tarantino

Members
  • Content Count

    40
  • Joined

  • Last visited

Community Reputation

0 Neutral

About tarantino

  • Rank
    Advanced Member
  1. ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:13:17 PM, on 2/17/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trillian\trillian.exe C:\Documents and Settings\doug.DOUG-5742A9BBB2\Desktop\Stuff\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [DriverCD] D:\Run.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot O4 - HKUS\S-1-5-19\..\RunOnce: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {81449547-EB5D-422E-8730-932DC5E412C8} (UVUPlayer Control) - http://www.howardstern.com/install/uvuplayer.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe --- what processes are bad?
  2. as you can see this what it looks like. same thing when i click on folder properties, half of it is in english and other is in arabic. this is really weird. thanks in advance. here is my log. ------------------------- Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 9:51:15 PM, on 5/16/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\cidaemon.exe C:\Documents and Settings\Owner\Desktop\My Stuff\Programs\Mozilla 2\Mozilla Firefox\firefox.exe C:\Documents and Settings\Owner\Desktop\My Stuff\Programs\HijackThis\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWSabout.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = : O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 4735 bytes
  3. Thanks man, u2. (solved!) huh... PUT IT IN RESOLVED FORUM!
  4. thank you HJT for your help and effort. (check post above u again ) that's tune-up utilities 2006 cleaning my pc from junk
  5. bump* EDIT: OMFG OMFG I DID IT!! (SRRY FOR OVER EXCITEMENT! ROFL!!) thnx ai tak, i went into registry and changed parameters and values and i did !! YES D*mn IT!! THNX! SOLUTION! 1)First of all you have to check your browsers user string (someone messed up mine [prbly spyware]) by entering java script:alert(navigator.userAgent) this script into your web browser address bar. And this table i copied from microsoft's web site just to let you understand what these parameters mean MSIE 7.0 Internet Explorer 7 MSIE 7.0b Internet Explorer 7 (Beta 1 pre-release only) MSIE 6.0 Internet Explorer 6 MSIE 6.0b Internet Explorer 6 (pre-release) MSIE 5.5 Internet Explorer 5.5 MSIE 5.01 Internet Explorer 5.01 MSIE 5.0 Internet Explorer 5 MSIE 5.0b1 Internet Explorer 5 (pre-release) MSIE 4.01 Internet Explorer 4.01 Platform tokens describe your operating system; the following table lists Internet Explorer platform tokens for the last several versions of Windows. Platform token Description Windows NT 6.0 Windows Vista Windows NT 5.2 Windows Server 2003; Windows XP x64 Edition Windows NT 5.1 Windows XP Windows NT 5.01 Windows 2000, Service Pack 1 (SP1) Windows NT 5.0 Windows 2000 Windows NT 4.0 Microsoft Windows NT 4.0 Windows 98; Win 9x 4.90 Windows Millennium Edition (Windows Me) Windows 98 Windows 98 Windows 95 Windows 95 Windows CE Windows CE Token Description .NET CLR .NET Framework common language runtime, followed by the version number SV1 Internet Explorer 6 with enhanced security features. (Windows XP SP2 and Windows Server 2003 only) Tablet PC Tablet services are installed; number indicates the version number Win64; IA64 System has a 64-bit processor (Intel) Win64; x64 System has a 64-bit processor (AMD) WOW64 A 32-bit version of Internet Explorer is running on a 64-bit processor. Here's final step User-Agent Registry Keys When you install certain Windows components, such as the Microsoft .NET Framework or Windows XP SP2, tokens are added to the user-agent string. This is done by adding tokens to the following registry keys. HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) SOFTWARE Microsoft Windows CurrentVersion Internet Settings User Agent Pre Platform Token=Value Post Platform Token=Value The Pre-Platform and Post-Platform keys contain values whose names appear before and after the Platform token respectively. For example, if a string value is added to the Post-platform key, the name appears after platform token in the user-agent string. Multiple tokens added to either key appear in an unpredictable order. You can also override certain tokens of the user-agent string by adding values to the following registry key HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) SOFTWARE Microsoft Windows CurrentVersion Internet Settings 5.0 User Agent (default)= "Mozilla/4.0" Compatible= "compatible" Platform= "Windows NT 5.1" Version= "MSIE 6.0" Pre Platform Token=Value Post Platform Token=Value There you go, thnx everybody for your help and effort. I guess sometimes user has to figure out some things on his own, but with little help of others.
  6. i dont know man, but if u say so.. what should i do? if u read above, i already said that web-sites recognize my ie as Netscape.
  7. Here ---- Owner - 06-12-30 20:43:59.17 Service Pack 2 ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Owner\Desktop\My Stuff" ((((((((((((((((((((((((((((((( Files Created from 2006-11-30 to 2006-12-30 )))))))))))))))))))))))))))))))))) 2006-12-29 18:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2006-12-29 18:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2006-12-29 17:17 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2006-12-24 16:50 387 --a------ C:\WINDOWS\system32\vfw_32.reg 2006-12-24 16:50 <DIR> d-------- C:\WINDOWS\system32\drivex 2006-12-05 21:06 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\DivX (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-29 19:10 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-12-29 19:09 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-12-29 17:05 -------- d-------- C:\Documents and Settings\Owner\Application Data\LimeWire 2006-12-28 20:40 -------- d-------- C:\Documents and Settings\Owner\Application Data\SiteAdvisor 2006-12-25 18:25 -------- d-------- C:\Documents and Settings\Owner\Application Data\uTorrent 2006-12-14 21:33 -------- d-------- C:\Program Files\Internet Explorer 2006-12-14 21:32 -------- d-------- C:\Program Files\Windows Media Player 2006-12-14 21:30 -------- d-------- C:\Program Files\Outlook Express 2006-12-14 21:30 -------- d-------- C:\Program Files\Common Files\System 2006-12-08 14:49 15360 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys 2006-12-06 23:14 2330624 --a------ C:\WINDOWS\system32\wmvcore.dll 2006-12-02 23:40 -------- d-------- C:\Program Files\DivX 2006-11-27 16:09 -------- d-------- C:\Program Files\SiteAdvisor 2006-11-25 18:17 -------- d-------- C:\Program Files\Java 2006-11-25 18:16 -------- d-------- C:\Program Files\Common Files\Java 2006-11-25 18:16 -------- d-------- C:\Program Files\Common Files 2006-11-25 15:23 65536 --a------ C:\WINDOWS\IFinst27.exe 2006-11-25 12:35 -------- d-------- C:\Program Files\Lavasoft 2006-11-25 12:35 -------- d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft 2006-11-24 23:56 -------- d-------- C:\Program Files\Microsoft Corporation 2006-11-24 23:33 -------- d-------- C:\Program Files\Microsoft Works 2006-11-24 20:05 -------- d-------- C:\Program Files\TuneUp Utilities 2006 2006-11-24 20:04 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2006-11-23 21:55 15440 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2006-11-23 14:59 -------- d-------- C:\Program Files\Winamp 2006-11-15 16:01 520192 --a------ C:\WINDOWS\system32\DivXsm.exe 2006-11-15 16:01 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2006-11-15 16:01 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2006-11-15 16:01 1044480 --a------ C:\WINDOWS\system32\libdivx.dll 2006-11-15 15:56 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2006-11-15 15:56 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll 2006-11-15 15:56 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll 2006-11-15 15:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll 2006-11-15 15:56 635486 --a------ C:\WINDOWS\system32\DivX.dll 2006-11-15 15:56 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2006-11-15 15:56 57344 --a------ C:\WINDOWS\system32\dpv11.dll 2006-11-15 15:56 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2006-11-15 15:56 344064 --a------ C:\WINDOWS\system32\dpus11.dll 2006-11-15 15:56 294912 --a------ C:\WINDOWS\system32\dpu11.dll 2006-11-15 15:56 294912 --a------ C:\WINDOWS\system32\dpu10.dll 2006-11-15 15:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2006-11-15 15:36 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll 2006-11-15 15:36 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe 2006-11-14 22:27 -------- d-------- C:\Program Files\MSXML 4.0 2006-11-08 22:52 -------- d-------- C:\Program Files\iTunes 2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-11-07 17:50 -------- d-------- C:\Program Files\GemMaster 2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-10-28 20:27 18916 --a------ C:\WINDOWS\system32\tfak.dll 2006-10-19 08:56 713216 --a------ C:\WINDOWS\system32\sxs.dll 2006-10-13 07:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll 2006-10-13 07:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll 2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-09 10:58 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll 2006-10-05 19:26 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe" "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe" "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "SiteAdvisor"="\"C:\\Program Files\\SiteAdvisor\\4608\\SiteAdv.exe\"" "MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe" "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\McAgent.exe" "MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe" "MPFEXE"="\"C:\\Program Files\\McAfee.com\\Personal Firewall\\MPFTray.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\ 63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\ 6d,73,73,74,79,6c,65,73,00 "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\ 73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\A6A01490917B8D50.job C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#hp psc 2400 series#1158621125.job Completion time: 06-12-30 20:44:56.71 C:\ComboFix.txt ... 06-12-30 20:44
  8. 12/30/06 13:50:59 [info]: BlackLight Engine 1.0.55 initialized 12/30/06 13:50:59 [info]: OS: 5.1 build 2600 (Service Pack 2) 12/30/06 13:50:59 [Note]: 7019 4 12/30/06 13:50:59 [Note]: 7005 0 12/30/06 13:51:01 [Note]: 7006 0 12/30/06 13:51:01 [Note]: 7011 1748 12/30/06 13:51:02 [Note]: 7026 0 12/30/06 13:51:02 [Note]: 7026 0 12/30/06 13:51:06 [Note]: FSRAW library version 1.7.1021 12/30/06 14:37:08 [Note]: 7007 0 nothing foind tho
  9. Server not found can u post another mirror for combo fix? thnx
  10. i don't see netscape in this list... funny. --------- µTorrent Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Reader 7.0.8 Adobe Shockwave Player AOLIcon Dell CinePlayer Dell Digital Jukebox Driver Dell Driver Reset Tool Digital Content Portal DivX Codec ELIcon High Definition Audio Driver Package - KB835221 HijackThis 1.99.1 Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB888795) Hotfix for Windows XP (KB891593) Hotfix for Windows XP (KB895961) Hotfix for Windows XP (KB899337) Hotfix for Windows XP (KB899510) Hotfix for Windows XP (KB902841) Hotfix for Windows XP (KB914440) Hotfix for Windows XP (KB915865) HP Photo & Imaging 3.1 HP PSC & OfficeJet 3.0 hp psc 2400 series HP Software Update Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers Intel® PROSet for Wired Connections iTunes J2SE Runtime Environment 5.0 Update 9 LimeWire PRO 4.12.6 Mavis Beacon Teaches Typing Deluxe 16 McAfee SiteAdvisor McAfee Uninstall Wizard MCU Memories Disc Creator 2.0 Microsoft .NET Framework 1.0 Hotfix (KB887998) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Modem Helper Mozilla Firefox (2.0) MSXML 4.0 SP2 (KB927978) Nero 7 Ultra Edition NetWaiting Pro Media Director Version 1.1.1.2 QIP 2005 Uninstall QuickTime RealPlayer Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922760) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923694) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924191) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB925454) Security Update for Windows XP (KB925486) Security Update for Windows XP (KB926255) Sonic Activation Module Sonic Encoders Spybot - Search & Destroy 1.4 Steam Trillian TuneUp Utilities 2006 Update for Windows Media Player 10 (KB913800) Update for Windows Media Player 10 (KB926251) Update for Windows XP (KB894391) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB904942) Update for Windows XP (KB910437) Update for Windows XP (KB911280) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update Rollup 2 for Windows XP Media Center Edition 2005 Verizon Online Winamp (remove only) Windows Media Format Runtime Windows Media Player 10 Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB890927 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB908250 WinRAR archiver XviD 1.1 final uninstall
  11. meh.. still same thing, but removed all the spyware. if u guys are willing to help me out.. EDIT! EDIT! EDIT ! EDIT! EDIT ! EDIT! EDIT! ok, i think my problem is caused by spyware which now is deleted and my pc is pest free. as i told u before i have mcafee, so it wanted to update itself and u might wana read this message carefully . ie explorer opened, i logged in into my mcafee account and i tried to update it, but check this out ----------------------------- : "We have detected that your primary browser is Netscape. McAfee Application requires a one-time installation of the McAfee Clinic Activator Plug-in to support Application installations and updates. You will be presented with a Plug-in installation dialog box within a few seconds. Simply select the Install button and follow the instructions as they are presented to install the Plug-in. The Plug-in file is approximately 90K and will take between 10 seconds and 15 seconds to download and install over a 56K modem line. Once the Plug-in has been automatically installed, the McAfee Application install process will automatically begin. " ------------------------------------ Rly amazing... my default browser is Netscape? huh? i still can't figure out what to do, can u guys help me out?> thnx!!
  12. bump.. heh, even microsft people are struggling w/ my problem...
  13. ty alot. it would be great if u could let me know ur aim or msn...