thanks but that did not fix it
i rescanned ---- with all windows closed --- then fixed the line u mentioned and rescanned again --- then i rebooted and it came back --- below are the 3 scans in the order mentioned here --- can u help me further please?
scan before fixLogfile of HijackThis v1.97.7
Scan saved at 23:21:26, on 16/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\JIT\schednt.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
D:\Program Files\PestPatrol\PPControl.exe
D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
D:\Program Files\Logitech\Keyboard\iTouch\iTouch.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Logitech\MouseWare\MouseWare\system\em_exec.exe
D:\Program Files\The Cleaner\tca.exe
D:\Program Files\MSN MsngrPlus\MsgPlus.exe
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
D:\Program Files\BootXP2\BootXP.exe
C:\WINDOWS\System32\atwtusb.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\TBLMOUSE.EXE
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
D:\Program Files\CloneCD\CloneCDTray.exe
D:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Program Files\JIT\sched.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
D:\Program Files\washer\Webroot\Washer\wwDisp.exe
E:\Program Files\PBooost 1.4\PBooost.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
D:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
D:\Program Files\YahooPOPs\YahooPOPs.exe
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Edit Pad Pro\EditPadPro.exe
D:\Program Files\Avant Browser\iexplore.exe
C:\Documents and Settings\Theresa\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.iwantsear...8-752ACFCEBF83}R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Theresa's Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
http://shell.windows...dir.asp?Ext=lidR3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "
http://www.google.com"); (C:\Documents and Settings\Theresa\Application Data\Mozilla\Profiles\default\8auakbut.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://d%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_UK.src"); (C:\Documents and Settings\Theresa\Application Data\Mozilla\Profiles\default\8auakbut.slt\prefs.js)
O1 - Hosts: 203.161.127.141 www.dcsresearch.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0CA6C3EA-2054-4011-BC9F-8BBC017A169C} - C:\Documents and Settings\Theresa\Application Data\SBSoft\uns.dll
O2 - BHO: (no name) - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
O4 - HKLM\..\Run: [PestPatrol Control Center] d:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\Keyboard\iTouch\iTouch.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] d:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tcactive] d:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] d:\Program Files\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MSN MsngrPlus\MsgPlus.exe"
O4 - HKLM\..\Run: [BootXP] D:\Program Files\BootXP2\BootXP.exe /min /change
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [APVXDWIN] "d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [JITScheduler] "D:\Program Files\JIT\sched.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Window Washer] D:\Program Files\washer\Webroot\Washer\wwDisp.exe /startup
O4 - HKCU\..\Run: [ATI Launchpad] "D:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SymNetDrv\SNDMon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Hogsoft PoserBooost] "E:\Program Files\PBooost 1.4\PBooost.exe" runMinimized
O4 - HKCU\..\Run: [Active Desktop Calendar] D:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
O4 - HKLM\..\RunOnce: [Index Washer] D:\Program Files\washer\Webroot\Washer\WashIdx.exe "Theresa"
O4 - Startup: YahooPOPs.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = D:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ieSpell Options - res://D:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Add to AD Black List - D:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Block All Images from the Same Server - D:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Check &Spelling - res://D:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Druid: Download All Files - d:\Program Files\XemiComputers\Download Druid\Druid.html
O8 - Extra context menu item: Druid: Download Highlighted Files - d:\Program Files\XemiComputers\Download Druid\DruidHighLighted.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - D:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - D:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Save Flash - res://d:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Search - D:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: ieSpell (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell (HKLM)
O9 - Extra button: Download (HKLM)
O9 - Extra 'Tools' menuitem: Druid: Download All Files (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Druid Bar (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: Flash (HKCU)
O10 - Broken Internet access because of LSP provider 'imslsp.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...ry/msgrchkr.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {1EDF25DE-DFB2-40CA-AA83-30AE7DA8C203} (FileSharingCtrl Class) -
http://appdirectory....sharingctrl.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...MineSweeper.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.co...wnload/cult.cabO16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) -
http://www.gamehouse.com/ghdlctl.cabO16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) -
http://appdirectory....sharingctrl.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...StatsClient.cabO16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) -
http://sc.groups.msn...eUC/MsnUpld.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupd...7768.6356018518O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cabO16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) -
http://games-dl.real...ArcadeRdxIE.cabO16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn...UC/MsnPUpld.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macr...ash/swflash.cabO16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zon...ireShowdown.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
Scan after fixLogfile of HijackThis v1.97.7
Scan saved at 23:23:45, on 16/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\JIT\schednt.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
D:\Program Files\PestPatrol\PPControl.exe
D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
D:\Program Files\Logitech\Keyboard\iTouch\iTouch.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Logitech\MouseWare\MouseWare\system\em_exec.exe
D:\Program Files\The Cleaner\tca.exe
D:\Program Files\MSN MsngrPlus\MsgPlus.exe
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
D:\Program Files\BootXP2\BootXP.exe
C:\WINDOWS\System32\atwtusb.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\TBLMOUSE.EXE
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
D:\Program Files\CloneCD\CloneCDTray.exe
D:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Program Files\JIT\sched.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
D:\Program Files\washer\Webroot\Washer\wwDisp.exe
E:\Program Files\PBooost 1.4\PBooost.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
D:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
D:\Program Files\YahooPOPs\YahooPOPs.exe
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Edit Pad Pro\EditPadPro.exe
D:\Program Files\Avant Browser\iexplore.exe
C:\Documents and Settings\Theresa\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Theresa's Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
http://shell.windows...dir.asp?Ext=lidR3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "
http://www.google.com"); (C:\Documents and Settings\Theresa\Application Data\Mozilla\Profiles\default\8auakbut.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://d%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_UK.src"); (C:\Documents and Settings\Theresa\Application Data\Mozilla\Profiles\default\8auakbut.slt\prefs.js)
O1 - Hosts: 203.161.127.141 www.dcsresearch.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0CA6C3EA-2054-4011-BC9F-8BBC017A169C} - C:\Documents and Settings\Theresa\Application Data\SBSoft\uns.dll
O2 - BHO: (no name) - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
O4 - HKLM\..\Run: [PestPatrol Control Center] d:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\Keyboard\iTouch\iTouch.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] d:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tcactive] d:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] d:\Program Files\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MSN MsngrPlus\MsgPlus.exe"
O4 - HKLM\..\Run: [BootXP] D:\Program Files\BootXP2\BootXP.exe /min /change
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [APVXDWIN] "d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [JITScheduler] "D:\Program Files\JIT\sched.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Window Washer] D:\Program Files\washer\Webroot\Washer\wwDisp.exe /startup
O4 - HKCU\..\Run: [ATI Launchpad] "D:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SymNetDrv\SNDMon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Hogsoft PoserBooost] "E:\Program Files\PBooost 1.4\PBooost.exe" runMinimized
O4 - HKCU\..\Run: [Active Desktop Calendar] D:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
O4 - HKLM\..\RunOnce: [Index Washer] D:\Program Files\washer\Webroot\Washer\WashIdx.exe "Theresa"
O4 - Startup: YahooPOPs.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = D:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ieSpell Options - res://D:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Add to AD Black List - D:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Block All Images from the Same Server - D:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Check &Spelling - res://D:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Druid: Download All Files - d:\Program Files\XemiComputers\Download Druid\Druid.html
O8 - Extra context menu item: Druid: Download Highlighted Files - d:\Program Files\XemiComputers\Download Druid\DruidHighLighted.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - D:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - D:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Save Flash - res://d:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Search - D:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: ieSpell (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell (HKLM)
O9 - Extra button: Download (HKLM)
O9 - Extra 'Tools' menuitem: Druid: Download All Files (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Druid Bar (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: Flash (HKCU)
O10 - Broken Internet access because of LSP provider 'imslsp.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...ry/msgrchkr.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {1EDF25DE-DFB2-40CA-AA83-30AE7DA8C203} (FileSharingCtrl Class) -
http://appdirectory....sharingctrl.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...MineSweeper.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.co...wnload/cult.cabO16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) -
http://www.gamehouse.com/ghdlctl.cabO16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) -
http://appdirectory....sharingctrl.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...StatsClient.cabO16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) -
http://sc.groups.msn...eUC/MsnUpld.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupd...7768.6356018518O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cabO16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) -
http://games-dl.real...ArcadeRdxIE.cabO16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn...UC/MsnPUpld.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macr...ash/swflash.cabO16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zon...ireShowdown.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
Scan after rebootLogfile of HijackThis v1.97.7
Scan saved at 23:28:17, on 16/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\JIT\schednt.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
D:\Program Files\PestPatrol\PPControl.exe
D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
D:\Program Files\Logitech\Keyboard\iTouch\iTouch.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Logitech\MouseWare\MouseWare\system\em_exec.exe
D:\Program Files\The Cleaner\tca.exe
D:\Program Files\MSN MsngrPlus\MsgPlus.exe
D:\Program Files\BootXP2\BootXP.exe
C:\WINDOWS\System32\atwtusb.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\TBLMOUSE.EXE
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
D:\Program Files\CloneCD\CloneCDTray.exe
D:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Program Files\JIT\sched.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
D:\Program Files\washer\Webroot\Washer\wwDisp.exe
E:\Program Files\PBooost 1.4\PBooost.exe
D:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
D:\Program Files\YahooPOPs\YahooPOPs.exe
d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\Documents and Settings\Theresa\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.iwantsearch.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Theresa's Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
http://shell.windows...dir.asp?Ext=lidR3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "
http://www.google.com"); (C:\Documents and Settings\Theresa\Application Data\Mozilla\Profiles\default\8auakbut.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://d%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_UK.src"); (C:\Documents and Settings\Theresa\Application Data\Mozilla\Profiles\default\8auakbut.slt\prefs.js)
O1 - Hosts: 203.161.127.141 www.dcsresearch.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0CA6C3EA-2054-4011-BC9F-8BBC017A169C} - C:\Documents and Settings\Theresa\Application Data\SBSoft\uns.dll
O2 - BHO: (no name) - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rundlg32.dll
O4 - HKLM\..\Run: [PestPatrol Control Center] d:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\Keyboard\iTouch\iTouch.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] d:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [tcactive] d:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] d:\Program Files\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MSN MsngrPlus\MsgPlus.exe"
O4 - HKLM\..\Run: [BootXP] D:\Program Files\BootXP2\BootXP.exe /min /change
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [APVXDWIN] "d:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [JITScheduler] "D:\Program Files\JIT\sched.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Window Washer] D:\Program Files\washer\Webroot\Washer\wwDisp.exe /startup
O4 - HKCU\..\Run: [ATI Launchpad] "D:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SymNetDrv\SNDMon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Hogsoft PoserBooost] "E:\Program Files\PBooost 1.4\PBooost.exe" runMinimized
O4 - HKCU\..\Run: [Active Desktop Calendar] D:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
O4 - HKLM\..\RunOnce: [Index Washer] D:\Program Files\washer\Webroot\Washer\WashIdx.exe "Theresa"
O4 - Startup: YahooPOPs.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = D:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ieSpell Options - res://D:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Add to AD Black List - D:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Block All Images from the Same Server - D:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Check &Spelling - res://D:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Druid: Download All Files - d:\Program Files\XemiComputers\Download Druid\Druid.html
O8 - Extra context menu item: Druid: Download Highlighted Files - d:\Program Files\XemiComputers\Download Druid\DruidHighLighted.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - D:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - D:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Save Flash - res://d:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Search - D:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: ieSpell (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell (HKLM)
O9 - Extra button: Download (HKLM)
O9 - Extra 'Tools' menuitem: Druid: Download All Files (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Druid Bar (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: Flash (HKCU)
O10 - Broken Internet access because of LSP provider 'imslsp.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...ry/msgrchkr.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {1EDF25DE-DFB2-40CA-AA83-30AE7DA8C203} (FileSharingCtrl Class) -
http://appdirectory....sharingctrl.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...MineSweeper.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.co...wnload/cult.cabO16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) -
http://www.gamehouse.com/ghdlctl.cabO16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) -
http://appdirectory....sharingctrl.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...StatsClient.cabO16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) -
http://sc.groups.msn...eUC/MsnUpld.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupd...7768.6356018518O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cabO16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) -
http://games-dl.real...ArcadeRdxIE.cabO16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn...UC/MsnPUpld.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macr...ash/swflash.cabO16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zon...ireShowdown.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{95D19531-C0B3-48DD-B8D3-FC59E406F3A3}: NameServer = 192.168.0.1