Internet keeps closing/slow computer problem! (HJT log included)[Solved]

Unknown
edited November 2006 in Spyware & Virus Removal
Hi, I'm so glad I came across this forum! Lately my compter has been VERY slow, and every few minutes I get a pop up that says that internet explorer is having problems and needs to shut down. Then it just freezes. Sometimes it also says that "Dr. Watson post mordem debugger" needs to close down too. :confused2 I had Avast and running it came up with nothing. I followed the steps in one of the stickys, and heres what I came up with! Just wondering if I got rid of everything.

Hope someone can help me! Thanks!

BitDefender Online Scanner - Real Time Virus Report



Generated at: Mon, Nov 13, 2006 - 09:10:36






Scan Info



Scanned Files
237199

Infected Files
1








Virus Detected



Trivial.64.A
1
______________________________________________________________

KASPERSKY ONLINE SCANNER REPORT
Monday, November 13, 2006 7:11:50 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 13/11/2006
Kaspersky Anti-Virus database records: 240858

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\

Scan Statistics:
Total number of scanned objects: 57349
Number of viruses found: 3
Number of infected objects: 4 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:22:42

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\orion pc\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\orion pc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\orion pc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\orion pc\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\orion pc\Local Settings\History\History.IE5\MSHist012006111220061113\index.dat Object is locked skipped
C:\Documents and Settings\orion pc\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\orion pc\ntuser.dat Object is locked skipped
C:\Documents and Settings\orion pc\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq257E.tmp\pmexe.cab/Points Manager.exe Infected: not-a-virus:AdWare.Win32.Altnet.h skipped
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq257E.tmp\pmexe.cab CAB: infected - 1 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{740A744C-C1FB-4341-935F-26C7387F2945}\RP1011\A0214160.ocx Infected: not-a-virus:AdWare.Win32.Coupons.h skipped
C:\System Volume Information\_restore{740A744C-C1FB-4341-935F-26C7387F2945}\RP1028\change.log Object is locked skipped
C:\System Volume Information\_restore{740A744C-C1FB-4341-935F-26C7387F2945}\RP997\A0213966.exe Infected: not-a-virus:AdWare.Win32.RK.h skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_62c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

_________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 10:17:14 AM, on 11/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn4\YTBSDK.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://marinewives101.com/phpBB/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Class - {00AD3519-3F00-5087-FF3D-ADBC964ABCAE} - C:\WINDOWS\addkn.dll (file missing)
O2 - BHO: Class - {017A0FF7-26F5-7344-C985-64575DDA97DD} - C:\WINDOWS\appnt32.dll (file missing)
O2 - BHO: Class - {04D6A205-BCF1-A72C-2E8D-6CC68DA15F18} - C:\WINDOWS\atlha32.dll (file missing)
O2 - BHO: Class - {064CE72F-402C-6FA9-72C8-ADF5FEC210AD} - C:\WINDOWS\addjt32.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {07146AF0-7FF5-EAB9-8DF4-A761A47B6EC0} - C:\WINDOWS\mfcfq.dll (file missing)
O2 - BHO: Class - {095AD563-AF19-56B1-DD26-621F212627CF} - C:\WINDOWS\system32\crqd32.dll (file missing)
O2 - BHO: Class - {0B01F3E9-B4C0-2C24-AA3E-F733655C3C34} - C:\WINDOWS\atlgq32.dll (file missing)
O2 - BHO: Class - {0B5FA233-21D3-D511-CADA-148239911966} - C:\WINDOWS\appjn32.dll (file missing)
O2 - BHO: Class - {10F94B10-522A-EABA-5616-CAF7B78D55BE} - C:\WINDOWS\system32\apixi32.dll (file missing)
O2 - BHO: Class - {11A20342-7564-9B4B-FC8A-97FF21E7D6BD} - C:\WINDOWS\sdkbb.dll (file missing)
O2 - BHO: Class - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - C:\WINDOWS\system32\craq32.dll (file missing)
O2 - BHO: Class - {13AF610F-11F9-1AF3-779B-C19B937033C0} - C:\WINDOWS\appeo.dll (file missing)
O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlvj32.dll (file missing)
O2 - BHO: Class - {184CF53A-43DD-BBD2-D3F8-E5964A5DC684} - C:\WINDOWS\sdkbb32.dll (file missing)
O2 - BHO: Class - {18D3D8C4-FB37-E093-FEDC-3D0FEF307C2D} - C:\WINDOWS\system32\wingk32.dll (file missing)
O2 - BHO: Class - {19AA31BF-1750-E89C-CB6E-11F9A6477CE9} - C:\WINDOWS\system32\d3iy32.dll (file missing)
O2 - BHO: Class - {1A0CC390-C209-63C3-4985-B1E588DFBFB3} - C:\WINDOWS\system32\apihe32.dll (file missing)
O2 - BHO: Class - {1A53E9E2-4A89-992E-61C3-DDF211A2FDE8} - C:\WINDOWS\crme32.dll (file missing)
O2 - BHO: Class - {1B8F483E-94BD-24D3-A479-2063E618DDF5} - C:\WINDOWS\iewj32.dll (file missing)
O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iezc.dll (file missing)
O2 - BHO: Class - {1F9F0150-0C22-FA76-7428-8EB8540D4AA4} - C:\WINDOWS\system32\iedr32.dll (file missing)
O2 - BHO: Class - {21DC704A-7F4F-27E4-C8A4-8B2B292D9E5A} - C:\WINDOWS\system32\mfcho32.dll (file missing)
O2 - BHO: Class - {25745BCC-24CB-01C1-0FA1-DBFA7F8BDCF7} - C:\WINDOWS\system32\javaec32.dll (file missing)
O2 - BHO: Class - {2594D338-824C-6462-C8D1-B3F1F3AF312D} - C:\WINDOWS\system32\iprc32.dll (file missing)
O2 - BHO: Class - {263B61EA-74E2-751A-5588-7D697B89E425} - C:\WINDOWS\msla32.dll (file missing)
O2 - BHO: Class - {27C21ADB-5220-7AE7-F703-FC7FC5F20739} - C:\WINDOWS\atlks32.dll (file missing)
O2 - BHO: Class - {2E34D0ED-0B55-5C98-05DD-51F59AB52E3A} - C:\WINDOWS\croy.dll (file missing)
O2 - BHO: Class - {2FC735CE-855B-F1B2-A6ED-CAEA0E1EA230} - C:\WINDOWS\nthz.dll (file missing)
O2 - BHO: Class - {3264833A-9E3C-846D-4A6F-B52CBBEE70DE} - C:\WINDOWS\system32\ntll32.dll (file missing)
O2 - BHO: Class - {32E6B1AD-57DA-97FF-68F1-2FF8F480D770} - C:\WINDOWS\system32\javagr.dll (file missing)
O2 - BHO: Class - {347BABA5-14DC-22E5-AF4E-4A9AF3B61EB6} - C:\WINDOWS\sysah32.dll (file missing)
O2 - BHO: Class - {348150DC-F288-4403-AB8F-29365FF75DBE} - C:\WINDOWS\system32\ietl.dll (file missing)
O2 - BHO: Class - {363E7E8C-B2AB-BCC8-A52D-1EFF22D68000} - C:\WINDOWS\addlo32.dll (file missing)
O2 - BHO: Class - {3675715F-7D53-0434-2B54-B10B3458B832} - C:\WINDOWS\system32\sdkgs32.dll (file missing)
O2 - BHO: Class - {3710CF58-4F9C-5364-2D7D-D2B63F4C0E70} - C:\WINDOWS\javaxz32.dll (file missing)
O2 - BHO: Class - {372E21EB-0CC3-8224-DFA9-DF8C5D1E64C8} - C:\WINDOWS\system32\netou.dll (file missing)
O2 - BHO: Class - {3739B70B-C6B3-2B4B-5988-766BCAC45148} - C:\WINDOWS\system32\appfz32.dll (file missing)
O2 - BHO: Class - {3C71515D-BD4E-2600-3366-5E88EB58BB2D} - C:\WINDOWS\apiwh32.dll (file missing)
O2 - BHO: Class - {3C738991-6CD4-D82F-99CD-F2904D7BABCC} - C:\WINDOWS\syssx32.dll (file missing)
O2 - BHO: Class - {3D3155DA-D6C7-F9A7-066B-28A3A4796452} - C:\WINDOWS\msca32.dll (file missing)
O2 - BHO: Class - {3E674149-0E42-9847-49E1-A9DB0541FE7F} - C:\WINDOWS\syshn32.dll (file missing)
O2 - BHO: Class - {3F508203-C722-9913-5AE6-D4D6D529B196} - C:\WINDOWS\system32\ieli32.dll (file missing)
O2 - BHO: Class - {4318F737-F6A3-CF27-A22F-1F761BF98080} - C:\WINDOWS\appqu32.dll (file missing)
O2 - BHO: Class - {4763166E-429C-B5AF-C8E8-C91F5368F74C} - C:\WINDOWS\msvu.dll (file missing)
O2 - BHO: Class - {483866A3-D9FA-8B06-B35A-0E72D8EA229F} - C:\WINDOWS\system32\crpj.dll (file missing)
O2 - BHO: Class - {4A40122C-20F8-744D-1C57-1ADC8C94FC7D} - C:\WINDOWS\system32\addlh.dll (file missing)
O2 - BHO: Class - {4A461B03-223F-63AE-8A66-848FF24D6FCA} - C:\WINDOWS\system32\netyi.dll (file missing)
O2 - BHO: Class - {4AC62F9C-2025-CE87-7120-9845408A0B63} - C:\WINDOWS\sysnc.dll (file missing)
O2 - BHO: Class - {4B291C5E-763D-6544-2D51-7653D4F8C405} - C:\WINDOWS\system32\mfcfn.dll (file missing)
O2 - BHO: Class - {4B55AAC4-8396-3C0B-42E6-D49FF81038E9} - C:\WINDOWS\system32\ntup32.dll (file missing)
O2 - BHO: Class - {4B655899-8D01-4317-F6FB-450597CE8789} - C:\WINDOWS\system32\sdkdx.dll (file missing)
O2 - BHO: Class - {4DF3C376-7B80-E41D-B1F9-D767ADF21F1B} - C:\WINDOWS\system32\mfcst32.dll (file missing)
O2 - BHO: Class - {50C152E2-A66D-B83D-EF00-511738CC4232} - C:\WINDOWS\system32\appyf32.dll (file missing)
O2 - BHO: Class - {52CDBFBE-32F2-47E5-6B11-8BB2A955AF44} - C:\WINDOWS\d3ro.dll (file missing)
O2 - BHO: Class - {52CE8742-BCE2-8A43-5E70-10C016F66C01} - C:\WINDOWS\mfcbx32.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Class - {545644A9-6FBE-18E7-255E-29EE10D8F3B7} - C:\WINDOWS\addhw.dll (file missing)
O2 - BHO: Class - {55C2A982-5FB8-705D-AB13-7616770AA2ED} - C:\WINDOWS\sysqd.dll (file missing)
O2 - BHO: Class - {57031518-1EF5-9E36-92EF-3E4E0944F8D1} - C:\WINDOWS\ntld32.dll (file missing)
O2 - BHO: Class - {5707FA2F-C060-E4D3-8A17-E9713897F189} - C:\WINDOWS\system32\ipfl32.dll (file missing)
O2 - BHO: Class - {58C94033-D071-41C6-1E7C-1D1E8C934FA8} - C:\WINDOWS\crah.dll (file missing)
O2 - BHO: Class - {598A5F00-4A66-99FC-2B27-4167ACFF6680} - C:\WINDOWS\atlgd.dll (file missing)
O2 - BHO: Class - {5A23A6D7-97E3-2631-C5AA-E8733BB4E5DB} - C:\WINDOWS\crgf32.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Class - {5F557ACC-8504-78AF-2F80-6CEC9B55D9F0} - C:\WINDOWS\system32\ntwg32.dll (file missing)
O2 - BHO: Class - {62AD18D3-C547-2D83-CC5E-FB41D08A4A94} - C:\WINDOWS\mfcgg32.dll (file missing)
O2 - BHO: Class - {62AD4EF2-C738-EB7A-35B8-F6BCD27B9F70} - C:\WINDOWS\ntfa32.dll (file missing)
O2 - BHO: Class - {63E743F2-961A-BA40-C5DE-2004CB60063A} - C:\WINDOWS\atlsh32.dll (file missing)
O2 - BHO: Class - {66E07AD0-5435-6A17-2F75-DA98D6E9D21E} - C:\WINDOWS\system32\msjl.dll (file missing)
O2 - BHO: Class - {66EE1F3E-08C7-DBFA-3708-AE8E0E66FA5B} - C:\WINDOWS\system32\appal.dll (file missing)
O2 - BHO: Class - {6AF005A3-AB9D-AA25-A620-35F3DD52A8B7} - C:\WINDOWS\atlpm32.dll (file missing)
O2 - BHO: Class - {6B27A8C5-5D2A-2032-990C-6EB938D4766F} - C:\WINDOWS\ntoe.dll (file missing)
O2 - BHO: Class - {6C7FF605-A242-47BA-6F53-DF6E15E38036} - C:\WINDOWS\system32\apibm.dll (file missing)
O2 - BHO: Class - {6F3C448D-F236-C71F-D625-50ABA41C39B6} - C:\WINDOWS\system32\d3gd.dll (file missing)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: (no name) - {7394CC45-E29E-AC0B-19B4-FA1B376B3209} - (no file)
O2 - BHO: Class - {739966E1-825B-10D9-49B8-69B4A3A6EFC4} - C:\WINDOWS\system32\syscq.dll (file missing)
O2 - BHO: Class - {770AE86A-8787-02D9-55C5-8760E1265399} - C:\WINDOWS\system32\javabu.dll (file missing)
O2 - BHO: Class - {77B30B41-EDB4-A506-04FB-DCDEE68202E3} - C:\WINDOWS\system32\addlx.dll (file missing)
O2 - BHO: Class - {78D30AA1-81A1-DD34-3D72-3AE8D1D60FF3} - C:\WINDOWS\system32\sdkbb32.dll (file missing)
O2 - BHO: Class - {794F43DD-B7AC-6EC0-A5F6-521F6ED11C88} - C:\WINDOWS\system32\appsf32.dll (file missing)
O2 - BHO: Class - {7AC2CF6E-147A-1A00-D9CD-0E148E63E7F1} - C:\WINDOWS\syszd.dll (file missing)
O2 - BHO: Class - {7AC66D02-E97D-3115-35F2-0428823161F4} - C:\WINDOWS\msgo32.dll (file missing)
O2 - BHO: Class - {7B9BF766-007B-0B90-4541-058C2A5DF9CD} - C:\WINDOWS\system32\javaqj.dll (file missing)
O2 - BHO: Class - {7CB78427-6D7E-3091-AAEA-A3F55AF5061E} - C:\WINDOWS\sysrv32.dll (file missing)
O2 - BHO: Class - {7CF63507-F787-DEDD-FF68-BDC0D8517426} - C:\WINDOWS\winbj32.dll (file missing)
O2 - BHO: Class - {7DAD4A69-2FA3-0B3E-7881-81BE388EA0FC} - C:\WINDOWS\mszr32.dll (file missing)
O2 - BHO: Class - {844C0A9A-3370-6699-5B4C-C987FC92AAC2} - C:\WINDOWS\addoz.dll (file missing)
O2 - BHO: Class - {84850937-9A02-7E55-8FA6-C522AD1E86A5} - C:\WINDOWS\system32\ntmi32.dll (file missing)
O2 - BHO: Class - {8553EC21-E7DD-9602-7F1B-4E44B156B5BD} - C:\WINDOWS\atlps32.dll (file missing)
O2 - BHO: Class - {8791D346-D816-E97B-3F20-C6CB9E19B5C2} - C:\WINDOWS\system32\nttq.dll (file missing)
O2 - BHO: Class - {87AE6847-4324-F52A-7373-4CA2325D123D} - C:\WINDOWS\system32\sysjq32.dll (file missing)
O2 - BHO: Class - {89E6AA46-56B1-1685-3746-E57CB3CFC36B} - C:\WINDOWS\ntai32.dll (file missing)
O2 - BHO: Class - {8B1C1164-6A5F-05B8-7364-9AC14833E964} - C:\WINDOWS\system32\mfcak32.dll (file missing)
O2 - BHO: Class - {8C8D320C-24D1-CF30-18ED-602C00935F02} - C:\WINDOWS\system32\ntjl.dll (file missing)
O2 - BHO: Class - {8E0B95E8-4124-1C8B-029E-418A0E2CD75A} - C:\WINDOWS\system32\ntze.dll (file missing)
O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javavg.dll (file missing)
O2 - BHO: Class - {8F6D58EB-15A7-77E6-8F75-0C0FC6A733D0} - C:\WINDOWS\syszb32.dll (file missing)
O2 - BHO: Class - {905B7AAD-BAA1-4039-E15E-7C009F72A8EF} - C:\WINDOWS\system32\sdkxi32.dll (file missing)
O2 - BHO: Class - {91E64938-0901-C214-A538-2DCDF985DA68} - C:\WINDOWS\netmo32.dll (file missing)
O2 - BHO: Class - {93205B4B-750E-5AF1-77AB-A007B7B54225} - C:\WINDOWS\system32\windr.dll (file missing)
O2 - BHO: Class - {935446E1-74D6-E2D8-D3DB-33987B9ED771} - C:\WINDOWS\system32\appgp32.dll (file missing)
O2 - BHO: Class - {935D29CB-14A9-92E2-1A43-61FA68E60B26} - C:\WINDOWS\winpc32.dll (file missing)
O2 - BHO: Class - {9AA49064-D97B-D33A-6D53-161E61C7D8F3} - C:\WINDOWS\system32\atlws32.dll (file missing)
O2 - BHO: Class - {9FFD5493-F8EA-4757-37B1-9FBCE5AFE89C} - C:\WINDOWS\system32\netjx.dll (file missing)
O2 - BHO: Class - {A0F0E2D2-FBEE-BE6A-FC88-3650DC964D83} - C:\WINDOWS\system32\sdkvs32.dll (file missing)
O2 - BHO: Class - {A0FBF6A7-DE21-3235-7B76-A7427D953750} - C:\WINDOWS\system32\sdkpz32.dll (file missing)
O2 - BHO: Class - {A16CC660-152B-F183-766B-5D9B5621E906} - C:\WINDOWS\system32\addfr32.dll (file missing)
O2 - BHO: Class - {A3ADD21E-02D3-30AF-04FD-5138BFE2FBF9} - C:\WINDOWS\system32\syswk32.dll (file missing)
O2 - BHO: Class - {A65F11A0-3D1B-37FD-F86D-9AB8607151F1} - C:\WINDOWS\winzp.dll (file missing)
O2 - BHO: Class - {A7380E2D-065F-36BF-ACBE-56A6484317E0} - C:\WINDOWS\system32\sysnc32.dll (file missing)
O2 - BHO: Class - {A7965648-2D3D-951F-7592-B85CE722DB02} - C:\WINDOWS\iemm32.dll (file missing)
O2 - BHO: Class - {A89630A0-A2FA-322C-0FBE-630AC13A1A75} - C:\WINDOWS\system32\apifj.dll (file missing)
O2 - BHO: Class - {AA47E26D-58ED-99ED-6041-A166D62616AB} - C:\WINDOWS\msgy32.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll (file missing)
O2 - BHO: Class - {AC669753-D849-0088-7E34-8A77FC7E2132} - C:\WINDOWS\system32\crim32.dll (file missing)
O2 - BHO: Class - {AD1F241B-E8C5-CF4C-5C74-0BF6A3C05653} - C:\WINDOWS\system32\sdkps32.dll (file missing)
O2 - BHO: Class - {AF5FDECD-1ED9-A1EC-D3B8-8211759346FD} - C:\WINDOWS\iern32.dll (file missing)
O2 - BHO: Class - {B1AF227B-48EB-A457-0DB3-801240716A83} - C:\WINDOWS\crgx.dll (file missing)
O2 - BHO: Class - {B350A8C8-282F-FDED-46C9-277DFCEABAC4} - C:\WINDOWS\system32\sysws.dll (file missing)
O2 - BHO: Class - {B4B27E7C-52CC-3941-AAF3-655B30E66312} - C:\WINDOWS\crry32.dll (file missing)
O2 - BHO: Class - {B8823167-F477-0571-8C71-DCEA18226008} - C:\WINDOWS\mfcbt32.dll (file missing)
O2 - BHO: Class - {BCC63C42-67AA-A5DB-877D-963D27AD9AFA} - C:\WINDOWS\winin32.dll (file missing)
O2 - BHO: Class - {C145A150-7CF0-18AE-ABB4-8E6229CE6498} - C:\WINDOWS\appkv.dll (file missing)
O2 - BHO: Class - {C1788B98-5234-5C51-33A4-D4E4597F4E13} - C:\WINDOWS\winsu.dll (file missing)
O2 - BHO: Class - {C1B07062-CFDF-BF39-1734-D276014CF52C} - C:\WINDOWS\sysuu.dll (file missing)
O2 - BHO: Class - {C205AD1F-5837-3BB8-0CEB-F323397174D6} - C:\WINDOWS\system32\crxj32.dll (file missing)
O2 - BHO: Class - {C22788EC-4F79-DD02-1F55-6D9D3E866CC7} - C:\WINDOWS\ntou32.dll (file missing)
O2 - BHO: Class - {C5B507CE-7D99-C0A1-E430-1A0E0AEE7CEA} - C:\WINDOWS\system32\winnd.dll (file missing)
O2 - BHO: Class - {C8004A51-B1C6-2B52-CE97-BA80D6D6C5DB} - C:\WINDOWS\d3eu.dll (file missing)
O2 - BHO: Class - {CF25661E-3D98-94CE-A682-3EC69D69875C} - C:\WINDOWS\system32\netwp.dll (file missing)
O2 - BHO: Class - {CF5213DB-D292-A44C-30FD-9D99BF5F261B} - C:\WINDOWS\system32\msqp.dll (file missing)
O2 - BHO: Class - {D1F6727A-33B8-5881-2790-4C899CC50B34} - C:\WINDOWS\system32\apiut.dll (file missing)
O2 - BHO: Class - {D27B9CDF-A47B-B74E-EE39-1F9A9A97FEB5} - C:\WINDOWS\javapx.dll (file missing)
O2 - BHO: Class - {D2C0B816-9CAB-4B57-F1BE-E489A7313EA8} - C:\WINDOWS\sdkut.dll (file missing)
O2 - BHO: Class - {D31CBD91-5B80-AB86-0559-F9D9CBB187FD} - C:\WINDOWS\apikd.dll (file missing)
O2 - BHO: Class - {D33E8457-1C8B-99A8-FC93-DCDA4844B2A5} - C:\WINDOWS\system32\sdkwf.dll (file missing)
O2 - BHO: Class - {D476F3A0-4D6E-CAD1-1014-B290A1A15520} - C:\WINDOWS\netpa.dll (file missing)
O2 - BHO: Class - {D55EAE87-202A-3F55-F3F4-130CFFA66735} - C:\WINDOWS\system32\d3hl32.dll (file missing)
O2 - BHO: Class - {D6EE8803-4313-1DDF-936A-FED80B30DA36} - C:\WINDOWS\d3ze32.dll (file missing)
O2 - BHO: Class - {D7C43CFF-343D-063E-1C14-C8A0FEB6F6A4} - C:\WINDOWS\system32\d3de32.dll (file missing)
O2 - BHO: Class - {DA6A99B0-00AD-2CD1-C021-2CCE5CE744E3} - C:\WINDOWS\atlzd.dll (file missing)
O2 - BHO: Class - {DFC62350-1E0B-BBD2-4CDB-757B623F0FD4} - C:\WINDOWS\system32\msrg.dll (file missing)
O2 - BHO: Class - {E140149D-F165-0600-629E-8738A52DA75C} - C:\WINDOWS\system32\ntix32.dll (file missing)
O2 - BHO: Class - {E28302FE-B381-7680-D448-064B3F4763EE} - C:\WINDOWS\sdkaq32.dll (file missing)
O2 - BHO: Class - {E5E5B58E-755C-4104-A0EF-D47709FA15E2} - C:\WINDOWS\system32\ntbt32.dll (file missing)
O2 - BHO: (no name) - {E9AE91ED-230B-9C13-63C1-9B2A676E905B} - (no file)
O2 - BHO: Class - {EADA4515-E8ED-E2B5-DA95-FF9E2AA68F8F} - C:\WINDOWS\addgf.dll (file missing)
O2 - BHO: Class - {EB59BAC7-F27F-4FA7-991F-75DC4F9CDA22} - C:\WINDOWS\javasd32.dll (file missing)
O2 - BHO: Class - {EE71153F-A475-D907-4830-2E5DA2FF99FB} - C:\WINDOWS\system32\wintv32.dll (file missing)
O2 - BHO: Class - {EFBBEF1A-21B6-994C-632E-201DE3EF2428} - C:\WINDOWS\system32\d3dt.dll (file missing)
O2 - BHO: Class - {EFC9626F-F99C-FF8F-1E87-9F02800DA3C2} - C:\WINDOWS\system32\ntgo.dll (file missing)
O2 - BHO: Class - {F52FB340-741E-A8BC-5D8E-A709338ECFBC} - C:\WINDOWS\system32\atlsd32.dll (file missing)
O2 - BHO: Class - {F5D5F01E-313A-83BE-F348-F6E8461930C5} - C:\WINDOWS\system32\javavo32.dll (file missing)
O2 - BHO: (no name) - {F78C8767-D7AA-B6F9-7220-5FF80088C727} - (no file)
O2 - BHO: Class - {F8BD80A5-92A7-98CA-39B6-24044D4CC46F} - C:\WINDOWS\system32\iete.dll (file missing)
O2 - BHO: Class - {F99291D1-97B4-FD07-A505-F6B045949A94} - C:\WINDOWS\system32\crnf.dll (file missing)
O2 - BHO: Class - {F9AD27F1-50B4-A52F-10E5-9CAEB34A9715} - C:\WINDOWS\system32\atlcc32.dll (file missing)
O2 - BHO: Class - {FF534564-71EA-B589-BFE1-B3735E7B4CF5} - C:\WINDOWS\system32\sdkmq32.dll (file missing)
O2 - BHO: Class - {FF5CE8D6-15E7-9320-B39B-A35B6BCEE89D} - C:\WINDOWS\system32\d3ry32.dll (file missing)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - http://activex.microsoft.com/activex/controls/WindowsMedia/downloadcontrol.cab
O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions Participant Control(MR)) - http://online.invokesolutions.com/events/bin/media/5.1.3.1429-3.0.0.7207/MILive.cab
O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Comments

  • SpywareShooterSpywareShooter 127.0.0.1
    edited November 2006
    [STEP 1] Fix HijackThis Entries:
    Fix the following entries with HijackThis by placing checkmarks in the boxes next to them and clicking "Fix Checked".

    O2 - BHO: Class - {00AD3519-3F00-5087-FF3D-ADBC964ABCAE} - C:\WINDOWS\addkn.dll (file missing)
    O2 - BHO: Class - {017A0FF7-26F5-7344-C985-64575DDA97DD} - C:\WINDOWS\appnt32.dll (file missing)
    O2 - BHO: Class - {04D6A205-BCF1-A72C-2E8D-6CC68DA15F18} - C:\WINDOWS\atlha32.dll (file missing)
    O2 - BHO: Class - {064CE72F-402C-6FA9-72C8-ADF5FEC210AD} - C:\WINDOWS\addjt32.dll (file missing)
    O2 - BHO: Class - {07146AF0-7FF5-EAB9-8DF4-A761A47B6EC0} - C:\WINDOWS\mfcfq.dll (file missing)
    O2 - BHO: Class - {095AD563-AF19-56B1-DD26-621F212627CF} - C:\WINDOWS\system32\crqd32.dll (file missing)
    O2 - BHO: Class - {0B01F3E9-B4C0-2C24-AA3E-F733655C3C34} - C:\WINDOWS\atlgq32.dll (file missing)
    O2 - BHO: Class - {0B5FA233-21D3-D511-CADA-148239911966} - C:\WINDOWS\appjn32.dll (file missing)
    O2 - BHO: Class - {10F94B10-522A-EABA-5616-CAF7B78D55BE} - C:\WINDOWS\system32\apixi32.dll (file missing)
    O2 - BHO: Class - {11A20342-7564-9B4B-FC8A-97FF21E7D6BD} - C:\WINDOWS\sdkbb.dll (file missing)
    O2 - BHO: Class - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - C:\WINDOWS\system32\craq32.dll (file missing)
    O2 - BHO: Class - {13AF610F-11F9-1AF3-779B-C19B937033C0} - C:\WINDOWS\appeo.dll (file missing)
    O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlvj32.dll (file missing)
    O2 - BHO: Class - {184CF53A-43DD-BBD2-D3F8-E5964A5DC684} - C:\WINDOWS\sdkbb32.dll (file missing)
    O2 - BHO: Class - {18D3D8C4-FB37-E093-FEDC-3D0FEF307C2D} - C:\WINDOWS\system32\wingk32.dll (file missing)
    O2 - BHO: Class - {19AA31BF-1750-E89C-CB6E-11F9A6477CE9} - C:\WINDOWS\system32\d3iy32.dll (file missing)
    O2 - BHO: Class - {1A0CC390-C209-63C3-4985-B1E588DFBFB3} - C:\WINDOWS\system32\apihe32.dll (file missing)
    O2 - BHO: Class - {1A53E9E2-4A89-992E-61C3-DDF211A2FDE8} - C:\WINDOWS\crme32.dll (file missing)
    O2 - BHO: Class - {1B8F483E-94BD-24D3-A479-2063E618DDF5} - C:\WINDOWS\iewj32.dll (file missing)
    O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iezc.dll (file missing)
    O2 - BHO: Class - {1F9F0150-0C22-FA76-7428-8EB8540D4AA4} - C:\WINDOWS\system32\iedr32.dll (file missing)
    O2 - BHO: Class - {21DC704A-7F4F-27E4-C8A4-8B2B292D9E5A} - C:\WINDOWS\system32\mfcho32.dll (file missing)
    O2 - BHO: Class - {25745BCC-24CB-01C1-0FA1-DBFA7F8BDCF7} - C:\WINDOWS\system32\javaec32.dll (file missing)
    O2 - BHO: Class - {2594D338-824C-6462-C8D1-B3F1F3AF312D} - C:\WINDOWS\system32\iprc32.dll (file missing)
    O2 - BHO: Class - {263B61EA-74E2-751A-5588-7D697B89E425} - C:\WINDOWS\msla32.dll (file missing)
    O2 - BHO: Class - {27C21ADB-5220-7AE7-F703-FC7FC5F20739} - C:\WINDOWS\atlks32.dll (file missing)
    O2 - BHO: Class - {2E34D0ED-0B55-5C98-05DD-51F59AB52E3A} - C:\WINDOWS\croy.dll (file missing)
    O2 - BHO: Class - {2FC735CE-855B-F1B2-A6ED-CAEA0E1EA230} - C:\WINDOWS\nthz.dll (file missing)
    O2 - BHO: Class - {3264833A-9E3C-846D-4A6F-B52CBBEE70DE} - C:\WINDOWS\system32\ntll32.dll (file missing)
    O2 - BHO: Class - {32E6B1AD-57DA-97FF-68F1-2FF8F480D770} - C:\WINDOWS\system32\javagr.dll (file missing)
    O2 - BHO: Class - {347BABA5-14DC-22E5-AF4E-4A9AF3B61EB6} - C:\WINDOWS\sysah32.dll (file missing)
    O2 - BHO: Class - {348150DC-F288-4403-AB8F-29365FF75DBE} - C:\WINDOWS\system32\ietl.dll (file missing)
    O2 - BHO: Class - {363E7E8C-B2AB-BCC8-A52D-1EFF22D68000} - C:\WINDOWS\addlo32.dll (file missing)
    O2 - BHO: Class - {3675715F-7D53-0434-2B54-B10B3458B832} - C:\WINDOWS\system32\sdkgs32.dll (file missing)
    O2 - BHO: Class - {3710CF58-4F9C-5364-2D7D-D2B63F4C0E70} - C:\WINDOWS\javaxz32.dll (file missing)
    O2 - BHO: Class - {372E21EB-0CC3-8224-DFA9-DF8C5D1E64C8} - C:\WINDOWS\system32\netou.dll (file missing)
    O2 - BHO: Class - {3739B70B-C6B3-2B4B-5988-766BCAC45148} - C:\WINDOWS\system32\appfz32.dll (file missing)
    O2 - BHO: Class - {3C71515D-BD4E-2600-3366-5E88EB58BB2D} - C:\WINDOWS\apiwh32.dll (file missing)
    O2 - BHO: Class - {3C738991-6CD4-D82F-99CD-F2904D7BABCC} - C:\WINDOWS\syssx32.dll (file missing)
    O2 - BHO: Class - {3D3155DA-D6C7-F9A7-066B-28A3A4796452} - C:\WINDOWS\msca32.dll (file missing)
    O2 - BHO: Class - {3E674149-0E42-9847-49E1-A9DB0541FE7F} - C:\WINDOWS\syshn32.dll (file missing)
    O2 - BHO: Class - {3F508203-C722-9913-5AE6-D4D6D529B196} - C:\WINDOWS\system32\ieli32.dll (file missing)
    O2 - BHO: Class - {4318F737-F6A3-CF27-A22F-1F761BF98080} - C:\WINDOWS\appqu32.dll (file missing)
    O2 - BHO: Class - {4763166E-429C-B5AF-C8E8-C91F5368F74C} - C:\WINDOWS\msvu.dll (file missing)
    O2 - BHO: Class - {483866A3-D9FA-8B06-B35A-0E72D8EA229F} - C:\WINDOWS\system32\crpj.dll (file missing)
    O2 - BHO: Class - {4A40122C-20F8-744D-1C57-1ADC8C94FC7D} - C:\WINDOWS\system32\addlh.dll (file missing)
    O2 - BHO: Class - {4A461B03-223F-63AE-8A66-848FF24D6FCA} - C:\WINDOWS\system32\netyi.dll (file missing)
    O2 - BHO: Class - {4AC62F9C-2025-CE87-7120-9845408A0B63} - C:\WINDOWS\sysnc.dll (file missing)
    O2 - BHO: Class - {4B291C5E-763D-6544-2D51-7653D4F8C405} - C:\WINDOWS\system32\mfcfn.dll (file missing)
    O2 - BHO: Class - {4B55AAC4-8396-3C0B-42E6-D49FF81038E9} - C:\WINDOWS\system32\ntup32.dll (file missing)
    O2 - BHO: Class - {4B655899-8D01-4317-F6FB-450597CE8789} - C:\WINDOWS\system32\sdkdx.dll (file missing)
    O2 - BHO: Class - {4DF3C376-7B80-E41D-B1F9-D767ADF21F1B} - C:\WINDOWS\system32\mfcst32.dll (file missing)
    O2 - BHO: Class - {50C152E2-A66D-B83D-EF00-511738CC4232} - C:\WINDOWS\system32\appyf32.dll (file missing)
    O2 - BHO: Class - {52CDBFBE-32F2-47E5-6B11-8BB2A955AF44} - C:\WINDOWS\d3ro.dll (file missing)
    O2 - BHO: Class - {52CE8742-BCE2-8A43-5E70-10C016F66C01} - C:\WINDOWS\mfcbx32.dll (file missing)
    O2 - BHO: Class - {545644A9-6FBE-18E7-255E-29EE10D8F3B7} - C:\WINDOWS\addhw.dll (file missing)
    O2 - BHO: Class - {55C2A982-5FB8-705D-AB13-7616770AA2ED} - C:\WINDOWS\sysqd.dll (file missing)
    O2 - BHO: Class - {57031518-1EF5-9E36-92EF-3E4E0944F8D1} - C:\WINDOWS\ntld32.dll (file missing)
    O2 - BHO: Class - {5707FA2F-C060-E4D3-8A17-E9713897F189} - C:\WINDOWS\system32\ipfl32.dll (file missing)
    O2 - BHO: Class - {58C94033-D071-41C6-1E7C-1D1E8C934FA8} - C:\WINDOWS\crah.dll (file missing)
    O2 - BHO: Class - {598A5F00-4A66-99FC-2B27-4167ACFF6680} - C:\WINDOWS\atlgd.dll (file missing)
    O2 - BHO: Class - {5A23A6D7-97E3-2631-C5AA-E8733BB4E5DB} - C:\WINDOWS\crgf32.dll (file missing)
    O2 - BHO: Class - {5F557ACC-8504-78AF-2F80-6CEC9B55D9F0} - C:\WINDOWS\system32\ntwg32.dll (file missing)
    O2 - BHO: Class - {62AD18D3-C547-2D83-CC5E-FB41D08A4A94} - C:\WINDOWS\mfcgg32.dll (file missing)
    O2 - BHO: Class - {62AD4EF2-C738-EB7A-35B8-F6BCD27B9F70} - C:\WINDOWS\ntfa32.dll (file missing)
    O2 - BHO: Class - {63E743F2-961A-BA40-C5DE-2004CB60063A} - C:\WINDOWS\atlsh32.dll (file missing)
    O2 - BHO: Class - {66E07AD0-5435-6A17-2F75-DA98D6E9D21E} - C:\WINDOWS\system32\msjl.dll (file missing)
    O2 - BHO: Class - {66EE1F3E-08C7-DBFA-3708-AE8E0E66FA5B} - C:\WINDOWS\system32\appal.dll (file missing)
    O2 - BHO: Class - {6AF005A3-AB9D-AA25-A620-35F3DD52A8B7} - C:\WINDOWS\atlpm32.dll (file missing)
    O2 - BHO: Class - {6B27A8C5-5D2A-2032-990C-6EB938D4766F} - C:\WINDOWS\ntoe.dll (file missing)
    O2 - BHO: Class - {6C7FF605-A242-47BA-6F53-DF6E15E38036} - C:\WINDOWS\system32\apibm.dll (file missing)
    O2 - BHO: Class - {6F3C448D-F236-C71F-D625-50ABA41C39B6} - C:\WINDOWS\system32\d3gd.dll (file missing)
    O2 - BHO: (no name) - {7394CC45-E29E-AC0B-19B4-FA1B376B3209} - (no file)
    O2 - BHO: Class - {739966E1-825B-10D9-49B8-69B4A3A6EFC4} - C:\WINDOWS\system32\syscq.dll (file missing)
    O2 - BHO: Class - {770AE86A-8787-02D9-55C5-8760E1265399} - C:\WINDOWS\system32\javabu.dll (file missing)
    O2 - BHO: Class - {77B30B41-EDB4-A506-04FB-DCDEE68202E3} - C:\WINDOWS\system32\addlx.dll (file missing)
    O2 - BHO: Class - {78D30AA1-81A1-DD34-3D72-3AE8D1D60FF3} - C:\WINDOWS\system32\sdkbb32.dll (file missing)
    O2 - BHO: Class - {794F43DD-B7AC-6EC0-A5F6-521F6ED11C88} - C:\WINDOWS\system32\appsf32.dll (file missing)
    O2 - BHO: Class - {7AC2CF6E-147A-1A00-D9CD-0E148E63E7F1} - C:\WINDOWS\syszd.dll (file missing)
    O2 - BHO: Class - {7AC66D02-E97D-3115-35F2-0428823161F4} - C:\WINDOWS\msgo32.dll (file missing)
    O2 - BHO: Class - {7B9BF766-007B-0B90-4541-058C2A5DF9CD} - C:\WINDOWS\system32\javaqj.dll (file missing)
    O2 - BHO: Class - {7CB78427-6D7E-3091-AAEA-A3F55AF5061E} - C:\WINDOWS\sysrv32.dll (file missing)
    O2 - BHO: Class - {7CF63507-F787-DEDD-FF68-BDC0D8517426} - C:\WINDOWS\winbj32.dll (file missing)
    O2 - BHO: Class - {7DAD4A69-2FA3-0B3E-7881-81BE388EA0FC} - C:\WINDOWS\mszr32.dll (file missing)
    O2 - BHO: Class - {844C0A9A-3370-6699-5B4C-C987FC92AAC2} - C:\WINDOWS\addoz.dll (file missing)
    O2 - BHO: Class - {84850937-9A02-7E55-8FA6-C522AD1E86A5} - C:\WINDOWS\system32\ntmi32.dll (file missing)
    O2 - BHO: Class - {8553EC21-E7DD-9602-7F1B-4E44B156B5BD} - C:\WINDOWS\atlps32.dll (file missing)
    O2 - BHO: Class - {8791D346-D816-E97B-3F20-C6CB9E19B5C2} - C:\WINDOWS\system32\nttq.dll (file missing)
    O2 - BHO: Class - {87AE6847-4324-F52A-7373-4CA2325D123D} - C:\WINDOWS\system32\sysjq32.dll (file missing)
    O2 - BHO: Class - {89E6AA46-56B1-1685-3746-E57CB3CFC36B} - C:\WINDOWS\ntai32.dll (file missing)
    O2 - BHO: Class - {8B1C1164-6A5F-05B8-7364-9AC14833E964} - C:\WINDOWS\system32\mfcak32.dll (file missing)
    O2 - BHO: Class - {8C8D320C-24D1-CF30-18ED-602C00935F02} - C:\WINDOWS\system32\ntjl.dll (file missing)
    O2 - BHO: Class - {8E0B95E8-4124-1C8B-029E-418A0E2CD75A} - C:\WINDOWS\system32\ntze.dll (file missing)
    O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javavg.dll (file missing)
    O2 - BHO: Class - {8F6D58EB-15A7-77E6-8F75-0C0FC6A733D0} - C:\WINDOWS\syszb32.dll (file missing)
    O2 - BHO: Class - {905B7AAD-BAA1-4039-E15E-7C009F72A8EF} - C:\WINDOWS\system32\sdkxi32.dll (file missing)
    O2 - BHO: Class - {91E64938-0901-C214-A538-2DCDF985DA68} - C:\WINDOWS\netmo32.dll (file missing)
    O2 - BHO: Class - {93205B4B-750E-5AF1-77AB-A007B7B54225} - C:\WINDOWS\system32\windr.dll (file missing)
    O2 - BHO: Class - {935446E1-74D6-E2D8-D3DB-33987B9ED771} - C:\WINDOWS\system32\appgp32.dll (file missing)
    O2 - BHO: Class - {935D29CB-14A9-92E2-1A43-61FA68E60B26} - C:\WINDOWS\winpc32.dll (file missing)
    O2 - BHO: Class - {9AA49064-D97B-D33A-6D53-161E61C7D8F3} - C:\WINDOWS\system32\atlws32.dll (file missing)
    O2 - BHO: Class - {9FFD5493-F8EA-4757-37B1-9FBCE5AFE89C} - C:\WINDOWS\system32\netjx.dll (file missing)
    O2 - BHO: Class - {A0F0E2D2-FBEE-BE6A-FC88-3650DC964D83} - C:\WINDOWS\system32\sdkvs32.dll (file missing)
    O2 - BHO: Class - {A0FBF6A7-DE21-3235-7B76-A7427D953750} - C:\WINDOWS\system32\sdkpz32.dll (file missing)
    O2 - BHO: Class - {A16CC660-152B-F183-766B-5D9B5621E906} - C:\WINDOWS\system32\addfr32.dll (file missing)
    O2 - BHO: Class - {A3ADD21E-02D3-30AF-04FD-5138BFE2FBF9} - C:\WINDOWS\system32\syswk32.dll (file missing)
    O2 - BHO: Class - {A65F11A0-3D1B-37FD-F86D-9AB8607151F1} - C:\WINDOWS\winzp.dll (file missing)
    O2 - BHO: Class - {A7380E2D-065F-36BF-ACBE-56A6484317E0} - C:\WINDOWS\system32\sysnc32.dll (file missing)
    O2 - BHO: Class - {A7965648-2D3D-951F-7592-B85CE722DB02} - C:\WINDOWS\iemm32.dll (file missing)
    O2 - BHO: Class - {A89630A0-A2FA-322C-0FBE-630AC13A1A75} - C:\WINDOWS\system32\apifj.dll (file missing)
    O2 - BHO: Class - {AA47E26D-58ED-99ED-6041-A166D62616AB} - C:\WINDOWS\msgy32.dll (file missing)
    O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll (file missing)
    O2 - BHO: Class - {AC669753-D849-0088-7E34-8A77FC7E2132} - C:\WINDOWS\system32\crim32.dll (file missing)
    O2 - BHO: Class - {AD1F241B-E8C5-CF4C-5C74-0BF6A3C05653} - C:\WINDOWS\system32\sdkps32.dll (file missing)
    O2 - BHO: Class - {AF5FDECD-1ED9-A1EC-D3B8-8211759346FD} - C:\WINDOWS\iern32.dll (file missing)
    O2 - BHO: Class - {B1AF227B-48EB-A457-0DB3-801240716A83} - C:\WINDOWS\crgx.dll (file missing)
    O2 - BHO: Class - {B350A8C8-282F-FDED-46C9-277DFCEABAC4} - C:\WINDOWS\system32\sysws.dll (file missing)
    O2 - BHO: Class - {B4B27E7C-52CC-3941-AAF3-655B30E66312} - C:\WINDOWS\crry32.dll (file missing)
    O2 - BHO: Class - {B8823167-F477-0571-8C71-DCEA18226008} - C:\WINDOWS\mfcbt32.dll (file missing)
    O2 - BHO: Class - {BCC63C42-67AA-A5DB-877D-963D27AD9AFA} - C:\WINDOWS\winin32.dll (file missing)
    O2 - BHO: Class - {C145A150-7CF0-18AE-ABB4-8E6229CE6498} - C:\WINDOWS\appkv.dll (file missing)
    O2 - BHO: Class - {C1788B98-5234-5C51-33A4-D4E4597F4E13} - C:\WINDOWS\winsu.dll (file missing)
    O2 - BHO: Class - {C1B07062-CFDF-BF39-1734-D276014CF52C} - C:\WINDOWS\sysuu.dll (file missing)
    O2 - BHO: Class - {C205AD1F-5837-3BB8-0CEB-F323397174D6} - C:\WINDOWS\system32\crxj32.dll (file missing)
    O2 - BHO: Class - {C22788EC-4F79-DD02-1F55-6D9D3E866CC7} - C:\WINDOWS\ntou32.dll (file missing)
    O2 - BHO: Class - {C5B507CE-7D99-C0A1-E430-1A0E0AEE7CEA} - C:\WINDOWS\system32\winnd.dll (file missing)
    O2 - BHO: Class - {C8004A51-B1C6-2B52-CE97-BA80D6D6C5DB} - C:\WINDOWS\d3eu.dll (file missing)
    O2 - BHO: Class - {CF25661E-3D98-94CE-A682-3EC69D69875C} - C:\WINDOWS\system32\netwp.dll (file missing)
    O2 - BHO: Class - {CF5213DB-D292-A44C-30FD-9D99BF5F261B} - C:\WINDOWS\system32\msqp.dll (file missing)
    O2 - BHO: Class - {D1F6727A-33B8-5881-2790-4C899CC50B34} - C:\WINDOWS\system32\apiut.dll (file missing)
    O2 - BHO: Class - {D27B9CDF-A47B-B74E-EE39-1F9A9A97FEB5} - C:\WINDOWS\javapx.dll (file missing)
    O2 - BHO: Class - {D2C0B816-9CAB-4B57-F1BE-E489A7313EA8} - C:\WINDOWS\sdkut.dll (file missing)
    O2 - BHO: Class - {D31CBD91-5B80-AB86-0559-F9D9CBB187FD} - C:\WINDOWS\apikd.dll (file missing)
    O2 - BHO: Class - {D33E8457-1C8B-99A8-FC93-DCDA4844B2A5} - C:\WINDOWS\system32\sdkwf.dll (file missing)
    O2 - BHO: Class - {D476F3A0-4D6E-CAD1-1014-B290A1A15520} - C:\WINDOWS\netpa.dll (file missing)
    O2 - BHO: Class - {D55EAE87-202A-3F55-F3F4-130CFFA66735} - C:\WINDOWS\system32\d3hl32.dll (file missing)
    O2 - BHO: Class - {D6EE8803-4313-1DDF-936A-FED80B30DA36} - C:\WINDOWS\d3ze32.dll (file missing)
    O2 - BHO: Class - {D7C43CFF-343D-063E-1C14-C8A0FEB6F6A4} - C:\WINDOWS\system32\d3de32.dll (file missing)
    O2 - BHO: Class - {DA6A99B0-00AD-2CD1-C021-2CCE5CE744E3} - C:\WINDOWS\atlzd.dll (file missing)
    O2 - BHO: Class - {DFC62350-1E0B-BBD2-4CDB-757B623F0FD4} - C:\WINDOWS\system32\msrg.dll (file missing)
    O2 - BHO: Class - {E140149D-F165-0600-629E-8738A52DA75C} - C:\WINDOWS\system32\ntix32.dll (file missing)
    O2 - BHO: Class - {E28302FE-B381-7680-D448-064B3F4763EE} - C:\WINDOWS\sdkaq32.dll (file missing)
    O2 - BHO: Class - {E5E5B58E-755C-4104-A0EF-D47709FA15E2} - C:\WINDOWS\system32\ntbt32.dll (file missing)
    O2 - BHO: (no name) - {E9AE91ED-230B-9C13-63C1-9B2A676E905B} - (no file)
    O2 - BHO: Class - {EADA4515-E8ED-E2B5-DA95-FF9E2AA68F8F} - C:\WINDOWS\addgf.dll (file missing)
    O2 - BHO: Class - {EB59BAC7-F27F-4FA7-991F-75DC4F9CDA22} - C:\WINDOWS\javasd32.dll (file missing)
    O2 - BHO: Class - {EE71153F-A475-D907-4830-2E5DA2FF99FB} - C:\WINDOWS\system32\wintv32.dll (file missing)
    O2 - BHO: Class - {EFBBEF1A-21B6-994C-632E-201DE3EF2428} - C:\WINDOWS\system32\d3dt.dll (file missing)
    O2 - BHO: Class - {EFC9626F-F99C-FF8F-1E87-9F02800DA3C2} - C:\WINDOWS\system32\ntgo.dll (file missing)
    O2 - BHO: Class - {F52FB340-741E-A8BC-5D8E-A709338ECFBC} - C:\WINDOWS\system32\atlsd32.dll (file missing)
    O2 - BHO: Class - {F5D5F01E-313A-83BE-F348-F6E8461930C5} - C:\WINDOWS\system32\javavo32.dll (file missing)
    O2 - BHO: (no name) - {F78C8767-D7AA-B6F9-7220-5FF80088C727} - (no file)
    O2 - BHO: Class - {F8BD80A5-92A7-98CA-39B6-24044D4CC46F} - C:\WINDOWS\system32\iete.dll (file missing)
    O2 - BHO: Class - {F99291D1-97B4-FD07-A505-F6B045949A94} - C:\WINDOWS\system32\crnf.dll (file missing)
    O2 - BHO: Class - {F9AD27F1-50B4-A52F-10E5-9CAEB34A9715} - C:\WINDOWS\system32\atlcc32.dll (file missing)
    O2 - BHO: Class - {FF534564-71EA-B589-BFE1-B3735E7B4CF5} - C:\WINDOWS\system32\sdkmq32.dll (file missing)
    O2 - BHO: Class - {FF5CE8D6-15E7-9320-B39B-A35B6BCEE89D} - C:\WINDOWS\system32\d3ry32.dll (file missing)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxresearch.com/Preloader.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

    [STEP 2]Report Back to us:
    Once you have followed all of the steps above please reboot your computer and post a new HijackThis log.
  • Danielle
    edited November 2006
    Thank you! Here is the new log-

    Logfile of HijackThis v1.99.1
    Scan saved at 4:45:51 PM, on 11/13/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://marinewives101.com/phpBB/index.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Class - {095AD563-AF19-56B1-DD26-621F212627CF} - C:\WINDOWS\system32\crqd32.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/downloads/tgctlcm.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - http://activex.microsoft.com/activex/controls/WindowsMedia/downloadcontrol.cab
    O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions Participant Control(MR)) - http://online.invokesolutions.com/events/bin/media/5.1.3.1429-3.0.0.7207/MILive.cab
    O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • SpywareShooterSpywareShooter 127.0.0.1
    edited November 2006
    [STEP 1] Fix HijackThis Entries:
    Fix the following entries with HijackThis by placing checkmarks in the boxes next to them and clicking "Fix Checked".

    O2 - BHO: Class - {095AD563-AF19-56B1-DD26-621F212627CF} - C:\WINDOWS\system32\crqd32.dll (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    [STEP 2]Run Additional Tools:
    Your HijackThis log shows no more signs of executable malware. However, this does not mean that your system is completely clean. In order to make sure that all remaining pieces of this malware have been removed, it is reccomended that you download and scan with Ewido Anti-Malware. Please do an Ewido scan and post the log here.:

    Download Ewido

    [STEP 3]Report Back to us:
    Once you have followed all of the steps above please reboot your computer and post a new HijackThis log.
  • Danielle
    edited November 2006
    Ok tried Ewido but it says it's now AVG. So I ran that, and it came up with nothing.

    New log-

    Logfile of HijackThis v1.99.1
    Scan saved at 6:33:50 AM, on 11/14/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn4\YTBSDK.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://marinewives101.com/phpBB/index.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/downloads/tgctlcm.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - http://activex.microsoft.com/activex/controls/WindowsMedia/downloadcontrol.cab
    O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions Participant Control(MR)) - http://online.invokesolutions.com/events/bin/media/5.1.3.1429-3.0.0.7207/MILive.cab
    O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • SpywareShooterSpywareShooter 127.0.0.1
    edited November 2006
    Your log is now clean! If this problem persists it may be a software problem which can be handled in the appropriate forum.

    As precaution measures for the future, please follow these steps to ensure that your computer stays clean and secure:
    1. Always have AntiVirus software running - Having an AntiVirus is very important and can protect you in the future from all kinds of viruses, spyware and other malicious software.

    2. Keep your AntiVirus program updated - Without having an updated AntiVirus program you will be susceptible to any form of new malware as it is released. If your AntiVirus software has the option of Automatic Updates you should enable it. If not, visit the producer's website at least once a week and download any updates for the product.

    3. Use a Firewall - Using a firewall is essential in the Internet today. Having one at default settings will block intruders from accessing your computer and can block new programs from installing without your consent.

    4. WindowsUpdate - Make sure that you keep your computer updated by visiting [link=http://www.windowsupdate.com]windowsupdate.com[/link] weekly, and downloading any critical updates. Many of these updates are against hackers and malware installations. Without all critical updates you will be susceptible to many of the spyware creator's tricks to get you to install their software. Download and install all critical updates and reboot your computer. Continue this until all critical updates have been installed.

    5. Anti-Spyware Software - Spybot - Search & Destroy and Ad-Aware SE

      Both of these programs are free and reccomended by many anti-spyware professionals. You should download them from the links below, keep them updated, and scan weekly.

      Spybot - Search & Destroy
      Ad-Aware SE Personal Edition 1.06
      *Note: Please read my article here about false positives in Spybot - Search & Destroy.

    6. Secure Internet Explorer - Spyware Shooter is a free program which I developed for the cause of blocking malicious websites from installing spyware onto your computer. Please check for updates weekly and download any new releases to make sure that you are safe against newly-disovered websites.

      Spyware Shooter home page



    How to say "thanks":
    1. Donations are not accepted - At Short-Media we do not accept donations. If you have found this website helpful, you can contribute in the following ways.
    2. Stick Around - Without users like you, Short-Media would not be as successful as it is today. One way you can thank us is to stick around the forums. Even if you are not a computer professional you can learn by reading past topics in the forums, or if you do not feel comfortable helping, there are a few forums for non-computer-related topics.
    3. Refer Friends - If you know anyone who is having problems with their computers, or just needs a place to chill online, they would make a great addition to the Short-Media community.
    4. Fold! - Folding is a safe and easy way to help find a cure for fatal diseases such as Alzheimer's. You can learn more about folding at the topic "[link=http://www.short-media.com/forum/showthread.php?t=3"]Everything About Folding@Home[/link]"
This discussion has been closed.