I've used spysweeper and trojan remover as prescribed in another thread and just wish for someone to lok over my hijack and spysweeper log to make sure everythings up to par
Thanks in advanced
Spysweeper log
********
3:23 PM: | Start of Session, Sunday, November 20, 2005 |
3:23 PM: Spy Sweeper started
3:23 PM: Sweep initiated using definitions version 574
3:24 PM: Starting Memory Sweep
3:24 PM: Found Adware: virtumonde
3:24 PM: Detected running threat: C:\WINDOWS\SYSTEM32\vturs.dll (ID = 77)
3:26 PM: Memory Sweep Complete, Elapsed Time: 00:02:17
3:26 PM: Starting Registry Sweep
3:26 PM: Found Trojan Horse: trojan-downloader-conhook
3:26 PM: HKCR\clsid\{8e13dde1-e013-47ec-9c4c-27c2f78bdd26}\ (3 subtraces) (ID = 834750)
3:26 PM: HKLM\software\classes\clsid\{8e13dde1-e013-47ec-9c4c-27c2f78bdd26}\ (3 subtraces) (ID = 834754)
3:26 PM: Registry Sweep Complete, Elapsed Time:00:00:18
3:26 PM: Starting Cookie Sweep
3:26 PM: Found Spy Cookie: 3 cookie
3:26 PM: alison@3[2].txt (ID = 1959)
3:26 PM: Found Spy Cookie: 5 cookie
3:26 PM: alison@5[1].txt (ID = 1979)
3:26 PM: alison@5[2].txt (ID = 1979)
3:26 PM: Found Spy Cookie: 64.62.232 cookie
3:26 PM: [email protected][1].txt (ID = 1987)
3:26 PM: [email protected][2].txt (ID = 1987)
3:26 PM: [email protected][3].txt (ID = 1987)
3:26 PM: [email protected][4].txt (ID = 1987)
3:26 PM: [email protected][5].txt (ID = 1987)
3:26 PM: Found Spy Cookie: about cookie
3:26 PM: [email protected][1].txt (ID = 2038)
3:26 PM: Found Spy Cookie: websponsors cookie
3:26 PM: [email protected][2].txt (ID = 3665)
3:26 PM: Found Spy Cookie: go.com cookie
3:26 PM: [email protected][1].txt (ID = 2729)
3:26 PM: alison@about[1].txt (ID = 2037)
3:26 PM: alison@about[2].txt (ID = 2037)
3:26 PM: Found Spy Cookie: ad-rotator cookie
3:26 PM: alison@ad-rotator[2].txt (ID = 2051)
3:26 PM: Found Spy Cookie: yieldmanager cookie
3:26 PM: [email protected][2].txt (ID = 3751)
3:26 PM: Found Spy Cookie: adknowledge cookie
3:26 PM: alison@adknowledge[2].txt (ID = 2072)
3:26 PM: Found Spy Cookie: hbmediapro cookie
3:26 PM: [email protected][2].txt (ID = 2768)
3:26 PM: Found Spy Cookie: specificclick.com cookie
3:26 PM: [email protected][1].txt (ID = 3400)
3:26 PM: Found Spy Cookie: cc214142 cookie
3:26 PM: [email protected][2].txt (ID = 2367)
3:26 PM: Found Spy Cookie: pointroll cookie
3:26 PM: [email protected][1].txt (ID = 3148)
3:26 PM: Found Spy Cookie: adultfriendfinder cookie
3:26 PM: alison@adultfriendfinder[2].txt (ID = 2165)
3:26 PM: [email protected][1].txt (ID = 2038)
3:26 PM: Found Spy Cookie: associated new media cookie
3:26 PM: [email protected][2].txt (ID = 2223)
3:26 PM: Found Spy Cookie: ask cookie
3:26 PM: alison@ask[1].txt (ID = 2245)
3:26 PM: Found Spy Cookie: belnk cookie
3:26 PM: [email protected][2].txt (ID = 2293)
3:26 PM: [email protected][1].txt (ID = 2038)
3:26 PM: Found Spy Cookie: atwola cookie
3:26 PM: alison@atwola[2].txt (ID = 2255)
3:26 PM: Found Spy Cookie: bannerspace cookie
3:26 PM: alison@bannerspace[2].txt (ID = 2284)
3:26 PM: Found Spy Cookie: banners cookie
3:26 PM: alison@banners[1].txt (ID = 2282)
3:26 PM: Found Spy Cookie: banner cookie
3:26 PM: alison@banner[1].txt (ID = 2276)
3:26 PM: alison@belnk[1].txt (ID = 2292)
3:26 PM: Found Spy Cookie: burstnet cookie
3:26 PM: alison@burstnet[1].txt (ID = 2336)
3:26 PM: Found Spy Cookie: 2o7.net cookie
3:26 PM: [email protected][2].txt (ID = 1958)
3:26 PM: Found Spy Cookie: casalemedia cookie
3:26 PM: alison@casalemedia[1].txt (ID = 2354)
3:26 PM: Found Spy Cookie: ccbill cookie
3:26 PM: alison@ccbill[1].txt (ID = 2369)
3:26 PM: Found Spy Cookie: classmates cookie
3:26 PM: alison@classmates[2].txt (ID = 2384)
3:26 PM: [email protected][1].txt (ID = 1958)
3:26 PM: Found Spy Cookie: tickle cookie
3:26 PM: [email protected][1].txt (ID = 3530)
3:26 PM: Found Spy Cookie: 360i cookie
3:26 PM: [email protected][2].txt (ID = 1962)
3:26 PM: [email protected][1].txt (ID = 2729)
3:26 PM: [email protected][1].txt (ID = 2293)
3:26 PM: Found Spy Cookie: experclick cookie
3:26 PM: alison@experclick[1].txt (ID = 2639)
3:26 PM: [email protected][1].txt (ID = 2038)
3:26 PM: alison@go[2].txt (ID = 2728)
3:26 PM: [email protected][1].txt (ID = 2038)
3:26 PM: Found Spy Cookie: clickandtrack cookie
3:26 PM: [email protected][2].txt (ID = 2397)
3:26 PM: Found Spy Cookie: screensavers.com cookie
3:26 PM: [email protected][1].txt (ID = 3298)
3:26 PM: [email protected][1].txt (ID = 1958)
3:26 PM: Found Spy Cookie: aptimus cookie
3:26 PM: [email protected][2].txt (ID = 2235)
3:26 PM: Found Spy Cookie: touchclarity cookie
3:26 PM: [email protected][1].txt (ID = 3567)
3:26 PM: Found Spy Cookie: partypoker cookie
3:26 PM: alison@partypoker[2].txt (ID = 3111)
3:26 PM: Found Spy Cookie: questionmarket cookie
3:26 PM: alison@questionmarket[1].txt (ID = 3217)
3:26 PM: [email protected][1].txt (ID = 2038)
3:26 PM: Found Spy Cookie: directtrack cookie
3:26 PM: [email protected][2].txt (ID = 2528)
3:26 PM: Found Spy Cookie: realmedia cookie
3:26 PM: alison@realmedia[2].txt (ID = 3235)
3:26 PM: [email protected][2].txt (ID = 2729)
3:26 PM: Found Spy Cookie: reunion cookie
3:26 PM: alison@reunion[2].txt (ID = 3255)
3:26 PM: Found Spy Cookie: rn11 cookie
3:26 PM: alison@rn11[2].txt (ID = 3261)
3:26 PM: [email protected][1].txt (ID = 2729)
3:26 PM: Found Spy Cookie: coolsavings cookie
3:26 PM: [email protected][1].txt (ID = 2466)
3:26 PM: alison@screensavers[1].txt (ID = 3297)
3:26 PM: Found Spy Cookie: servlet cookie
3:26 PM: alison@servlet[2].txt (ID = 3345)
3:26 PM: [email protected][1].txt (ID = 2528)
3:26 PM: Found Spy Cookie: starware.com cookie
3:26 PM: alison@starware[2].txt (ID = 3441)
3:26 PM: Found Spy Cookie: reliablestats cookie
3:26 PM: [email protected][1].txt (ID = 3254)
3:26 PM: Found Spy Cookie: stlyrics cookie
3:26 PM: alison@stlyrics[2].txt (ID = 3461)
3:26 PM: Found Spy Cookie: trafficmp cookie
3:26 PM: alison@trafficmp[2].txt (ID = 3581)
3:26 PM: Found Spy Cookie: tribalfusion cookie
3:26 PM: alison@tribalfusion[1].txt (ID = 3589)
3:26 PM: Found Spy Cookie: tripod cookie
3:26 PM: alison@tripod[1].txt (ID = 3591)
3:26 PM: [email protected][2].txt (ID = 2038)
3:26 PM: [email protected][2].txt (ID = 2038)
3:26 PM: Found Spy Cookie: burstbeacon cookie
3:26 PM: [email protected][2].txt (ID = 2335)
3:26 PM: Found Spy Cookie: clixgalore cookie
3:26 PM: [email protected][2].txt (ID = 2417)
3:26 PM: Found Spy Cookie: myaffiliateprogram.com cookie
3:26 PM: [email protected][1].txt (ID = 3032)
3:26 PM: [email protected][2].txt (ID = 3298)
3:26 PM: Found Spy Cookie: seeq cookie
3:26 PM: [email protected][1].txt (ID = 3332)
3:26 PM: [email protected][1].txt (ID = 3462)
3:26 PM: Found Spy Cookie: stopzilla cookie
3:26 PM: [email protected][2].txt (ID = 3466)
3:26 PM: Found Spy Cookie: try games cookie
3:26 PM: [email protected][1].txt (ID = 3594)
3:26 PM: [email protected][1].txt (ID = 3332)
3:26 PM: Found Spy Cookie: xiti cookie
3:26 PM: alison@xiti[1].txt (ID = 3717)
3:26 PM: alison@yieldmanager[2].txt (ID = 3749)
3:26 PM: [email protected][2].txt (ID = 2528)
3:26 PM: Found Spy Cookie: adserver cookie
3:26 PM: [email protected][1].txt (ID = 2142)
3:26 PM: Found Spy Cookie: zedo cookie
3:26 PM: alison@zedo[1].txt (ID = 3762)
3:26 PM: Found Spy Cookie: apmebf cookie
3:26 PM: chris@apmebf[2].txt (ID = 2229)
3:26 PM: Found Spy Cookie: paycounter cookie
3:26 PM: chris@paycounter[2].txt (ID = 3115)
3:26 PM: Found Spy Cookie: qksrv cookie
3:26 PM: chris@qksrv[2].txt (ID = 3213)
3:26 PM: [email protected][2].txt (ID = 3254)
3:26 PM: chris@tribalfusion[1].txt (ID = 3589)
3:26 PM: [email protected][1].txt (ID = 3751)
3:26 PM: sue@adknowledge[1].txt (ID = 2072)
3:26 PM: [email protected][1].txt (ID = 3400)
3:26 PM: sue@atwola[1].txt (ID = 2255)
3:26 PM: sue@burstnet[2].txt (ID = 2336)
3:26 PM: [email protected][1].txt (ID = 1962)
3:26 PM: sue@go[2].txt (ID = 2728)
3:26 PM: [email protected][2].txt (ID = 2729)
3:26 PM: Found Spy Cookie: one-time-offer cookie
3:26 PM: sue@one-time-offer[2].txt (ID = 3095)
3:26 PM: [email protected][1].txt (ID = 2729)
3:26 PM: Found Spy Cookie: tracking cookie
3:26 PM: sue@tracking[2].txt (ID = 3571)
3:26 PM: [email protected][2].txt (ID = 2335)
3:26 PM: Cookie Sweep Complete, Elapsed Time: 00:00:08
3:26 PM: Starting File Sweep
4:02 PM: Warning: Unhandled Archive Type
4:02 PM: Warning: Unhandled Archive Type
4:02 PM: Warning: Unhandled Archive Type
4:02 PM: Warning: Unhandled Archive Type
4:03 PM: Warning: Invalid Stream
4:03 PM: Warning: Invalid Stream
4:03 PM: File Sweep Complete, Elapsed Time: 00:36:15
4:03 PM: Full Sweep has completed. Elapsed time 00:39:07
4:03 PM: Traces Found: 111
4:07 PM: Removal process initiated
4:07 PM: Quarantining All Traces: virtumonde
4:07 PM: virtumonde is in use. It will be removed on reboot.
4:07 PM: C:\WINDOWS\SYSTEM32\vturs.dll is in use. It will be removed on reboot.
4:07 PM: Quarantining All Traces: trojan-downloader-conhook
4:07 PM: Quarantining All Traces: 2o7.net cookie
4:07 PM: Quarantining All Traces: 3 cookie
4:07 PM: Quarantining All Traces: 360i cookie
4:07 PM: Quarantining All Traces: 5 cookie
4:07 PM: Quarantining All Traces: 64.62.232 cookie
4:07 PM: Quarantining All Traces: about cookie
4:07 PM: Quarantining All Traces: adknowledge cookie
4:07 PM: Quarantining All Traces: ad-rotator cookie
4:07 PM: Quarantining All Traces: adserver cookie
4:07 PM: Quarantining All Traces: adultfriendfinder cookie
4:07 PM: Quarantining All Traces: apmebf cookie
4:07 PM: Quarantining All Traces: aptimus cookie
4:07 PM: Quarantining All Traces: ask cookie
4:07 PM: Quarantining All Traces: associated new media cookie
4:07 PM: Quarantining All Traces: atwola cookie
4:07 PM: Quarantining All Traces: banner cookie
4:07 PM: Quarantining All Traces: banners cookie
4:07 PM: Quarantining All Traces: bannerspace cookie
4:07 PM: Quarantining All Traces: belnk cookie
4:07 PM: Quarantining All Traces: burstbeacon cookie
4:07 PM: Quarantining All Traces: burstnet cookie
4:07 PM: Quarantining All Traces: casalemedia cookie
4:07 PM: Quarantining All Traces: cc214142 cookie
4:07 PM: Quarantining All Traces: ccbill cookie
4:07 PM: Quarantining All Traces: classmates cookie
4:07 PM: Quarantining All Traces: clickandtrack cookie
4:07 PM: Quarantining All Traces: clixgalore cookie
4:07 PM: Quarantining All Traces: coolsavings cookie
4:07 PM: Quarantining All Traces: directtrack cookie
4:07 PM: Quarantining All Traces: experclick cookie
4:07 PM: Quarantining All Traces: go.com cookie
4:07 PM: Quarantining All Traces: hbmediapro cookie
4:07 PM: Quarantining All Traces: myaffiliateprogram.com cookie
4:07 PM: Quarantining All Traces: one-time-offer cookie
4:07 PM: Quarantining All Traces: partypoker cookie
4:07 PM: Quarantining All Traces: paycounter cookie
4:07 PM: Quarantining All Traces: pointroll cookie
4:07 PM: Quarantining All Traces: qksrv cookie
4:07 PM: Quarantining All Traces: questionmarket cookie
4:07 PM: Quarantining All Traces: realmedia cookie
4:07 PM: Quarantining All Traces: reliablestats cookie
4:07 PM: Quarantining All Traces: reunion cookie
4:07 PM: Quarantining All Traces: rn11 cookie
4:07 PM: Quarantining All Traces: screensavers.com cookie
4:07 PM: Quarantining All Traces: seeq cookie
4:07 PM: Quarantining All Traces: servlet cookie
4:07 PM: Quarantining All Traces: specificclick.com cookie
4:07 PM: Quarantining All Traces: starware.com cookie
4:07 PM: Quarantining All Traces: stlyrics cookie
4:07 PM: Quarantining All Traces: stopzilla cookie
4:07 PM: Quarantining All Traces: tickle cookie
4:07 PM: Quarantining All Traces: touchclarity cookie
4:07 PM: Quarantining All Traces: tracking cookie
4:07 PM: Quarantining All Traces: trafficmp cookie
4:07 PM: Quarantining All Traces: tribalfusion cookie
4:07 PM: Quarantining All Traces: tripod cookie
4:07 PM: Quarantining All Traces: try games cookie
4:07 PM: Quarantining All Traces: websponsors cookie
4:07 PM: Quarantining All Traces: xiti cookie
4:07 PM: Quarantining All Traces: yieldmanager cookie
4:07 PM: Quarantining All Traces: zedo cookie
4:07 PM: Warning: Timed out waiting for explorer.exe
4:07 PM: Warning: Timed out waiting for explorer.exe
4:07 PM: Warning: Timed out waiting for explorer.exe
4:07 PM: Warning: Quarantine process could not restart Explorer.
4:07 PM: Removal process completed. Elapsed time 00:00:53
********
3:21 PM: | Start of Session, Sunday, November 20, 2005 |
3:21 PM: Spy Sweeper started
3:22 PM: Your spyware definitions have been updated.
3:23 PM: | End of Session, Sunday, November 20, 2005 |
Hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 11:07:47 PM, on 11/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://music.tinfoil.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: MSEvents Object - {CE70731D-F28D-4D81-9D61-C8EE60378401} - C:\WINDOWS\system32\vturs.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/...xy.cab35645.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave...aploader_v6.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitc...eInstallSBC.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: infocr - C:\WINDOWS\msagent\infocr.dll (file missing)
O20 - Winlogon Notify: ssqpn - C:\WINDOWS\system32\ssqpn.dll (file missing)
O20 - Winlogon Notify: vturs - C:\WINDOWS\system32\vturs.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
Edited by dontcareaboutmyid, 21 November 2005 - 01:21 AM.