Jump to content

HUGED1

Anti-Spyware Brigade
  • Content Count

    1,040
  • Joined

  • Last visited

About HUGED1

  • Rank
    Update Notification Specialist

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Lake City, FL

Previous Fields

  • System Specifications:
    XP Home SP3
  • Teams:
    Nothing Selected
  1. Jacee, tried to update @ Driver agent. All I get is IEXPLORE has caused in error in ?????? & will now shut down. Looks like time to wipe the HD & start over. Thank you for your time & trouble. Ed.
  2. ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Sunday, February 05, 2006 21:04:53 Operating System: Microsoft Windows Millennium Edition Kaspersky On-line Scanner version: 5.0.67.0 Kaspersky Anti-Virus database last update: 6/02/2006 Kaspersky Anti-Virus database records: 164389 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: a:\ c:\ d:\ e:\ Scan Statistics: Total number of scanned objects: 25943 Number of viruses found: 0 Number of infected objects: 0 Number of suspicious objects: 0 Duration of the scan process: 3563 sec No malware has been detected. The sections that have been scanned are CLEAN. Scan process completed. C:\unzipped\wallpaperdesktop\desktop.bmp I've had the above for more than a year with no problem. It contains many different styles of wallpaper to use as background on the desktop. I love it. I get tired of the same colors all the time & this makes it very easy to change.
  3. Jacee, Cannot find the items in your reply in this latest HJT scan. Logfile of HijackThis v1.99.1 Scan saved at 6:36:20 PM, on 2/5/2006 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\PROGRAM FILES\JETICO\JETICO PERSONAL FIREWALL\FWSRV.EXE C:\PROGRAM FILES\LEXMARKX83\ACMONITOR_X83.EXE C:\PROGRAM FILES\LEXMARKX83\ACBTNMGR_X83.EXE C:\WINDOWS\SYSTEM\PRINTRAY.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE C:\PROGRAM FILES\LIUTILITIES\SPEEDUPMYPC\SPEEDUPMYPC.EXE C:\PROGRAM FILES\LIUTILITIES\SPEEDUPMYPC\HELPER.EXE C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\MY DOCUMENTS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe" O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~2\ACMonitor_X83.exe O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~2\AcBtnMgr_X83.exe O4 - HKLM\..\Run: [LexStart] Lexstart.exe O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - Startup: SpeedUpMyPC.lnk = C:\Program Files\LIUtilities\SpeedUpMyPC\speedupmypc.exe O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://pcpitstop.com/antivirus/PitPav.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab Also ran a search & cannot find a file or folder named C:\WINDOWS\web.?????? Is this thing mutating as we search for it? SCARY!!
  4. Silent Runners Log. "Silent Runners.vbs", revision 43, http://www.silentrunners.org/ Operating System: Windows Me (Millennium Edition) Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "PopUpStopperProfessional" = ""C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE"" ["Panicware, Inc."] "RoboForm" = ""C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"" ["Siber Systems"] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "ScanRegistry" = "C:\WINDOWS\scanregw.exe /autorun" [MS] "TaskMonitor" = "C:\WINDOWS\taskmon.exe" [MS] "PCHealth" = "C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s" [MS] "SystemTray" = "SysTray.Exe" [MS] "LoadPowerProfile" = "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme" [MS] "JeticoPFStartup" = ""C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"" ["Jetico, Inc."] "Tweak UI" = "RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp" [MS] "Lexmark X83 Button Monitor" = "C:\PROGRA~1\LEXMAR~2\ACMonitor_X83.exe" ["Jetsoft Development Company"] "Lexmark X83 Button Manager" = "C:\PROGRA~1\LEXMAR~2\AcBtnMgr_X83.exe" ["Jetsoft Development Company"] "LexStart" = "Lexstart.exe" [file not found] "LexmarkPrinTray" = "PrinTray.exe" ["Lexmark"] "AVG7_CC" = "C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP" ["GRISOFT, s.r.o."] "AVG7_EMC" = "C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE" ["GRISOFT, s.r.o."] "AVG7_AMSVR" = "C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE" ["GRISOFT, s.r.o."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\ {++} "LoadPowerProfile" = "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme" [MS] "SchedulingAgent" = "mstask.exe" [MS] "*StateMgr" = "C:\WINDOWS\System\Restore\StateMgr.exe" [MS] HKLM\Software\Microsoft\Active Setup\Installed Components\ PerUser_CVT_Inis\(Default) = "Windows Setup - FAT32 Converter" \StubPath = "rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\WINDOWS\INF\applets1.inf" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {724d43a9-0d85-11d4-9908-00400523e39a}\(Default) = (no title provided) -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Siber Systems\AI RoboForm\roboform.dll" ["Siber Systems"] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension" -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."] "{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension" -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."] AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\unzipped\wallpaperdesktop\desktop.bmp" WIN.INI & SYSTEM.INI launch points: ----------------------------------- SYSTEM.INI [boot] "SCRNSAVE.EXE=C:\WINDOWS\SYSTEM\AFTERD~1.SCR" (After Dark Games.scr) ["Berkeley Systems, Inc."] Startup items in "Startup" & "All Users...Startup" folders: ----------------------------------------------------------- C:\WINDOWS\Start Menu\Programs\StartUp "SpeedUpMyPC" -> shortcut to: "C:\Program Files\LIUtilities\SpeedUpMyPC\speedupmypc.exe traybar" [null data] Enabled Scheduled Tasks: ------------------------ "PCHealth Scheduler for Data Collection" -> launches: "C:\WINDOWS\PCHEALTH\SUPPORT\PCHSCHD.EXE -c" [MS] "wrSpySweeperTrialSweep" -> launches: "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SpySweeper.exe /ScheduleSweep=wrSpySweeperTrialSweep" ["Webroot Software, Inc."] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "C:\WINDOWS\SYSTEM\rnr20.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 00000000000#\PackedCatalogItem (contains) DLL [Company Name], (at) # range: C:\WINDOWS\SYSTEM\mswsosp.dll [MS], 1 C:\WINDOWS\SYSTEM\msafd.dll [MS], 2 - 4 C:\WINDOWS\SYSTEM\rsvpsp.dll [MS], 5 - 6 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ "{724D43A0-0D85-11D4-9908-00400523E39A}" = "&RoboForm" [from CLSID] -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Siber Systems\AI RoboForm\roboform.dll" ["Siber Systems"] HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{724D43A0-0D85-11D4-9908-00400523E39A}" = "&RoboForm" [from CLSID] -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Siber Systems\AI RoboForm\roboform.dll" ["Siber Systems"] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{724D43A0-0D85-11D4-9908-00400523E39A}" = "&RoboForm" [from CLSID] -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Siber Systems\AI RoboForm\roboform.dll" ["Siber Systems"] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {FB5F1910-F110-11D2-BB9E-00C04F795683}\ "ButtonText" = "Messenger" "MenuText" = "MSN Messenger Service" {724D43AA-0D85-11D4-9908-00400523E39A}\ "ButtonText" = "RoboForm" "MenuText" = "RoboForm Toolbar" "Script" = "file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html" [file not found] {320AF880-6646-11D3-ABEE-C5DBF3571F46}\ "ButtonText" = "Fill Forms" "MenuText" = "Fill Forms" "Script" = "file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html" [file not found] {320AF880-6646-11D3-ABEE-C5DBF3571F49}\ "ButtonText" = "Save" "MenuText" = "Save Forms" "Script" = "file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html" [file not found] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ X83 Monitor\Driver = "lxaspmd.dll" ["Oasis Semiconductor Inc."] Lexmark X83 LanguageMonitor\Driver = "lxaslmon.dll" ["Lexmark International Inc. "] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points and all Registry CLSIDs for dormant Explorer Bars, use the -supp parameter or answer "No" at the first message box. ---------- (total run time: 32 seconds, including 18 seconds for message boxes)
  5. Incident Status Location Spyware:Cookie/Doubleclick Not disinfected C:\WINDOWS\Cookies\[email protected][1].txt Spyware:Cookie/Tribalfusion Not disinfected C:\WINDOWS\Cookies\[email protected][1].txt Spyware:Cookie/Doubleclick Not disinfected C:\WINDOWS\Cookies\[email protected][1].txt Spyware:Cookie/Tribalfusion Not disinfected C:\WINDOWS\Cookies\[email protected][1].txt Jacee, I think these are all from the PIT. Ed.
  6. Whatever this is, it has also deleted my Outlook Express account so I have to go to RR Web mail to check for messages.
  7. Something has been wreaking havoc since last Sunday. AVG,Spybot, AdAware & Spy Sweeper say I'm clean. Not true. Something turns off AVG now & then. Had to delete & reinstall Spy Sweeper. Can't complete AdAware scan unless I run CleanUp first. Spybot completes but doesn't find anything. Running ME & all scans are run in safe mode????? Here's my log. Any & all help appreciated. Thanks, Ed. Logfile of HijackThis v1.99.1 Scan saved at 2:05:42 PM, on 2/3/2006 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\JETICO\JETICO PERSONAL FIREWALL\FWSRV.EXE C:\PROGRAM FILES\LEXMARKX83\ACMONITOR_X83.EXE C:\PROGRAM FILES\LEXMARKX83\ACBTNMGR_X83.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\WINDOWS\SYSTEM\PRINTRAY.EXE C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\WRSSSDK.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\MY DOCUMENTS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/html/index.cfm?p=16&m=202 O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe" O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~2\ACMonitor_X83.exe O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~2\AcBtnMgr_X83.exe O4 - HKLM\..\Run: [LexStart] Lexstart.exe O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe O4 - HKLM\..\Run: [spySweeper] "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - Startup: SpeedUpMyPC.lnk = C:\Program Files\LIUtilities\SpeedUpMyPC\speedupmypc.exe O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing) O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://pcpitstop.com/antivirus/PitPav.cab
  8. HUGED1

    Age?

    68 in 44 more days. Ed.
×
×
  • Create New...