Scan saved at 12:31:41 PM, on 5/8/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Labtec\Labtec Keyboard-Desktop Software\DsiMmKbd.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\2Wire\2PortalMon.exe
C:\Program Files\FileFreedom\wtm.exe
C:\Program Files\2Wire Wireless\Client Manager\CMTWO.EXE
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\WINNT\system32\ntvdm.exe
C:\OPLIMIT\ocrawr32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search-ex...search_page.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.searchalot.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.search-ex...search_page.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search-ex...search_page.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.search-ex...search_page.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchalot.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchalot.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchalot.com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search-ex...search_page.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.the-exit.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by SBC Yahoo! DSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.lop.com"); (C:\Program Files\Netscape\Users\fred\prefs.js)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: FlashEnhancer Extender - {0AD937E7-2F37-4873-A05E-548A67EF1D0E} - c:\Program Files\Flen\flen.dll (file missing)
O2 - BHO: (no name) - {228B790C-8ACB-48F3-9213-8EE8C7974476} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {36C81AAC-7091-45CF-B3FB-E93EA5D8B07F} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4096029C-14AE-4EE7-80E1-8093DB48113C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {417DBCAC-EC9E-41D5-A06F-2B927F3C2F47} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: PowerSearch - {4E7BD74F-2B8D-469E-A3EE-FB7FA682AA7D} - (no file)
O2 - BHO: (no name) - {53035C80-55C7-47DB-99FC-D9F6A3BA1990} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {5B26113E-239F-4382-ABBA-E217A36DEE3C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {5CC47A16-DBF4-45DC-9D23-524DFBFA63D1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {5D886BEB-18FB-47BD-B4CE-0620793CAE5D} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {5E9786D5-D5E2-427C-AEFF-78D6B1D711A8} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {642FD866-5A78-41E7-BCB6-71C96646447C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7A636028-A6AF-432A-AF18-3814B5F2DEAA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7C42F31E-87EE-43BB-8124-2BDF8B13DAE9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {8DF2724E-8ACB-49F3-96D0-CEB2BF52657F} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {9964B85D-C47A-407B-B5EC-927ECD960EBD} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {99ED1774-1FC4-4843-B089-4FCA51320A58} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {9B132EDF-EB36-4EB8-B279-75F4E9C6DB02} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {A2453C72-73EC-4709-95AB-D7DCA133C8EC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B9A18E77-5049-4C2A-89DD-C78165628AEA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware\bin\Starware.dll
O2 - BHO: (no name) - {CEA4C065-715C-4D9D-A88D-C29B6EC8CEB9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {DC06F9DB-8CF2-497C-A7FF-999A205A2107} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {E05DADA3-BCAA-49D5-82AF-3B71E17D5C1A} - C:\Program Files\CSBB\CSBB.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-A3EE-FB7FA682AA7D} - (no file)
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware\bin\Starware.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SZMsgSvc.exe] C:\Program Files\STOPzilla!\SZMsgSvc.exe
O4 - HKLM\..\Run: [WINSTA~1.EXE] C:\WINNT\System\WINSTA~1.EXE -b
O4 - HKLM\..\Run: [LabtecKB] C:\Program Files\Labtec\Labtec Keyboard-Desktop Software\DsiMmKbd.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [DI2] "C:\DOCUME~1\Fred\LOCALS~1\Temp\27.exe\27.exe"
O4 - HKLM\..\Run: [1ktmac93] C:\Program Files\1ktmac93\1ktmac93.exe
O4 - HKLM\..\Run: [Grokster] C:\PROGRA~1\Grokster\Grokster.exe /SYSTRAY
O4 - HKCU\..\Run: [Buddyizer] C:\Program Files\Aimster\Buddyizer.exe
O4 - HKCU\..\Run: [TWC App] C:\Program Files\The Weather Channel\The Weather Channel.exe
O4 - HKCU\..\Run: [FileFreedom_Plugin] C:\Program Files\FileFreedom\wtm.exe
O4 - HKCU\..\Run: [Tsa] C:\PROGRA~1\COMMON~1\tsa\tsm.exe
O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE
O4 - Global Startup: 2Wire Wireless Client Manager.lnk = C:\Program Files\2Wire Wireless\Client Manager\CMTWO.EXE
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: updater.lnk = C:\Program Files\Common Files\updater\wupdater.exe
O8 - Extra context menu item: >>> FREE [bleep] GALLERIES <<< - java script:{document.location='http://sexmaxx.com/freegalleries.htm';}
O8 - Extra context menu item: Power Search - res://C:\PROGRA~1\COMMON~1\MSIETS\msiets.dll//iemenu
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...etup1.0.0.8.cab
O16 - DPF: {3717DF55-0396-463D-98B7-647C7DC6898A} - http://tb-static.adp...mtb/toolbar.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...n/GoogleNav.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {8A05273A-2EA5-42DE-AA75-59EA7D9D50D7} - http://www.trafficsy...toolbar_new.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weat...uginstaller.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildt...kII/install.cab
O16 - DPF: {BAE85C97-2CD4-45C3-A1ED-E4CEF7C6AA52} - http://www.online1ne.../coolstuff4.cab
O20 - AppInit_DLLs: repairs.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\System32\ZipToA.exe
Sign In
Create Account
