Snaxe

Members
  • Content Count

    222
  • Joined

  • Last visited

Posts posted by Snaxe

  1. Before reading this post, realize that I am a FOSS zealot.

    I'd suggest straight up Wine. If you can get a recent enough version working properly, you'll easily be able to run WoW. I'm able to run Counter-Strike: Source with Wine 0.9.20 as well as a friend on Windows, so WoW shouldn't be too much different. In fact, I recall seeing some WoW screenshots. This'll save you the money on CrossOver or Cedega, and (I'm not sure how CrossOver is licensed) the proprietary-ness of Cedega. In case I'm not coming off strong enough on the FOSS thing, I recall hearing Cedega's been slipping as of late.

  2. I'd think the Windows 98SE CD would be able to reformat everything, but if it can't, then you're going to need to get a live CD, Knoppix for example, and reformat like shanein mentioned. Knoppix should come with some GUI reformatting tools, but I'm partial to CLI fdisk. Just open up a terminal (it'll be somewhere in the menu) and run

    # fdisk

    The '#' symbolizing the prompt. After that you can type in 'm' for some commands. For your task, you're only going to need 'p' and 'd'. I'm assuming the Windows install CD will want a clean partition table, so just delete every partition, and then 'w' to write it out. After that you can reboot and install Windows.

  3. Done. Sorry about that, I forgot to attach the file :P It's running better. Thanks! Here's the new log file:

    Logfile of HijackThis v1.99.1

    Scan saved at 11:31:47 AM, on 5/29/2005

    Platform: Windows XP SP1 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\System32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\System32\MsPMSPSv.exe

    C:\Program Files\McAfee.com\VSO\mcshield.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\Explorer.EXE

    C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

    C:\WINDOWS\SM1BG.EXE

    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    c:\progra~1\mcafee.com\vso\mcvsescn.exe

    C:\WINDOWS\System32\CTFMON.EXE

    C:\WINDOWS\System32\wuauclt.exe

    C:\Program Files\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thelazygamer.com/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe

    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe

    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

    O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    O4 - HKLM\..\Run: [MSKUpd] C:\PROGRA~1\mcafee.com\shared\mghtml.exe mcp://C:\Program Files\McAfee\SpamKiller\mskupd.ui::chkupd.htm

    O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

    O4 - HKLM\..\Run: [PCTAgent] C:\Program Files\Parental Controls\PCTHelp.exe

    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

    O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\SpySweeper\SpySweeper.exe" /0

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab

    O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab

    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab

    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab

    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/ComCtl...22/ComCtl32.cab

    O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab

    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

    O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.shizmoo.com/activex/web665.cab

    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab

    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

    O16 - DPF: {89521361-EA5B-11D7-97CA-00E08103E149} (Parental Controls Agent Class) - http://pccfg.ourlinksys.com:8080/config/el...in/PCTAgent.cab

    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.napster.com/client/isetup.cab

    O16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave.com/content/angelx/So...eDownloader.cab

    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab

    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_0.cab

    O16 - DPF: {F80B9305-A013-11D2-BD23-00A024978908} (Accurad Image Control) - https://pacs.bronsonhg.org/public/accuradimage.cab

    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C:\Program Files\McAfee.com\VSO\mcshield.exe

    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

  4. I sent the file, Ck, but I couldn't find anything about it.

    Here is the new HJT log:

    Logfile of HijackThis v1.99.1

    Scan saved at 5:54:37 PM, on 5/28/2005

    Platform: Windows XP SP1 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\System32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\SM1BG.EXE

    c:\progra~1\mcafee.com\vso\mcvsescn.exe

    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    C:\WINDOWS\System32\ctfmon.exe

    C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\System32\MsPMSPSv.exe

    C:\WINDOWS\System32\wuauclt.exe

    C:\Program Files\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thelazygamer.com/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe

    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe

    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

    O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    O4 - HKLM\..\Run: [MSKUpd] C:\PROGRA~1\mcafee.com\shared\mghtml.exe mcp://C:\Program Files\McAfee\SpamKiller\mskupd.ui::chkupd.htm

    O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

    O4 - HKLM\..\Run: [PCTAgent] C:\Program Files\Parental Controls\PCTHelp.exe

    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

    O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\SpySweeper\SpySweeper.exe" /0

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O10 - Broken Internet access because of LSP provider 'itime.dll' missing

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab

    O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab

    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab

    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab

    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/ComCtl...22/ComCtl32.cab

    O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab

    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

    O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.shizmoo.com/activex/web665.cab

    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab

    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

    O16 - DPF: {89521361-EA5B-11D7-97CA-00E08103E149} (Parental Controls Agent Class) - http://pccfg.ourlinksys.com:8080/config/el...in/PCTAgent.cab

    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.napster.com/client/isetup.cab

    O16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave.com/content/angelx/So...eDownloader.cab

    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab

    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_0.cab

    O16 - DPF: {F80B9305-A013-11D2-BD23-00A024978908} (Accurad Image Control) - https://pacs.bronsonhg.org/public/accuradimage.cab

    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C:\Program Files\McAfee.com\VSO\mcshield.exe

    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

  5. Hey Canoeingkidd!

    Sorry for the delay in response there...If this thread is not resolved before this coming Sunday I will have someone else help you. (I am leaving for vacation smile.gif )

    That's alright Ck, I'm a patient little bugger. :) Have fun on vacation!

    C:\Program Files\Parental Controls\PCTHelp.exe

    C:\DRS\Sys\UnivMgr.exe

    Both are legitimate. The first one came with our Linksys WRT54GS router and the second my father uses for his work to look at CAT scans (he's a neurologist). I personally wouldn't want the first one my system, but he would.

    Here is the new HJT log:

    Logfile of HijackThis v1.99.1

    Scan saved at 2:19:10 PM, on 5/28/2005

    Platform: Windows XP SP1 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\System32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\System32\MsPMSPSv.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\Explorer.EXE

    C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

    C:\WINDOWS\SM1BG.EXE

    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    C:\WINDOWS\System32\ctfmon.exe

    c:\progra~1\mcafee.com\vso\mcvsescn.exe

    C:\Program Files\McAfee.com\VSO\mcshield.exe

    C:\WINDOWS\System32\wuauclt.exe

    C:\WINDOWS\NOTEPAD.EXE

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\Program Files\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thelazygamer.com/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

    R3 - Default URLSearchHook is missing

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe

    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe

    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

    O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    O4 - HKLM\..\Run: [MSKUpd] C:\PROGRA~1\mcafee.com\shared\mghtml.exe mcp://C:\Program Files\McAfee\SpamKiller\mskupd.ui::chkupd.htm

    O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

    O4 - HKLM\..\Run: [WinSvr] C:\WINDOWS\System32\WinSvr.exe

    O4 - HKLM\..\Run: [WPMon] C:\WINDOWS\System32\wpmon.exe

    O4 - HKLM\..\Run: [PCTAgent] C:\Program Files\Parental Controls\PCTHelp.exe

    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

    O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\SpySweeper\SpySweeper.exe" /0

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O10 - Broken Internet access because of LSP provider 'itime.dll' missing

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab

    O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab

    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab

    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab

    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/ComCtl...22/ComCtl32.cab

    O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab

    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

    O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.shizmoo.com/activex/web665.cab

    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab

    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

    O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab

    O16 - DPF: {89521361-EA5B-11D7-97CA-00E08103E149} (Parental Controls Agent Class) - http://pccfg.ourlinksys.com:8080/config/el...in/PCTAgent.cab

    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.napster.com/client/isetup.cab

    O16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave.com/content/angelx/So...eDownloader.cab

    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab

    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_0.cab

    O16 - DPF: {F80B9305-A013-11D2-BD23-00A024978908} (Accurad Image Control) - https://pacs.bronsonhg.org/public/accuradimage.cab

    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C:\Program Files\McAfee.com\VSO\mcshield.exe

    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

    And here is the Silent Runners log:

    "Silent Runners.vbs", revision 37, http://www.silentrunners.org/

    Operating System: Windows XP

    Output limited to non-default values, except where indicated by "{++}"

    Startup items buried in registry:

    ---------------------------------

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

    "SpySweeper" = ""C:\Program Files\SpySweeper\SpySweeper.exe" /0" [file not found]

    "ctfmon.exe" = "C:\WINDOWS\System32\ctfmon.exe" [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

    "MCAgentExe" = "c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe" ["McAfee, Inc"]

    "MCUpdateExe" = "C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe" ["McAfee, Inc"]

    "VirusScan Online" = ""c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"" ["McAfee, Inc."]

    "VSOCheckTask" = ""c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask" ["McAfee, Inc."]

    "SM1BG" = "C:\WINDOWS\SM1BG.EXE" ["Cypress Semiconductor"]

    "SunJavaUpdateSched" = "C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe" [null data]

    "MSKUpd" = "C:\PROGRA~1\mcafee.com\shared\mghtml.exe mcp://C:\Program Files\McAfee\SpamKiller\mskupd.ui::chkupd.htm" ["McAfee, Inc"]

    "IndexSearch" = "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" ["ScanSoft, Inc."]

    "WinSvr" = "C:\WINDOWS\System32\WinSvr.exe" [file not found]

    "WPMon" = "C:\WINDOWS\System32\wpmon.exe" [file not found]

    "PCTAgent" = "C:\Program Files\Parental Controls\PCTHelp.exe" ["Netopia, Inc."]

    "Cmaudio" = "RunDll32 cmicnfg.cpl,CMICtrlWnd" [MS]

    HKLM\Software\Microsoft\Active Setup\Installed Components\

    {306D6C21-C1B6-4629-986C-E59E1875B8AF}\(Default) = (no title provided)

    \StubPath = ""C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser" [MS]

    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]

    {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = "Google Toolbar Helper" [from CLSID]

    -> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"

    -> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]

    "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

    "{5E44E225-A408-11CF-B581-008029601108}" = "Roxio DragToDisc Shell Extension"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\shellex.dll" ["Roxio"]

    "{A44D5ACC-3411-40DE-9AD3-214FFB2ED7AC}" = "My Media"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\MediaSX.dll" ["Roxio, Inc."]

    "{6EE51AA0-77A0-11D7-B4E1-000347126E46}" = "Window Washer Shell Shredding Utility"

    -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL" ["Webroot Software"]

    "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"

    -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]

    "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"

    -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]

    "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

    -> {CLSID}\InProcServer32\(Default) = "C:\program files\microsoft office\OFFICE11\msohev.dll" [MS]

    "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

    "{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice Property Sheet Handler"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org1.1.4\program\shlxthdl.dll" ["Sun Microsystems, Inc."]

    "{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]

    "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]

    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

    INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

    HKLM\Software\Classes\PROTOCOLS\Filter\

    INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

    Enabled Active Desktop and Wallpaper:

    -------------------------------------

    Active Desktop is disabled at this entry:

    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

    HKCU\Control Panel\Desktop\

    "Wallpaper" = "C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

    Enabled Screen Saver:

    ---------------------

    HKCU\Control Panel\Desktop\

    "SCRNSAVE.EXE" = "C:\WINDOWS\System32\LAKESS~1.SCR" (Lakes Screensaver.scr) [empty string]

    Autostart via AUTORUN.INF on local fixed drives:

    ------------------------------------------------

    INFECTION WARNING! D:\AUTORUN.INF -> "open=Setup.exe" ["InstallShield Software Corporation"]

    Enabled Scheduled Tasks:

    ------------------------

    "HP Usg Daily" -> launches: "C:\Program Files\hp photosmart 11\printer\Hphusg04.exe /t" ["Hewlett-Packard"]

    "HP Usg Login" -> launches: "C:\Program Files\hp photosmart 11\printer\Hphusg04.exe /t" ["Hewlett-Packard"]

    "McAfee.com Update Check (ABBA-Adnan)" -> launches: "C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe /Schedule" ["McAfee, Inc"]

    "McAfee.com Update Check (ABBA-Adnan_2)" -> launches: "C:\PROGRA~1\mcafee.com\agent\mcupdate.exe /Schedule" ["McAfee, Inc"]

    "McAfee.com Update Check (ABBA-Nazneen)" -> launches: "C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe /Schedule" ["McAfee, Inc"]

    "McAfee.com Update Check (ABBA-Valued Customer)" -> launches: "C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe /Schedule" ["McAfee, Inc"]

    "WebReg 20050405161341" -> launches: "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqwrg.exe /TaskName 20050405161341 /N "" /M /S /AP /F /T " ["Hewlett-Packard Co."]

    Winsock2 Service Provider DLLs:

    -------------------------------

    Namespace Service Providers

    HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

    000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

    000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

    000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

    Transport Service Providers

    HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

    0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

    itime.dll [null data], 01 - 03, 23

    %SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 09 - 22

    %SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08

    Toolbars, Explorer Bars, Extensions:

    ------------------------------------

    Toolbars

    HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\

    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

    -> {CLSID}\(Default) = "&Google"

    -> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

    -> {CLSID}\(Default) = "&Google"

    -> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

    HKLM\Software\Microsoft\Internet Explorer\Toolbar\

    "{BA52B914-B692-46C4-B683-905236F6F655}"

    -> {CLSID}\(Default) = "McAfee VirusScan"

    -> {CLSID}\InProcServer32\(Default) = "c:\progra~1\mcafee.com\vso\mcvsshl.dll" ["McAfee, Inc."]

    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

    -> {CLSID}\(Default) = "&Google"

    -> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

    Dormant Explorer Bars in "View, Explorer Bar" menu

    HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\

    (Default) = "&Research"

    Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

    InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]

    Extensions (Tools menu items, main toolbar menu buttons)

    HKLM\Software\Microsoft\Internet Explorer\Extensions\

    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

    "MenuText" = "Sun Java Console"

    "CLSIDExtension" = "{08B0E5C0-4FCB-11CF-AAA5-00401C608501}"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\msjava.dll" [MS]

    {92780B25-18CC-41C8-B9BE-3C9C571A8263}\

    "ButtonText" = "Research"

    {CD67F990-D8E9-11D2-98FE-00C0F0318AFE}\

    {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\

    "ButtonText" = "Yahoo! Messenger"

    "MenuText" = "Yahoo! Messenger"

    "Exec" = "C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe" ["Yahoo! Inc."]

    Running Services (Display Name, Service Name, Path {Service DLL}):

    ------------------------------------------------------------------

    Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]

    C-DillaCdaC11BA, C-DillaCdaC11BA, "C:\WINDOWS\System32\drivers\CDAC11BA.EXE" ["Macrovision"]

    McAfee.com McShield, McShield, "C:\Program Files\McAfee.com\VSO\mcshield.exe" ["Network Associates, Inc."]

    McAfee.com VirusScan Online Realtime Engine, MCVSRte, "c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe /Embedding" ["McAfee, Inc"]

    Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]

    WMDM PMSP Service, WMDM PMSP Service, "C:\WINDOWS\System32\MsPMSPSv.exe" [MS]

    ----------

    This report excludes default entries except where indicated.

    To see *everywhere* the script checks and *everything* it finds,

    launch it from a command prompt or a shortcut with the -all parameter.

    ----------

  6. From /.:

    stinerman writes "Today the house passed two bills aimed at stopping spyware / adware and unauthorized use of computers. H.R. 29 makes it 'unlawful for any person who is not the owner or authorized user of a protected computer to engage in deceptive acts or practices'. H.R. 744 (I-SPY Act) prohibits accessing a protected system via code copied on to the system to, among other things, disseminate personal information. Both bills sailed through the house and are expected to be passed by the Senate."

    Sounds like /very/ good news to me. :)

  7. Whenever he opens IE, it loads Google then almost instantly it changes to C:\WINDOWS\system32\notice.htm which says "Attention ! An Unwanted Internet URL with the keyword nazi was requested. Browser reset by system." After this appears, browsing can still be done. When in Firefox, the same page opens up in a new tab seemingly randomly. It happens every second that Yahoo is viewed. When Yahoo is viewed in IE, it pops up the tab in Firefox somehow as well. I've run Ad Aware and Spybot, both updated. Here is the log file:

    Logfile of HijackThis v1.99.1

    Scan saved at 10:04:32 AM, on 5/5/2002

    Platform: Windows XP SP1 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\System32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\System32\MsPMSPSv.exe

    C:\PROGRA~1\mcafee.com\agent\mcagent.exe

    C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

    C:\WINDOWS\SM1BG.EXE

    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    C:\PROGRA~1\mcafee.com\shared\mghtml.exe

    C:\WINDOWS\System32\WinSvr.exe

    C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe

    C:\WINDOWS\System32\wpmon.exe

    C:\Program Files\McAfee.com\VSO\mcshield.exe

    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

    C:\Program Files\Parental Controls\PCTHelp.exe

    C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe

    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

    C:\WINDOWS\System32\rundll32.exe

    C:\WINDOWS\System32\SysCtl.exe

    C:\DRS\Sys\UnivMgr.exe

    C:\WINDOWS\System32\wuauclt.exe

    C:\WINDOWS\system32\winmine.exe

    C:\WINDOWS\system32\ntvdm.exe

    C:\Program Files\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thelazygamer.com/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe

    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

    O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

    O4 - HKLM\..\Run: [MSKUpd] C:\PROGRA~1\mcafee.com\shared\mghtml.exe mcp://C:\Program Files\McAfee\SpamKiller\mskupd.ui::chkupd.htm

    O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

    O4 - HKLM\..\Run: [WinSvr] C:\WINDOWS\System32\WinSvr.exe

    O4 - HKLM\..\Run: [WPMon] C:\WINDOWS\System32\wpmon.exe

    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime

    O4 - HKLM\..\Run: [PCTAgent] C:\Program Files\Parental Controls\PCTHelp.exe

    O4 - HKLM\..\RunOnce: [index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Valued Customer"

    O4 - HKLM\..\RunOnce: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck

    O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe

    O4 - HKCU\..\RunOnce: [index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Valued Customer"

    O4 - Startup: PowerReg SchedulerV2.exe

    O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

    O10 - Broken Internet access because of LSP provider 'itime.dll' missing

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab

    O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab

    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab

    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab

    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/ComCtl...22/ComCtl32.cab

    O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab

    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

    O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.shizmoo.com/activex/web665.cab

    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab

    O16 - DPF: {89521361-EA5B-11D7-97CA-00E08103E149} (Parental Controls Agent Class) - http://pccfg.ourlinksys.com:8080/config/el...in/PCTAgent.cab

    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.napster.com/client/isetup.cab

    O16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave.com/content/angelx/So...eDownloader.cab

    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab

    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_0.cab

    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

    O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C:\Program Files\McAfee.com\VSO\mcshield.exe

    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

    O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

  8. If I'm understanding what you're saying, then you want your taskbar, and your system tray to have nothing but the clock. If you're not too opposed to big changes, I know bblean can do what you're asking. If you want to try this and need some help, feel free to IM or email me or something :). Here is a picture of my desktop with bblean. Note: the amount of customizability with bblean is astounding.

  9. I'd say go for it, buy the iPod. I've got one and I use it at least an hour a day at school. I've been doing this for a few months I'm guessing. I've also had my iPod since the beginning of last summer and have used it a lot. I haven't experienced any sort of battery troubles. I do have one thing to say though, make sure you have enough money to buy a set of good headphones.

  10. See for yourself :). I suggest anyone who listens to a lot of music to check out the site and signup. The only downside I can see is that they have a lot of users who listen to a lot of music so naturally it takes a lot server side. Because of this, they're sometimes down and other times just slow.
  11. Hello murtu. First off, congratulations on going to high school. This being my first year there, it is completely better than middle school. I personally don't have a flash drive, but several of my friends do. On the computers at our school, viruses aren't any concern, but they might be at yours. At one of the schools I go to, every time the computer is restarted or turned off, it restores the hard drive to a certain point so any files left on there will be deleted, including any viruses. I think they also have this at the other school I go to. Some of the things I've seen on friends flash drives:

    Trillian

    Firefox

    Opera

    Minesweeper (my personal fave ;))

    a Japanese game

    bblean

    and I believe one person has a lot of other windows customization programs like one that can make any window semi-transparent.

    Of course, they put homework and other things on there to finish up during seminar ;).

  12. dk, if you need some help on the programming side o' your site, I'd be more than willing to help. The few people I talk to call me an expert ;). I'm not good at design though, so you'll have to handle that side of things.