Tech Support Forum banner
Status
Not open for further replies.
1 - 3 of 3 Posts

· Registered
Joined
·
1 Posts
Discussion Starter · #1 · (Edited)
I was trying to watch a movie and it said I had to download a new codec or something so i clicked ok and now i have almost constant popups trying to get me to download Ie defender. any help would be greatly apreciated

Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
Potentially unwanted tool:Application/ViewPoint Not disinfected C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
Adware:Adware/MediaCodec Not disinfected C:\WINDOWS\SYSTEM32\dx50codec.dll
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][3].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Matthew Stortini\Cookies\[email protected][2].txt
Adware:Adware/IST.ISTBar Not disinfected C:\Program Files\Common Files\Totem Shared\Update\WindowsEx.dll.041
Virus:Trj/Downloader.MDW Disinfected C:\WINDOWS\Downloaded Program Files\popcaploader.dll
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\NirCmd.exe
Deckard's System Scanner v20071014.68
Run by Matthew Stortini on 2007-11-06 00:06:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
107: 2007-11-06 05:07:04 UTC - RP983 - Deckard's System Scanner Restore Point
106: 2007-11-06 05:03:15 UTC - RP982 - Software Distribution Service 3.0
105: 2007-11-06 02:07:02 UTC - RP981 - ComboFix created restore point
104: 2007-11-05 01:28:18 UTC - RP980 - System Checkpoint
103: 2007-11-04 01:06:55 UTC - RP979 - Installed Ad-Aware 2007


-- First Restore Point --
1: 2007-08-08 14:38:41 UTC - RP877 - Installed Java(TM) 6 Update 2


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 510 MiB (512 MiB recommended).


-- HijackThis (run as Matthew Stortini.exe) ------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:47 AM, on 11/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Common Files\AOL\1136536542\ee\AOLSoftware.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Logitech\VideoCall\VideoCall.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Matthew Stortini\Desktop\Unused Desktop Shortcuts\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Matthew Stortini.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\WINDOWS\system32\BhoCitUS.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: RealMedia - {87B570FB-D2CF-4D3C-8E1B-E1E7018BBA95} - C:\WINDOWS\SYSTEM32\dx50codec.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1136536542\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe /dontopenmycards
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F4E445520422} - C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe
O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://cube.northwestcollege.edu/kxhcm10.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130388648843
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://ksunlivecam.sonoma.edu/activex/AMC.cab
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/bingame/zpagames/zpa_dmno.cab42341.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://63.162.24.169/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab46704.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab40641.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 16073 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 CdaD10BA - c:\windows\system32\drivers\cdad10ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.10) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.10>
R3 AR5523 (NETGEAR WG111T USB2.0 Wireless Card Service) - c:\windows\system32\drivers\wg11tnd5.sys <Not Verified; NETGEAR, Inc.; NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter>
R3 DNINDIS5 (DNINDIS5 NDIS Protocol Driver) - c:\windows\system32\dnindis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>

S3 ATHFMWDL (NETGEAR WG111T bootloader driver) - c:\windows\system32\drivers\athfmwdl.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-02 08:40:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-06 and 2007-11-06 -----------------------------

2007-11-06 00:03:19 0 d-------- C:\WINDOWS\LastGood
2007-11-05 23:54:35 0 d-------- C:\Program Files\SpywareBlaster
2007-11-05 21:32:40 0 d-------- C:\Program Files\Trend Micro
2007-11-03 21:26:46 0 d-------- C:\Documents and Settings\Matthew Stortini\Application Data\eBay
2007-11-03 21:26:46 0 d-------- C:\Documents and Settings\All Users\Application Data\eBay
2007-11-03 20:06:58 0 d-------- C:\Program Files\Lavasoft
2007-11-03 20:06:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-03 19:41:01 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-11-03 17:33:15 0 d-------- C:\Program Files\Adware Away
2007-11-03 13:27:56 0 d-------- C:\Program Files\Symantec AntiVirus
2007-11-03 13:15:20 248832 --a------ C:\WINDOWS\system32\dx50codec.dll <Not Verified; XunLei.com; >
2007-10-19 19:56:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-10-19 19:54:28 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-10-19 19:54:28 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-10-19 19:54:12 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-19 19:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 19:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 19:54:10 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 09:21:02 15890 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.10>
2007-10-19 09:20:43 285216 --a------ C:\WINDOWS\system32\drivers\wg11tnd5.sys <Not Verified; NETGEAR, Inc.; NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter>
2007-10-19 09:20:42 43392 --a------ C:\WINDOWS\system32\drivers\Athfmwdl.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2007-10-19 09:20:41 143944 --a------ C:\WINDOWS\system32\drivers\ar5523.bin
2007-10-19 09:20:39 17149 --a------ C:\WINDOWS\system32\DNINDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-10-19 09:20:35 147456 --a------ C:\WINDOWS\system32\ssleay32.dll
2007-10-19 09:20:35 651264 --a------ C:\WINDOWS\system32\libeay32.dll
2007-10-19 09:20:35 49776 --a------ C:\WINDOWS\system32\drivers\usbhub20.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2007-10-19 09:20:35 110592 -ra------ C:\WINDOWS\system32\AegisI5.exe <Not Verified; ; AegisInstall Application>
2007-10-19 09:20:35 843776 -ra------ C:\WINDOWS\system32\AegisE5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2007-10-19 09:20:34 94208 --a------ C:\WINDOWS\system32\DNIN50.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-10-19 09:20:32 0 d-------- C:\Program Files\NETGEAR
2007-10-18 04:02:34 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-10-15 23:43:47 0 d--h----- C:\WINDOWS\msdownld.tmp
2007-10-15 23:35:21 0 d-------- C:\Program Files\Common Files\PocketSoft
2007-10-15 23:35:10 0 d-------- C:\Program Files\RedlightCenter


-- Find3M Report ---------------------------------------------------------------

2007-11-05 23:12:17 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2007-11-05 23:12:15 0 d-------- C:\Program Files\Microsoft IntelliPoint
2007-11-05 23:12:13 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-11-05 23:01:35 0 d-------- C:\Program Files\Google
2007-11-05 22:58:24 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-05 22:50:08 0 d-------- C:\Program Files\BitLord
2007-11-05 22:50:02 0 d-------- C:\Program Files\AIM6
2007-11-05 11:22:56 0 d-------- C:\Program Files\DivX
2007-11-03 20:05:54 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-03 13:29:10 0 d-------- C:\Program Files\Symantec
2007-10-19 09:20:31 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-15 23:35:21 0 d-------- C:\Program Files\Common Files
2007-10-11 02:12:02 0 d-------- C:\Program Files\AIM
2007-10-07 22:07:16 0 d-------- C:\Program Files\Yahoo!
2007-10-07 20:09:03 0 d-------- C:\Program Files\Common Files\aolshare
2007-10-04 21:38:29 0 d-------- C:\Documents and Settings\Matthew Stortini\Application Data\Yahoo!
2007-09-28 17:50:32 0 d-------- C:\Program Files\iTunes
2007-09-28 17:50:17 0 d-------- C:\Program Files\iPod
2007-09-19 22:56:50 0 d-------- C:\Program Files\WildGames
2007-09-16 12:59:00 0 d-------- C:\Program Files\LimeWire
2007-09-13 08:01:24 0 d-------- C:\Program Files\PartyGaming
2007-09-12 22:35:29 0 d-------- C:\Program Files\Apple Software Update
2007-09-12 08:09:07 0 d-------- C:\Program Files\Axis Communications
2007-08-15 00:46:33 4 --a------ C:\WINDOWS\info147.sys


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87B570FB-D2CF-4D3C-8E1B-E1E7018BBA95}]
11/03/2007 01:16 PM 248832 --a------ C:\WINDOWS\SYSTEM32\dx50codec.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [06/03/2004 03:51 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 03:00 AM]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 04:42 PM]
"OSCD_Creator"="c:\Dell\PreODM.EXE" [10/31/2004 06:21 AM]
"mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [09/14/2004 09:50 AM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [06/03/2004 03:50 AM]
"HostManager"="C:\Program Files\Common Files\AOL\1136536542\ee\AOLSoftware.exe" [04/20/2006 12:10 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36 AM]
"IPHSend"="C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe" [02/17/2006 11:59 AM]
"CitiVAN"="C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe" [08/12/2004 01:51 PM]
"eBayToolbar"="C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [11/03/2007 09:27 PM]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [06/29/2007 05:24 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 10:09 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 06:51 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [09/26/2007 01:42 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [11/21/2006 04:38 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [03/14/2007 06:49 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"NCLaunch"="C:\WINDOWS\NCLAUNCH.EXe" [03/17/2005 05:10 PM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe" []
"Aim6"="" []
"AIM"="C:\Program Files\AIM\aim.exe" [08/01/2006 02:35 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/22/2007 05:23 PM]
"H/PC Connection Agent"="C:\PROGRA~1\MI3AA1~1\wcescomm.exe" [06/20/2006 09:36 PM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [08/08/2007 09:41 AM]
"Orb"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" [06/08/2007 08:28 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"OSCD_Creator"=C:\Dell\PreODM.EXE /2

C:\Documents and Settings\Matthew Stortini\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 2:04:12 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 2:04:12 PM]
NETGEAR WG111T Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe [10/19/2007 9:20:34 AM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5434a98-53ef-11dc-ae27-001111cfc02d}]
AutoRun\command- E:\PortableVault.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - NAVENG
*Newly Created Service* - NAVEX15
*Newly Created Service* - SAVRT
*Newly Created Service* - SAVRTPEL
*Newly Created Service* - SPBBCDRV



-- End of Deckard's System Scanner: finished at 2007-11-06 00:09:42 ------------
 

Attachments

1 - 3 of 3 Posts
Status
Not open for further replies.
Top