AnDyTaN

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About AnDyTaN

  • Rank
    Newbie
  1. Ok i did all that, thx for helping me your really really great. One day i hope to be like u guys helping the inexperienced people
  2. Yea i did,after that i went back to normal mode and click Start>Settings>Control Panel>Display>Desktop>Customize Desktop>Web and uncheck "Security Info" I then went back to safe mode and ran Hijackthis and checked all the followings that you stated.I restarted and went back to normal mode, looks like the critical system error popup is gone for good now! Anyway here's the logfile Logfile of HijackThis v1.99.1 Scan saved at 8:21:58 PM, on 12/14/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\ATITool\ATITool.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN C:\Program Files\Eset\nod32krn.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\WgaTray.exe C:\Documents and Settings\Administrator\Desktop\Antivirus stuff\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [inCD] "C:\Program Files\Ahead\InCD\InCD.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TaskSwitchXP] "C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe O4 - Global Startup: ATITool.lnk = C:\Program Files\ATITool\ATITool.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IWin service - Unknown owner - C:\WINDOWS\system32\iwinapp.exe (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
  3. Ok here's the Rapport log SmitFraudFix v2.65 Scan done at 20:06:41.46, Thu 12/14/2006 Run from C:\Documents and Settings\Administrator\Desktop\Antivirus stuff\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}"="gloomily" [HKEY_CLASSES_ROOT\CLSID\{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}\InProcServer32] @="C:\WINDOWS\system32\mlraakb.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}\InProcServer32] @="C:\WINDOWS\system32\mlraakb.dll" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}"="gloomily" [HKEY_CLASSES_ROOT\CLSID\{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}\InProcServer32] @="C:\WINDOWS\system32\mlraakb.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}\InProcServer32] @="C:\WINDOWS\system32\mlraakb.dll" »»»»»»»»»»»»»»»»»»»»»»»» End Lastly the Hijackthis log Logfile of HijackThis v1.99.1 Scan saved at 8:12:55 PM, on 12/14/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\ATITool\ATITool.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN C:\Program Files\Eset\nod32krn.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\NOTEPAD2.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrator\Desktop\Antivirus stuff\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file) O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - (no file) O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [inCD] "C:\Program Files\Ahead\InCD\InCD.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TaskSwitchXP] "C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe O4 - Global Startup: ATITool.lnk = C:\Program Files\ATITool\ATITool.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: gloomily - {9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} - C:\WINDOWS\system32\mlraakb.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IWin service - Unknown owner - C:\WINDOWS\system32\iwinapp.exe (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ODBC service - Unknown owner - C:\WINDOWS\system32\odbc.exe (file missing) O23 - Service: Win Common module - Unknown owner - C:\WINDOWS\system32\servicemp.exe (file missing)
  4. Ok HJthis i finished scanning with Combofix...here's the log . To Mistared:Goodluck fixing your comp Administrator - 06-12-14 18:38:42.60 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Administrator\Desktop" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\components ((((((((((((((((((((((((((((((( Files Created from 2006-11-14 to 2006-12-14 )))))))))))))))))))))))))))))))))) 2006-12-14 06:42 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL 2006-12-14 06:42 <DIR> d-------- C:\Program Files\Registry Mechanic 2006-12-14 06:28 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2 2006-12-14 06:26 <DIR> d-------- C:\Program Files\OpenOffice.org 2.1 2006-12-14 05:58 <DIR> dr-h----- C:\Documents and Settings\Administrator\Recent 2006-12-14 05:44 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\ATI 2006-12-14 05:35 73,728 --a------ C:\WINDOWS\system32\Oemdspif.dll 2006-12-14 05:35 601,792 --a------ C:\WINDOWS\system32\ativvaxx.dll 2006-12-14 05:35 6,680,576 --a------ C:\WINDOWS\system32\atioglx1.dll 2006-12-14 05:35 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL 2006-12-14 05:35 46,080 --a------ C:\WINDOWS\system32\ati2evxx.dll 2006-12-14 05:35 40,960 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll 2006-12-14 05:35 4,841,472 --a------ C:\WINDOWS\system32\atioglxx.dll 2006-12-14 05:35 39,936 --a------ C:\WINDOWS\system32\ati2edxx.dll 2006-12-14 05:35 376,832 --a------ C:\WINDOWS\system32\ati2evxx.exe 2006-12-14 05:35 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2006-12-14 05:35 258,048 --a------ C:\WINDOWS\system32\ATIDEMGR.dll 2006-12-14 05:35 25,088 --a------ C:\WINDOWS\system32\Ati2mdxx.exe 2006-12-14 05:35 241,664 --a------ C:\WINDOWS\system32\ati2dvag.dll 2006-12-14 05:35 233,472 --a------ C:\WINDOWS\system32\ati2cqag.dll 2006-12-14 05:35 2,430,464 --a------ C:\WINDOWS\system32\ati3duag.dll 2006-12-14 05:35 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll 2006-12-14 05:35 147,456 --a------ C:\WINDOWS\system32\atikvmag.dll 2006-12-14 05:35 106,496 --a------ C:\WINDOWS\system32\atipdlxx.dll 2006-12-14 05:35 1,348,096 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys 2006-12-14 05:34 <DIR> d-------- C:\ATI 2006-12-13 19:57 <DIR> d-------- C:\Program Files\ATITool 2006-12-09 19:39 2,829 --a------ C:\WINDOWS\War3Unin.pif 2006-12-09 19:39 139,264 --a------ C:\WINDOWS\War3Unin.exe 2006-12-08 05:41 <DIR> d-------- C:\VundoFix Backups 2006-12-08 01:41 53,248 --a------ C:\WINDOWS\system32\Process.exe 2006-12-08 01:41 42,496 --a------ C:\WINDOWS\system32\swreg.exe 2006-12-08 01:41 40,960 --a------ C:\WINDOWS\system32\swsc.exe 2006-12-08 01:41 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2006-12-08 01:04 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2006-12-08 01:04 299,392 --a------ C:\WINDOWS\system32\imon.dll 2006-12-08 01:04 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2006-12-08 01:03 <DIR> d-------- C:\Program Files\ESET 2006-12-07 23:51 18,432 --a------ C:\WINDOWS\system32\mlraakb.dll 2006-12-07 11:30 <DIR> dr-h----- C:\$VAULT$.AVG 2006-12-07 09:01 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2006-12-07 09:01 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys 2006-12-07 09:01 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys 2006-12-07 09:01 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys 2006-12-07 09:01 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys 2006-12-07 09:01 <DIR> d-------- C:\Program Files\Grisoft 2006-12-07 09:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2006-12-07 09:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7 2006-12-07 09:01 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AVG7 2006-12-07 08:30 48,824 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2006-12-07 08:30 108,728 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2006-12-07 07:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor 2006-12-07 07:08 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Identities 2006-12-07 07:07 143,360 --a------ C:\WINDOWS\system32\dunzip32.dll 2006-12-07 07:06 104,536 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys 2006-12-07 07:06 <DIR> d-------- C:\Program Files\Common Files\McAfee 2006-12-07 07:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2006-11-29 03:45 <DIR> d-------- C:\Program Files\iTunes 2006-11-29 03:45 <DIR> d-------- C:\Program Files\iPod 2006-11-28 16:30 <DIR> d-------- C:\Program Files\Warcraft III 2006-11-28 13:27 684,032 --a------ C:\WINDOWS\system32\libeay32.dll 2006-11-28 13:27 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2006-11-16 16:54 <DIR> d-------- C:\Program Files\Koei 2006-11-16 16:54 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield Installation Information 2006-11-16 14:18 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Activision 2006-11-16 14:17 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2006-11-16 14:17 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2006-11-16 14:17 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-11-16 14:17 <DIR> d--hs---- C:\WINDOWS\ftpcache (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-14 18:37 -------- d-------- C:\Documents and Settings\Administrator\Application Data\Free Download Manager 2006-12-14 18:32 -------- d-------- C:\Program Files\Mozilla Firefox 2006-12-14 17:44 -------- d-------- C:\Program Files\mIRC 2006-12-14 07:59 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-12-14 05:36 -------- d-------- C:\Program Files\ATI Technologies 2006-12-13 20:34 -------- d-------- C:\Program Files\Mozilla Thunderbird 2006-12-13 07:22 -------- d-------- C:\Program Files\ShortKeys2 2006-12-13 07:16 -------- d-------- C:\Program Files\Java 2006-12-13 07:16 -------- d-------- C:\Program Files\Apple Software Update 2006-12-13 05:56 -------- d-------- C:\Program Files\LimeWire 2006-12-08 01:57 -------- d-------- C:\Program Files\Common Files 2006-12-08 00:27 -------- d-------- C:\Program Files\Spybot - Search & Destroy 2006-12-07 23:49 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-12-07 15:42 -------- d-------- C:\Program Files\Symantec 2006-12-07 15:42 -------- d-------- C:\Program Files\Common Files\Symantec Shared 2006-12-07 09:01 -------- d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft 2006-12-07 07:51 -------- d-------- C:\Program Files\Norton SystemWorks 2006-12-04 01:39 -------- d-------- C:\Program Files\WarRock 2006-12-02 00:03 -------- d-------- C:\Program Files\MSN Messenger 2006-11-26 03:18 -------- d-------- C:\Program Files\SwiftSwitch 2006-11-19 18:01 -------- d-------- C:\Program Files\Internet Explorer 2006-11-16 14:02 -------- d-------- C:\Program Files\Common Files\InstallShield 2006-11-16 02:37 -------- d-------- C:\Program Files\Attribute Changer 2006-11-15 00:41 -------- d-------- C:\Documents and Settings\Administrator\Application Data\MegauploadToolbar 2006-11-13 03:58 -------- d-------- C:\Program Files\MegauploadToolbar 2006-11-10 21:08 24064 --a------ C:\WINDOWS\system32\drivers\ATITool.sys 2006-11-07 12:51 -------- d-------- C:\Program Files\QuickTime 2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-10-18 14:51 -------- d-------- C:\Program Files\VideoLAN 2006-10-15 02:02 -------- d-------- C:\Documents and Settings\Administrator\Application Data\Hamachi 2006-10-15 02:00 -------- d-------- C:\Documents and Settings\Administrator\Application Data\vlc 2006-10-14 00:34 -------- d-------- C:\Program Files\Hero_Online 2006-10-13 20:41 65536 --a------ C:\WINDOWS\system32\nwwks.dll 2006-10-13 20:41 64000 --a------ C:\WINDOWS\system32\nwapi32.dll 2006-10-13 20:41 142336 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-09-24 09:18 673546 --a------ C:\WINDOWS\unins000.exe 2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Gadwin PrintScreen 3.5"="\"C:\\Program Files\\Gadwin Systems\\PrintScreen\\PrintScreen.exe\" /nosplash" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "PowerBar"="" "TaskSwitchXP"="\"C:\\Program Files\\TaskSwitchXP\\TaskSwitchXP.exe\"" "Free Download Manager"="\"C:\\Program Files\\Free Download Manager\\fdm.exe\" -autorun" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" "SoundMan"="SOUNDMAN.EXE" "RemoteControl"="\"C:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "InCD"="\"C:\\Program Files\\Ahead\\InCD\\InCD.exe\"" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe" "RegistryMechanic"="" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "TaskSwitchXP"="C:\\Program Files\\TaskSwitchXP\\TaskSwitchXP.exe" "Free Download Manager"="C:\\Program Files\\Free Download Manager\\fdm.exe -autorun" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25,\ 53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73,\ 65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,\ 79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00 "nlhr"=hex(2):52,75,6e,44,6c,6c,33,32,2e,65,78,65,20,25,53,79,73,74,65,6d,52,\ 6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,41,64,76,50,61,63,6b,2e,44,6c,6c,\ 2c,4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,20,25,53,79,73,74,65,6d,\ 52,6f,6f,74,25,5c,69,6e,66,5c,6e,6c,69,74,65,2e,69,6e,66,2c,43,00 "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "TaskSwitchXP"="C:\\Program Files\\TaskSwitchXP\\TaskSwitchXP.exe" "Free Download Manager"="C:\\Program Files\\Free Download Manager\\fdm.exe -autorun" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce] "nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25,\ 53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73,\ 65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,\ 79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00 "nlhr"=hex(2):52,75,6e,44,6c,6c,33,32,2e,65,78,65,20,25,53,79,73,74,65,6d,52,\ 6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,41,64,76,50,61,63,6b,2e,44,6c,6c,\ 2c,4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,20,25,53,79,73,74,65,6d,\ 52,6f,6f,74,25,5c,69,6e,66,5c,6e,6c,69,74,65,2e,69,6e,66,2c,43,00 "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" "{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}"="gloomily" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableCAD"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoSharedDocuments"=dword:00000001 "ClearRecentDocsOnExit"=dword:00000001 "NoRecentDocsMenu"=dword:00000001 "NoRecentDocsHistory"=dword:00000001 "NoInstrumentation"=dword:00000001 "NoSMHelp"=dword:00000001 "DisableCAD"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "NoInternetOpenWith"=dword:00000001 "DisableCAD"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoDesktopCleanupWizard"=dword:00000001 "ForceClassicControlPanel"=dword:00000001 "NoRemoteRecursiveEvents"=dword:00000001 "MemCheckBoxInRunDlg"=dword:00000001 "DisableCAD"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoSharedDocuments"=dword:00000001 "ClearRecentDocsOnExit"=dword:00000001 "NoRecentDocsMenu"=dword:00000001 "NoRecentDocsHistory"=dword:00000001 "NoInstrumentation"=dword:00000001 "NoSMHelp"=dword:00000001 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoSharedDocuments"=dword:00000001 "ClearRecentDocsOnExit"=dword:00000001 "NoRecentDocsMenu"=dword:00000001 "NoRecentDocsHistory"=dword:00000001 "NoInstrumentation"=dword:00000001 "NoSMHelp"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "gloomily"="{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ccApp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "mcusrmgr"=dword:00000002 "mctskshd.exe"=dword:00000002 "McRedirector"=dword:00000002 "McProxy"=dword:00000002 "mcpromgr"=dword:00000002 "McNASvc"=dword:00000002 "mcmispupdmgr"=dword:00000002 "McLogManagerService"=dword:00000002 "McAfee HackerWatch Service"=dword:00000002 "CLTNetCnService"=dword:00000002 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Completion time: 06-12-14 18:39:53.87 C:\ComboFix.txt ... 06-12-14 18:39
  5. Ok well i done my scan with Ad-Aware then used Hijackthis.Few days ago i got infected by malware called win32.dialer/QS.It installed a fake antivirus program called Virus Bursters or something.After that my computer receive several annoying popups every minute so i had to call for help immediately.I managed to fix the annoying popups and removed the fake antivirus program but this "critical system error" thing in my taskbar still exist.Anyway heres the log:P By the way are there any other more problems on my computer?I hope u pros will help me fix it:P Logfile of HijackThis v1.99.1 Scan saved at 7:27:35 AM, on 12/14/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\Free Download Manager\fdm.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\ATITool\ATITool.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN C:\Documents and Settings\Administrator\Desktop\Antivirus stuff\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file) O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - (no file) O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [inCD] "C:\Program Files\Ahead\InCD\InCD.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TaskSwitchXP] "C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe O4 - Global Startup: ATITool.lnk = C:\Program Files\ATITool\ATITool.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: gloomily - {9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} - C:\WINDOWS\system32\mlraakb.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IWin service - Unknown owner - C:\WINDOWS\system32\iwinapp.exe (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ODBC service - Unknown owner - C:\WINDOWS\system32\odbc.exe (file missing) O23 - Service: Win Common module - Unknown owner - C:\WINDOWS\system32\servicemp.exe (file missing)