Nasties on board?

Question

jd51edwin 0 Junior Poster in Training

16 Years Ago

Hi all,

My PC is running extremely slowly and I'm thinking I might have some nasties at the root of it all. I ran Lavasoft's Adaware and clean things up but it's still slow. Here's my Hijackthis log. Can someone please take a look and advise? Thanks a bunch.....JD

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24, on 3/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\Handspring\HOTSYNC.EXE
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\Security\HiJackThis.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Digital Home 8\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4668 bytes

windows-virus

2 Contributors
9 Replies
167 Views
2 Weeks Discussion Span
Latest Post 16 Years Ago Latest Post by crunchie

All 9 Replies

crunchie 990 Most Valuable Poster

16 Years Ago

Please post the complete log with no edits.

==

Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Make sure that you restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Post new HJT log.

crunchie 990 Most Valuable Poster

16 Years Ago

Please run Malwarebytes' Anti-Malware again following the instructions I gave in my previous post, then you will need to do a fresh hijackthis log.

crunchie 990 Most Valuable Poster

16 Years Ago

Can you please do the following.

===============

Go to Add/Remove programs and uninstall the following, if present:

Viewpoint Manager

The above could appear anywhere within the entry. Be careful not to remove any personal or system software.

===============

Scan with HijackThis and then place a check next to all the following, if present:

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders:

folders...

C:\Program Files\Viewpoint

-

Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in Safe Mode by doing the following:

Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear.

Select the first option to run Windows in Safe Mode hit enter.

-

Reboot.

===============

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

jd51edwin 0 Junior Poster in Training · Answer 1 · 2008-03-18T07:22:36+00:00

Hi Crunchie....here are the mbam and HJT logs....thanks...JD

Malwarebytes' Anti-Malware 1.08
Database version: 499

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 194420
Time elapsed: 1 hour(s), 17 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 28
Files Infected: 236

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{288c5f13-7e52-4ada-a32e-f5bf9d125f99} (Trojan.Downloader) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{450b9e4d-4014-4de3-b34e-014a81468293} (Trojan.Downloader) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c7f00a9a-f1bc-436e-82c7-e8cae6fd67f7} (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\Software\The Weather Channel (Adware.Hotbar) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\The Weather Channel FW (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\config (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\app_elements (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\maps (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\nav (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45 (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60 (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\radar (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\logos (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\wxcache (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo (Malware.Trace) -> No action taken.
C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\The Weather Channel (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\The Weather Channel\Desktop Weather (Adware.Hotbar) -> No action taken.

Files Infected:
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\SMBOLS~1\wowexec.exe.vir (Adware.PurityScan) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\Common Files\Yazzle1552OinUninstaller.exe.vir (Adware.PurityScan) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\retadpu11.exe.vir (Trojan.Agent) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\uninstall_nmon.vbs.vir (Malware.Trace) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\avyp.dll.vir (Adware.PurityScan) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\app.html (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\app.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\eula.html (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\index_local.html (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\INSTALL.LOG (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\noinet_300X250.gif (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\noinet_728x90.gif (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\no_connection_frame.html (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\query_prams.js (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\uninstall.bat (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\UNWISE.EXE (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\UNWISE.INI (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\config\settings.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\connection.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\ForecastPageTabs.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\HomePageTabs.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\instby_module.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\loaction_display.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\loc_manager.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\photo.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\preferencesWindowMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\promo.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\side_barmodule.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\videoTabMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\app_elements\logo_loader.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast\cc.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast\detailed.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast\hourly.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast\tenDayForecast.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast\thirty_six_hour.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\forecast\threeDayForecast.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\maps\radarAndMapsMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\maps\sixHundredMileRadar.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\nav\nav_main_button.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\nav\nav_top_right.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\nav\vertical_nav.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\businessTravelerMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\businessTravelerScreenMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\drivingHomeMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\drivingScreenMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\fitnessHomeMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\fitnessScreenMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\golfHomeMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\golfScreenMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\pollenHomeMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\pollenScreenMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\lib\verticles\weatherHomeMod.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\Thunderclap.mp3 (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\0.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\1.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\10.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\11.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\12.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\13.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\14.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\15.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\16.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\17.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\18.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\19.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\2.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\20.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\21.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\22.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\23.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\24.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\25.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\26.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\27.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\28.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\29.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\3.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\30.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\31.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\32.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\33.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\34.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\35.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\36.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\37.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\38.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\39.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\4.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\40.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\41.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\42.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\43.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\44.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\45.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\46.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\47.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\5.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\6.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\7.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\8.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\9.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\45x45\testLoad.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\0.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\1.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\10.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\11.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\12.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\13.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\14.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\15.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\16.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\17.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\18.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\19.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\2.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\20.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\21.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\22.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\23.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\24.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\25.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\26.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\27.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\28.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\29.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\3.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\30.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\31.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\32.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\33.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\34.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\35.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\36.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\37.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\38.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\39.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\4.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\40.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\41.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\42.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\43.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\44.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\45.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\46.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\47.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\5.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\6.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\7.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\8.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\9.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\60x60\testLoad.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\0.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\1.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\10.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\11.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\12.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\13.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\14.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\15.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\16.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\17.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\18.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\19.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\2.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\20.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\21.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\22.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\23.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\24.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\25.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\26.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\27.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\28.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\29.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\3.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\30.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\4.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\5.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\6.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\7.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\8.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\icons\moon\9.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\businessTravelerV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\drivingV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\fitnessV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\golfV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\newsV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\pollenV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\skiV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\swfs\verticals\weatherV.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\ads.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\app.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\cobrand.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\collections.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\dimms.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\divs.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\files.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\forcast.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\links.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\nav.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\prefs.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\screens.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\config\vertical.bin (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\ad.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\bkg.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\border.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\homepage_line.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\nav_bar.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\nav_bar_border.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\graphics\logos\weatherChannelLogo.swf (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Desktop Weather\temp\Owner\freeze\radar\sixHundredMileRadar.jpg (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\flow.xml (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\INSTALL.LOG (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\notifymessages.ini (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\qx.exe (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\slnchr.exe (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelSetup.exe (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\uninstall.bat (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\UNWISE.EXE (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\update.exe (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\wxfw.dll (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\wxcache\01748.wx (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\wxcache\ac.dat (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\wxcache\actimes.rfsh (Adware.Hotbar) -> No action taken.
C:\Program Files\The Weather Channel FW\Framework\wxcache\times.rfsh (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo\Terms.lnk (Malware.Trace) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo\Uninstall.lnk (Malware.Trace) -> No action taken.
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> No action taken.
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\The Weather Channel\Desktop Weather\Desktop Weather.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\The Weather Channel\Desktop Weather\Help.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\The Weather Channel\Desktop Weather\Uninstall.lnk (Adware.Hotbar) -> No action taken.
C:\WINDOWS\retadpu72.exe.tmp (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ClickToFindandFixErrors_Intl.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\ClickToFindandFixErrors_US.ico (Malware.Trace) -> No action taken.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:13, on 3/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\Handspring\HOTSYNC.EXE
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\My Documents\Security\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: mimio Studio.lnk = C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.yorkphoto.com/YorkActivia.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpqdktp/downloads/sysinfo.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167696040984
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4561/mcfscan.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Digital Home 8\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13114 bytes

jd51edwin 0 Junior Poster in Training · Answer 2 · 2008-03-18T20:15:50+00:00

OK - here is the new Malware and HJT logs...thanks

Malwarebytes' Anti-Malware 1.08
Database version: 499

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 195174
Time elapsed: 1 hour(s), 9 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:15, on 3/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\Handspring\HOTSYNC.EXE
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Owner\My Documents\Security\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: mimio Studio.lnk = C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.yorkphoto.com/YorkActivia.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpqdktp/downloads/sysinfo.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167696040984
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4561/mcfscan.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Digital Home 8\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13064 bytes

jd51edwin 0 Junior Poster in Training · Answer 3 · 2008-03-28T20:12:14+00:00

Hi Crunchie...well it seemed to work "ok" at first but then it start to get slow...and now it's crawling when I use IE......also when I log out...it the screen has an error message "Ending Program a8c (sometimes it's a different combination of letters/numbers) ...here's the latest HJT log...thoughts? tx....JD

10:02 3/28/200810:02 3/28/2008Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02, on 3/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\Handspring\HOTSYNC.EXE
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Documents and Settings\Owner\My Documents\Security\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpriteService] "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: mimio Studio.lnk = C:\Documents and Settings\Owner\My Documents\Patrick's Stuff\mimio\mimiosys.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.yorkphoto.com/YorkActivia.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpqdktp/downloads/sysinfo.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167696040984
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4561/mcfscan.cab
O16 - DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE} (HP Content Update) - http://h30299.www3.hp.com/ediags/hpnar/en/app/17/install/gtdownhp.cab?1,0,0,94
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Digital Home 8\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe

--
End of file - 14916 bytes

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 4 · 2008-03-29T12:47:08+00:00

Try this;

Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program

jd51edwin 0 Junior Poster in Training · Answer 5 · 2008-04-01T23:10:08+00:00

Hi Crunchie....I just ran it and will let you know...thanks....I am assuming the sections on Firefix and Opera pertain only if I was running those browsers and not IE, correct?

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 6 · 2008-04-02T02:56:41+00:00

crunchie 990 Most Valuable Poster

16 Years Ago

Thats right.

Nasties on board?

Recommended Answers Collapse Answers

All 9 Replies

Recommended Answers