Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware, Spyware, Virus? HiJack This log inside.

Started by BIGROD , Mar 07 2007 08:32 PM

  • Please log in to reply

#1
BIGROD
Posted 07 March 2007 - 08:32 PM

BIGROD

    Member

  • Member
  • PipPip
  • 87 posts
PC is running unusually slow and a few of my most regularly used program .exe files just disappeared. The shortcuts remain, but the executables they point to no longer exist.:whistling:

Logfile of HijackThis v1.99.1
Scan saved at 9:21:11 PM, on 3/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\PDesk\PDesk.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ESPNRunTime\DIGServices.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\System32\mgabg.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\DC++\DCPlusPlus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Saved files\download\PC fix tools_from geeks2go\HIJACK THIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [DIGServices] C:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Picture to Mobile Phone - C:\Program Files\Pix2Fone\p2fd.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload File - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O9 - Extra 'Tools' menuitem: Upload File to Mobile Phone - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://virusscanasap...in/myCioAgt.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://vram3c.vcu.edu/dwa7W.cab
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.0.0.358.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
  • 0

Advertisements

#2
Technical_1
Posted 08 March 2007 - 09:26 PM

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Hello BIGROD and welcome to G2G's Malware Forum.

Sounds like Sality. If so, we may have a hard time running these scans but let's give it a shot. You should run these programs as soon as you download each one, to try and prevent them from being deleted/infected prior to use.
  • Please download ATF Cleaner by Atribune.
    This program is for XP and Windows 2000 only
    • Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.
    If you use Firefox browserClick Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browserClick Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
    For Technical Support, double-click the e-mail address located at the bottom of each menu.
  • Please download SREng
    • Extract it to your Desktop and double click SREng.exe to run it
    • Select Smart Scan and click on the Scan button.
    • The progress bar may stop at times, be patient, it is still scanning.
    • When finished, click on the Save Reports button and save the log to Desktop
    • Please post the SREng log in your reply.
  • Kaspersky Online Scanner
    Go to http://www.kaspersky.com/virusscanner
    Note: This Scan requires Internet Explorer to run.
    You will be promted to install an ActiveX component from Kaspersky, Click Yes.
    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT
    • Now click on Scan Settings
    • In the scan settings make sure that the following are selected:
      • Scan using the following Anti-Virus database:
      Extended (if available otherwise Standard)
      • Scan Options:
      Scan Archives
      Scan Mail Bases
    • Click OK
    • Now under select a target to scan:Select My Computer
    • This program will start and scan your system.
    • The scan will take a while so be patient and let it run.
    • Once the scan is complete it will display if your system has been infected.
      • Now click on the Save as Text button:
    • Save the file to your desktop.
    • Copy and paste that information in your next post with another HJT log.
  • Please re-open HiJackThis and scan and save a new log file.
  • Post Logs
    • SREng Results
    • Kaspersky Results
    • New Hijack This Log
If ATF cleaner doesn't work or gets deleted, skip it and move on to the scan. If that doesn't work then just post the SREng results please.
  • 0

#3
BIGROD
Posted 09 March 2007 - 07:46 AM

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Thanks for the response. I will try to post these logs ASAP. Three things:

1) Thanks again for the help
2) SREng is currently unavailable due to site maintenance
3) The irony of this all is I'm a Duke fan (rough season). Hope you don't mind helping me. :whistling:
  • 0

#4
BIGROD
Posted 09 March 2007 - 08:12 AM

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
1) SREng is still unavailable
2) Once I allow the ActiveX content from Kapersky, I get a welcome screen and no "next" button ever appears. It just sits there with no way to proceed.
3) Here's another HiJackThis log

Logfile of HijackThis v1.99.1
Scan saved at 9:08:50 AM, on 3/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\PDesk\PDesk.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ESPNRunTime\DIGServices.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\System32\mgabg.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\DC++\DCPlusPlus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CDisplay\CDISPLAY.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Saved files\download\PC fix tools_from geeks2go\HIJACK THIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [DIGServices] C:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Picture to Mobile Phone - C:\Program Files\Pix2Fone\p2fd.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload File - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O9 - Extra 'Tools' menuitem: Upload File to Mobile Phone - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://virusscanasap...in/myCioAgt.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://vram3c.vcu.edu/dwa7W.cab
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.0.0.358.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
  • 0

#5
Technical_1
Posted 09 March 2007 - 06:21 PM

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts

3) The irony of this all is I'm a Duke fan (rough season). Hope you don't mind helping me.

Nah. I don't mind, at least this year anyway. If we were still in our losing streak against you guys I might think about it. :whistling:


I suspect the infection is keeping you from being able to run the Kaspersky scan. SREng is working OK as of right now. Might be the infection keeping you from getting it as well. Try it once more for me as we really need the SREng results if nothing else. If it still doesn't work, I'll see if I can post it as an attachment here and we'll try it that route.

Let me know.
  • 0

#6
BIGROD
Posted 11 March 2007 - 05:51 PM

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Congrats on the ACC tourney win today. (I missed it on my way home from a bender in Vegas this weekend) Duke will be back next season. :whistling:

Here are the SREng and HiJackThis logs:


2007-03-11,19:37:36

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><"C:\Program Files\Messenger\MSMSGS.EXE" /background> [N/A]
<NBJ><"C:\Program Files\Nero\Nero BackItUp\NBJ.exe"> [N/A]
<Window Washer><C:\Program Files\Webroot\Washer\wwDisp.exe> [N/A]
<Aim6><"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp> [N/A]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Matrox Powerdesk><C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<McAfee Managed Services Tray><"C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"> [McAfee, Inc.]
<MVS Splash><C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe> [McAfee, Inc.]
<CTHelper><CTHELPER.EXE> [Creative Technology Ltd]
<Share-to-Web Namespace Daemon><C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe> [N/A]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<DIGStream><C:\Program Files\DIGStream\digstream.exe> [N/A]
<DIGServices><C:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24> [Walt Disney Internet Group]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [N/A]
<RemoteControl><"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [N/A]
<ADUserMon><C:\Program Files\Iomega\AutoDisk\ADUserMon.exe> [N/A]
<Iomega Drive Icons><C:\Program Files\Iomega\DriveIcons\ImgIcon.exe> [N/A]
<Deskup><C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART> [Iomega]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe> [N/A]
<NWEReboot><> [N/A]
<Zone Labs Client><"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"> [(Verified)Check Point Software Technologies Inc.]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [N/A]
<AnyDVD><C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe> [N/A]
<HP Component Manager><"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"> [N/A]
<HP Software Update><"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"> [N/A]
<HPDJ Taskbar Utility><C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]

==================================
Startup Folders
[Acrobat Assistant]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk --> C:\PROGRA~1\Adobe\ADOBEA~1.0\Distillr\acrotray.exe [Adobe Systems Inc.]><N>
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[WinZip Quick Pick]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk --> C:\PROGRA~1\WinZip\WZQKPICK.EXE [WinZip Computing, Inc.]><N>

==================================
Services
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Iomega Activity Disk2 / Iomega Activity Disk2][Stopped/Disabled]
<""><N/A>
[Iomega App Services / Iomega App Services][Running/Auto Start]
<"C:\PROGRA~1\Iomega\System32\AppServices.exe"><Iomega Corporation>
[iPodService / iPodService][Stopped/Manual Start]
<C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><>
[McShield / McShield][Running/Manual Start]
<C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe><McAfee, Inc.>
[MGABGEXE / MGABGEXE][Running/Auto Start]
<C:\WINDOWS\System32\mgabg.exe><Matrox Graphics Inc.>
[McAfee Total Protection Agent Service / myAgtSvc][Running/Auto Start]
<C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe /ServiceStart><McAfee, Inc.>
[PrismXL / PrismXL][Running/Auto Start]
<C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS><New Boundary Technologies, Inc.>
[TabletService / TabletService][Running/Auto Start]
<C:\WINDOWS\system32\Tablet.exe><Wacom Technology, Corp.>
[TrueVector Internet Monitor / vsmon][Running/Auto Start]
<C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service><Zone Labs, LLC>
[Iomega Active Disk / _IOMEGA_ACTIVE_DISK_SERVICE_][Running/Auto Start]
<"C:\Program Files\Iomega\AutoDisk\ADService.exe"><Iomega Corporation>

==================================
Drivers
[AnyDVD / AnyDVD][Running/Manual Start]
<System32\Drivers\AnyDVD.sys><SlySoft, Inc.>
[BCM V.90 56K Modem / BCMModem][Running/Manual Start]
<System32\DRIVERS\BCMDM.sys><BCM>
[Creative AC3 Software Decoder / ctac32k][Running/Manual Start]
<system32\drivers\ctac32k.sys><Creative Technology Ltd>
[Creative Audio Driver (WDM) / ctaud2k][Running/Manual Start]
<system32\drivers\ctaud2k.sys><Creative Technology Ltd>
[Creative DVD-Audio Device Driver / ctdvda2k][Stopped/Manual Start]
<system32\drivers\ctdvda2k.sys><Creative Technology Ltd>
[Creative Proxy Driver / ctprxy2k][Running/Manual Start]
<system32\drivers\ctprxy2k.sys><Creative Technology Ltd>
[Creative SoundFont Management Device Driver / ctsfm2k][Running/Manual Start]
<system32\drivers\ctsfm2k.sys><Creative Technology Ltd>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC][Running/Manual Start]
<System32\DRIVERS\el90xbc5.sys><3Com Corporation>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
<System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[Creative SB Live! (WDM) / emu10k][Stopped/Manual Start]
<system32\drivers\emu10k1m.sys><Creative Technology Ltd.>
[Creative Interface Manager Driver (WDM) / emu10k1][Stopped/Manual Start]
<system32\drivers\ctlfacem.sys><Creative Technology Ltd.>
[E-mu Plug-in Architecture Driver / emupia][Running/Manual Start]
<system32\drivers\emupia2k.sys><Creative Technology Ltd>
[G400 / G400][Stopped/Manual Start]
<System32\DRIVERS\G400m.sys><Matrox Graphics Inc.>
[G400DH / G400DH][Running/Manual Start]
<System32\DRIVERS\g400dhm.sys><Matrox Graphics Inc.>
[GEAR CDRom Filter / GEARAspiWDM][Running/Manual Start]
<SYSTEM32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[Creative Hardware Abstract Layer Driver / ha10kx2k][Running/Manual Start]
<system32\drivers\ha10kx2k.sys><Creative Technology Ltd>
[Creative P16V HAL Driver / hap16v2k][Stopped/Manual Start]
<system32\drivers\hap16v2k.sys><Creative Technology Ltd>
[Iomega Devices Disk Filter Services / iomdisk][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iomdisk.sys><Iomega Corporation>
[iscFlash / iscFlash][Stopped/Manual Start]
<\??\C:\WINDOWS\SYSTEM32\DRIVERS\iscflash.sys><N/A>
[McAfee Inc. / MfeAVFK][Running/Manual Start]
<system32\drivers\MfeAVFK.sys><McAfee, Inc.>
[McAfee Inc. / MfeBOPK][Running/Manual Start]
<system32\drivers\MfeBOPK.sys><McAfee, Inc.>
[McAfee Inc. / mfehidk][Running/Manual Start]
<system32\drivers\mfehidk.sys><McAfee, Inc.>
[McAfee Inc. / mfetdik][Running/System Start]
<system32\drivers\mfetdik.sys><McAfee, Inc.>
[NaiAvFilter1 / NaiAvFilter1][Stopped/Manual Start]
<system32\drivers\naiavf5x.sys><McAfee Inc.>
[OLYMPUS Digital Camera / OlCamudp][Stopped/Manual Start]
<System32\Drivers\olcamudp.sys><OLYMPUS Optical Co.,Ltd.>
[Creative OS Services Driver / ossrv][Running/Manual Start]
<system32\drivers\ctoss2k.sys><Creative Technology Ltd.>
[Low level access layer for CD devices / Pcouffin][Running/Manual Start]
<System32\Drivers\Pcouffin.sys><VSO Software>
[Pen Class / PenClass][Running/Boot Start]
<\SystemRoot\System32\Drivers\PenClass.sys><Wacom Technology Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[Creative SoundFont Manager Driver (WDM) / sfman][Stopped/Manual Start]
<system32\drivers\sfmanm.sys><Creative Technology Ltd.>
[srescan / srescan][Running/Boot Start]
<\SystemRoot\system32\ZoneLabs\srescan.sys><Zone Labs, LLC>
[vsdatant / vsdatant][Running/System Start]
<System32\vsdatant.sys><Zone Labs, LLC>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[Java Plug-in]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[AIM]
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} <C:\Program Files\AIM\aim.exe, America Online, Inc.>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, N/A>
[Upload File]
{A2F93841-DEAB-0392-4958-BA333CF05732} <, N/A>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[SecureObjectFactory Class]
{40C83AF8-FEA7-4A6A-A470-431EE84A0886} <C:\Program Files\McAfee\Managed VirusScan\Agent\MyAsUtil4.0.0.358.dll, McAfee, Inc.>
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Shutterfly Picture Upload Plugin]
{9600F64D-755F-11D4-A47F-0001023E6D5A} <C:\WINDOWS\Downloaded Program Files\sfuploadplugin.ocx, Shutterfly, Inc.>
[Java Plug-in]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Domino Web Access 7 Control]
{E008A543-CEFB-4559-912F-C27C2B89F13B} <C:\WINDOWS\Downloaded Program Files\dwa7W.dll, IBM Corporation>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[MetaStreamCtl Class]
{03F998B2-0E00-11D3-A498-00104B6EB52E} <C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream_0305000D.dll, Viewpoint Corporation>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Shockwave ActiveX Control]
{233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[SVG Document]
{377B5106-3B4E-4A2D-8520-8767590CAC86} <C:\WINDOWS\System32\Adobe\SVGVIE~1.0\NPSVG3.dll, Adobe Systems Inc.>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[EPUImageControl Class]
{4C39376E-FA9D-4349-BACC-D305C1750EF3} <C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.dll, eBay, Inc.>
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[DivXBrowserPlugin Object]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} <C:\Program Files\DivX\DivX Web Player\npdivx32.dll, DivX,Inc.>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\MSXML4.dll, N/A>
[Free Threaded XML DOM Document 4.0]
{88D969C1-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\MSXML4.dll, N/A>
[XSL Template 4.0]
{88D969C3-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\MSXML4.dll, N/A>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\MSXML4.dll, N/A>
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[DEGetBlockFmtNamesParam Class]
{8D91090E-B955-11D1-ADC5-006008A5848C} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Shutterfly Picture Upload Plugin]
{9600F64D-755F-11D4-A47F-0001023E6D5A} <C:\WINDOWS\Downloaded Program Files\sfuploadplugin.ocx, Shutterfly, Inc.>
[AxPlayer Control]
{9F81C14C-04C0-4378-9A0F-70B5F25397BC} <C:\PROGRA~1\Netflix\NETFLI~1\AxPlayer.ocx, Netflix, Inc.>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[CDIGStreamClientInfo Object]
{AAF15A90-F3EC-4FEE-9A00-F65B25B83D05} <C:\Program Files\DIGStream\locator.dll, Walt Disney Internet Group>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[AxVersion Control]
{B3E658DF-D425-430C-82C2-D54295915020} <C:\PROGRA~1\Netflix\NETFLI~1\AXVERS~1.OCX, Netflix Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Adobe Acrobat Control for ActiveX]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ADOBEA~1.0\Acrobat\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__MPEG Moniker Class]
{CD3AFA89-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, Apple Computer, Inc.>
[Domino Web Access 7 Control]
{E008A543-CEFB-4559-912F-C27C2B89F13B} <C:\WINDOWS\Downloaded Program Files\dwa7W.dll, IBM Corporation>
[Quantum Streaming IE VersionManager Class]
{E3E02F12-2ADB-478C-8742-5F0819F9F0F4} <"C:\Documents and Settings\Roberts Family\Application Data\Move Networks\ie_bin\qsp2ie07010901.dll", N/A>
[Quantum Streaming IE Player Class]
{E473A65C-8087-49A3-AFFD-C5BC4A10669B} <"C:\Documents and Settings\Roberts Family\Application Data\Move Networks\ie_bin\qsp2ie07010901.dll", N/A>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[Save Picture to Mobile Phone]
<C:\Program Files\Pix2Fone\p2fd.html, N/A>

==================================
Running Processes
[PID: 500][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 552][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.5.0540.0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 620][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 632][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 840][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[PID: 952][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 992][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[PID: 1416][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\System32\PDesk\PDKERNEL.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\system32\PDesk\PDTOOLS.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\system32\PDesk\PDRESENG.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\Program Files\SmartFTP Client 2.0\smarthook.dll] [SmartFTP, 1.0.2.1]
[C:\PROGRA~1\WINZIP\WZSHLSTB.DLL] [WinZip Computing, Inc., 4.1 (32-bit)]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL] [Webroot Software, 1.0.0.1]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 1.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[PID: 1624][C:\WINDOWS\System32\PDesk\PDesk.exe] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\system32\PDesk\PDTOOLS.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\system32\PDesk\PDRESENG.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 1636][C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe] [McAfee, Inc., 4.0.0.358]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\Program Files\McAfee\Managed VirusScan\Agent\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\McAfee\Managed VirusScan\Agent\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\McAfee\Managed VirusScan\Agent\AgtRes09\AgtRes.dll] [McAfee, Inc., 4.0.0.358]
[C:\PROGRA~1\McAfee\MANAGE~1\VScan\myOnAcc.dll] [McAfee, Inc., 4.0.0.358]
[C:\PROGRA~1\McAfee\MANAGE~1\VScan\myScnUtl.dll] [McAfee, Inc., 4.0.0.358]
[C:\PROGRA~1\McAfee\MANAGE~1\VScan\OnAccAPI.dll] [McAfee, Inc., 4.0.0.358]
[C:\Program Files\McAfee\Managed VirusScan\Agent\myRumor.dll] [McAfee, Inc., 4.0.0.358]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 1668][C:\WINDOWS\system32\CTHELPER.EXE] [Creative Technology Ltd, 1, 0, 1, 2]
[C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL] [Creative Technology Ltd, 5.12.01.0440-1.84.0000]
[C:\WINDOWS\SYSTEM32\CTDC0001.DLL] [Creative Technology Ltd, 5.12.01.0442-1.84.0020]
[C:\WINDOWS\SYSTEM32\ctosuser.dll] [Creative Technology Ltd, 5.12.01.0440-1.84.0000]
[C:\WINDOWS\SYSTEM32\CTDPROXY.DLL] [Creative Technology Ltd, 5.12.01.0440-1.84.0000]
[C:\WINDOWS\SYSTEM32\PIAPROXY.DLL] [Creative Technology Ltd, 5.12.01.0441-1.84.0010]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\WINDOWS\system32\ctspkhlp.dll] [Creative Technology Ltd, 1, 0, 1, 19]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\CTDCRES.DLL] [Creative Technology Ltd, 5.12.01.0142-1.00.0000]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 1716][C:\Program Files\ESPNRunTime\DIGServices.exe] [Walt Disney Internet Group, 1.0.0.0016 ]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 1768][C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe] [HP, 2.236.4.0]
[C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3209.dll] [HP, 2.236.4.0]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 1784][C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe] [Adobe Systems Inc., 6.0.0.2003051500]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 1892][C:\Program Files\WinZip\WZQKPICK.EXE] [WinZip Computing, Inc., 1.0 (32-bit)]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 2612][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[PID: 696][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[PID: 2700][C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe] [, 2,4,0,26]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\PROGRA~1\HEWLET~1\HPSHAR~1\S2WNSRES.DLL] [Hewlett-Packard, 2,4,0,26]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL] [N/A, ]
[PID: 3420][C:\Program Files\DC++\DCPlusPlus.exe] [, 0, 6, 9, 1]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[PID: 2488][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL] [Hewlett-Packard, 2,4,0,26]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\S2WNSRES.DLL] [Hewlett-Packard, 2,4,0,26]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL] [N/A, ]
[PID: 364][C:\Program Files\CDisplay\CDISPLAY.EXE] [David Ayton, 1.8.1.0]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\Program Files\CDisplay\UNRAR.DLL] [N/A, ]
[PID: 3848][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\IEFRAME.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\IEUI.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\xmllite.dll] [Microsoft Corporation, 1.00.1018.0]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[c:\program files\google\googletoolbar3.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
[C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll] [N/A, ]
[C:\WINDOWS\system32\ieapfltr.dll] [Microsoft Corporation, 7.0.5825.0]
[C:\Program Files\McAfee\Managed VirusScan\VScan\scriptproxy.20060604200150.dll] [McAfee, Inc., 13.1.0.139]
[C:\Program Files\McAfee\Managed VirusScan\VScan\mytilus2.dll] [McAfee, Inc., 13.1.0.139]
[C:\Program Files\McAfee\Managed VirusScan\VScan\Codean.dll] [McAfee, Inc., 13.1.0.139]
[C:\Program Files\McAfee\Managed VirusScan\VScan\mytilus.dll] [McAfee, Inc., 13.1.0.139]
[C:\Program Files\McAfee\Managed VirusScan\VScan\RES09\McShield.dll] [McAfee, Inc., 13.1.0.139]
[C:\Program Files\McAfee\Managed VirusScan\Shared\mcscan32.dll] [McAfee, Inc., 5.0.00]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL] [Hewlett-Packard, 2,4,0,26]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\S2WNSRES.DLL] [Hewlett-Packard, 2,4,0,26]
[C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL] [N/A, ]
[C:\WINDOWS\system32\MFPlat.DLL] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\PROGRA~1\WINZIP\WZSHLSTB.DLL] [WinZip Computing, Inc., 4.1 (32-bit)]
[PID: 1648][C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\Acrobat.exe] [Adobe Systems Incorporated, 6.0.0.2003051900]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AGM.dll] [Adobe Systems Incorporated, 4.10.49]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\CoolType.dll] [Adobe Systems Incorporated, 4.13.41]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\JP2KLib.dll] [Adobe system Incorporated, 1.0.22891]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\OPP.dll] [Adobe Systems Incorporated, 1.02.05]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\BIB.dll] [Adobe Systems Incorporated, 1.1.14]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ACE.dll] [Adobe Systems Incorporated, 2.03.24]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\WINDOWS\system32\ATMLIB.dll] [Adobe Systems, 5.1 Build 226]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\SPPlugins\ADMPlugin.apl] [Adobe Systems Incorporated, 3.00x75]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\SPPlugins\ExpressViews.apl] [Adobe Systems Incorporated, 6.0]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Accessibility.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\AcroForm.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\ADBC.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Annotations\Annots.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Catalog.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Checkers.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\DigSig.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\DistillerPI.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\ebook.api] [Adobe Systems Incorporated, 6.0.0.0]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\EScript.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\EWH32.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\FlattenerView.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\hls.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\HTML2PDF.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\IA32.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\ImageConversion\ImageConversion.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\ImageViewer\ImageViewer.API] [Adobe Systems Inc., 5.0.0.38163]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\LegalPDF.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\MakeAccessible.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Multimedia\Multimedia.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\PaperCapture\PaperCapture.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\PDDom.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\PictureTasks\PictureTasks.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\PPKLite.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Preflight\Preflight.api] [callas software gmbh, 1.0.112.1]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\printme.api] [Electronics For Imaging, Inc., 6, 0, 16, 1]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\reflow.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\SaveAsRTF.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\SaveAsXML\SaveAsXML.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Search.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Search5.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\SendMail.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\SepsView.api] [Adobe Systems Incorporated, 6.0.0.0]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Soap.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Spelling.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Tablepicker\TablePicker.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\TouchUp.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\Updater.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\esdupdate.dll] [Adobe Systems, 2, 0, 0, 21]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\weblink.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\WebPDF.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\plug_ins\XFA.api] [Adobe Systems Incorporated, 6.0.0.2003051500]
[PID: 3980][C:\PROGRA~1\WINZIP\winzip32.exe] [WinZip Computing, Inc., 18.0 (32-bit)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\PROGRA~1\WINZIP\WZVINFO.DLL] [WinZip Computing, Inc., 1.1 (32-bit)]
[C:\PROGRA~1\WINZIP\WZCAB3.DLL] [WinZip Computing, Inc., 3.1 (32-bit)]
[C:\PROGRA~1\WINZIP\wz32.dll] [WinZip Computing, Inc., 18.0 (32-bit)]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[PID: 2688][C:\Documents and Settings\Roberts Family\Desktop\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16414 (vista_gdr.070108-1520)]
[C:\WINDOWS\system32\hookdll.dll] [N/A, ]
[C:\WINDOWS\system32\ctagent.dll] [Creative Technology Ltd, 1, 0, 0, 8]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS Error. ["C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




Logfile of HijackThis v1.99.1
Scan saved at 7:49:13 PM, on 3/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\PDesk\PDesk.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ESPNRunTime\DIGServices.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\System32\mgabg.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\DC++\DCPlusPlus.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CDisplay\CDISPLAY.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\Acrobat.exe
C:\Documents and Settings\Roberts Family\Desktop\SREng.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
E:\Saved files\download\PC fix tools_from geeks2go\HIJACK THIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [DIGServices] C:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Picture to Mobile Phone - C:\Program Files\Pix2Fone\p2fd.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload File - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O9 - Extra 'Tools' menuitem: Upload File to Mobile Phone - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://virusscanasap...in/myCioAgt.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://vram3c.vcu.edu/dwa7W.cab
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.0.0.358.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Commo
  • 0

#7
Technical_1
Posted 11 March 2007 - 08:11 PM

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
It'll take me a little time to sort through this info. I'll get back with you ASAP.

Thanks for the patience.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP