 |  |  |  |  |  |  |  |
messed up computer
 |
Logfile of HijackThis v1.99.1
Scan saved at 6:29:45 PM, on 3/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Netscape Internet Service\dialer_org.exe
C:\Program Files\Netscape Internet Service\css.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [Startup Guru] "C:\Documents and Settings\Gary Hagerman\Desktop\Spyware &Virus Control\startupguru.exe" /B
O4 - HKCU\..\Run: [FUIClearHis] C:\Program Files\FreshDevices\FreshUI\freshui.exe 15 17
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
ok i think that i got it
Scan saved at 6:29:45 PM, on 3/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Netscape Internet Service\dialer_org.exe
C:\Program Files\Netscape Internet Service\css.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [Startup Guru] "C:\Documents and Settings\Gary Hagerman\Desktop\Spyware &Virus Control\startupguru.exe" /B
O4 - HKCU\..\Run: [FUIClearHis] C:\Program Files\FreshDevices\FreshUI\freshui.exe 15 17
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
ok i think that i got it
•
•
Join Date: Jul 2005
Posts: 1,542
Reputation: 
Solved Threads: 98
You did, but oculdnt you have just added on to the other threads you made. Now you have 3 threads with the same title 
.
Any ways, scan with HJT again, and check the following.
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
And if you reconize the IP's of these leave em'. If you dont check them.
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
Then download ewido - http://www.ewido.net/en/ - Install it. Update it. Scan. Let iit remove what it finds.
Post a new log, and the ewido log.
.Any ways, scan with HJT again, and check the following.
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
And if you reconize the IP's of these leave em'. If you dont check them.
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
Then download ewido - http://www.ewido.net/en/ - Install it. Update it. Scan. Let iit remove what it finds.
Post a new log, and the ewido log.
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes
Member - Alliance of Security Analysis Professionals - Since 2006
Ewido
Tune up windows
Get detailed system information
My Fixes
Member - Alliance of Security Analysis Professionals - Since 2006
Logfile of HijackThis v1.99.1
Scan saved at 6:29:45 PM, on 3/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Netscape Internet Service\dialer_org.exe
C:\Program Files\Netscape Internet Service\css.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [Startup Guru] "C:\Documents and Settings\Gary Hagerman\Desktop\Spyware &Virus Control\startupguru.exe" /B
O4 - HKCU\..\Run: [FUIClearHis] C:\Program Files\FreshDevices\FreshUI\freshui.exe 15 17
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
+ Created on: 10:39:24 AM, 3/18/2006
+ Report-Checksum: 24CD8982
+ Scan result:
:mozilla.6:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
+ Created on: 10:39:24 AM, 3/18/2006
+ Report-Checksum: 24CD8982
+ Scan result:
:mozilla.6:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
::Report End
::Report End
here is the new scans i tried to rid the system of the last registry entry,zonelabs because i got rid of that firewall but it will not leave
Scan saved at 6:29:45 PM, on 3/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Netscape Internet Service\dialer_org.exe
C:\Program Files\Netscape Internet Service\css.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [Startup Guru] "C:\Documents and Settings\Gary Hagerman\Desktop\Spyware &Virus Control\startupguru.exe" /B
O4 - HKCU\..\Run: [FUIClearHis] C:\Program Files\FreshDevices\FreshUI\freshui.exe 15 17
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
+ Created on: 10:39:24 AM, 3/18/2006
+ Report-Checksum: 24CD8982
+ Scan result:
:mozilla.6:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
+ Created on: 10:39:24 AM, 3/18/2006
+ Report-Checksum: 24CD8982
+ Scan result:
:mozilla.6:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
::Report End
::Report End
here is the new scans i tried to rid the system of the last registry entry,zonelabs because i got rid of that firewall but it will not leave
•
•
Join Date: Jul 2005
Posts: 1,542
Reputation:
Solved Threads: 98
Ok, Scan again with HJT, and put a ceck next to the following.
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
Did you decide that the 017 entries were related to your ISP, if so and you did not remove them, thats fine. If you did remove them there back. and we need to take action against them.
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
Did you decide that the 017 entries were related to your ISP, if so and you did not remove them, thats fine. If you did remove them there back. and we need to take action against them.
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes
Member - Alliance of Security Analysis Professionals - Since 2006
Ewido
Tune up windows
Get detailed system information
My Fixes
Member - Alliance of Security Analysis Professionals - Since 2006
•
•
Join Date: Feb 2006
Posts: 244
Reputation:
Solved Threads: 13
Posting Whiz in Training
Do you use Netscape? If so - may not hurt to verify that file is indeed missing
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
If not, I would leave it be.
Also - you will need to update your Java, and uninstall the old version thru Add/Remove Programs...
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
If not, I would leave it be.
Also - you will need to update your Java, and uninstall the old version thru Add/Remove Programs...
Proud Member of ASAP (Alliance of Security Analysis Professionals)
Logfile of HijackThis v1.99.1
Scan saved at 11:35:54 AM, on 3/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Registry Toolkit] C:\Program Files\Registry Toolkit\RegToolkit.exe /scan
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (file missing)
i keep on being timed out but firefox is back
Scan saved at 11:35:54 AM, on 3/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Registry Toolkit] C:\Program Files\Registry Toolkit\RegToolkit.exe /scan
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (file missing)
i keep on being timed out but firefox is back
|
Similar Threads
- New ram installed computer wont start (Windows NT / 2000 / XP)
- Help On Reformat, Computer Wont Start (Windows NT / 2000 / XP)
- My hard drive and cd drive are messed up (Storage)
- Computer will connect to Internet...just not MY connection (Windows NT / 2000 / XP)
- Computer repeatedly crashing (Windows NT / 2000 / XP)
- messed up computer (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: trojan.cachecache
- Next Thread: My Computer Is Running Too Slow
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
