Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ROOT\IMAGE\0001


  • Please log in to reply

#1
Millowena

Millowena

    Member

  • Member
  • PipPip
  • 16 posts
Good morning!

This is a continuation of the same subject discussions with Skeptic and Happyrck in Operating systems>windowsXP

I have followed the procedures outlined as much as possible. Exceptions being....
I could not download and run Malwarebytes Security settings were in the way.

I ran Super antispyware the second time this AM and got 0 hits.

I ran Panda Active scan yesterday and got "you are infected" but was unable to clear the infections.
I tried logging into the site this AM and they apparently have a problem, so was unable to complete another scan and actually clean up the mess. I suspect that was the problm yesterday. Tried to write them, but I do not believe it went through.

I have set a new restore point and

I tried to assure that SP1 and 2 were installed. Microsoft has a "new" site that didn't work either this morning, so I was unable to complete the scan for SP1 and SP2. I do believe they are installed however, since I automatically check for updates and update every thing but IE7 which interferes with some programs I have.

I have run Happyrck's little Regedit program and followed his instructions re deleting the USB devices, rebooted twice and reinstalled the printer and mouse and everything appears to be working.

I have looked carefully at the two USB ports in the front of the computer and it APPEARS to be as good as new. No damage that I could see. I tried disconnectint the front ports from the motherboard, but I could not turn on the computer.

I have also run HJT and include the results here below:

Thank you very much for your help! I'm sorry I was unable to run the two virus scans, but things were just not cooperating.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:31 AM, on 05/21/2008
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v6.00 SP2

(6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common

Files\Dell\EUSW\Support.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\

3\hpztsb09.exe
C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Common

Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\Mo

tiveSB.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common

Files\InstallShield\UpdateService\issch.e

xe
C:\Program Files\Hewlett-Packard\HP

Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\Digital

Imaging\Unload\hpqcmon.exe
C:\Program Files\Roxio\Easy CD Creator

5\DirectCD\DirectCD.exe
C:\Program

Files\SUPERAntiSpyware\SUPERAntiSpyware.e

xe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Outlook

Express\msimn.exe
C:\Program Files\Internet

Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Search Bar =

http://cgi.verizon.n...okmarks/bmredir.

asp?region=all&bw=dsl&cd=5.1.5&bm=ho_sear

ch
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://google.com/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Bar =

http://red.clientapp...o.com/customize

/ie/defaults/sb/ymsgr6/*http://www.yahoo.

com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet

Explorer\SearchURL,(Default) =

http://red.clientapp...o.com/customize

/ie/defaults/su/ymsgr6/*http://www.yahoo.

com
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Window Title = Microsoft

Internet Explorer provided by Verizon

Online
R1 -

HKCU\Software\Microsoft\Windows\CurrentVe

rsion\Internet Settings,ProxyOverride =

127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.d

ll
O2 - BHO: Yahoo! Toolbar Helper -

{02478D38-C3F9-4EFB-9B51-7695ECA05670} -

C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.d

ll
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.

dll
O2 - BHO: Skype add-on (mastermind) -

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} -

C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection -

{53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program

Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO -

{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} -

C:\Program

Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.d

ll
O3 - Toolbar: ZoneAlarm Spy Blocker -

{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} -

C:\Program

Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [DwlClient] C:\Program

Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [AVG7_CC]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

/STARTUP
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\system32\spool\drivers\w32x86\

3\hpztsb09.exe
O4 - HKLM\..\Run: [Monitor]

C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program

Files\Hewlett-Packard\{D946675D-1D6C-4dc8

-9E0D-B4B8EAA30EAA}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager]

"C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05]

C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ZoneAlarm Client]

"C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe"

-atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program

Files\Common

Files\Real\Update_OB\realsched.exe"

-osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe

/install
O4 - HKLM\..\Run: [NvMediaCenter]

RUNDLL32.EXE

C:\WINDOWS\system32\NvMcTray.dll,NvTaskba

rInit
O4 - HKLM\..\Run: [NvCplDaemon]

RUNDLL32.EXE

C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Motive SmartBridge]

C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\Mo

tiveSB.exe
O4 - HKLM\..\Run: [iTunesHelper]

"C:\Program

Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler]

"C:\Program Files\Common

Files\InstallShield\UpdateService\issch.e

xe" -start
O4 - HKLM\..\Run: [HP Software Update]

C:\Program Files\Hewlett-Packard\HP

Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program

Files\Hewlett-Packard\Digital

Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed

Launcher] "C:\Program Files\Adobe\Reader

8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo

Downloader] "C:\Program

Files\Adobe\Photoshop Album Starter

Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD]

"C:\Program Files\Roxio\Easy CD Creator

5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer]

C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program

Files\Adobe\Acrobat

7.0\Reader\AdobeUpdateManager.exe"

AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware]

C:\Program

Files\SUPERAntiSpyware\SUPERAntiSpyware.e

xe
O4 - HKCU\..\Run: [Skype] "C:\Program

Files\Skype\Phone\Skype.exe" /nosplash

/minimized
O4 - HKCU\..\Run: [RealPlayer]

"C:\Program

Files\Real\RealPlayer\realplay.exe"

/RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [hotComm]

C:\PROGRA~1\1stWORKS\PRISTI~1\BIN\hotComm

.exe /boot
O4 - HKCU\..\Run: [DriverUpdaterPro]

C:\Program Files\XPC Tools\Driver Updater

Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [DellSupport]

"C:\PROGRA~1\DELLSU~1\DSAgnt.exe"

/startup
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'Default user')
O4 - Startup: OCRAWARE.lnk =

C:\OPLIMIT\OCRAWARE.EXE
O4 - Startup: UMAX VistaAccess.lnk =

C:\VSTASCAN\vsaccess.exe
O4 - Global Startup: Adobe Reader Speed

Launch.lnk = C:\Program

Files\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O6 -

HKCU\Software\Policies\Microsoft\Internet

Explorer\Control Panel present
O8 - Extra context menu item: E&xport to

Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL

.EXE/3000
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program

Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java

Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program

Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Control Pad -

{28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} -

C:\Program Files\Verizon Online\Verizon

Online Control Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad

- {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC}

- C:\Program Files\Verizon Online\Verizon

Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: Skype -

{77BF5300-1474-4EC7-9980-D32B190E9B07} -

C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot -

Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.pristine.com
O16 - DPF: ppctlcab -

http://www.pestscan....canner/ppctlcab.

cab
O16 - DPF: SCV -

https://www.omnovia....ges/sc2/image/S

CV.CAB
O16 - DPF:

{03A89EFD-E023-8600-A22D-45F77558EB4C}

(ILINCInstall86 Class) -

http://content.ilinc...lientdownload/d

ownload/ilinci86.dll
O16 - DPF:

{0742B9EF-8C83-41CA-BFBA-830A59E23533}

(Microsoft Data Collection Control) -

https://support.micr...com/OAS/ActiveX

/MSDcode.cab
O16 - DPF:

{0E8D0700-75DF-11D3-8B4A-0008C7450C4A}

(DjVuCtl Class) -

http://downloadcente...ung.com/content

/common/cab/DjVuControlLite_EN.cab
O16 - DPF:

{17492023-C23A-453E-A040-C7C580BBF700}

(Windows Genuine Advantage Validation

Tool) -

http://go.microsoft....link/?linkid=39

204
O16 - DPF:

{193C772A-87BE-4B19-A7BB-445B226FE9A1}

(ewidoOnlineScan Control) -

http://download.ewid...ewidoOnlineScan

.cab
O16 - DPF:

{2AE1D200-7C3D-4975-9429-556F1E57CA74} -

http://www.blocks.co...all/BlocksPlaye

rInstall.cab
O16 - DPF:

{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}

(ActiveScan 2.0 Installer Class) -

http://acs.pandasoft...om/activescan/c

abs/as2stubie.cab
O16 - DPF:

{2FC9A21E-2069-4E47-8235-36318989DB13}

(PPSDKActiveXScanner.MainScreen) -

http://www.pestscan....anner/axscanner

.cab
O16 - DPF:

{35B7E48B-9D81-4C6C-9578-5FD4F620D886}

(InstallShield Setup Player 2K2) -

http://host1.telecha.../tcrepair/setup.

exe
O16 - DPF:

{3DC2E31C-371A-4BD3-9A27-CDF57CE604CF}

(MSN Money Charting) -

http://moneycentral....m/cabs/pmupd806

.exe
O16 - DPF:

{4620BC29-8B8E-4F4E-9D92-1DB6633D6793}

(SurferNETWORK Plugin) -

http://rd1.surfernet...om/surferplugin

.ocx
O16 - DPF:

{4C39376E-FA9D-4349-BACC-D305C1750EF3}

(EPUImageControl Class) -

http://tools.ebayimg...ps/wl/activex/e

Bay_Enhanced_Picture_Control_v1-0-3-48.ca

b
O16 - DPF:

{54BE6B6F-3056-470B-97E1-BB92E051B6C4}

(DeviceEnum Class) -

http://h30155.www3.h...ediags/dd/insta

ll/HPDriverDiagnosticsxp2k.cab
O16 - DPF:

{56393399-041A-4650-94C7-13DFCB1F4665}

(PSFormX Control) -

http://home3.ca.com/...trol/uniblue/pe

stscan/pestscan.cab
O16 - DPF:

{5ED80217-570B-4DA9-BF44-BE107C0EC166}

(Windows Live Safety Center Base Module)

-

http://cdn.scan.onec...ve.com/resource

/download/scanner/wlscbase9602.cab
O16 - DPF:

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}

(MUWebControl Class) -

http://www.update.mi...t.com/microsoft

update/v6/V5Controls/en/x86/client/muweb_

site.cab?1211381952453
O16 - DPF:

{74D05D43-3236-11D4-BDCD-00C04F9A3B61}

(HouseCall Control) -

http://a840.g.akamai.../840/537/200511

1401/housecall.trendmicro.com/housecall/x

scan53.cab
O16 - DPF:

{9B03C5F1-F5AB-47EE-937D-A8EDA626F876}

(Anonymizer Anti-Spyware Scanner) -

http://download.zone...om/bin/promotio

ns/spywaredetector/WebAAS.cab
O16 - DPF:

{9B17FE0E-51F2-4692-8B32-8EFB805FC0E7}

(HPObjectInstaller Class) -

http://h30155.www3.h...ediags/dd/insta

ll/guidedsolutions.cab
O16 - DPF:

{AB86CE53-AC9F-449F-9399-D8ABCA09EC09}

(Get_ActiveX Control) -

https://h17000.www1..../ewfrf-JAVA/Sec

ure/HPGetDownloadManager.ocx
O16 - DPF:

{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}

(a-squared Scanner) -

http://ax.emsisoft.com/asquared.cab
O16 - DPF:

{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

(Java Runtime Environment 1.4.1_06) -
O16 - DPF:

{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

(GpcContainer Class) -

https://markettrader...x.com/client/v_

mywebex-t20/event/ieatgpc.cab
O16 - DPF:

{EB387D2F-E27B-4D36-979E-847D1036C65D}

(QDiagHUpdateObj Class) -

http://h30043.www3.h...hpdj/en/check/q

diagh.cab?312
O18 - Protocol: skype4com -

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon -

C:\Program

Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist -

C:\Program

Files\Citrix\GoToAssist\480\G2AWinLogon.d

ll
O23 - Service: AVG7 Alert Manager Server

(Avg7Alrt) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service

(Avg7UpdSvc) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner

(AVGEMS) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GoToAssist - Citrix

Online, a division of Citrix Systems,

Inc. - C:\Program

Files\Citrix\GoToAssist\480\g2aservice.ex

e
O23 - Service: iPod Service - Apple Inc.

- C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Intel® NMS (NMSSvc) -

Intel Corporation -

C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver

Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP -

C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet

Monitor (vsmon) - Zone Labs, LLC -

C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O24 - Desktop Component 1: SurfNet Media

Player -

http://media.surfnet...com/cgi-bin/med

ia?2=1&6=E2E2E2&7=G~000030~10&3=b000030mv

atalk&4=1&5=0&0=www.voiceamerica.com&1=ww

w.voiceamerica.com/VAtop.html

--
End of file - 14043 bytes
  • 0

Advertisements


#2
Millowena

Millowena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Good morning, again!

I finally got the scanner to run. It found a few cookies and I removed them.

To add to the confusion, the computer will no longer share files or its printer with the laptop, and I cannot find the problem. I have gone through your networking and file sharing procedures without success.

Here's the new HJT file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:42:46 AM, on 05/25/2008
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v6.00 SP2

(6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common

Files\Dell\EUSW\Support.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\

3\hpztsb09.exe
C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common

Files\InstallShield\UpdateService\issch.e

xe
C:\Program Files\Roxio\Easy CD Creator

5\DirectCD\DirectCD.exe
C:\Program Files\Common

Files\Real\Update_OB\realsched.exe
C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Outlook

Express\msimn.exe
C:\Program Files\Internet

Explorer\iexplore.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Search Bar =

http://cgi.verizon.n...okmarks/bmredir.

asp?region=all&bw=dsl&cd=5.1.5&bm=ho_sear

ch
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://google.com/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Bar =

http://red.clientapp...o.com/customize

/ie/defaults/sb/ymsgr6/*http://www.yahoo.

com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet

Explorer\SearchURL,(Default) =

http://red.clientapp...o.com/customize

/ie/defaults/su/ymsgr6/*http://www.yahoo.

com
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Window Title = Microsoft

Internet Explorer provided by Verizon

Online
R1 -

HKCU\Software\Microsoft\Windows\CurrentVe

rsion\Internet Settings,ProxyOverride =

127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.d

ll
O2 - BHO: Yahoo! Toolbar Helper -

{02478D38-C3F9-4EFB-9B51-7695ECA05670} -

C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.d

ll
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.

dll
O2 - BHO: Skype add-on (mastermind) -

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} -

C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection -

{53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program

Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO -

{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} -

C:\Program

Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.d

ll
O3 - Toolbar: ZoneAlarm Spy Blocker -

{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} -

C:\Program

Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [DwlClient] C:\Program

Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [AVG7_CC]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

/STARTUP
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\system32\spool\drivers\w32x86\

3\hpztsb09.exe
O4 - HKLM\..\Run: [Monitor]

C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program

Files\Hewlett-Packard\{D946675D-1D6C-4dc8

-9E0D-B4B8EAA30EAA}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager]

"C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05]

C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ZoneAlarm Client]

"C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe"

-atboottime
O4 - HKLM\..\Run: [ISUSScheduler]

"C:\Program Files\Common

Files\InstallShield\UpdateService\issch.e

xe" -start
O4 - HKLM\..\Run: [AdaptecDirectCD]

"C:\Program Files\Roxio\Easy CD Creator

5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program

Files\Common

Files\Real\Update_OB\realsched.exe"

-osboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer]

C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe

/RUNONCE (User 'Default user')
O6 -

HKCU\Software\Policies\Microsoft\Internet

Explorer\Control Panel present
O8 - Extra context menu item: E&xport to

Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL

.EXE/3000
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program

Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java

Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program

Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Control Pad -

{28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} -

C:\Program Files\Verizon Online\Verizon

Online Control Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad

- {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC}

- C:\Program Files\Verizon Online\Verizon

Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: Skype -

{77BF5300-1474-4EC7-9980-D32B190E9B07} -

C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot -

Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.pristine.com
O16 - DPF: ppctlcab -

http://www.pestscan....canner/ppctlcab.

cab
O16 - DPF: SCV -

https://www.omnovia....ges/sc2/image/S

CV.CAB
O16 - DPF:

{03A89EFD-E023-8600-A22D-45F77558EB4C}

(ILINCInstall86 Class) -

http://content.ilinc...lientdownload/d

ownload/ilinci86.dll
O16 - DPF:

{0742B9EF-8C83-41CA-BFBA-830A59E23533}

(Microsoft Data Collection Control) -

https://support.micr...com/OAS/ActiveX

/MSDcode.cab
O16 - DPF:

{0E8D0700-75DF-11D3-8B4A-0008C7450C4A}

(DjVuCtl Class) -

http://downloadcente...ung.com/content

/common/cab/DjVuControlLite_EN.cab
O16 - DPF:

{17492023-C23A-453E-A040-C7C580BBF700}

(Windows Genuine Advantage Validation

Tool) -

http://go.microsoft....link/?linkid=39

204
O16 - DPF:

{193C772A-87BE-4B19-A7BB-445B226FE9A1}

(ewidoOnlineScan Control) -

http://download.ewid...ewidoOnlineScan

.cab
O16 - DPF:

{2AE1D200-7C3D-4975-9429-556F1E57CA74} -

http://www.blocks.co...all/BlocksPlaye

rInstall.cab
O16 - DPF:

{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}

(ActiveScan 2.0 Installer Class) -

http://acs.pandasoft...om/activescan/c

abs/as2stubie.cab
O16 - DPF:

{2FC9A21E-2069-4E47-8235-36318989DB13}

(PPSDKActiveXScanner.MainScreen) -

http://www.pestscan....anner/axscanner

.cab
O16 - DPF:

{35B7E48B-9D81-4C6C-9578-5FD4F620D886}

(InstallShield Setup Player 2K2) -

http://host1.telecha.../tcrepair/setup.

exe
O16 - DPF:

{3DC2E31C-371A-4BD3-9A27-CDF57CE604CF}

(MSN Money Charting) -

http://moneycentral....m/cabs/pmupd806

.exe
O16 - DPF:

{4620BC29-8B8E-4F4E-9D92-1DB6633D6793}

(SurferNETWORK Plugin) -

http://rd1.surfernet...om/surferplugin

.ocx
O16 - DPF:

{4C39376E-FA9D-4349-BACC-D305C1750EF3}

(EPUImageControl Class) -

http://tools.ebayimg...ps/wl/activex/e

Bay_Enhanced_Picture_Control_v1-0-3-48.ca

b
O16 - DPF:

{54BE6B6F-3056-470B-97E1-BB92E051B6C4}

(DeviceEnum Class) -

http://h30155.www3.h...ediags/dd/insta

ll/HPDriverDiagnosticsxp2k.cab
O16 - DPF:

{56393399-041A-4650-94C7-13DFCB1F4665}

(PSFormX Control) -

http://home3.ca.com/...trol/uniblue/pe

stscan/pestscan.cab
O16 - DPF:

{5ED80217-570B-4DA9-BF44-BE107C0EC166}

(Windows Live Safety Center Base Module)

-

http://cdn.scan.onec...ve.com/resource

/download/scanner/wlscbase9602.cab
O16 - DPF:

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}

(MUWebControl Class) -

http://www.update.mi...t.com/microsoft

update/v6/V5Controls/en/x86/client/muweb_

site.cab?1211381952453
O16 - DPF:

{74D05D43-3236-11D4-BDCD-00C04F9A3B61}

(HouseCall Control) -

http://a840.g.akamai.../840/537/200511

1401/housecall.trendmicro.com/housecall/x

scan53.cab
O16 - DPF:

{9B03C5F1-F5AB-47EE-937D-A8EDA626F876}

(Anonymizer Anti-Spyware Scanner) -

http://download.zone...om/bin/promotio

ns/spywaredetector/WebAAS.cab
O16 - DPF:

{9B17FE0E-51F2-4692-8B32-8EFB805FC0E7}

(HPObjectInstaller Class) -

http://h30155.www3.h...ediags/dd/insta

ll/guidedsolutions.cab
O16 - DPF:

{AB86CE53-AC9F-449F-9399-D8ABCA09EC09}

(Get_ActiveX Control) -

https://h17000.www1..../ewfrf-JAVA/Sec

ure/HPGetDownloadManager.ocx
O16 - DPF:

{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}

(a-squared Scanner) -

http://ax.emsisoft.com/asquared.cab
O16 - DPF:

{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

(Java Runtime Environment 1.4.1_06) -
O16 - DPF:

{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

(GpcContainer Class) -

https://markettrader...x.com/client/v_

mywebex-t20/event/ieatgpc.cab
O16 - DPF:

{EB387D2F-E27B-4D36-979E-847D1036C65D}

(QDiagHUpdateObj Class) -

http://h30043.www3.h...hpdj/en/check/q

diagh.cab?312
O18 - Protocol: skype4com -

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon -

C:\Program

Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist -

C:\Program

Files\Citrix\GoToAssist\480\G2AWinLogon.d

ll
O23 - Service: AVG7 Alert Manager Server

(Avg7Alrt) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service

(Avg7UpdSvc) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner

(AVGEMS) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GoToAssist - Citrix

Online, a division of Citrix Systems,

Inc. - C:\Program

Files\Citrix\GoToAssist\480\g2aservice.ex

e
O23 - Service: iPod Service - Apple Inc.

- C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Intel® NMS (NMSSvc) -

Intel Corporation -

C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver

Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP -

C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet

Monitor (vsmon) - Zone Labs, LLC -

C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O24 - Desktop Component 1: SurfNet Media

Player -

http://media.surfnet...com/cgi-bin/med

ia?2=1&6=E2E2E2&7=G~000030~10&3=b000030mv

atalk&4=1&5=0&0=www.voiceamerica.com&1=ww

w.voiceamerica.com/VAtop.html

--
End of file - 11971 bytes


Thanks!

Millowena
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP