Kyle B

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Kyle B

  • Rank
    Member
  1. CalamityJane, I fixed the log file - my apologies. I recently installed both Spybot and Zone Alarm Security Suite, but only after I was recieving problems. The reason for installing these programs was that I had the belief that my computer was infected. Previously, I was using Norton Antivirus.
  2. Per your suggestion, I downloaded ComboFix and did a scan. ComboFix Log Start Time= Sun 06/25/2006 22:48:58.31 Running from: C:\DOCUME~1\KYLE\DESKTOP\TEMPOR~1\COMBOFIX.EXE QuickScan did not find any signs of infected files (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-06-25 17:44:56 ( .D... ) "C:\Program Files\Lavasoft" 2006-06-18 17:54:58 394872 ( A.... ) "C:\WINDOWS\system32\vsdatant.sys" 2006-06-18 17:54:58 394872 ( A.... ) "C:\WINDOWS\system32\vsdatant.sys" 2006-06-18 17:54:48 75776 ( A.... ) "C:\WINDOWS\zllsputility.exe" 2006-06-18 17:54:26 83960 ( A.... ) "C:\WINDOWS\system32\zlcomm.dll" 2006-06-18 17:54:26 71672 ( A.... ) "C:\WINDOWS\system32\zlcommdb.dll" 2006-06-18 17:54:24 100344 ( A.... ) "C:\WINDOWS\system32\vsxml.dll" 2006-06-18 17:54:24 59384 ( A.... ) "C:\WINDOWS\system32\vswmi.dll" 2006-06-18 17:54:22 440312 ( A.... ) "C:\WINDOWS\system32\vsutil.dll" 2006-06-18 17:54:22 71672 ( A.... ) "C:\WINDOWS\system32\vsregexp.dll" 2006-06-18 17:54:20 268280 ( A.... ) "C:\WINDOWS\system32\vspubapi.dll" 2006-06-18 17:54:20 157688 ( A.... ) "C:\WINDOWS\system32\vsinit.dll" 2006-06-18 17:54:20 104440 ( A.... ) "C:\WINDOWS\system32\vsmonapi.dll" 2006-06-18 17:54:18 83960 ( A.... ) "C:\WINDOWS\system32\vsdata.dll" 2006-06-16 20:20:02 ( .D... ) "C:\Documents and Settings\Kyle\Application Data\MailFrontier" 2006-06-16 20:07:22 ( .D... ) "C:\Program Files\Zone Labs" 2006-06-15 18:48:38 737280 ( A.... ) "C:\WINDOWS\iun6002.exe" 2006-06-14 23:14:48 ( .D... ) "C:\Program Files\GE2006" 2006-06-14 16:44:24 ( .D... ) "C:\Program Files\Raxco" 2006-06-12 20:12:56 ( .D... ) "C:\Program Files\Spybot - Search & Destroy" 2006-06-08 21:19:50 5967776 ( A.... ) "C:\WINDOWS\system32\MRT.exe" 2006-06-07 19:07:46 ( .D... ) "C:\Program Files\Delta Virtual" 2006-06-07 18:45:38 ( .D... ) "C:\Program Files\DeltaFlights" 2006-06-03 22:45:40 ( .D... ) "C:\Program Files\#1 Sound Recorder" 2006-06-03 22:28:02 ( .D... ) "C:\Program Files\XAudioTools" 2006-06-03 21:54:58 ( .D... ) "C:\Program Files\Advanced Sound Recorder" 2006-06-01 14:47:08 163840 ( A.... ) "C:\WINDOWS\system32\jgdw400.dll" 2006-06-01 14:47:08 27648 ( A.... ) "C:\WINDOWS\system32\jgpl400.dll" 2006-05-31 17:51:20 796584 ( A.... ) "C:\WINDOWS\system32\libeay32_0.9.6l.dll" 2006-05-29 11:30:34 1494016 ( A.... ) "C:\WINDOWS\system32\shdocvw.dll" 2006-05-29 09:03:10 ( .D... ) "C:\Program Files\Project64 1.6" 2006-05-21 13:17:54 ( .D... ) "C:\Program Files\WebCyberCoach" 2006-05-19 11:08:32 3052544 ( A.... ) "C:\WINDOWS\system32\mshtml.dll" 2006-05-18 01:24:26 450560 ( A.... ) "C:\WINDOWS\system32\jscript.dll" 2006-05-14 09:51:12 ( .D... ) "C:\Program Files\FSACARS" 2006-05-14 04:44:08 181248 ( A.... ) "C:\WINDOWS\system32\rasmans.dll" 2006-05-13 18:55:34 ( .D... ) "C:\Program Files\Daemon Tools" 2006-05-11 04:23:24 24576 ( A.... ) "C:\WINDOWS\system32\xpsp3res.dll" 2006-05-10 01:23:04 658432 ( A.... ) "C:\WINDOWS\system32\wininet.dll" 2006-05-10 01:23:02 613888 ( A.... ) "C:\WINDOWS\system32\urlmon.dll" 2006-05-10 01:23:02 532480 ( A.... ) "C:\WINDOWS\system32\mstime.dll" 2006-05-10 01:23:02 474112 ( A.... ) "C:\WINDOWS\system32\shlwapi.dll" 2006-05-10 01:23:02 448512 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll" 2006-05-10 01:23:02 146432 ( A.... ) "C:\WINDOWS\system32\msrating.dll" 2006-05-10 01:23:02 39424 ( A.... ) "C:\WINDOWS\system32\pngfilt.dll" 2006-05-10 01:23:00 1054208 ( A.... ) "C:\WINDOWS\system32\danim.dll" 2006-05-10 01:23:00 1022976 ( A.... ) "C:\WINDOWS\system32\browseui.dll" 2006-05-10 01:23:00 357888 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll" 2006-05-10 01:23:00 251392 ( A.... ) "C:\WINDOWS\system32\iepeers.dll" 2006-05-10 01:23:00 205312 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll" 2006-05-10 01:23:00 151040 ( A.... ) "C:\WINDOWS\system32\cdfview.dll" 2006-05-10 01:23:00 96256 ( A.... ) "C:\WINDOWS\system32\inseng.dll" 2006-05-10 01:23:00 55808 ( A.... ) "C:\WINDOWS\system32\extmgr.dll" 2006-05-10 01:23:00 16384 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll" 2006-05-05 06:55:10 1112 ( A.... ) "C:\Documents and Settings\Kyle\Application Data\AdobeDLM.log" 2006-05-05 06:55:10 0 ( A.... ) "C:\Documents and Settings\Kyle\Application Data\dm.ini" 2006-05-01 06:30:12 ( .D... ) "C:\Program Files\ZAR" 2006-05-01 06:22:24 14848 ( A.... ) "C:\WINDOWS\system32\BASSMOD.dll" 2006-05-01 06:21:18 ( .D... ) "C:\Program Files\PhotoRescue Pro" 2006-04-29 12:49:18 51920 ( A.... ) "C:\Documents and Settings\Kyle\Application Data\GDIPFONTCACHEV1.DAT" 2006-04-29 06:07:48 5533696 ( A.... ) "C:\WINDOWS\system32\wmp.dll" 2006-04-25 21:58:46 ( .D... ) "C:\Program Files\BirdsEyeView" 2006-04-10 13:00:34 555824 ( A.... ) "C:\WINDOWS\system32\LegitCheckControl.dll" 2006-04-10 13:00:30 144688 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll" 2006-04-10 13:00:28 186672 ( ..... ) "C:\WINDOWS\system32\WgaTray.exe" ((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe" "ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "Profiler"="C:\\Program Files\\Saitek\\Software\\Profiler.exe" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,88,00,00,00,00,00,00,00,78,03,00,00,e2,02,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,88,00,00,00,00,00,00,00,78,03,00,00,e2,02,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] "backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] "backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE " "item"="Adobe Reader Speed Launch" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] "backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup" "location"="Common Startup" "item"="InterVideo WinCinema Manager" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] "backup"="C:\\WINDOWS\\pss\\QuickBooks Update Agent.lnkCommon Startup" "location"="Common Startup" "item"="QuickBooks Update Agent" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="aim" "hkey"="HKCU" "command"="C:\\PROGRA~1\\AIM\\aim.exe -cnetwait.odl" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DVDLauncher" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AOLSoftware" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\AOL\\1134827598\\ee\\AOLSoftware.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IntelMEM" "hkey"="HKLM" "command"="C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mmtask" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RealPlay" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SaiSmart" "hkey"="HKLM" "command"="C:\\Program Files\\Saitek\\Software\\SaiSmart.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="smax4pnp" "hkey"="HKLM" "command"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StyleXP" "hkey"="HKCU" "inimapping"="0" Contents of the 'Scheduled Tasks' folder Completion time: Sun 06/25/2006 22:52:02.57 ComboFix ver 06.06.24 - This logfile is located at C:\ComboFix.txt
  3. CalamityJane, I have done all that you've asked for. I greately appreciated the step-by-step instructions y'all give - you're great!! However, for some odd reason (I believe this is due to reinstalling the program and still not being able to successfully complete a scan) I do not have one Ad-Aware SE log file in the described location. You can find my logs here. Thanks again!
  4. The problem I am having is that my Ad-Aware SE program freezes while scanning the local registry. Thank-you to all who are working on this - I know how tedious it can be HijackThis Log Logfile of HijackThis v1.99.1 Scan saved at 1:27:16 AM, on 6/25/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Saitek\Software\Profiler.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\explorer.exe C:\Program Files\iTunes\iTunes.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Microsoft Games\Flight Simulator 2004\ServInfo\ServInfo.exe C:\Program Files\VRC\VRC.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Kyle\Desktop\TEMPORARY\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://www.dell4me.com/myway]http://www.dell4me.com/myway[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url=http://bfc.myway.com/search/de_srchlft.html]http://bfc.myway.com/search/de_srchlft.html[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://www.dell4me.com/myway]http://www.dell4me.com/myway[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [url=http://go.microsoft.com/fwlink/?LinkId=488]http://go.microsoft.com/fwlink/?LinkId=488[/url] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file) O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe c:\windows\system32\zonelabs\srescan.dll,DoSpecialAction O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office Pro\Office10\OSA.EXE O8 - Extra context menu item: &eBay Search - blank O8 - Extra context menu item: &Search - [url=http://bar.mywebsearch.com/menusearch.html?p=ZU]http://bar.mywebsearch.com/menusearch.html?p=ZU[/url] O8 - Extra context menu item: E&xport to Microsoft Excel - blank O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Yahoo! Euchre - [url=http://download.games.yahoo.com/games/clients/y/et1_x.cab]http://download.games.yahoo.com/games/clients/y/et1_x.cab[/url] O17 - HKLM\System\CCS\Services\Tcpip\..\{B5D6BA17-1E47-46AF-928C-EC10C8DF36C5}: NameServer = 192.168.1.1 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe RootkitRevealer Log HKLM\S-1-5-21-1406417884-712978472-2581901077-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Xlyr\Zl Qbphzragf\Nmherhf Svyrf\Qbjaybnqf\CFF - Nveohf N31 6/25/2006 1:58 AM 16 bytes Hidden from Windows API. HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version 6/11/2006 9:43 PM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Classes\webcal\URL Protocol 7/7/2005 7:25 PM 13 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version 6/11/2006 9:43 PM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Zone Labs\ZoneAlarm\IncomingCount 6/25/2006 1:58 AM 4 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Zone Labs\ZoneAlarm\BlockCount 6/25/2006 1:58 AM 4 bytes Data mismatch between Windows API and raw hive data. HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 3/31/2006 9:23 PM 0 bytes Access is denied. C:\Documents and Settings\Kyle\Local Settings\Temp\jupdate1.5.0.xml 6/25/2006 2:00 AM 939 bytes Hidden from Windows API. Backlight Log 06/25/06 02:11:06 [Info]: BlackLight Engine 1.0.41 initialized 06/25/06 02:11:06 [Info]: OS: 5.1 build 2600 (Service Pack 2) 06/25/06 02:11:06 [Note]: 7019 4 06/25/06 02:11:06 [Note]: 7005 0 06/25/06 02:11:13 [Note]: 7006 0 06/25/06 02:11:13 [Note]: 7011 2152 06/25/06 02:11:13 [Note]: 7026 0 06/25/06 02:11:13 [Note]: 7026 0 06/25/06 02:11:25 [Note]: FSRAW library version 1.7.1018 06/25/06 02:14:36 [Note]: 2000 1006 06/25/06 02:14:55 [Note]: 7007 0 The original topic for this problem can be found here.
  5. Come on guys. This has been here for 4 days!! Any help would be appreciated. I've been working on this problem for quite some time, and I'd like to get it fixed pronto.
  6. Along with many others, I am having a scan-freeze problem. Unfortunately, I cannot take a screenshot of the event becasue it locks up my system for a few seconds. I have tried the following: Check Disk Disk Defragmentation Up-To-Date Definitions Up-To-Date Program Disk Cleanup A Registry Cleaner Ad-Aware Settings Properly Changed Attempted Scan In Safe Mode Attempted Scan After CCleaner Has Done It's Job I have been a user of CCleaner for some time now. More recently, I was having success once I deleted all of my temporary internet files through Disk Cleanup. However, CCleaner does this on a regular basis. At this point, I am stuck. I have tried everything. Shall I post a log file from FilemonNT? Most importantly, I want to remind you that the stalling problem is occuring in the local registry area of my system. I appreciate your support. I will be patiently awaiting your response. Kyle Bilby
  7. I decided to try this by using the Disk Cleanup utility in Windows. Sure enough, my Ad-Aware scans now complete past the stall point. What's the reason for this? I can see that it will be annoying to run a Disk Cleanup every time I want to do a scan. The reason why I don't run it often is because I have CCleaner and that takes care of everything Disk Cleanup does, and on a regular basis.
  8. I have tried all of the above, numerous times. I am using Windows XP Home. I have updated defenitions and Ad-Aware and I have done a check disk, defragmentation, etc. Everytime, the the scan stalls at the Software portion of the local registry.
  9. Anyone have a solution? This thread has seem to gone unnoticed for a few days...
  10. My Ad-Aware SE locks up when it scans the HKEY_LOCAL_MACHINE/Software directory. I have tried all of the above steps including uninstalling/reinstalling (this was my 1st step and really has no significance b/c of the update) doing a disk defragmentation and check disk. Below is a portion of my Filemon log: 257 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Documents and Settings\All Users\Desktop\Ad-Aware SE Personal.lnk SUCCESS Length: 841 258 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Documents and Settings\All Users\Desktop\Ad-Aware SE Personal.lnk SUCCESS Length: 841 259 11:24:14 AM explorer.exe:1836 CLOSE C:\Documents and Settings\All Users\Desktop\Ad-Aware SE Personal.lnk SUCCESS 260 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 261 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 262 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 263 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: Execute 264 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 265 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 266 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 267 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: All 268 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 269 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 270 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 271 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: Execute 272 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 273 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 274 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 275 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: All 276 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 277 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 278 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 45056 279 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 49152 280 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 53248 281 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 57344 282 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 61440 283 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: All 284 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 285 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 286 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS FileNameInformation 287 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 288 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\ SUCCESS Options: Open Directory Access: All 289 11:24:14 AM explorer.exe:1836 DIRECTORY C:\Program Files\ SUCCESS FileBothDirectoryInformation: Lavasoft 290 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\ SUCCESS 291 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\ SUCCESS Options: Open Directory Access: All 292 11:24:14 AM explorer.exe:1836 DIRECTORY C:\Program Files\Lavasoft\Ad-Aware SE Personal\ SUCCESS FileBothDirectoryInformation: Ad-Aware.exe 293 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\ SUCCESS 294 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 295 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 296 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe.Manifest NOT FOUND Options: Open Access: All 297 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe.Config NOT FOUND Options: Open Access: All 298 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\PROGRA~1\Lavasoft\AD-AWA~1 SUCCESS Attributes: D 299 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 300 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 65536 301 11:24:14 AM explorer.exe:1836 SET INFORMATION C:\Documents and Settings\Kyle\ntuser.dat.LOG SUCCESS Length: 69632 302 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 303 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 304 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 305 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: Execute 306 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 307 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 308 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 309 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A 310 11:24:14 AM explorer.exe:1836 OPEN C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Options: Open Access: Execute 311 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Length: 824832 312 11:24:14 AM explorer.exe:1836 CLOSE C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS 313 11:24:14 AM explorer.exe:1836 QUERY INFORMATION C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe SUCCESS Attributes: A