[murimuri]

so i switch on any external driver that i have (or occasionally use) on the com? that's what i did.

Attached Files

•  Diagnostic.txt   36.84KB   111 downloads

[Advertisements]

Yes, that's right.

Can you tell me what this relates to?

E:\\mwcinstall.exe

[Cookiegal]

Yes, that's right.

Can you tell me what this relates to?

E:\\mwcinstall.exe

[murimuri]

eh.. E drive?
But, the E drive is the DVD-drive... (the one with the problems!!!!)
so... I'm not sure?

My external drive would be G and above (depending on how many external flash disks/hard drives i plug in....)
[The F drive is my other CD-drive]

[Cookiegal]

OK, do I understand correctly that you D drive is a second partition where you have your "My Documents" etc.?

When you click on your E drive, does it show any files listed? I assume there is no media in the drive.

[murimuri]

Ah, nope, my D drive is my second partition but "user's documents" and the usual program files etc are all in the C drive. (the things in the D drive have all been manually added)

And, funny thing is, despite there not being anything in the E drive, I am still able to open the drive. I wonder why. and nope, no files listed...

[Cookiegal]

Do you have that problem with the backslash everywhere or just with the D:\?

I'm attaching a Fixmur.zip file. Save it to your desktop. Unzip it and double-click the Fixmur.reg file and allow it to enter into the registry.

Reboot and let me know if the problem persists please

Attached Files

•  Fixmur.zip   284bytes   71 downloads

[murimuri]

It occurs with any program associated with the explorer I believe. Not just a particular drive. But like, when opening "Run" and typing there it will also appear as such.
I downloaded the fixmur.. but no change ><'

[Cookiegal]

Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

• Close any open browsers.
• Disconnect from the Internet.
• Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of OTScanIt.
• Open the OTScanIt folder and double-click on OTScanIt.exe to start the program.
• Check the box that says Scan All User Accounts
• Under Drivers select the radio button for All
• Check the Radio buttons for Files/Folders Created Within 90 Days and Files/Folders Modified Within 90 Days
• Under Additional Scans check the following:
  • Reg - BotCheck
  • Reg - Disabled MS Config Items
  • Reg - File Associations
  • Reg - IE CmdMapping
  • Reg - Security Settings
  • Reg - Session Manager Settings
  • Reg - Shell Spawning
  • Reg - Software Policy Settings
  • Reg - Uninstall List
  • Reg - WOW Settings
  • Evnt - EventViewer Errors/Warnings (last 7 days)
• Now click the Run Scan button on the toolbar.
• The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it automatically.
• Save that Notepad file. Click the Format menu and make sure that Word wrap is not checked. If it is then click on it to uncheck it.

Use the Reply button and upload Notepad file here as an attachment please.

[murimuri]

oh by the way, the radio buttons for "non-microsoft" files only were checked... that's default right?

Attached Files

•  OTScanIt.Txt   432.89KB   136 downloads

[Cookiegal]

Start OTScanIt. Copy/Paste the information in the code box below into the pane where it says "Paste fix here" and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the OK button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new HijackThis log please.

[Kill Explorer]
[Unregister Dlls]
[Registry - Non-Microsoft Only]
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> ~EmptyValue -> []
< Run [HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> ~EmptyValue -> []
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
YN -> {62E65991-BAFA-4AFB-9B40-06039E276D28}:BandCLSID -> Reg Error: Key does not exist or could not be opened. [??????]
YN -> {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [BitComet]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{62E65991-BAFA-4AFB-9B40-06039E276D28} [HKEY_LOCAL_MACHINE] -> [??????]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\] > -> HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{62E65991-BAFA-4AFB-9B40-06039E276D28} [HKEY_LOCAL_MACHINE] -> [??????]
[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> 
YY -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\grdmgr.exe -> %SystemRoot%\system32\grdmgr.exe [C:\WINDOWS\system32\grdmgr.exe:*:Enabled:CDN ¨¡AAIAu¨uU ￥i¡I￠￢o]
< Security Settings > -> 
YY -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\grdmgr.exe -> %SystemRoot%\system32\grdmgr.exe [C:\WINDOWS\system32\grdmgr.exe:*:Enabled:CDN ¨¡AAIAu¨uU ￥i¡I￠￢o]
[Files/Folders - Created Within 90 days]
NY -> 5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp
NY -> 4 C:\windows\*.tmp files -> C:\windows\*.tmp
[Files/Folders - Modified Within 90 days]
NY -> 5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp
NY -> 4 C:\windows\*.tmp files -> C:\windows\*.tmp
NY -> 500 C:\Documents and Settings\user\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\user\Local Settings\Temp\*.tmp
[Extra Files]
C:\WINDOWS\system32\grdmgr.exe
[Empty Temp Folders]
[Start Explorer]
[Reboot]

[murimuri]

Explorer killed successfully
[Registry - Non-Microsoft Only]
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\~EmptyValue deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\~EmptyValue not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{62E65991-BAFA-4AFB-9B40-06039E276D28}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62E65991-BAFA-4AFB-9B40-06039E276D28}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{62E65991-BAFA-4AFB-9B40-06039E276D28} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62E65991-BAFA-4AFB-9B40-06039E276D28}\ not found.
Registry value HKEY_USERS\S-1-5-21-2052111302-1482476501-1801674531-1004\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{62E65991-BAFA-4AFB-9B40-06039E276D28} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62E65991-BAFA-4AFB-9B40-06039E276D28}\ not found.
[Registry - Additional Scans - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\grdmgr.exe deleted successfully.
C:\windows\system32\grdmgr.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\grdmgr.exe not found.
File C:\windows\system32\grdmgr.exe not found.
[Files/Folders - Created Within 90 days]
[Files/Folders - Modified Within 90 days]
C:\Documents and Settings\user\Local Settings\Temp\DivE20.tmp folder deleted successfully.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DF1084.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DF2C97.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DFDA79.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DFFF66.tmp scheduled to be deleted on reboot.
[Extra Files]
< C:\WINDOWS\system32\grdmgr.exe >
File/Folder C:\WINDOWS\system32\grdmgr.exe not found.
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\Perflib_Perfdata_5c4.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DF1084.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DFDA79.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\user\Local Settings\Temp\~DFFF66.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
OTScanIt by OldTimer - Version 1.0.19.0 fix logfile created on 09122008_181104

Files moved on Reboot...
C:\Documents and Settings\user\Local Settings\Temp\~DF1084.tmp moved successfully.
File C:\Documents and Settings\user\Local Settings\Temp\~DF2C97.tmp not found!
C:\Documents and Settings\user\Local Settings\Temp\~DFDA79.tmp moved successfully.
C:\Documents and Settings\user\Local Settings\Temp\~DFFF66.tmp moved successfully.
File C:\Documents and Settings\user\Local Settings\Temp\Perflib_Perfdata_5c4.dat not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.

------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:20:43 PM, on 9/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\notepad.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\windows\system32\slserv.exe
C:\windows\system32\svchost.exe
C:\windows\vsnpstd.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
D:\Program Files\BitComet\BitComet.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: jBrowse Toolbar - {9E5BD40E-6287-11D6-9772-0002A5DD2483} - C:\PROGRA~1\jBrowse\JBO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [snpstd] C:\windows\vsnpstd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.appl...ex/qtplugin.cab
O16 - DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} (BMSpeedCheck Control) - http://www.pdbox.co....MSpeedCheck.cab
O16 - DPF: {2B866353-E598-4403-8E4D-B871AB30DC55} (Speed Class) - http://www.singnet.c...a/SpeedCtrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.su...ows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} (MultiUpload Control) - http://www.clubbox.c...MultiUpload.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\windows\SYSTEM32\slserv.exe

--
End of file - 9954 bytes

Edited by murimuri, 12 September 2008 - 04:30 AM.

[Cookiegal]

Do you still have the problem with the backslash?

[murimuri]

well... I do, but I'm thinking, since I've cleaned the com this much, I figured, it shouldn't be too harmful (right?)
ahaha, since it doesn't really affect the performance of the com much (I should think so...) I think I'll just leave it as it is.
no other way I suppose xD

but, THANKS A LOT in any case :3
at least the trojans and trackers are removed now ^_^

[Cookiegal]

I don't really like leaving it like that.

Do you remember when it started showing that way?

[murimuri]

hmm... >< not really, it has really been quite a while..
if i'm not wrong, it was before i installed avg so... a few months perhaps?