TechSpot

Doginitspen & skitodayplease is making me crazy!

By MommyMidnight
Feb 22, 2008
  1. Please help me get rid of doginitspen & skitodayplease. I can't take it anymore! I've followed some of the threads but I can't figure out which files to paste into AWF. Any help would be appreciated.

    Here is my awf file:

    bak folders found
    ~~~~~~~~~~~


    Directory of C:\PROGRA~1\DELLSU~1\BAK

    08/28/2006 10:57 PM 395,776 DSAgnt.exe
    1 File(s) 395,776 bytes

    Directory of C:\PROGRA~1\ITUNES\BAK

    11/15/2007 01:11 PM 267,048 iTunesHelper.exe
    1 File(s) 267,048 bytes

    Directory of C:\PROGRA~1\LEXMAR~1\BAK

    08/01/2005 07:05 AM 94,208 ezprint.exe
    07/21/2005 01:07 AM 200,704 lxcgmon.exe
    2 File(s) 294,912 bytes

    Directory of C:\PROGRA~1\LEXMAR~2\BAK

    07/12/2005 08:36 AM 299,008 fm3032.exe
    1 File(s) 299,008 bytes

    Directory of C:\PROGRA~1\NETWAI~1\BAK

    09/10/2003 03:24 AM 20,480 netWaiting.exe
    1 File(s) 20,480 bytes

    Directory of C:\WINDOWS\EHOME\BAK

    09/29/2005 03:01 PM 67,584 ehtray.exe
    1 File(s) 67,584 bytes

    Directory of C:\WINDOWS\SYSTEM32\BAK

    08/10/2004 06:00 AM 15,360 ctfmon.exe
    12/14/2005 12:41 AM 77,824 hkcmd.exe
    12/14/2005 12:45 AM 118,784 igfxpers.exe
    12/14/2005 12:44 AM 98,304 igfxtray.exe
    11/01/2006 07:48 PM 1,392,640 WLTRAY.exe
    5 File(s) 1,702,912 bytes

    Directory of C:\PROGRA~1\DELL\MEDIAD~1\BAK

    05/02/2007 05:16 PM 184,320 PCMService.exe
    1 File(s) 184,320 bytes

    Directory of C:\PROGRA~1\DELL\QUICKSET\BAK

    08/03/2006 07:51 PM 1,032,192 quickset.exe
    1 File(s) 1,032,192 bytes

    Directory of C:\PROGRA~1\GOOGLE\GOOGLE~1\BAK

    12/01/2006 09:13 PM 236,544 GoogleDesktop.exe
    1 File(s) 236,544 bytes

    Directory of C:\PROGRA~1\LIVE365\RADIO365\BAK

    12/19/2006 05:55 PM 884,736 Radio365TrayAgent.exe
    1 File(s) 884,736 bytes

    Directory of C:\PROGRA~1\SYNAPT~1\SYNTP\BAK

    03/08/2006 07:48 PM 761,947 SynTPEnh.exe
    1 File(s) 761,947 bytes

    Directory of C:\PROGRA~1\THEWEA~1\DESKTO~2\BAK

    03/16/2007 06:51 AM 715,888 DesktopWeather.exe
    1 File(s) 715,888 bytes

    Directory of C:\PROGRA~1\TIVO\DESKTOP\BAK

    07/11/2006 07:24 AM 341,504 TiVoNotify.exe
    07/11/2006 07:26 AM 1,313,792 TiVoServer.exe
    2 File(s) 1,655,296 bytes

    Directory of C:\PROGRA~1\YAHOO!\MESSEN~1\BAK

    03/27/2007 02:22 PM 4,670,968 YAHOOM~1.EXE
    1 File(s) 4,670,968 bytes

    Directory of C:\PROGRA~1\COMCAST\DESKTO~1\BIN\BAK

    04/19/2007 02:21 PM 198,184 sprtcmd.exe
    1 File(s) 198,184 bytes

    Directory of C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\BAK

    07/27/2004 05:50 PM 81,920 issch.exe
    07/27/2004 05:50 PM 221,184 ISUSPM.exe
    2 File(s) 303,104 bytes

    Directory of C:\PROGRA~1\COMMON~1\REAL\UPDATE~1\BAK

    06/02/2007 02:58 PM 185,896 realsched.exe
    1 File(s) 185,896 bytes

    Directory of C:\PROGRA~1\COMMON~1\TIVOSH~1\TRANSFER\BAK

    07/11/2006 07:23 AM 1,174,528 TiVoTransfer.exe
    1 File(s) 1,174,528 bytes

    Directory of C:\PROGRA~1\ADOBE\PHOTOS~1\3.2\APPS\BAK

    03/09/2007 10:09 AM 63,712 apdproxy.exe
    1 File(s) 63,712 bytes


    Duplicate files of bak directory contents
    ~~~~~~~~~~~~~~~~~~~~~~~

    14864 Feb 5 2008 "C:\Program Files\Dell Support\DSAgnt.exe"
    395776 Aug 28 2006 "C:\Program Files\Dell Support\bak\DSAgnt.exe"
    14860 Feb 6 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
    267048 Nov 15 2007 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
    102400 Dec 4 2007 "C:\WINDOWS\Installer\{4F5CE18C-D97D-48FF-A510-A0D90C918294}\iTunesIco.exe"
    116008 Nov 15 2007 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe"
    14860 Feb 6 2008 "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    94208 Aug 1 2005 "C:\Program Files\Lexmark 2300 Series\bak\ezprint.exe"
    14860 Feb 6 2008 "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    200704 Jul 21 2005 "C:\Program Files\Lexmark 2300 Series\bak\lxcgmon.exe"
    14860 Feb 6 2008 "C:\Program Files\Lexmark Fax Solutions\fm3032.exe"
    299008 Jul 12 2005 "C:\Program Files\Lexmark Fax Solutions\bak\fm3032.exe"
    14864 Feb 5 2008 "C:\Program Files\NetWaiting\netWaiting.exe"
    20480 Sep 10 2003 "C:\Program Files\NetWaiting\bak\netWaiting.exe"
    59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
    64512 Aug 5 2005 "C:\WINDOWS\$NtUninstallKB908246$\ehtray.exe"
    14860 Feb 6 2008 "C:\WINDOWS\ehome\ehtray.exe"
    67584 Sep 29 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
    15360 Aug 10 2004 "C:\WINDOWS\system32\ctfmon.exe"
    15360 Aug 10 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
    14860 Feb 6 2008 "C:\WINDOWS\system32\hkcmd.exe"
    77824 Dec 14 2005 "C:\drivers\video\onboard\hkcmd.exe"
    77824 Dec 14 2005 "C:\WINDOWS\system32\bak\hkcmd.exe"
    14860 Feb 6 2008 "C:\WINDOWS\system32\igfxpers.exe"
    118784 Dec 14 2005 "C:\drivers\video\onboard\igfxpers.exe"
    118784 Dec 14 2005 "C:\WINDOWS\system32\bak\igfxpers.exe"
    14860 Feb 6 2008 "C:\WINDOWS\system32\igfxtray.exe"
    98304 Dec 14 2005 "C:\drivers\video\onboard\igfxtray.exe"
    98304 Dec 14 2005 "C:\WINDOWS\system32\bak\igfxtray.exe"
    14860 Feb 6 2008 "C:\WINDOWS\system32\WLTRAY.exe"
    1392640 Nov 1 2006 "C:\WINDOWS\system32\bak\WLTRAY.exe"
    14860 Feb 6 2008 "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    184320 May 2 2007 "C:\Program Files\Dell\MediaDirect\bak\PCMService.exe"
    14860 Feb 6 2008 "C:\Program Files\Dell\QuickSet\quickset.exe"
    1032192 Aug 3 2006 "C:\Program Files\Dell\QuickSet\bak\quickset.exe"
    69632 Sep 12 2007 "C:\Program Files\Google\Google Earth\googleearth.exe"
    1145896 Jan 29 2007 "C:\Program Files\Rhapsody\google_bar\GoogleToolbarInstaller_en.exe"
    26694 Oct 14 2007 "C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe"
    1145896 Jun 2 2007 "C:\Program Files\Common Files\Real\GToolbar\GoogleToolbarInstaller.exe"
    236544 Dec 1 2006 "C:\Program Files\Google\Google Desktop Search\bak\GoogleDesktop.exe"
    14860 Feb 6 2008 "C:\Program Files\Live365\Radio365\Radio365TrayAgent.exe"
    884736 Dec 19 2006 "C:\Program Files\Live365\Radio365\bak\Radio365TrayAgent.exe"
    14860 Feb 6 2008 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    761947 Mar 8 2006 "C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe"
    761947 Mar 8 2006 "C:\Program Files\Synaptics\SynTP\Media\SynTPEnh.exe"
    14860 Feb 6 2008 "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    715888 Mar 16 2007 "C:\Program Files\The Weather Channel FW\Desktop Weather\bak\DesktopWeather.exe"
    14860 Feb 6 2008 "C:\Program Files\TiVo\Desktop\TiVoNotify.exe"
    341504 Jul 11 2006 "C:\Program Files\TiVo\Desktop\bak\TiVoNotify.exe"
    14860 Feb 6 2008 "C:\Program Files\TiVo\Desktop\TiVoServer.exe"
    1313792 Jul 11 2006 "C:\Program Files\TiVo\Desktop\bak\TiVoServer.exe"
    4670968 Mar 27 2007 "C:\Program Files\Yahoo!\Messenger\bak\YAHOOM~1.EXE"
    14860 Feb 6 2008 "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe"
    198184 Apr 19 2007 "C:\Program Files\Comcast\Desktop Doctor\bin\bak\sprtcmd.exe"
    14860 Feb 6 2008 "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe"
    81920 Jul 27 2004 "C:\Program Files\Common Files\InstallShield\UpdateService\bak\issch.exe"
    14860 Feb 6 2008 "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe"
    221184 Jul 27 2004 "C:\Program Files\Common Files\InstallShield\UpdateService\bak\ISUSPM.exe"
    14860 Feb 6 2008 "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
    185896 Jun 2 2007 "C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe"
    14860 Feb 6 2008 "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe"
    1174528 Jul 11 2006 "C:\Program Files\Common Files\TiVo Shared\Transfer\bak\TiVoTransfer.exe"
    14860 Feb 6 2008 "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    63712 Mar 9 2007 "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\bak\apdproxy.exe"

    Thank you SO much!!!!
     
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Fix AWF Infection
    Copy the file paths in the quote box below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    • Double-click on the FindAWF.exe file to run it.
    • It will open a command prompt and ask you to "Press any key to continue".
    • Press 2 then Enter
    • Notepad will open a file named FindAWF.txt. It will appear with instructions to click below the line and paste the list of files to be restored.
    • Right click below this line and select Edit, Paste, to paste the list of files copied to the clipboard earlier. Save and close the document.
    • The program will proceed to move the legit files and will perform another scan for bak folders.
    • It may take a few minutes to complete, so please be patient.
    • When it is complete, it will open a text file in Notepad called AWF.txt.
    • Please attach AWF.txt file in your next reply along with a fresh HJT log




    Fix AWF Folders
    Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    • Double-click on the FindAWF.exe file to run it.
    • It will open a command prompt and ask you to "Press any key to continue".
    • You will be presented with a Menu.
    • Press 3, then press Enter.
    • Press any key to continue.
    • A Notepad document FindAWF.txt will appear with instructions to click below the line and paste the list of folders to be removed.
    • Right click below this line and select Paste, to paste the list of folders copied to the clipboard earlier. Save and close the document.
    • The program will proceed to remove the bad folders and will perform another scan for .bak folder
    • It may take a few minutes to complete so be patient.
    • When it is complete, it will open a text file in notepad called AWF.txt.
    • Please attach the AWF.txt file in your next reply.

    Run Fix AWF one more time and press 4, then press Enter.
     
  3. MommyMidnight

    MommyMidnight TS Rookie Topic Starter

    Find AWF report by noahdfear ©2006
    Version 1.40
    Option 3 run successfully

    Here is the last log:

    The current date is: Sat 02/23/2008
    The current time is: 0:15:15.31


    bak folders found
    ~~~~~~~~~~~



    Duplicate files of bak directory contents
    ~~~~~~~~~~~~~~~~~~~~~~~

    I really appreciate your help.
     
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Please uninstall FindAWF

    and

    Highjackthis Instructions
    • Make sure you have the LATEST version of HJT (currently v2.0.0.2) it can be downloaded from HERE
    • Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
    • After installing, the program launches automatically, select Scan now and save a log
    • After the scan is complete please attach your log onto the forums using the paper clip icon above your reply.
      ***Under no circumstances should you add any items to the HJT ignore list. Under no circumstances should you change the directory that highjackthis downloads to. Under no circumstances should you Fix anything without specific instruction to do so. Under no circumstances should you click any buttons other that specified in the directions including AnalyzeThis!***
     
  5. MommyMidnight

    MommyMidnight TS Rookie Topic Starter

    It won't let me use the paper clip - it says "error on page"
    Here is the log - sorry I had to cut and paste:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:18:08 PM, on 2/23/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lexmark 2300 Series\ezprint.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\PROGRA~1\Live365\Radio365\Radio365TrayAgent.exe
    C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
    C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
    C:\Program Files\TiVo\Desktop\TiVoNotify.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Plaxo\3.8.0.64\PlaxoHelper_en.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    C:\WINDOWS\system32\DllHost.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\MsiExec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
     
  6. MommyMidnight

    MommyMidnight TS Rookie Topic Starter

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061201
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/?.src=fp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061201
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {3EBBD0F6-1F1F-48A0-89DC-C7505D56E92A} - (no file)
    O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Radio365Agent] C:\PROGRA~1\Live365\Radio365\Radio365TrayAgent.exe
    O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
    O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
    O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry
    O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.8.0.64\PlaxoHelper_en.exe -a
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
     
  7. MommyMidnight

    MommyMidnight TS Rookie Topic Starter

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Lisa\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15-3.cab
    O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://game1.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://www1.snapfish.com/SnapfishActivia.cab
    O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
    O16 - DPF: {5E92F538-B50B-46C5-9C5F-C6EECED3F6C6} - http://www.infospace.com/mypoints.main/tbar/mypointsSetup.exe
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 12963 bytes
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...