Post Smitfraud pc speed and iunes
Hi
I was kindly helped by Buckeye Sam a week or so back to remove the Smitfraud Trojan.
I had to download a new browser (Mozilla Firefox) to be able to access Hotmail and Outlook exhange but other than that, things appeared to be back to normal.
However, my PC now seems very slow on the internet and SpyBlaster is showing over 200 infected files. Also since getting and removing Smitfraud, I can no longer download music from iTunes, which is a real pain.
My Hijack log is below, Can anyone suggest where the problem lies ?
Thanks
Logfile of HijackThis v1.99.1
Scan saved at 15:54:39, on 02/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCCLIENT.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\PCCGUIDE.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\POP3TRAP.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\HIJACK\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba1865.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
I was kindly helped by Buckeye Sam a week or so back to remove the Smitfraud Trojan.
I had to download a new browser (Mozilla Firefox) to be able to access Hotmail and Outlook exhange but other than that, things appeared to be back to normal.
However, my PC now seems very slow on the internet and SpyBlaster is showing over 200 infected files. Also since getting and removing Smitfraud, I can no longer download music from iTunes, which is a real pain.
My Hijack log is below, Can anyone suggest where the problem lies ?
Thanks
Logfile of HijackThis v1.99.1
Scan saved at 15:54:39, on 02/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCCLIENT.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\PCCGUIDE.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\POP3TRAP.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\HIJACK\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba1865.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
0
This discussion has been closed.
Comments
Have you tried to reinstall ITunes?
These lines should be fixed with Hijackthis:
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba1865.exe
Have removed those entries and new Hijack log is posted below
Logfile of HijackThis v1.99.1
Scan saved at 19:18:37, on 03/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HIJACK\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
My apologies its is spyware balster that is showing the infected files.
On the i Tunes, I have not re installed because I am worried about losing my music that I have on the i Tunes llibrary.
thanks
Matt
Have also tried to disable the firewalls but still no joy.
Download and run Winsock XP Fix.
http://www.majorgeeks.com/download4372.html
That may improve your connection speed.
Are you experiencing any issues besides the problem with Itunes?
Speed does seem to have improved but still no joy with itunes.
No other problems using the Mozilla Firefox browser but Internet Explorer is still unable to access hotmail, MNM messenger and generally have not been able to downlaod Microsoft uodates since Smitfraud trojan was fixed..
Thanks for the help.
Matt
http://www.spywareinfo.com/downloads/tools/IEFIX.reg
Save it to the desktop. Double-click on it to merge it with the registry, and OK any prompts. Then please restart your computer, run Internet Explorer, and let me know if the problems remain.
All I get is this when i hit the link is a page with the following on it
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="Search Bar"="http://search.msn.com/intl/searchpane/en-au/prov2.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
""="http://home.microsoft.com/access/autosearch.asp?p=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://search.msn.com/spbasic.htm"
"Use Custom Search URL"= dword:00000000
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
@="http://"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"="ftp://"
"gopher"="gopher://"
"home"="http://"
"mosaic"="http://"
"www"="http://"
Can access the site on the tools page but site is telling me access is denied.
Matt
Matt
Spyware Doctor ReportSpyware Doctor Activity Report
Generated on 14/05/2005 19:04:04Spyware Doctor HomepagePC
Tools HomepageTechnical Support
Scans (basic information only):
Scan Results:
scan start:14/05/2005 19:04:24
scan stop:14/05/2005 19:10:20
scanned items:51442
found items:477
found and ignored:0
tools used:General Scanner, Process Scanner,
Hosts scanner, LSP Scanner, Registry Scanner,
Cookie Scanner, Browser Defaults, Favorites and
ZoneMap Scanner, Browser Scanner, Disk Scanner
Infection NameLocationRisk
Kazaa Promotional ItemsmultipleMedium
Altnet SoftwareHKCR\ADM.ADMElevated
Altnet SoftwareHKCR\ADM.ADM##(Default)Elevated
Altnet SoftwareHKCR\ADM.ADM\CLSIDElevated
Altnet SoftwareHKCR\ADM.ADM\CLSID##(Default)Elevated
Altnet SoftwareHKCR\ADM.ADM\CurVerElevated
Altnet SoftwareHKCR\ADM.ADM\CurVer##(Default)Elevated
Altnet SoftwareHKCR\ADM.ADM.1Elevated
Altnet SoftwareHKCR\ADM.ADM.1##(Default)Elevated
Altnet SoftwareHKCR\ADM.ADM.1\CLSIDElevated
Altnet SoftwareHKCR\ADM.ADM.1\CLSID##(Default)Elevated
Altnet SoftwareHKCR\AppID\adm.EXEElevated
Altnet SoftwareHKCR\AppID\adm.EXE##(Default)Elevated
Altnet SoftwareHKCR\AppID\adm.EXE##AppIDElevated
Altnet SoftwareHKCR\AppID\Altnet Signing
Module.EXEElevated
Altnet SoftwareHKCR\AppID\Altnet Signing
Module.EXE##(Default)Elevated
Altnet SoftwareHKCR\AppID\Altnet Signing
Module.EXE##AppIDElevated
Altnet
SoftwareHKCR\AppID\{8B0FEF15-54DC-49F5-8377-8172DE975F75}Elevated
Altnet
SoftwareHKCR\AppID\{8B0FEF15-54DC-49F5-8377-8172DE975F75}##(Default)Elevated
Altnet
SoftwareHKCR\AppID\{99A8E2B2-3405-4C0D-9110-131C14CAAF62}Elevated
Altnet
SoftwareHKCR\AppID\{99A8E2B2-3405-4C0D-9110-131C14CAAF62}##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\ProxyStubClsidElevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\ProxyStubClsid##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\ProxyStubClsid32Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\ProxyStubClsid32##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\TypeLibElevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\TypeLib##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\TypeLib##VersionElevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}Elevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\ProxyStubClsidElevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\ProxyStubClsid##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\ProxyStubClsid32Elevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\ProxyStubClsid32##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\TypeLibElevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\TypeLib##(Default)Elevated
Altnet
SoftwareHKCR\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\TypeLib##VersionElevated
Altnet SoftwareHKCR\SigningModule.SigningModuleElevated
Altnet
SoftwareHKCR\SigningModule.SigningModule##(Default)Elevated
Altnet
SoftwareHKCR\SigningModule.SigningModule\CLSIDElevated
Altnet
SoftwareHKCR\SigningModule.SigningModule\CLSID##(Default)Elevated
Altnet
SoftwareHKCR\SigningModule.SigningModule\CurVerElevated
Altnet
SoftwareHKCR\SigningModule.SigningModule\CurVer##(Default)Elevated
Altnet
SoftwareHKCR\SigningModule.SigningModule.1Elevated
Altnet
SoftwareHKCR\SigningModule.SigningModule.1##(Default)Elevated
Altnet
SoftwareHKCR\SigningModule.SigningModule.1\CLSIDElevated
Altnet
SoftwareHKCR\SigningModule.SigningModule.1\CLSID##(Default)Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}##(Default)Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0##(Default)Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\0Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\0##(Default)Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\0\win32Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\0\win32##(Default)Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\FLAGSElevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\FLAGS##(Default)Elevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\HELPDIRElevated
Altnet
SoftwareHKCR\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64}\1.0\HELPDIR##(Default)Elevated
Altnet
SoftwareHKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDMElevated
Altnet
SoftwareHKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM##(Default)Elevated
Altnet
SoftwareHKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM##DisplayNameElevated
Altnet
SoftwareHKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM##UnInstallStringElevated
Altnet
SoftwareHKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start
Menu2\Programs\AltnetElevated
Altnet
SoftwareHKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start
Menu2\Programs\Altnet##(Default)Elevated
Altnet
SoftwareHKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start
Menu2\Programs\Altnet##OrderElevated
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}Medium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}##(Default)Medium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\ProxyStubClsidMedium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\ProxyStubClsid##(Default)Medium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\ProxyStubClsid32Medium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\ProxyStubClsid32##(Default)Medium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\TypeLibMedium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\TypeLib##(Default)Medium
Common Components for Gogotools, CWS variants and other
adwareHKCR\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}\TypeLib##VersionMedium
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}##(Default)High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0##(Default)High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\0High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\0##(Default)High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\0\win32High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\0\win32##(Default)High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\FLAGSHigh
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\FLAGS##(Default)High
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\HELPDIRHigh
GogoToolsHKCR\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}\1.0\HELPDIR##(Default)High
Joltid P2P
NetworkingHKCR\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}Elevated
Joltid P2P
NetworkingHKCR\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}\NumMethodsElevated
Joltid P2P
NetworkingHKCR\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}\NumMethods##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}\ProxyStubClsid32Elevated
Joltid P2P
NetworkingHKCR\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}\ProxyStubClsid32##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}Elevated
Joltid P2P
NetworkingHKCR\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}\NumMethodsElevated
Joltid P2P
NetworkingHKCR\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}\NumMethods##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}\ProxyStubClsid32Elevated
Joltid P2P
NetworkingHKCR\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}\ProxyStubClsid32##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}Elevated
Joltid P2P
NetworkingHKCR\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}\NumMethodsElevated
Joltid P2P
NetworkingHKCR\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}\NumMethods##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}\ProxyStubClsid32Elevated
Joltid P2P
NetworkingHKCR\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}\ProxyStubClsid32##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}Elevated
Joltid P2P
NetworkingHKCR\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\NumMethodsElevated
Joltid P2P
NetworkingHKCR\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\NumMethods##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\ProxyStubClsid32Elevated
Joltid P2P
NetworkingHKCR\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\ProxyStubClsid32##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\ProxyStubClsidElevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\ProxyStubClsid##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\ProxyStubClsid32Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\ProxyStubClsid32##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\TypeLibElevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\TypeLib##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\TypeLib##VersionElevated
Joltid P2P
NetworkingHKCR\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}Elevated
Joltid P2P
NetworkingHKCR\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}\NumMethodsElevated
Joltid P2P
NetworkingHKCR\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}\NumMethods##(Default)Elevated
Joltid P2P
NetworkingHKCR\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}\ProxyStubClsid32Elevated
Joltid P2P
NetworkingHKCR\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}\ProxyStubClsid32##(Default)Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}##(Default)Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1##(Default)Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\0Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\0##(Default)Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\0\win32Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\0\win32##(Default)Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\FLAGSElevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\FLAGS##(Default)Elevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\HELPDIRElevated
Joltid P2P
NetworkingHKCR\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498}\1.1\HELPDIR##(Default)Elevated
Joltid P2P NetworkingHKCR\JCDE_StackElevated
Joltid P2P NetworkingHKCR\JCDE_Stack##(Default)Elevated
Joltid P2P NetworkingHKCR\JCDE_Stack\CLSIDElevated
Joltid P2P
NetworkingHKCR\JCDE_Stack\CLSID##(Default)Elevated
Joltid P2P NetworkingHKCR\JCDE_Stack\CurVerElevated
Joltid P2P
NetworkingHKCR\JCDE_Stack\CurVer##(Default)Elevated
Joltid P2P NetworkingHKCR\JCDE_Stack.1Elevated
Joltid P2P
NetworkingHKCR\JCDE_Stack.1##(Default)Elevated
Joltid P2P NetworkingHKCR\JCDE_Stack.1\CLSIDElevated
Joltid P2P
NetworkingHKCR\JCDE_Stack.1\CLSID##(Default)Elevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.InstallerElevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer##(Default)Elevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer\CLSIDElevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer\CLSID##(Default)Elevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer\CurVerElevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer\CurVer##(Default)Elevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer.1Elevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer.1##(Default)Elevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer.1\CLSIDElevated
Joltid P2P
NetworkingHKCR\WebP2PInstaller.Installer.1\CLSID##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
NetworkingElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgentElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent##NodeIDElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent##NetworkConfigElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent##LastEligibilityUpdateTimeElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent##DLStatsElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\ChannelsElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel10Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel10##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel10##ImageElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel1000Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel1000##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel1000##ImageElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel1001Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel1001##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel1001##ImageElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel5001Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel5001##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Channels\Channel5001##ImageElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\ConnectionElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection##AddressElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\BandwidthElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Bandwidth##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Bandwidth##SlotLengthElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Bandwidth##In0Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Bandwidth##In1Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Bandwidth##Out0Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Bandwidth##Out1Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\FirewallElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Firewall##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Firewall##UdpInHistoryElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Firewall##TcpInHistoryElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Firewall##TcpOutHistoryElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\UptimeElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Uptime##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Uptime##HistoryStartElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\Connection\Uptime##HistoryElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManagerElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##CacheDirElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##DatabaseDirElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##CacheSizeElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##NoBandwidthLimitWhenIdleElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##AutoBandwithElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager##BandwidthLimitElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager\DownloadsElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\FileManager\Downloads##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUIElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##(Default)Elevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##ShowIconElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##MainExeElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##DebugLevelElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##TimerIntervalElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##UpdateIntervalElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##ReqVersionUpdateIntervalElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##UpdateTimeSpentElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##AutoStartElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##UpdateNotifyElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##EnableHistoryElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##KeepHistorySecondsElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##KeepClientsMaxElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##KeepDownloadsMaxElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##WinPosTopElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI##WinPosLeftElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI\DownloadHistoryElevated
Joltid P2P NetworkingHKCU\Software\P2P
Networking\JcdeAgent\P2PNetworkingGUI\DownloadHistory##(Default)Elevated
Joltid P2P
NetworkingHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P
NetworkingElevated
Joltid P2P
NetworkingHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P
Networking##(Default)Elevated
Joltid P2P
NetworkingHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P
Networking##DisplayNameElevated
Joltid P2P
NetworkingHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P
Networking##UninstallStringElevated
Joltid P2P
NetworkingHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P
Networking##DisplayIconElevated
Joltid P2P
NetworkingHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run##P2P
NetworkingElevated
Joltid P2P NetworkingHKLM\Software\P2P
NetworkingElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking##(Default)Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\ClientsElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##(Default)Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##ASMElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##Kazaa Media DesktopElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##P2PGUI_9639EF0C-2178-4d8f-BD67-21F0103EFE45Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##Peer Points ManagerElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##Altnet TopSearchElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Clients##Bullguard UpdaterElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation HistoryElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History##(Default)Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\DirsElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\Dirs##(Default)Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Dirs##C:\WINDOWS\system32\P2P NetworkingElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Dirs##C:\WINDOWS\system32\P2P
Networking\CacheElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\FilesElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\Files##(Default)Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Files##C:\WINDOWS\Downloaded Program
Files\WebP2PInstaller.dllElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Files##C:\WINDOWS\system32\P2P
Networking\MARSHAL.DLLElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Files##C:\WINDOWS\system32\P2P Networking\P2P
Networking.engElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Files##C:\WINDOWS\system32\P2P Networking
v126.cplElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation
History\Files##C:\WINDOWS\system32\P2P Networking\P2P
Networking.exeElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P ChunksElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P
Chunks##(Default)Elevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P Chunks##ActiveX
FileElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P Chunks##Marshal
fileElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P Chunks##ENG Language
FileElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P Chunks##CPL
fileElevated
Joltid P2P NetworkingHKLM\Software\P2P
Networking\Installation History\P2P Chunks##P2P
Networking fileElevated
Kazaa Promotional
ItemsHKCU\Software\Kazaa\PromotionsMedium
Kazaa Promotional
ItemsHKCU\Software\Kazaa\Promotions##(Default)Medium
Kazaa Promotional
ItemsHKCU\Software\Kazaa\Promotions\BroadbandMedium
Kazaa Promotional
ItemsHKCU\Software\Kazaa\Promotions\Broadband##(Default)Medium
Kazaa Promotional
ItemsHKCU\Software\Kazaa\Promotions\Broadband##BBDbLocMedium
Kazaa Promotional
ItemsHKCU\Software\Kazaa\Promotions\Broadband##NullImageLocMedium
Kazaa Promotional
ItemsHKCU\Software\Kazaa\Promotions\Broadband##NullImageLoc2Medium
Virtual MaidHKCU\Software\Virtual MaidElevated
Virtual MaidHKCU\Software\Virtual
Maid##(Default)Elevated
Virtual MaidHKCU\Software\Virtual Maid\Virtual
MaidElevated
Virtual MaidHKCU\Software\Virtual Maid\Virtual
Maid##(Default)Elevated
Virtual MaidHKCR\GoVM.ContextItemElevated
Virtual MaidHKCR\GoVM.ContextItem##(Default)Elevated
Virtual MaidHKCR\GoVM.ContextItem\CLSIDElevated
Virtual
MaidHKCR\GoVM.ContextItem\CLSID##(Default)Elevated
Virtual MaidHKCR\GoVM.ContextItem\CurVerElevated
Virtual
MaidHKCR\GoVM.ContextItem\CurVer##(Default)Elevated
Virtual MaidHKCR\GoVM.ContextItem.1Elevated
Virtual MaidHKCR\GoVM.ContextItem.1##(Default)Elevated
Virtual MaidHKCR\GoVM.ContextItem.1\CLSIDElevated
Virtual
MaidHKCR\GoVM.ContextItem.1\CLSID##(Default)Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}##(Default)Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsidElevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid##(Default)Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid32Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\ProxyStubClsid32##(Default)Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\TypeLibElevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\TypeLib##(Default)Elevated
Virtual
MaidHKCR\Interface\{835BAA68-B5E5-47D5-A18D-2A4E0F5B72D5}\TypeLib##VersionElevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}Elevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}##(Default)Elevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsidElevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid##(Default)Elevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid32Elevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\ProxyStubClsid32##(Default)Elevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\TypeLibElevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\TypeLib##(Default)Elevated
Virtual
MaidHKCR\Interface\{AB2DDE8C-CBFF-491A-9825-87B8BB4CBFE0}\TypeLib##VersionElevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}##(Default)Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0##(Default)Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0##(Default)Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0\win32Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\0\win32##(Default)Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\FLAGSElevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\FLAGS##(Default)Elevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\HELPDIRElevated
Virtual
MaidHKCR\TypeLib\{42C7653A-5834-45A1-899A-ED0DFA370D21}\1.0\HELPDIR##(Default)Elevated
Virtual MaidHKCR\VM.VMObjElevated
Virtual MaidHKCR\VM.VMObj##(Default)Elevated
Virtual MaidHKCR\VM.VMObj\CLSIDElevated
Virtual MaidHKCR\VM.VMObj\CLSID##(Default)Elevated
Virtual MaidHKCR\VM.VMObj\CurVerElevated
Virtual MaidHKCR\VM.VMObj\CurVer##(Default)Elevated
Virtual MaidHKCR\VM.VMObj.1Elevated
Virtual MaidHKCR\VM.VMObj.1##(Default)Elevated
Virtual MaidHKCR\VM.VMObj.1\CLSIDElevated
Virtual MaidHKCR\VM.VMObj.1\CLSID##(Default)Elevated
Virtual
MaidHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virtual
MaidVirtual MaidElevated
Virtual
MaidHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virtual
MaidVirtual Maid##(Default)Elevated
Tracking Cookie(s)matt@apmebf[1].txtMedium
Altnet
SoftwareHKCR\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}Elevated
Altnet
SoftwareHKCR\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\LocalServer32Elevated
Altnet
SoftwareHKCR\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\ProgIDElevated
Altnet
SoftwareHKCR\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\ProgrammableElevated
Altnet
SoftwareHKCR\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\TypeLibElevated
Altnet
SoftwareHKCR\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\VersionIndependentProgIDElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\LocalServer32Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\ProgIDElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\ProgrammableElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\TypeLibElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\VersionIndependentProgIDElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}Elevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ControlElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\Implemented
CategoriesElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}Elevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\Implemented
Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}Elevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\InsertableElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\LocalServer32Elevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\MiscStatusElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\MiscStatus\1Elevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ProgIDElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ProgrammableElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ToolboxBitmap32Elevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\TypeLibElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\VersionElevated
Altnet
SoftwareHKCR\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\VersionIndependentProgIDElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ControlElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\Implemented
CategoriesElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\Implemented
Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\InsertableElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\LocalServer32Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\MiscStatusElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\MiscStatus\1Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ProgIDElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ProgrammableElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\ToolboxBitmap32Elevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\TypeLibElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\VersionElevated
Altnet
SoftwareHKLM\Software\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\VersionIndependentProgIDElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}Elevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ControlElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\InprocServer32Elevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\InsertableElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\MiscStatusElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\MiscStatus\1Elevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ProgIDElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ProgrammableElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ToolboxBitmap32Elevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\TypeLibElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\VersionElevated
Joltid P2P
NetworkingHKCR\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\VersionIndependentProgIDElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ControlElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\InprocServer32Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\InsertableElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\MiscStatusElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\MiscStatus\1Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ProgIDElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ProgrammableElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ToolboxBitmap32Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\TypeLibElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\VersionElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\VersionIndependentProgIDElevated
Joltid P2P NetworkingHKLM\Software\Microsoft\Code Store
Database\Distribution
Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}Elevated
Joltid P2P NetworkingHKLM\Software\Microsoft\Code Store
Database\Distribution
Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ContainsElevated
Joltid P2P NetworkingHKLM\Software\Microsoft\Code Store
Database\Distribution
Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\Contains\FilesElevated
Joltid P2P NetworkingHKLM\Software\Microsoft\Code Store
Database\Distribution
Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\DownloadInformationElevated
Joltid P2P NetworkingHKLM\Software\Microsoft\Code Store
Database\Distribution
Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\InstalledVersionElevated
Joltid P2P
NetworkingHKCR\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}Elevated
Joltid P2P
NetworkingHKCR\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\InProcServer32Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\InProcServer32Elevated
Joltid P2P
NetworkingHKCR\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}Elevated
Joltid P2P
NetworkingHKCR\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\LocalServer32Elevated
Joltid P2P
NetworkingHKCR\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\ProgIDElevated
Joltid P2P
NetworkingHKCR\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\ProgrammableElevated
Joltid P2P
NetworkingHKCR\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\VersionIndependentProgIDElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\LocalServer32Elevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\ProgIDElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\ProgrammableElevated
Joltid P2P
NetworkingHKLM\Software\Classes\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}\VersionIndependentProgIDElevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}Elevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented
CategoriesElevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}Elevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented
Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}Elevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\InprocServer32Elevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\ProgIDElevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\ProgrammableElevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\TypeLibElevated
Virtual
MaidHKCR\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\VersionIndependentProgIDElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}Elevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented
CategoriesElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}Elevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\Implemented
Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}Elevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\InprocServer32Elevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\ProgIDElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\ProgrammableElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\TypeLibElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}\VersionIndependentProgIDElevated
Virtual MaidHKCU\Software\Microsoft\Internet
Explorer\Toolbar\WebBrowser##{77B2F8DE-CB3F-4b6b-839B-807DD1ADBA1C}Elevated
Virtual
MaidHKCR\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}Elevated
Virtual
MaidHKCR\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\InprocServer32Elevated
Virtual
MaidHKCR\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\ProgIDElevated
Virtual
MaidHKCR\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\ProgrammableElevated
Virtual
MaidHKCR\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\TypeLibElevated
Virtual
MaidHKCR\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\VersionIndependentProgIDElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}Elevated
Virtual
MaidHKLM\Software\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\InprocServer32Elevated
Virtual
MaidHKLM\Software\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\ProgIDElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\ProgrammableElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\TypeLibElevated
Virtual
MaidHKLM\Software\Classes\CLSID\{8B0B6F79-C50D-4ea6-8F65-BDF18005DE20}\VersionIndependentProgIDElevated
Altnet SoftwareC:\Documents and Settings\Matt\Local
Settings\temp\ADMCacheElevated
Joltid P2P
NetworkingC:\WINDOWS\browserxtras\pn\remove.exeElevated
Joltid P2P NetworkingC:\WINDOWS\Downloaded Program
Files\WebP2PInstaller.dllElevated
GroksterC:\WINDOWS\smdat32m.sysMedium
Joltid P2P NetworkingC:\WINDOWS\system32\P2P Networking
v126.cplElevated
Joltid P2P NetworkingC:\WINDOWS\system32\P2P
Networking\MARSHAL.DLLElevated
Joltid P2P NetworkingC:\WINDOWS\system32\P2P
Networking\P2P Networking.engElevated
Joltid P2P NetworkingC:\WINDOWS\system32\P2P
Networking\P2P Networking.exeElevated
Altnet SoftwareC:\WINDOWS\Temp\AltnetElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\adm.exeElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\adm25.dllElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\adm4.dllElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\admdata.dllElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\admdloader.dllElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\admfdi.dllElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\admprog.dllElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\atl.dllElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\dmfiles.cabElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\DMinfo3.cabElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\dminstall7.cabElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\msvcirt.dllElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\mysearch.cabElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\pmexe.cabElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\pmfiles.cabElevated
Altnet
SoftwareC:\WINDOWS\Temp\Altnet\pminstall.cabElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\Setup.cabElevated
Altnet SoftwareC:\WINDOWS\Temp\Altnet\Setup.exeElevated
Altnet
SoftwareC:\WINDOWS\Temp\BullGuard\bulldownload.exeElevated
Altnet SoftwareC:\Documents and Settings\Matt\Local
Settings\Temp\asmfiles.cabElevated
Joltid P2P NetworkingC:\Documents and
Settings\Matt\Local Settings\Temp\p2psetup.exeElevated
Altnet SoftwareC:\Documents and Settings\Matt\Local
Settings\Temp\__unin__.exeElevated
Other Sections:
Copyright © 2003-2005. Distributed by PC Tools.Legal Notice
Hope this helps !
Cheers again
Matt
Please download, install, and run Cleanup 4.0
http://cleanup.stevengould.org/
Next, scan with Spybot Search and Destroy:
1. Download the latest version of Spybot from either:
* http://www.safer-networking.org/en/download/index.html
* http://www.spybot.info/en/mirrors/index.html
2. Install spybot and by default is should install into C:\Program Files\Spybot - Search & Destroy.
3. Run Spybot by clicking on "Start" => "Programs" => "Spybot - Search & Destroy" => "Spybot - Search & Destroy".
4. The first time you run it, allow it to create a backup of your registry when prompted. This will take a few minutes to complete.
5. Click on "Search for Updates".
6. If any updates are found, place a check mark next to each and click on "Download Updates".
7. Click on "Immunize" and once it detect what has or has not been blocked, block all remaining items by clicking on the green plus sign next to immunize at the top.
8. Click on "Search & Destroy" => "Check for Problems".
9. If any problems are found, be sure to click on "Fix Selected Problems."
Reboot your computer and post a new hijackthis log.
Answers
- no Kazaa is not listed amongst my programmes.
- Spy bot downloaded as instructed and 44 problems found and fixed.
Here is my latest Hijack log as requested
Logfile of HijackThis v1.99.1
Scan saved at 21:11:57, on 08/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\HIJACK\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
thanks
Matt
- Cannot access Itunes music store whearas I could before the Smitfraud virus
- Cannot receive Microsoft updates or access any microsoft sites (hotmail, MSN) from Internet Explorer (now using Mozilla Firefox).
PC speed is fine. Not so bothered about about second point but first is a problem.
Matt
Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
Matt
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e1550cb-5e5d-48f5-b02b-20b602228de6&displaylang=en
You can access this page with Firefox.
Reinstall IE and let me know if there's any difference.
Matti
1. While you are logged on as an administrator, click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. Locate the appropriate registry subkey(listed below), right-click the IsInstalled (REG_DWORD) value, and then click Modify.
To reinstall only the Internet Explorer 6 browser component on Windows XP, use the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}
4. Change the value data from 1 to 0, and then click OK.
5. Quit Registry Editor, and then install Internet Explorer 6.
MAtt
I am the only user of my machine so I assume I have administrator privileges. I have only seen a log in for an administrator in safe mode. Would this affect it ?
Seemed to work in safe mode and when rebooted got a message that said IE 6 has been removed do you want to clean up desktop associated with this programme. I clicked yes. The clicked the downloaded ieex file and got the same error message,
IE explorer is still on the PC !
Matt
"You can not get rid of IE. It's integrated into Windows and you can never get rid of it completely. All we are trying to do here is to trick Windows into thinking that it's not there so you can reinstall the latest version and hopefully fix your problems."
If so, is there anything else I can try ?