Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Add Remove Program btns greyed out, weird entries

Started by Rottiear , Mar 04 2008 09:41 PM

  • Please log in to reply

#1
Rottiear
Posted 04 March 2008 - 09:41 PM

Rottiear

    New Member

  • Member
  • Pip
  • 1 posts
Hi,

Computer started to run sluggish, Zone Alarm tried to update & could not complete update due to Lack of Admin rights. When I go to add/remove programs the buttons are greyed out on all entries, except recently installed and not all installed programs are listed. There are entries such as:

CCScore
ESSBrwr
ESSCDBK
EEScore
ESSCT
ESSEMAIL
ESSgui
ESSini
ESSPCD
ESSONIC
ESSTOOLS
essvatgt
essvcpt
ESSvpaht
ESSVpot
HLPIndex
HLPSFO
KSU
Notifier
OfotoSMI
OTtBP
OTtBPSDK
Remote Desktop Connection
SFR
SHASTA
SKIN0001
SKINXSDK
VPRINTOL
WebFldrs
WIRELESS

I do not remember these entries being there before this started with the buttons being greyed out. Actually the are not greyed out. You can see them, but you can not select them.

HELP Please. I don't want to re-install, but will if I have to.

This is a home computer running WIN 2000, wireless, with only one log on (besides the default admin logon).

Have ran ATF cleaner, AVG antispy, superanti spyware, combofix, cleaned, rebooted, rebooted, etc. It is running better, still could not get Panda to run all the way through.

Thanks in advance for any advice you can throw my way.
User level, about 10 years ago used to write install scripts, have used regedit, etc.

Log files are:

Combo Log text
ComboFix 08-03-04.3 - June Jennison 03/04/2008 17:47:39.1 - NTFSx86
Microsoft Windows 2000 Professional 5.0.2195.3.1252.1.1033.18.36 [GMT -6:00]
Running from: C:\Documents and Settings\June Jennison\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Application Data\Hotbar
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\static\components.cdf
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\static\DefaultButton.mnu
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\static\DefaultButton.res
C:\Program Files\internet explorer\msimg32.dll
C:\WINNT\system32\MabryObj.dll
C:\WINNT\Web\default.htt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\nm


((((((((((((((((((((((((( Files Created from 2008-02-04 to 2008-03-04 )))))))))))))))))))))))))))))))
.

2008-03-04 15:40 . 08-03-04 15:40 <DIR> d-------- C:\Documents and Settings\June Jennison\Application Data\Grisoft
2008-03-04 15:40 . 08-03-04 15:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-04 15:40 . 07-05-30 06:10 10,872 --a------ C:\WINNT\system32\drivers\AvgAsCln.sys
2008-03-04 13:26 . 07-06-08 09:44 8,576 --a------ C:\WINNT\system32\drivers\jsnvkifjubsn.sys
2008-03-04 11:58 . 07-06-05 10:56 44,928 --a------ C:\WINNT\system32\drivers\SDTHOOK.SYS
2008-03-04 11:53 . 07-06-08 09:44 8,576 --a------ C:\WINNT\system32\drivers\uiqerlqmqevb.sys
2008-03-04 11:12 . 08-03-04 13:26 <DIR> d-------- C:\WINNT\system32\ActiveScan
2008-03-04 11:12 . 08-03-04 13:18 30,590 --a------ C:\WINNT\system32\pavas.ico
2008-03-02 22:23 . 07-12-20 22:39 102,664 --a------ C:\WINNT\system32\drivers\tmcomm.sys
2008-03-02 16:41 . 08-03-02 16:41 0 --a------ C:\WINNT\OPPRIN~1.INI
2008-03-02 16:00 . 08-03-02 16:00 <DIR> d-------- C:\Program Files\Advanced Spyware Remover
2008-03-02 00:43 . 08-03-04 17:33 <DIR> d-------- C:\Program Files\Exterminate It!
2008-03-02 00:43 . 05-08-29 19:09 59,144 --a------ C:\WINNT\zllsputility.exe
2008-03-02 00:37 . 08-03-02 00:37 94 --a------ C:\index.ini
2008-03-02 00:33 . 08-03-04 17:33 <DIR> d-------- C:\Program Files\a-squared HiJackFree
2008-03-01 22:51 . 08-03-01 22:51 <DIR> d-------- C:\WINNT\system32\Kaspersky Lab
2008-02-17 10:05 . 07-06-08 09:47 13,312 --a------ C:\WINNT\system32\drivers\nnrnstdi.sys
2008-02-17 10:05 . 07-06-08 09:47 8,832 --a------ C:\WINNT\system32\drivers\km_filter.sys
2008-02-17 09:59 . 08-02-17 09:59 <DIR> d-------- C:\Program Files\NetRatingsNetSight
2008-02-08 21:22 . 08-02-08 21:22 0 --a------ C:\WINNT\nsreg.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 20:50 --------- d-----w C:\Program Files\Bug Doctor
2008-03-03 22:32 --------- d-----w C:\Documents and Settings\June Jennison\Application Data\Canon
2008-03-02 18:59 --------- d-----w C:\Documents and Settings\June Jennison\Application Data\WeatherBug
2008-03-02 15:02 --------- d-----w C:\Program Files\ARAForms
2008-01-10 06:00 --------- d-----w C:\Program Files\Microsoft Home Publishing
2007-11-23 22:59 54,583 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_32_18_small.dmp.zip
2007-11-23 22:59 54,382 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_32_29_small.dmp.zip
2007-11-23 22:59 54,266 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_32_09_small.dmp.zip
2007-11-23 22:58 6,686,214 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_29_48_full.dmp.zip
2007-11-23 22:58 55,869 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_30_00_small.dmp.zip
2007-11-23 22:58 55,583 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_30_09_small.dmp.zip
2007-11-23 22:58 55,553 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_31_03_small.dmp.zip
2007-11-23 22:58 55,547 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_30_31_small.dmp.zip
2007-11-23 22:58 55,466 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_30_38_small.dmp.zip
2007-11-23 22:57 55,751 ----a-w C:\WINNT\Internet Logs\vsmon_2nd_2007_11_23_15_29_41_small.dmp.zip
2003-04-26 22:35 707 ----a-w C:\Program Files\INSTALL.LOG
2002-01-08 20:03 271 ---h--w C:\Program Files\desktop.ini
2002-01-08 20:03 21,952 ---h--w C:\Program Files\folder.htt
2001-05-08 18:00 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [05-06-07 12:58 1339392]
"ctfmon.exe"="ctfmon.exe" [01-02-20 13:09 8192 C:\WINNT\system32\CTFMON.EXE]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [06-11-30 21:49 4662776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [01-05-08 12:00 111376 C:\WINNT\system32\mobsync.exe]
"NvCplDaemon"="NvQTwk" []
"GWMDMpi"="C:\WINNT\GWMDMpi.exe" [01-11-27 07:54 40960]
"msnappau"="C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe" [04-08-13 17:41 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [07-09-25 01:11 132496]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [05-06-06 23:46 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04-12-03 18:31 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06-07-26 21:37 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [07-06-11 03:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [01-05-08 12:00 186640]

C:\Documents and Settings\Default User\Start Menu\Programs\Startup\
Camio Viewer.lnk - C:\Program Files\Sierra Imaging\PhotoPC 700\Image Expert\IXApplet.exe [2007-04-04 13:17:37 62464]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINNT\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-07-03 14:57:10 25214]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 00:05:26 29696]
BugDoctor.lnk - C:\Program Files\Bug Doctor\BugDoctor.exe [2005-09-16 08:15:49 196608]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 02:15:54 65588]
Monitor.lnk - C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2007-10-23 19:14:17 114688]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nwprovau]
nwprovau.dll 02-07-22 13:05 139024 C:\WINNT\system32\NWPROVAU.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
"AdaptecDirectCD"="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
"CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
"Disc Detector"=C:\Program Files\Creative\ShareDLL\CtNotify.exe
"Gene USB Monitor"=C:\WINNT\System32\UMonit2k.exe
"Logitech Hardware Abstraction Layer"=KHALMNPR.EXE
"Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

R0 ultra66;ultra66;C:\WINNT\system32\DRIVERS\ultra66.sys [99-09-25 11:11 ]
R1 cdudf;cdudf;C:\WINNT\system32\drivers\cdudf.sys [02-02-28 09:57 ]
R1 nnrnstdi;nnrnstdi;C:\WINNT\system32\drivers\nnrnstdi.sys [07-06-08 09:47 ]
R3 km_filter;km_filter;C:\WINNT\system32\drivers\km_filter.sys [07-06-08 09:47 ]
R3 openhci;Microsoft USB Open Host Controller Driver;C:\WINNT\system32\DRIVERS\openhci.sys [02-07-22 13:05 ]
S3 AvFlt;Antivirus Filter Driver;C:\WINNT\system32\drivers\av5flt.sys []
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;C:\WINNT\system32\Drivers\FTD2XX.sys []
S3 PCDRDRV;Pcdr Helper Driver;C:\Atf\Qctest\PCDoc\PCDRDRV.sys []
S3 PNDIS5;PNDIS5 NDIS Protocol Driver;D:\PNDIS5.SYS []
S3 SDSTOR2K;SanDisk USB ImageMate/SecureMate Mass Storage Driver;C:\WINNT\system32\DRIVERS\SDSTOR2K.SYS [01-07-11 05:38 ]
S3 USB_RNDIS_2K;Westell WireSpeed Dual Connect Modem;C:\WINNT\system32\DRIVERS\usb8023k.sys [04-06-16 14:48 ]
S3 USTOR2K;Genesys USB Mass Storage Windows Driver;C:\WINNT\system32\DRIVERS\ustor2k.sys [06-07-26 16:21 ]

*Newly Created Service* - IPNAT
*Newly Created Service* - RASAUTO
*Newly Created Service* - SHAREDACCESS
.
Contents of the 'Scheduled Tasks' folder
"2008-03-04 19:10:09 C:\WINNT\Tasks\Backup.job"
- C:\WINNT\system32\ntbackup.exe
"2008-03-04 03:14:01 C:\WINNT\Tasks\BugDoctorJune Jennison.job"
- C:\Program Files\Bug Doctor\BugDoctor.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-04 17:53:22
Windows 5.0.2195 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wltrysvc.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\System32\bcmwltry.exe
C:\WINNT\system32\devldr32.exe
.
**************************************************************************
.
Completion time: 2008-03-04 17:59:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-04 23:59:08

HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:19:52 PM, on 3/4/2008
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\CTsvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wltrysvc.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\bcmwltry.exe
C:\WINNT\system32\devldr32.exe
C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\PhotoPC 700\Image Expert\IXApplet.exe (User 'Default user')
O4 - .DEFAULT User Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\PhotoPC 700\Image Expert\IXApplet.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BugDoctor.lnk = C:\Program Files\Bug Doctor\BugDoctor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O15 - Trusted Zone: http://wm1.globat.com
O15 - Trusted Zone: www.msn.com
O15 - Trusted Zone: www.youravon.com
O15 - Trusted Zone: http://www.youravon.com
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0854D220-A90A-466D-BC02-6683183802B7} (PrintPreview Class) - http://ncbmh.fnismls...rintControl.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://support.gatew.../formassist.CAB
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - http://ca.west.com/C...ol/xenrlinf.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=48835
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} - http://wdownload.wea...Transporter.cab?
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp...ads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by103fd.bay10...es/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1177591058312
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yim...ctl_0_0_0_0.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1177591239921
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {70522FA0-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/c..._12_1,0,2,5.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai....302/Coupons.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gatew...rvest/gwCID.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c...ymmapi_0727.dll
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.bright...bin/actxcab.cab
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.pho...hxStudent15.CAB
O16 - DPF: {B3A37929-7FF7-4CBE-9579-AC1EF83080DF} (SystemChecker.CheckerCtrl) - http://mtnhome.fnism...stemChecker.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab53083.cab
O16 - DPF: {CBBD6FA7-2384-11D1-A8C9-0040C7116154} (HostFront ActiveX Display) - http://63.79.84.62/HFACTX/HFDSP.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {D270FE47-4F7B-4AFF-BCF8-B023A6FF4DFA} - http://ncbmh.fnismls...stemChecker.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.mac...ash/swflash.cab
O16 - DPF: {D8EE8DC0-F193-11D0-B1E5-08005A885319} (MicroX Persistent Mainframe Display Control) - https://calltaking2....hostexpress.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/...aploader_v5.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.s.../ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} - http://livenj02.cust...l/java/RntX.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.intouchho...oad/XUpload.ocx
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.ahtd.stat...s/Road/acgm.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINNT\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - http://us.f3.yahoofs...sUbQPCBwEO.8Uie

--
End of file - 14140 bytes


SuperAntiSpyware Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:19:52 PM, on 3/4/2008
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\CTsvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wltrysvc.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\bcmwltry.exe
C:\WINNT\system32\devldr32.exe
C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\PhotoPC 700\Image Expert\IXApplet.exe (User 'Default user')
O4 - .DEFAULT User Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\PhotoPC 700\Image Expert\IXApplet.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BugDoctor.lnk = C:\Program Files\Bug Doctor\BugDoctor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O15 - Trusted Zone: http://wm1.globat.com
O15 - Trusted Zone: www.msn.com
O15 - Trusted Zone: www.youravon.com
O15 - Trusted Zone: http://www.youravon.com
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct2_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0854D220-A90A-466D-BC02-6683183802B7} (PrintPreview Class) - http://ncbmh.fnismls...rintControl.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://support.gatew.../formassist.CAB
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - http://ca.west.com/C...ol/xenrlinf.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=48835
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} - http://wdownload.wea...Transporter.cab?
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp...ads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by103fd.bay10...es/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1177591058312
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yim...ctl_0_0_0_0.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1177591239921
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {70522FA0-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/c..._12_1,0,2,5.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai....302/Coupons.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gatew...rvest/gwCID.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c...ymmapi_0727.dll
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.bright...bin/actxcab.cab
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.pho...hxStudent15.CAB
O16 - DPF: {B3A37929-7FF7-4CBE-9579-AC1EF83080DF} (SystemChecker.CheckerCtrl) - http://mtnhome.fnism...stemChecker.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab53083.cab
O16 - DPF: {CBBD6FA7-2384-11D1-A8C9-0040C7116154} (HostFront ActiveX Display) - http://63.79.84.62/HFACTX/HFDSP.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {D270FE47-4F7B-4AFF-BCF8-B023A6FF4DFA} - http://ncbmh.fnismls...stemChecker.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.mac...ash/swflash.cab
O16 - DPF: {D8EE8DC0-F193-11D0-B1E5-08005A885319} (MicroX Persistent Mainframe Display Control) - https://calltaking2....hostexpress.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/...aploader_v5.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.s.../ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} - http://livenj02.cust...l/java/RntX.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.intouchho...oad/XUpload.ocx
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.ahtd.stat...s/Road/acgm.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINNT\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - http://us.f3.yahoofs...sUbQPCBwEO.8Uie

--
End of file - 14140 bytes
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP