensions for known types´
  4. Disable the option for `Hide protected operating system files´
  5. Click Yes to confirm & then click OK

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Uninstall the following programs, if present, using Control Panel > Add/Remove Programs :
  • MessengerPlus3 - comes with a sponsor program. If knowingly did not install the sponsor program, ignore this uninstall and the related HJT fixes.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Run a scan with HiJackThis & select(tick) the following & click [Fix checked] :

O2 - BHO: (no name) - {38E50367-98D3-E400-82FE-CC6932F5D9BA} - C:\WINDOWS\system32\lzefcwj.dll (file missing)
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Locate and delete the following folder(s), if present:
  • C:\PROGRA~1\DAP\
Locate and delete the following file(s), if present:
  • C:\WINDOWS\system32\lzefcwj.dll


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

REBOOT TO NORMAL MODE

Do an online scan at one of the following sites:
Take note the names and locations of any file it detects but fails to clean.
* Turn off the real time scanner of any existing antivirus program while performing the online scan

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

In your next post, please include fresh logs from:
  1. HiJackThis
  2. Online scan
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now
 

·
Registered
Joined
·
9 Posts
Discussion Starter #5
Hey sorry about the delay, problems with internet.. anyway Trend Micro HouseCall scan come up clean... here is the HiJack this report log

Logfile of HijackThis v1.99.1
Scan saved at 7:21:16 PM, on 7/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jucheck.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OptusNet DSL Internet\DSC.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\mmc.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.optusnet.com.au/?brand=ODSL&panel=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\msntb.dll
O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-au\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB001" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /M "Stylus Photo R210" /EF "HKCU"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Program Files\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

cheers for help
 

·
Registered
Joined
·
6,574 Posts
I take it that you knowingly have MSNMessengerplus 3 installed without the sponsor software??

How are things now?
 

·
Registered
Joined
·
9 Posts
Discussion Starter #7 (Edited by Moderator)
I uninstalled MSNMessengerPLUS, computer is running fine now, besides the fact that i still cant get into my power settings, or that when i try and play Battlefield 2 it goes to the BlueScreen, it says something about BIOS Memory - Caching or Shadowing.

Talks about "make sure you have adequate disk space"

and gives me a tech. info number;

*** STOP: 0x0000008E (0xC0000005, 0x82E01E22, 0xBACB28C4, 0x00000000).

if this has noithing to do with i would still love to work this out, my email is edited out... if you cant help me could u at least direct where to find ways of fixing it, but the over all computer is runing better thank u very much
 

·
Premium Member
Joined
·
14,311 Posts
I don't recommend posting your email address here (due to spammers). I edited it for you.

That error you are getting might be a setting in your bios. Restart your computer and go into the bios (your screen will usually say hit ....some key(s)... to enter setup/bios. Hit that key that was mentioned to enter the bios. Then look through the bios for Caching and Shadowing. Disable them and save the setting changes and exit.

If you still have problems, then post in the Windows section. Else, post back here if everything is ok and we'll close this thread.
 

·
Registered
Joined
·
9 Posts
Discussion Starter #9
yeah im runing Phoenix Bios and i cant find it, ive got an Acer laptop if that helps...
 
1 - 9 of 9 Posts
Status
Not open for further replies.
Top