[psychoe]

It seems to me that I have tried everything. I have a red circle with a white x on my taskbar (Have a pic if you need to see it). It has popups and such as well as icons on my desktop that I certainly don't want and it took over my homepage to something such as "newgenlook.info". I am pulling out what hair I have left on my head - any help is definately appreciated.

I have used CWShredder, Adaware, Spybot and AVG free. I recently got rid of AVG and started using F-secure from cogeco.ca (my provider). In my virus scan I got this:

Scanning Report
02 May 2005 19:33:38 - 19:34:18
Computer name: TARIK
Target: C:\ D:\ E:\
--------------------------------------------------------------------------------
Result: 2 viruses found
C:\WINDOWS\system32\param32.dll Infection: Trojan-Downloader.Win32.WarSpy.g Action: Renamed.
C:\ntdetect.hta Infection: Trojan-Downloader.VBS.Inor.cj Action: Renamed.
--------------------------------------------------------------------------------
Statistics
Files:
Scanned: 30328
Infected: 2
Suspected: 0
Disinfected: 0
Renamed: 2
Deleted: 0
Not scanned: 4
Boot Sectors:
Scanned: 1
Infected: 0
Suspected: 0
Disinfected: 0
Files not scanned:
Cannot open file C:\pagefile.sys
Cannot open file C:\WINDOWS\system32\config\default
Cannot read from file C:\Documents and Settings\EandT\Local Settings\Temporary Internet Files\Content.IE5\0HYBOPQZ\index[1].php\index[1] [F-Secure Libra]
Cannot open file C:\WINDOWS\system32\param32.dll [F-Secure AVP]
--------------------------------------------------------------------------------
Options
Virus definitions version:
2005-05-02_03
Scanning Engines:
F-Secure AVP: 6.0.167.6190, 2005-05-02
F-Secure Libra: 2.01.10, 2005-05-02
F-Secure Orion: 1.02.33, 2005-05-02
Scanning options:
Files scanned with extensions: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML AVB BAT CEO CMD LSP MAP MHT MIF PHP POT NWS TAR TGZ ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2
Scan inside archives: on
Action:
Ask after scan .

I just recently d/l'd Hijackthis and this is the readout I got:

Logfile of HijackThis v1.99.1
Scan saved at 9:51:55 PM, on 02/05/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\Programs\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
E:\Programs\COGECO Security Services\backweb\9867844\Program\fspex.exe
E:\Programs\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
E:\Programs\COGECO Security Services\Common\FSMA32.EXE
E:\Programs\COGECO Security Services\Common\FSMB32.EXE
E:\Programs\COGECO Security Services\Common\FCH32.EXE
E:\Programs\COGECO Security Services\Common\FAMEH32.EXE
E:\Programs\COGECO Security Services\Anti-Virus\fsgk32st.exe
E:\Programs\COGECO Security Services\Anti-Virus\FSGK32.EXE
E:\Programs\COGECO Security Services\Anti-Virus\fssm32.exe
E:\Programs\COGECO Security Services\FWES\Program\fsdfwd.exe
E:\Programs\COGECO Security Services\FSPC\fspc.exe
E:\Programs\COGECO Security Services\Anti-Virus\fsav32.exe
E:\Programs\COGECO Security Services\Common\FSM32.EXE
E:\Programs\COGECO Security Services\FSGUI\fsguiexe.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Programs\HiJackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgenlook.info/ad/ad0179/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Programs\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {42838CC5-D8C6-AF50-B4D5-7388D4CA453D} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Programs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Programs\COGECO Security Services\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Programs\COGECO Security Services\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "E:\Programs\COGECO Security Services\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "E:\Programs\COGECO Security Services\FSGUI\ispnews.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Show website &list - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: COGECO Security Services (BackWeb Plug-in - 9867844) - Unknown owner - E:\Programs\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - E:\Programs\COGECO Security Services\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - E:\Programs\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Programs\COGECO Security Services\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - E:\Programs\COGECO Security Services\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Programs\COGECO Security Services\Common\FSMA32.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Edited by psychoe, 02 May 2005 - 07:53 PM.

[Advertisements]

May have fixed my problem (using THIS THREAD)

Can someone quickly scan and tell me if this is a clean HJT log?

Thx

E!

Logfile of HijackThis v1.99.1
Scan saved at 10:31:48 PM, on 02/05/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\Programs\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
E:\Programs\COGECO Security Services\Anti-Virus\fsgk32st.exe
E:\Programs\COGECO Security Services\backweb\9867844\Program\fspex.exe
E:\Programs\COGECO Security Services\Anti-Virus\FSGK32.EXE
E:\Programs\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
E:\Programs\COGECO Security Services\Common\FSMA32.EXE
E:\Programs\COGECO Security Services\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
E:\Programs\COGECO Security Services\Common\FSMB32.EXE
E:\Programs\COGECO Security Services\Common\FCH32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
E:\Programs\COGECO Security Services\Common\FSM32.EXE
E:\Programs\COGECO Security Services\Common\FAMEH32.EXE
E:\Programs\COGECO Security Services\FSPC\fspc.exe
E:\Programs\COGECO Security Services\FWES\Program\fsdfwd.exe
E:\Programs\COGECO Security Services\FSGUI\ispnews.exe
E:\Programs\COGECO Security Services\Anti-Virus\fsav32.exe
E:\Programs\COGECO Security Services\FSGUI\fsguiexe.exe
C:\WINDOWS\System32\wuauclt.exe
E:\Programs\HiJackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Programs\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {42838CC5-D8C6-AF50-B4D5-7388D4CA453D} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Programs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Programs\COGECO Security Services\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Programs\COGECO Security Services\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "E:\Programs\COGECO Security Services\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "E:\Programs\COGECO Security Services\FSGUI\ispnews.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Show website &list - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: COGECO Security Services (BackWeb Plug-in - 9867844) - Unknown owner - E:\Programs\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - E:\Programs\COGECO Security Services\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - E:\Programs\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Programs\COGECO Security Services\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - E:\Programs\COGECO Security Services\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Programs\COGECO Security Services\Common\FSMA32.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

[psychoe]

May have fixed my problem (using THIS THREAD)

Can someone quickly scan and tell me if this is a clean HJT log?

Thx

E!

Logfile of HijackThis v1.99.1
Scan saved at 10:31:48 PM, on 02/05/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\Programs\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
E:\Programs\COGECO Security Services\Anti-Virus\fsgk32st.exe
E:\Programs\COGECO Security Services\backweb\9867844\Program\fspex.exe
E:\Programs\COGECO Security Services\Anti-Virus\FSGK32.EXE
E:\Programs\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
E:\Programs\COGECO Security Services\Common\FSMA32.EXE
E:\Programs\COGECO Security Services\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
E:\Programs\COGECO Security Services\Common\FSMB32.EXE
E:\Programs\COGECO Security Services\Common\FCH32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
E:\Programs\COGECO Security Services\Common\FSM32.EXE
E:\Programs\COGECO Security Services\Common\FAMEH32.EXE
E:\Programs\COGECO Security Services\FSPC\fspc.exe
E:\Programs\COGECO Security Services\FWES\Program\fsdfwd.exe
E:\Programs\COGECO Security Services\FSGUI\ispnews.exe
E:\Programs\COGECO Security Services\Anti-Virus\fsav32.exe
E:\Programs\COGECO Security Services\FSGUI\fsguiexe.exe
C:\WINDOWS\System32\wuauclt.exe
E:\Programs\HiJackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Programs\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {42838CC5-D8C6-AF50-B4D5-7388D4CA453D} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Programs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Programs\COGECO Security Services\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Programs\COGECO Security Services\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "E:\Programs\COGECO Security Services\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "E:\Programs\COGECO Security Services\FSGUI\ispnews.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Show website &list - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\Programs\COGECO Security Services\FSPC\fspcmsie.dll
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: COGECO Security Services (BackWeb Plug-in - 9867844) - Unknown owner - E:\Programs\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - E:\Programs\COGECO Security Services\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - E:\Programs\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Programs\COGECO Security Services\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - E:\Programs\COGECO Security Services\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Programs\COGECO Security Services\Common\FSMA32.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe