General User
Level: 1
Joined: 3/4/2007 7:59:11 PM

I have a new flashing icon in my taskbar that constantly pops up a balloon message that says 'System Alert'. I close it down but it comes back up every 30 seconds or so, again with the same message 'System Alert' telling me that I have spyware on my PC. The balloon looks like this :




I ran Adware Away, it found and removed some stuff, but the balloon is still there, I attach my fresh adware away log file below, any help will be appreciated.

*************************************************************
* Adware Away 3.0.2
* Global Scan Log File For Windows XP
* Log created time : 2007-3-4 17:43:21
* For more information,please visit:
* WebSite: http://www.AdwareAway.net
* OR
* Support: Support@AdwareAway.net
*
* {7878638a-35a1-5796-9522-cf060011fce9}
* 2006-06-30 2006-06-30
*************************************************************
====================All Running Processes====================
Running Process : N/A (security restriction)
Running Process : N/A (security restriction)
Running Process : \SystemRoot\System32\smss.exe
Running Process : \??\C:\WINDOWS\system32\csrss.exe
Running Process : \??\C:\WINDOWS\system32\winlogon.exe
Running Process : C:\WINDOWS\system32\services.exe
Running Process : C:\WINDOWS\system32\lsass.exe
Running Process : C:\WINDOWS\system32\svchost.exe
Running Process : C:\WINDOWS\System32\svchost.exe
Running Process : C:\WINDOWS\System32\svchost.exe
Running Process : C:\WINDOWS\System32\svchost.exe
Running Process : C:\WINDOWS\system32\spoolsv.exe
Running Process : C:\PROGRA~1\Iomega\System32\AppServices.exe
Running Process : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Running Process : C:\WINDOWS\System32\nvsvc32.exe
Running Process : C:\Program Files\Bonjour\mDNSResponder.exe
Running Process : C:\Program Files\Iomega HotBurn\Autolaunch.exe
Running Process : C:\WINDOWS\SOUNDMAN.EXE
Running Process : C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
Running Process : C:\Program Files\Microsoft Hardware\Mouse\point32.exe
Running Process : C:\Program Files\QuickTime\qttask.exe
Running Process : C:\WINDOWS\System32\ctfmon.exe
Running Process : C:\Program Files\WinZip\WZQKPICK.EXE
Running Process : C:\WINDOWS\System32\svchost.exe
Running Process : C:\WINDOWS\System32\wuauclt.exe
Running Process : C:\WINDOWS\System32\rundll32.exe
Running Process : C:\Program Files\SpyDawn\SpyDawn.exe
Running Process : C:\WINDOWS\explorer.exe
Running Process : C:\Program Files\Outlook Express\msimn.exe
Running Process : C:\Program Files\Adware Away\AdAway.exe

====================All Running Services====================
Running Service [0] : ACPI - System32\DRIVERS\ACPI.sys - Microsoft ACPI Driver
Driver [4] : ACPIEC - C:\WINDOWS\System32\drivers\ACPIEC.sys :[Microsoft Corporation - 11648 5.1.2600.0]
Running Service [2] : AFD - \SystemRoot\System32\drivers\afd.sys - AFD Networking Support Environment
Running Service [0] : atapi - System32\DRIVERS\atapi.sys - Standard IDE/ESDI Hard Disk Controller
Running Service [2] : AudioSrv - %SystemRoot%\System32\svchost.exe -k netsvcs - Windows Audio
Driver [1] : Beep - C:\WINDOWS\System32\drivers\Beep.sys :[Microsoft Corporation - 4224 5.1.2600.0]
Running Service [2] : BITS - %SystemRoot%\System32\svchost.exe -k netsvcs - Background Intelligent Transfer Service
Running Service [2] : Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe" - Bonjour Service
Running Service [2] : Browser - %SystemRoot%\System32\svchost.exe -k netsvcs - Computer Browser
Driver [4] : cbidf2k - C:\WINDOWS\System32\drivers\cbidf2k.sys :[Microsoft Corporation - 13952 5.1.2600.0]
Driver [1] : Cdaudio - C:\WINDOWS\System32\drivers\Cdaudio.sys :[Microsoft Corporation - 18688 5.1.2600.0]
Driver [4] : Cdfs - C:\WINDOWS\System32\drivers\Cdfs.sys :[Microsoft Corporation - 59648 5.1.2600.1106]
Running Service [2] : CryptSvc - %SystemRoot%\system32\svchost.exe -k netsvcs - Cryptographic Services
Running Service [2] : Dhcp - %SystemRoot%\System32\svchost.exe -k netsvcs - DHCP Client
Running Service [0] : Disk - System32\DRIVERS\disk.sys - Disk Driver
Driver [0] : dnbudf - C:\WINDOWS\System32\drivers\dnbudf.sys :[Iomega Corporation - 402816 1.11.199.51]
Running Service [2] : Dnscache - %SystemRoot%\System32\svchost.exe -k NetworkService - DNS Client
Running Service [2] : ERSvc - %SystemRoot%\System32\svchost.exe -k netsvcs - Error Reporting Service
Running Service [2] : Eventlog - %SystemRoot%\system32\services.exe - Event Log
Driver [4] : Fastfat - C:\WINDOWS\System32\drivers\Fastfat.sys :[Microsoft Corporation - 145152 5.1.2600.1106]
Driver [1] : Fips - C:\WINDOWS\System32\drivers\Fips.sys :[Microsoft Corporation - 34944 5.1.2600.0]
Driver [1] : Fs_Rec - C:\WINDOWS\System32\drivers\Fs_Rec.sys :[Microsoft Corporation - 7936 5.1.2600.0]
Running Service [0] : Ftdisk - System32\DRIVERS\ftdisk.sys - Volume Manager Driver
Running Service [2] : helpsvc - %SystemRoot%\System32\svchost.exe -k netsvcs - Help and Support
Running Service [0] : iomdisk - System32\DRIVERS\iomdisk.sys - Iomega Devices Disk Filter Services
Running Service [2] : Iomega App Services - "C:\PROGRA~1\Iomega\System32\AppServices.exe" - Iomega App Services
Running Service [0] : isapnp - System32\DRIVERS\isapnp.sys - PnP ISA/EISA Bus Driver
Driver [0] : KSecDD - C:\WINDOWS\System32\drivers\KSecDD.sys :[Microsoft Corporation - 79744 5.1.2600.0]
Running Service [2] : lanmanserver - %SystemRoot%\System32\svchost.exe -k netsvcs - Server
Running Service [2] : lanmanworkstation - %SystemRoot%\System32\svchost.exe -k netsvcs - Workstation
Running Service [2] : LmHosts - %SystemRoot%\System32\svchost.exe -k LocalService - TCP/IP NetBIOS Helper
Running Service [2] : MDM - "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" - Machine Debug Manager
Driver [1] : mnmdd - C:\WINDOWS\System32\drivers\mnmdd.sys :[Microsoft Corporation - 4224 5.1.2600.0]
Driver [3] : Modem - C:\WINDOWS\System32\drivers\Modem.sys :[Microsoft Corporation - 28800 5.1.2600.0]
Driver [0] : MountMgr - C:\WINDOWS\System32\drivers\MountMgr.sys :[Microsoft Corporation - 37504 5.1.2600.0]
Driver [1] : Msfs - C:\WINDOWS\System32\drivers\Msfs.sys :[Microsoft Corporation - 18048 5.1.2600.0]
Driver [0] : Mup - C:\WINDOWS\System32\drivers\Mup.sys :[Microsoft Corporation - 104064 5.1.2600.1106]
Driver [0] : NDIS - C:\WINDOWS\System32\drivers\NDIS.sys :[Microsoft Corporation - 167552 5.1.2600.1106]
Driver [3] : NDProxy - C:\WINDOWS\System32\drivers\NDProxy.sys :[Microsoft Corporation - 38016 5.1.2600.0]
Driver [1] : Npfs - C:\WINDOWS\System32\drivers\Npfs.sys :[Microsoft Corporation - 29568 5.1.2600.0]
Driver [4] : Ntfs - C:\WINDOWS\System32\drivers\Ntfs.sys :[Microsoft Corporation - 561920 5.1.2600.1106]
Driver [1] : Null - C:\WINDOWS\System32\drivers\Null.sys :[Microsoft Corporation - 2944 5.1.2600.0]
Running Service [2] : NVSvc - %SystemRoot%\System32\nvsvc32.exe - NVIDIA Driver Helper Service
Driver [0] : PartMgr - C:\WINDOWS\System32\drivers\PartMgr.sys :[Microsoft Corporation - 18688 5.1.2600.0]
Driver [2] : ParVdm - C:\WINDOWS\System32\drivers\ParVdm.sys :[Microsoft Corporation - 6784 5.1.2600.0]
Running Service [0] : PCI - System32\DRIVERS\pci.sys - PCI Bus Driver
Driver [4] : Pcmcia - C:\WINDOWS\System32\drivers\Pcmcia.sys :[Microsoft Corporation - 115712 5.1.2600.1106]
Running Service [2] : PlugPlay - %SystemRoot%\system32\services.exe - Plug and Play
Running Service [2] : PolicyAgent - %SystemRoot%\System32\lsass.exe - IPSEC Services
Running Service [2] : ProtectedStorage - %SystemRoot%\system32\lsass.exe - Protected Storage
Driver [3] : RDPWD - C:\WINDOWS\System32\drivers\RDPWD.sys :[Microsoft Corporation - 116104 5.1.2600.1698]
Running Service [2] : RpcSs - %SystemRoot%\system32\svchost -k rpcss - Remote Procedure Call (RPC)
Running Service [2] : SamSs - %SystemRoot%\system32\lsass.exe - Security Accounts Manager
Running Service [2] : seclogon - %SystemRoot%\System32\svchost.exe -k netsvcs - Secondary Logon
Running Service [2] : SENS - %SystemRoot%\system32\svchost.exe -k netsvcs - System Event Notification
Driver [1] : Sfloppy - C:\WINDOWS\System32\drivers\Sfloppy.sys :[Microsoft Corporation - 10496 5.1.2600.1106]
Running Service [2] : ShellHWDetection - %SystemRoot%\System32\svchost.exe -k netsvcs - Shell Hardware Detection
Running Service [2] : Spooler - %SystemRoot%\system32\spoolsv.exe - Print Spooler
Running Service [0] : sr - System32\DRIVERS\sr.sys - System Restore Filter Driver
Running Service [2] : srservice - %SystemRoot%\System32\svchost.exe -k netsvcs - System Restore Service
Driver [3] : TDPIPE - C:\WINDOWS\System32\drivers\TDPIPE.sys :[Microsoft Corporation - 11144 5.1.2600.0]
Driver [3] : TDTCP - C:\WINDOWS\System32\drivers\TDTCP.sys :[Microsoft Corporation - 20232 5.1.2600.0]
Running Service [2] : Themes - %SystemRoot%\System32\svchost.exe -k netsvcs - Themes
Running Service [2] : TrkWks - %SystemRoot%\system32\svchost.exe -k netsvcs - Distributed Link Tracking Client
Driver [4] : Udfs - C:\WINDOWS\System32\drivers\Udfs.sys :[Microsoft Corporation - 64000 5.1.2600.1106]
Running Service [2] : uploadmgr - %SystemRoot%\System32\svchost.exe -k netsvcs - Upload Manager
Running Service [0] : ViaIde - System32\DRIVERS\viaide.sys -
Driver [0] : VolSnap - C:\WINDOWS\System32\drivers\VolSnap.sys :[Microsoft Corporation - 49152 5.1.2600.0]
Running Service [2] : W32Time - %SystemRoot%\System32\svchost.exe -k netsvcs - Windows Time
Running Service [2] : WebClient - %SystemRoot%\System32\svchost.exe -k LocalService - WebClient
Running Service [2] : winmgmt - %systemroot%\system32\svchost.exe -k netsvcs - Windows Management Instrumentation
Running Service [2] : wuauserv - %systemroot%\system32\svchost.exe -k netsvcs - Automatic Updates
Running Service [2] : WZCSVC - %SystemRoot%\System32\svchost.exe -k netsvcs - Wireless Zero Configuration

====================SVCHOST DLLs====================
Alerter = C:\WINDOWS\system32\alrsvc.dll [Microsoft Corporation] [15872 5.1.2600.0]
*AppMgmt = C:\WINDOWS\System32\appmgmts.dll [] [-1 0.0.0.0]
AudioSrv = C:\WINDOWS\System32\audiosrv.dll [Microsoft Corporation] [38912 5.1.2600.1106]
BITS = C:\WINDOWS\System32\qmgr.dll [Microsoft Corporation] [361984 6.6.2600.1569]
Browser = C:\WINDOWS\System32\browser.dll [Microsoft Corporation] [49152 5.1.2600.1106]
CryptSvc = C:\WINDOWS\System32\cryptsvc.dll [Microsoft Corporation] [53760 5.1.2600.1190]
Dhcp = C:\WINDOWS\System32\dhcpcsvc.dll [Microsoft Corporation] [103936 5.1.2600.1847]
dmserver = C:\WINDOWS\System32\dmserver.dll [Microsoft Corp.] [21504 2600.0.503.0]
Dnscache = C:\WINDOWS\System32\dnsrslvr.dll [Microsoft Corporation] [44032 5.1.2600.0]
ERSvc = C:\WINDOWS\System32\ersvc.dll [Microsoft Corporation] [19456 5.1.2600.1106]
EventSystem = C:\WINDOWS\System32\es.dll [Microsoft Corporation] [227328 2001.12.4414.62]
FastUserSwitchingCompatibility = C:\WINDOWS\System32\shsvcs.dll [Microsoft Corporation] [116736 6.0.2800.1605]
helpsvc = C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [Microsoft Corporation] [29696 5.1.2600.1106]
*HidServ = C:\WINDOWS\System32\hidserv.dll [] [-1 0.0.0.0]
lanmanserver = C:\WINDOWS\System32\srvsvc.dll [Microsoft Corporation] [79872 5.1.2600.1613]
lanmanworkstation = C:\WINDOWS\System32\wkssvc.dll [Microsoft Corporation] [119808 5.1.2600.1309]
LmHosts = C:\WINDOWS\System32\lmhsvc.dll [Microsoft Corporation] [12288 5.1.2600.0]
Messenger = C:\WINDOWS\System32\msgsvc.dll [Microsoft Corporation] [32256 5.1.2600.1309]
Netman = C:\WINDOWS\System32\netman.dll [Microsoft Corporation] [154624 5.1.2600.1733]
Nla = C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation] [228352 5.1.2600.0]
NtmsSvc = C:\WINDOWS\system32\ntmssvc.dll [Microsoft Corporation] [392704 5.1.2400.1106]
RasAuto = C:\WINDOWS\System32\rasauto.dll [Microsoft Corporation] [82944 5.1.2600.0]
RasMan = C:\WINDOWS\System32\rasmans.dll [Microsoft Corporation] [169984 5.1.2600.1842]
RemoteAccess = C:\WINDOWS\System32\mprdim.dll [Microsoft Corporation] [49152 5.1.2600.0]
RpcSs = C:\WINDOWS\system32\rpcss.dll [Microsoft Corporation] [276992 5.1.2600.1720]
Schedule = C:\WINDOWS\system32\schedsvc.dll [Microsoft Corporation] [172544 5.1.2600.1564]
seclogon = C:\WINDOWS\System32\seclogon.dll [Microsoft Corporation] [20992 5.1.2600.0]
SENS = C:\WINDOWS\system32\sens.dll [Microsoft Corporation] [36352 5.1.2600.1106]
SharedAccess = C:\WINDOWS\System32\ipnathlp.dll [Microsoft Corporation] [439808 5.1.2600.1364]
ShellHWDetection = C:\WINDOWS\System32\shsvcs.dll [Microsoft Corporation] [116736 6.0.2800.1605]
srservice = C:\WINDOWS\System32\srsvc.dll [Microsoft Corporation] [158720 5.1.2600.1106]
SSDPSRV = C:\WINDOWS\System32\ssdpsrv.dll [Microsoft Corporation] [43008 5.1.2600.1106]
stisvc = C:\WINDOWS\system32\wiaservc.dll [Microsoft Corporation] [316416 5.1.2600.1106]
TapiSrv = C:\WINDOWS\System32\tapisrv.dll [Microsoft Corporation] [238592 5.1.2600.1715]
TermService = C:\WINDOWS\System32\termsrv.dll [Microsoft Corporation] [200192 5.1.2600.1106]
Themes = C:\WINDOWS\System32\shsvcs.dll [Microsoft Corporation] [116736 6.0.2800.1605]
TrkWks = C:\WINDOWS\system32\trkwks.dll [Microsoft Corporation] [81920 5.1.2600.1106]
uploadmgr = C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [Microsoft Corporation] [29696 5.1.2600.1106]
upnphost = C:\WINDOWS\System32\upnphost.dll [Microsoft Corporation] [164864 5.1.2600.1106]
W32Time = C:\WINDOWS\System32\w32time.dll [Microsoft Corporation] [165376 5.1.2600.1106]
WebClient = C:\WINDOWS\System32\webclnt.dll [Microsoft Corporation] [64000 5.1.2600.1790]
winmgmt = C:\WINDOWS\system32\wbem\WMIsvc.dll [Microsoft Corporation] [101376 5.1.2600.1106]
WmdmPmSN = C:\WINDOWS\System32\MsPMSNSv.dll [Microsoft Corporation] [25088 10.0.3790.3802]
wuauserv = C:\WINDOWS\System32\wuauserv.dll [Microsoft Corporation] [9216 5.4.3630.1106]
WZCSVC = C:\WINDOWS\System32\wzcsvc.dll [Microsoft Corporation] [264704 5.1.2600.1106]

====================LSPs====================
Provider Name :MSAFD Tcpip [TCP/IP]
Protocol ID :e70f1aa0-ab8b-11cf-8ca3-00805f48a192
Protocol :IPPROTO_TCP
LSP Type :Base LSP
Address Family :AF_INET
Socket Type :SOCK_STREAM
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD Tcpip [UDP/IP]
Protocol ID :e70f1aa0-ab8b-11cf-8ca3-00805f48a192
Protocol :IPPROTO_UDP
LSP Type :Base LSP
Address Family :AF_INET
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD Tcpip [RAW/IP]
Protocol ID :e70f1aa0-ab8b-11cf-8ca3-00805f48a192
Protocol :IPPROTO_IP
LSP Type :Base LSP
Address Family :AF_INET
Socket Type :SOCK_RAW
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :RSVP UDP Service Provider
Protocol ID :9d60a9e0-337a-11d0-bd88-0000c082e69a
Protocol :IPPROTO_UDP
LSP Type :Base LSP
Address Family :AF_INET
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\rsvpsp.dll

Provider Name :RSVP TCP Service Provider
Protocol ID :9d60a9e0-337a-11d0-bd88-0000c082e69a
Protocol :IPPROTO_TCP
LSP Type :Base LSP
Address Family :AF_INET
Socket Type :SOCK_STREAM
DLL Path :%SystemRoot%\system32\rsvpsp.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{0AEE356D-ACA2-4B07-B5A9-E6C52F33A65A}] SEQPACKET 0
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_SEQPACKET
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{0AEE356D-ACA2-4B07-B5A9-E6C52F33A65A}] DATAGRAM 0
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{ACF1F1F1-954A-4DAD-A081-545C2901865D}] SEQPACKET 1
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_SEQPACKET
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{ACF1F1F1-954A-4DAD-A081-545C2901865D}] DATAGRAM 1
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{2AF762C2-9426-46AD-B011-6F0B18F0282C}] SEQPACKET 2
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_SEQPACKET
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{2AF762C2-9426-46AD-B011-6F0B18F0282C}] DATAGRAM 2
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{54B95A54-9F13-4634-9F35-E23D8ECF5486}] SEQPACKET 3
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_SEQPACKET
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{54B95A54-9F13-4634-9F35-E23D8ECF5486}] DATAGRAM 3
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{99DE33AF-4CC1-4064-93EE-B1FC95FBC967}] SEQPACKET 4
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_SEQPACKET
DLL Path :%SystemRoot%\system32\mswsock.dll

Provider Name :MSAFD NetBIOS [\Device\NetBT_Tcpip_{99DE33AF-4CC1-4064-93EE-B1FC95FBC967}] DATAGRAM 4
Protocol ID :8d5f1830-c273-11cf-95c8-00805f48a192
Protocol :Unknown
LSP Type :Base LSP
Address Family :AF_NETBIOS
Socket Type :SOCK_DGRAM
DLL Path :%SystemRoot%\system32\mswsock.dll


====================Auto-Run====================
Auto-Run : HKCU\Run\ctfmon.exe=C:\WINDOWS\System32\ctfmon.exe=[Microsoft Corporation]=[13312=5.1.2600.1106]
Auto-Run : HKCU\Run\updateMgr=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe=[Adobe Systems Incorporated]=[313472=3.1.0.10]
Auto-Run : HKLM\Run\Drag'n'Drop_Autolaunch=C:\Program Files\Iomega HotBurn\Autolaunch.exe=[Iomega Corporation]=[126976=1.1.0.0]
Auto-Run : HKLM\Run\SoundMan=SOUNDMAN.EXE=[Realtek Semiconductor Corp.]=[46592=5.0.0.14]
Auto-Run : HKLM\Run\Adobe Photo Downloader=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe=[Adobe Systems Incorporated]=[57344=3.0.0.49815]
Auto-Run : HKLM\Run\POINTER=point32.exe=[]=[0=0.0.0.0]
Auto-Run : HKLM\Run\QuickTime Task=C:\Program Files\QuickTime\qttask.exe=[Apple Computer, Inc.]=[155648=7.0.2.120]
Auto-Run : HKLM\Policies\Run\user32.dll=C:\Program Files\Video Access ActiveX Object\isamntr.exe=[]=[36864=0.0.0.0]
Auto-Run : HKLM\Policies\Run\rare=C:\Program Files\Video Access ActiveX Object\pmsnrr.exe=[]=[33280=0.0.0.0]
Auto-Run : HKLM\AppInit_Dlls\AppInit_Dlls=(1)=[]=[0=0.0.0.0]
Auto-Run : HKLM\Winlogon\shell=explorer.exe=[Microsoft Corporation]=[1004032=6.0.2800.1106]
Auto-Run : HKLM\Winlogon\userinit=C:\WINDOWS\system32\userinit.exe,=[Microsoft Corporation]=[22016=5.1.2600.1106]
Auto-Run : HKLM\Winlogon\system==[]=[0=0.0.0.0]
Auto-Run : HKLM\Winlogon\UIHost=logonui.exe=[Microsoft Corporation]=[504320=6.0.2800.1106]
Auto-Run : HKCU\NT\Windows\Load==[]=[0=0.0.0.0]
Auto-Run : HKLM\ShellService\PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}:C:\WINDOWS\system32\SHELL32.dll=[]=[0=0.0.0.0]
Auto-Run : HKLM\ShellService\CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}:C:\WINDOWS\system32\SHELL32.dll=[]=[0=0.0.0.0]
Auto-Run : HKLM\ShellService\WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}:C:\WINDOWS\System32\webcheck.dll=[]=[0=0.0.0.0]
Auto-Run : HKLM\ShellService\SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}:C:\WINDOWS\System32\stobject.dll=[]=[0=0.0.0.0]
Auto-Run : HKLM\SharedTask\{438755C2-A8BA-11D1-B96B-00A0C90312E1}=Browseui preloader:C:\WINDOWS\System32\browseui.dll=[]=[0=0.0.0.0]
Auto-Run : HKLM\SharedTask\{8C7461EF-2B13-11d2-BE35-3078302C2030}=Component Categories cache daemon:C:\WINDOWS\System32\browseui.dll=[]=[0=0.0.0.0]
Auto-Run : HKLM\Session\BootExecute=autocheck autochk *=[]=[0=0.0.0.0]
*Auto-Run : HKLM\Session=PendingFileRenameOperations=??\C:\DOCUME~1\DANMUR~1\LOCALS~1\Temp\GLB1A2B.EXE==[]=[0=0.0.0.0]
Auto-Run : C:\Documents and Settings\dan murano\Start Menu\Programs\Startup\.protected
Auto-Run : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\.protected
Auto-Run : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
Auto-Run : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk
Auto-Run : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\WinZip Quick Pick.lnk

====================System Restrictions====================

====================IE Pages====================
IE Page :SearchURL=http://www.google.com
IE Page :Start Page=http://www.yahoo.com/
IE Page :Default_Page_URL=www.yahoo.com
IE Page :Search Bar=http://www.google.com/ie
IE Page :Search Page=http://www.google.com
IE Page :SearchAssistant=http://www.google.com/ie
IE Page :Start Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE Page :Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE Page :Default_Search_URL=http://www.google.com/ie
IE Page :Search Bar=http://www.google.com
IE Page :Search Page=http://www.google.com
IE Page :SearchAssistant=http://www.google.com/ie
IE Page :CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm

====================IE Url Prefix====================
IE UrlPrefix :DefaultPrefix=http://
IE UrlPrefix :ftp=ftp://
IE UrlPrefix :gopher=gopher://
IE UrlPrefix :home=http://
IE UrlPrefix :mosaic=http://
IE UrlPrefix :www=http://

====================IE UrlSearchHook====================
IE UrlSearchHook(HKCU) :{CFBFAE00-17A6-11D0-99CB-00C04FD64497}=C:\WINDOWS\System32\shdocvw.dll
IE UrlSearchHook(HKLM) :{CFBFAE00-17A6-11D0-99CB-00C04FD64497}=C:\WINDOWS\System32\shdocvw.dll

====================IE BHO && Toolbar====================
IE BHO : {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}==[2012821982 = 0.48968.63008.14819]
IE BHO : {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D}=C:\Program Files\Video Access ActiveX Object\isadd.dll=[16896 = 0.0.0.0]
IE Toolbar : {8E718888-423F-11D2-876E-00A0C9082467}=C:\WINDOWS\System32\msdxm.ocx=[844048 = 0.4.9.1128]
IE Toolbar : {84938242-5C5B-4A55-B6B9-A1507543B418}=C:\Program Files\Video Access ActiveX Object\iesplugin.dll=[29184 = 0.0.0.0]

====================Protocol Filter====================
Protocol Filter : application/octet-stream={1E66F26B-79EE-11D2-8710-00C04F79ED0D}=C:\WINDOWS\System32\mscoree.dll=[155648 = 1.1.4322.2032]
Protocol Filter : application/x-complus={1E66F26B-79EE-11D2-8710-00C04F79ED0D}=C:\WINDOWS\System32\mscoree.dll=[155648 = 1.1.4322.2032]
Protocol Filter : application/x-msdownload={1E66F26B-79EE-11D2-8710-00C04F79ED0D}=C:\WINDOWS\System32\mscoree.dll=[155648 = 1.1.4322.2032]
Protocol Filter : Class Install Handler={32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}=C:\WINDOWS\system32\urlmon.dll=[461824 = 6.0.2800.1572]
Protocol Filter : deflate={8f6b0360-b80d-11d0-a9b3-006097942311}=C:\WINDOWS\system32\urlmon.dll=[461824 = 6.0.2800.1572]
Protocol Filter : gzip={8f6b0360-b80d-11d0-a9b3-006097942311}=C:\WINDOWS\system32\urlmon.dll=[461824 = 6.0.2800.1572]
Protocol Filter : lzdhtml={8f6b0360-b80d-11d0-a9b3-006097942311}=C:\WINDOWS\system32\urlmon.dll=[461824 = 6.0.2800.1572]
Protocol Filter : text/webviewhtml={733AC4CB-F1A4-11d0-B951-00A0C90312E1}=C:\WINDOWS\system32\SHELL32.dll=[8353280 = 6.0.2800.1873]

====================Notify Dlls====================
Notify Dll : crypt32chain=crypt32.dll=[-1 = 5.131.2600.1123]
Notify Dll : cryptnet=cryptnet.dll=[-1 = 5.131.2600.0]
Notify Dll : cscdll=cscdll.dll=[-1 = 5.1.2600.1599]
Notify Dll : ScCertProp=wlnotify.dll=[-1 = 5.1.2600.1106]
Notify Dll : Schedule=wlnotify.dll=[-1 = 5.1.2600.1106]
Notify Dll : sclgntfy=sclgntfy.dll=[-1 = 5.1.2600.0]
Notify Dll : SensLogn=WlNotify.dll=[-1 = 5.1.2600.1106]
Notify Dll : termsrv=wlnotify.dll=[-1 = 5.1.2600.1106]
Notify Dll : wlballoon=wlnotify.dll=[-1 = 5.1.2600.1106]

====================Shell Extensions====================
Shell Extension : {42071714-76d4-11d1-8b24-00a0c9068ff3}=C:\WINDOWS\System32\deskpan.dll=[=-1 = 0.0.0.0]
Shell Extension : {764BF0E1-F219-11ce-972D-00AA00A14F56}==[=-1 = 0.0.0.0]
Shell Extension : {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}==[=-1 = 0.0.0.0]
Shell Extension : {88895560-9AA2-1069-930E-00AA0030EBC8}=C:\WINDOWS\System32\hticons.dll=[Hilgraeve, Inc.=44544 = 5.1.2600.0]
Shell Extension : {0DF44EAA-FF21-4412-828E-260A8728E7F1}==[=-1 = 0.0.0.0]
Shell Extension : {7A9D77BD-5403-11d2-8785-2E0420524153}==[=-1 = 0.0.0.0]
Shell Extension : {E0D79304-84BE-11CE-9641-444553540000}=C:\PROGRA~1\WINZIP\WZSHLSTB.DLL=[WinZip Computing, Inc.=5120 = 4.1.0.0]
Shell Extension : {E0D79305-84BE-11CE-9641-444553540000}=C:\PROGRA~1\WINZIP\WZSHLSTB.DLL=[WinZip Computing, Inc.=5120 = 4.1.0.0]
Shell Extension : {E0D79306-84BE-11CE-9641-444553540000}=C:\PROGRA~1\WINZIP\WZSHLSTB.DLL=[WinZip Computing, Inc.=5120 = 4.1.0.0]
Shell Extension : {E0D79307-84BE-11CE-9641-444553540000}=C:\PROGRA~1\WINZIP\WZSHLSTB.DLL=[WinZip Computing, Inc.=5120 = 4.1.0.0]
Shell Extension : {7C9D5882-CB4A-4090-96C8-430BFE8B795B}=C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll=[Webroot Software, Inc.=86016 = 3.5.0.198]
Shell Extension : {1CDB2949-8F65-4355-8456-263E7C208A5D}=C:\WINDOWS\System32\nvshell.dll=[NVIDIA Corporation=471112 = 6.14.10.4523]
Shell Extension : {1E9B04FB-F9E5-4718-997B-B8DA88302A47}=C:\WINDOWS\System32\nvshell.dll=[NVIDIA Corporation=471112 = 6.14.10.4523]
Shell Extension : {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}=C:\Program Files\iTunes\iTunesMiniPlayer.dll=[Apple Computer, Inc.=102400 = 5.0.0.35]
Shell Extension : {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}==[=-1 = 0.0.0.0]

====================Shell Extension Hooks====================
{AEB6717E-7E19-11d0-97EE-00C04FD91972}=shell32.dll=[Microsoft Corporation=-1 = 6.0.2800.1873]

====================Explorer Bars====================
Explorer Bar : {4D5C8C25-D075-11d0-B416-00C04FB90376} = C:\WINDOWS\System32\shdocvw.dll=[Microsoft Corporation=1351680 6.0.2800.1892]

====================Folder Dlls====================
Folder Dll : {0D2E74C4-3C34-11d2-A27E-00C04FC30871}=C:\WINDOWS\system32\SHELL32.dll=[Microsoft Corporation=8353280 6.0.2800.1873]
Folder Dll : {24F14F01-7B1C-11d1-838f-0000F80461CF}=C:\WINDOWS\system32\SHELL32.dll=[Microsoft Corporation=8353280 6.0.2800.1873]
Folder Dll : {24F14F02-7B1C-11d1-838f-0000F80461CF}=C:\WINDOWS\system32\SHELL32.dll=[Microsoft Corporation=8353280 6.0.2800.1873]
Folder Dll : {66742402-F9B9-11D1-A202-0000F81FEDEE}=C:\WINDOWS\system32\SHELL32.dll=[Microsoft Corporation=8353280 6.0.2800.1873]
Folder Dll : {F9DB5320-233E-11D1-9F84-707F02C10627}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll=[Adobe Systems, Inc.=110592 7.0.0.0]

====================File Associations====================

====================Uninstall Programs====================
Uninstall Program : Security Update for Windows XP (KB924496)=KB924496=["C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"]
Uninstall Program : Windows XP Hotfix - KB925486=KB925486-IE6SP1-20060918.120000=["C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe"]
Uninstall Program : Microsoft .NET Framework 1.1 Hotfix (KB886903)=M886903=["C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"]
Uninstall Program : Mathematica 4.1 for Students (1)=Mathematica 4.1.1.0 G (1)=[C:\PROGRA~1\WOLFRA~1\MATHEM~1\46EF8~1.1(1\SYSTEM~1\INSTAL~1\Windows\UNINST~1.EXE]
Uninstall Program : Microsoft .NET Framework 1.1=Microsoft .NET Framework 1.1 (1033)=[msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
Uninstall Program : MSN Music Assistant=MSN Music Assistant=[rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall]
Uninstall Program : NVIDIA Windows 2000/XP Display Drivers=NVIDIA=[rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf]
Uninstall Program : NVIDIA Display Driver=NVIDIA Display Driver=[C:\WINDOWS\System32\nvudisp.exe Uninstall C:\WINDOWS\System32\nvdisp.nvu,NVIDIA Display Driver]
Uninstall Program : NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers=NVIDIAStereo=[rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\WINDOWS\INF\nvstereo.inf]
Uninstall Program : Public Messenger ver 2.03=Public Messenger ver 2.03=["C:\Program Files\Video Access ActiveX Object\pmunst.exe"]
Uninstall Program : Windows XP Hotfix (SP2) Q819696=Q819696=[C:\WINDOWS\$NtUninstallQ819696$\spuninst\spuninst.exe]
Uninstall Program : Windows Media Player Hotfix [See Q828026 for more information]=Q828026=[C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe]
Uninstall Program : Internet Explorer Q903235=Q903235=[C:\WINDOWS\ieuninst.exe C:\WINDOWS\INF\Q903235.inf]
Uninstall Program : Registrar Lite 2.00=Registrar Lite 2.00=["C:\Program Files\Registrar Lite\unwise.exe" C:\PROGRA~1\REGIST~1\INSTALL.LOG]
Uninstall Program : ResumeMaker Professional=ResumeMaker Professional=[C:\PROGRA~1\RESUME~1\UNWISE.EXE C:\PROGRA~1\RESUME~1\INSTALL.LOG]
Uninstall Program : Security Toolbar=Security Toolbar=["C:\Program Files\Security Toolbar\Uninstall.bat" "C:\Program Files\Security Toolbar"]
Uninstall Program : Adobe Flash Player 9 ActiveX=ShockwaveFlash=[C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete]
Uninstall Program : SkillSoft Course Manager=SkillSoft Course Manager=[C:\Program Files\SkillSoft\client\OCMStart.exe uninstall]
Uninstall Program : System Alert Popup=System Alert Popup=[C:\DOCUME~1\DANMUR~1\LOCALS~1\Temp\laf52.tmp /del]
Uninstall Program : TradeLog=TradeLog=[RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TL5.INF, DefaultUninstall.ntx86]
Uninstall Program : Tradelog=TradeLog_is1=["C:\Program Files\TradeLog\unins000.exe"]
Uninstall Program : Microsoft Access 97 Upsizing Tools=UpsizingTools97=[RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\WzCs97.inf, Uninstall.NT]
Uninstall Program : Video Access ActiveX Object 2.07=Video Access ActiveX Object=[C:\Program Files\Video Access ActiveX Object\uninst.exe]
Uninstall Program : Microsoft Visual Studio 6.0 Enterprise Edition=Visual Studio 6.0 Enterprise Edition=["C:\Program Files\Microsoft Visual Studio\Common\Setup\1033\Setup.exe"]
Uninstall Program : Microsoft Web Publishing Wizard 1.53=WebPost=[RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall]
Uninstall Program : Windows Media Format Runtime=Windows Media Format Runtime=["C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll]
Uninstall Program : Windows Media Player 10=Windows Media Player=["C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall]
Uninstall Program : WinZip=WinZip=["C:\Program Files\WinZip\WINZIP32.EXE" /uninstall]
Uninstall Program : Ipswitch WS_FTP Pro=WS_FTP Pro=[C:\WINDOWS\ISUNINST.EXE -f"C:\PROGRA~1\WS_FTP~1\uninst.isu" -c"C:\PROGRA~1\WS_FTP~1\FTPInstUtils.dll"]
Uninstall Program : VectorVest Online={0E1847A1-52F5-49D2-A78F-C830D4F2ACC1}=[]
Uninstall Program : Microsoft IntelliPoint 4.1={1FD0C5C1-B01B-4B4C-9607-E5D3B3D1318F}=[]
Uninstall Program : Verizon Online Support Center={25EF00A1-F17B-11D6-88EA-000476CD2443}=[RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00A1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL]
Uninstall Program : Verizon Online={25EF00BE-F17B-11D6-88EA-000476CD2443}=[C:\WINDOWS\System32\VerizonUninstaller.exe]
Uninstall Program : Quicken 2005={2DBE41DD-2129-4C65-A3D3-5647236A60F3}=[]
Uninstall Program : Rhapsody Player Engine={2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}=[MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}]
Uninstall Program : WebFldrs XP={350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}=[]
Uninstall Program : Adobe® Photoshop® Album Starter Edition 3.0={4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}=[MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}]
Uninstall Program : QuickTime={4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}=[]
Uninstall Program : iTunes={5A4AFC3E-4973-46A1-92D6-3A1C5E52948A}=[]
Uninstall Program : Spy Sweeper={5AE68DC3-F16E-457D-947A-092D614C7ABD}_is1=["C:\Program Files\Webroot\Spy Sweeper\unins000.exe"]
Uninstall Program : Crystal Reports 9={71A7D000-0D1F-4CF9-BB75-BB5920436F0C}=[MsiExec.exe /I{71A7D000-0D1F-4CF9-BB75-BB5920436F0C}]
Uninstall Program : Microsoft Office XP Professional with FrontPage={90280409-6000-11D3-8CFE-0050048383C9}=[MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}]
Uninstall Program : VectorVest Online={9E712CF9-4BA1-47EB-8C85-408F0B8BD3ED}=[RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E712CF9-4BA1-47EB-8C85-408F0B8BD3ED}\setup.exe" -l0x9 ]
Uninstall Program : Adobe Reader 7.0.9={AC76BA86-7AD7-1033-7B44-A70900000002}=[MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}]
Uninstall Program : Iomega HotBurn={B6A6FE66-296A-4B5A-9A08-33D104CDBF64}=[RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6A6FE66-296A-4B5A-9A08-33D104CDBF64}\Setup.exe" -l0x9 UNINSTALL]
Uninstall Program : Microsoft .NET Framework 1.1={CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}=[MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
Uninstall Program : Realtek AC'97 Audio={FB08F381-6533-4108-B7DD-039E11FBC27E}=[RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE]

====================IE Toolbar Buttons && Context Menu====================
IE Context Menu :E&xport to Microsoft Excel=res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

====================Installed ActiveX====================
Installed ActiveX :{1B9935E4-8A50-4dd8-BD09-A7518723BF97}=c:\windows\downloaded program files\custappx3.dll=[DLL and OCX = custappx3.dll]
Installed ActiveX :{1B9935E4-8A50-4dd8-BD09-A7518723BF97}=C:\WINDOWS\Downloaded Program Files\custappx3.dll=[INF - custappx3.inf]
Installed ActiveX :{58143854-F57F-4246-BE61-23EE2F180E2F}=C:\WINDOWS\Downloaded Program Files\eclientedit.dll=[INF - custappx3.inf]
Installed ActiveX :{58143854-F57F-4246-BE61-23EE2F180E2F}=c:\windows\downloaded program files\eclientedit.dll=[DLL and OCX = eclientedit.dll]
Installed ActiveX :{9F1C11AA-197B-4942-BA54-47A8489BB47F}==[INF - iuctl.inf]
Installed ActiveX :{CEBC955E-58AF-11D2-A30A-00A0C903492B}==[INF - iuctl.inf]
Installed ActiveX :{8AD9C840-044E-11D1-B3E9-00805F499D93}==[INF - jinstall-1_4_2.inf]
Installed ActiveX :{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}==[INF - jinstall-1_4_2.inf]
Installed ActiveX :{AECD14A8-F662-11D1-A395-00805F535788}=c:\windows\downlo~1\plotwon.ocx=[DLL and OCX = plotwon.ocx]
Installed ActiveX :{56336BCB-3D8A-11d6-A00B-0050DA18DE71}=c:\windows\downloaded program files\rdxie.dll=[DLL and OCX = RdxIE.dll]
Installed ActiveX :{4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B}=c:\windows\downlo~1\setup.exe=[EXE = setup.exe]
Installed ActiveX :{D27CDB6E-AE6D-11CF-96B8-444553540000}==[INF - swflash.inf]
Installed ActiveX :{874131cb-4ecc-443b-8948-746b89595d20}=C:\WINDOWS\System32\wmspdmod.dll=[INF - wmsp9dmo.inf]
Installed ActiveX :{724bb6a4-e526-450f-affa-ab9b45129111}=C:\WINDOWS\System32\wmv9dmod.dll=[INF - wmv9dmo.inf]
Installed ActiveX :{724bb6a4-e526-450f-affa-ab9b45129111}=C:\WINDOWS\System32\wmv9dmod.dll=[INF - wmv9dmo.inf]
Installed ActiveX :{724bb6a4-e526-450f-affa-ab9b45129111}=C:\WINDOWS\System32\wmv9dmod.dll=[INF - wmv9dmo.inf]
Installed ActiveX :{724bb6a4-e526-450f-affa-ab9b45129111}=C:\WINDOWS\System32\wmv9dmod.dll=[INF - wmv9dmo.inf]
Installed ActiveX :{6414512B-B978-451D-A0D8-FCFDF33E833C}=C:\WINDOWS\System32\wuweb.dll=[INF - wuweb.inf]

====================Proxy Settings====================
Proxy Settings : ProxyEnable = [No] ProxyServer = []

====================Name Server====================
Name Server : {0AEE356D-ACA2-4B07-B5A9-E6C52F33A65A}=
Name Server : {2AF762C2-9426-46AD-B011-6F0B18F0282C}=
Name Server : {54B95A54-9F13-4634-9F35-E23D8ECF5486}=
Name Server : {99DE33AF-4CC1-4064-93EE-B1FC95FBC967}=

====================Ext Dlls====================

====================Security Sites====================


====================Other Dlls====================

{3050F406-98B5-11CF-BB82-00AA00BDCE0B}=%SystemRoot%\System32\mshtml.dll

 

Moderator
Level: 10
Joined: 2/9/2007 4:58:45 PM

Hi Dan,

Your Adware Away is not up to date, the newest 3.1.0 version can remove this malware automatically, please CLICK HERE to download the newest version of Adware Away, after installation, please do this to remove the system alert popup and all its objects.

1. Exit all IE browser
2. Launch Adware Away
3. Click "Scan"
4. After the scan is finished, click "Next"
5. Click "Specialized Remover" in left panel
6. Click "Next"
7. After it is finished, the "system alert popup" will be completely removed from your computer.

 

General User
Level: 1
Joined: 3/4/2007 7:59:11 PM

Hi Bruce, you are right, the new version did remove this popup, I restarted Windows several times after finishing your instructions, the popup didn't show up again, I think it is really gone. Thanks again for your prompt reply and excellent support service.