thought spyware was gone but its back
hey thanks so much for trying.. i just used hijackthis on my computer and this what i saw.
Logfile of HijackThis v1.97.7
Scan saved at 2:33:02 PM, on 28/09/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\JupitCo.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\JavaSoft\JRE\1.3.1_04\bin\javaw.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\unzipped\OmegaKiller1[1].2\OmegaKiller.exe
C:\WINDOWS\explorer.exe
C:\unzipped\OmegaKiller1[1].2\OmegaKiller.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Temp\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 127.0.0.26 www.active-max.com
O1 - Hosts: 127.0.0.9 www.allaboutsearching.com
O1 - Hosts: 127.0.0.60 amazingautossearch.com
O1 - Hosts: 127.0.0.77 contexualsearch.com
O1 - Hosts: 127.0.0.86 crap2.com
O1 - Hosts: 127.0.0.2 www.crap2.com
O1 - Hosts: 127.0.0.97 www.dialup2.com
O1 - Hosts: 127.0.0.3 ecpm.com
O1 - Hosts: 127.0.0.45 lop.com
O1 - Hosts: 127.0.0.43 ayb.lop.com
O1 - Hosts: 127.0.0.63 bins.lop.com
O1 - Hosts: 127.0.0.82 srch.lop.com
O1 - Hosts: 127.0.0.54 www1.lop.com
O1 - Hosts: 127.0.0.250 www.lop2.com
O1 - Hosts: 127.0.0.6 maxexp.com
O1 - Hosts: 127.0.0.238 www.mp3search.com
O1 - Hosts: 127.0.0.66 mysearchnow.com
O1 - Hosts: 127.0.0.41 search200.com
O1 - Hosts: 127.0.0.31 www.search200.com
O1 - Hosts: 127.0.0.224 search.mysearchnow.com
O1 - Hosts: 127.0.0.69 www.mysearchnow.com
O1 - Hosts: 127.0.0.233 netsearchsoft.com
O1 - Hosts: 127.0.0.0 omegasearch.com
O1 - Hosts: 127.0.0.250 www.omegasearch.com
O1 - Hosts: 127.0.0.49 www.rub.to
O1 - Hosts: 127.0.0.84 searchexe.com
O1 - Hosts: 127.0.0.95 www.searchexe.com
O1 - Hosts: 127.0.0.3 searchweb2.com
O1 - Hosts: 127.0.0.28 www.searchweb2.com
O1 - Hosts: 127.0.0.81 www.spawnet.com
O1 - Hosts: 127.0.0.200 tdmy.com
O1 - Hosts: 127.0.0.94 tefs.com
O1 - Hosts: 127.0.0.243 www.tfil.com
O1 - Hosts: 127.0.0.8 tdko.com
O1 - Hosts: 127.0.0.40 www.tdko.com
O1 - Hosts: 127.0.0.200 wrn.net
O1 - Hosts: 127.0.0.60 software.wrn.net
O1 - Hosts: 127.0.0.79 www.wrn.net
O1 - Hosts: 127.0.0.239 www.mp3search.com
O1 - Hosts: 127.0.0.76 www.negativebeats.com
O1 - Hosts: 127.0.0.222 best.omega-search.com
O1 - Hosts: 127.0.0.37 www.omega-search.com
O1 - Hosts: 127.0.0.203 www.trinityacquisitions.com
O1 - Hosts: 127.0.0.63 www.errorfreesearch.com
O1 - Hosts: 127.0.0.87 isearchhere.com
O1 - Hosts: 127.0.0.71 www.isearchhere.com
O1 - Hosts: 127.0.0.234 iwantosearch.com
O1 - Hosts: 127.0.0.5 www.iwantosearch.com
O1 - Hosts: 127.0.0.52 opensearch.org
O1 - Hosts: 127.0.0.246 www.searchbee.net
O1 - Hosts: 127.0.0.76 www.searchhotsex.com
O1 - Hosts: 127.0.0.232 ifsearch.com
O1 - Hosts: 127.0.0.213 mastersearcher.com
O1 - Hosts: 127.0.0.55 aavc.com
O1 - Hosts: 127.0.0.29 www.aavc.com
O1 - Hosts: 127.0.0.229 acjp.com
O1 - Hosts: 127.0.0.219 www.acjp.com
O1 - Hosts: 127.0.0.67 ecmh.com
O1 - Hosts: 127.0.0.239 wabq.com
O1 - Hosts: 127.0.0.243 www.wabq.com
O1 - Hosts: 127.0.0.211 maximumexperience.com
O1 - Hosts: 127.0.0.92 www.maximumexperience.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1721.0\en-ca\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [USB SECURITY DEVICE CoInstaller] JupitCo.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research (HKLM)
O9 - Extra button: AOL Instant Messenger (TM) (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06b6839d2ac18374f201/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37989.8161111111
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BAF1C45-1089-48E1-83A1-118FC3FD9A41}: NameServer = 4.2.2.1,4.2.2.2
Logfile of HijackThis v1.97.7
Scan saved at 2:33:02 PM, on 28/09/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\JupitCo.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\JavaSoft\JRE\1.3.1_04\bin\javaw.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\unzipped\OmegaKiller1[1].2\OmegaKiller.exe
C:\WINDOWS\explorer.exe
C:\unzipped\OmegaKiller1[1].2\OmegaKiller.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Temp\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 127.0.0.26 www.active-max.com
O1 - Hosts: 127.0.0.9 www.allaboutsearching.com
O1 - Hosts: 127.0.0.60 amazingautossearch.com
O1 - Hosts: 127.0.0.77 contexualsearch.com
O1 - Hosts: 127.0.0.86 crap2.com
O1 - Hosts: 127.0.0.2 www.crap2.com
O1 - Hosts: 127.0.0.97 www.dialup2.com
O1 - Hosts: 127.0.0.3 ecpm.com
O1 - Hosts: 127.0.0.45 lop.com
O1 - Hosts: 127.0.0.43 ayb.lop.com
O1 - Hosts: 127.0.0.63 bins.lop.com
O1 - Hosts: 127.0.0.82 srch.lop.com
O1 - Hosts: 127.0.0.54 www1.lop.com
O1 - Hosts: 127.0.0.250 www.lop2.com
O1 - Hosts: 127.0.0.6 maxexp.com
O1 - Hosts: 127.0.0.238 www.mp3search.com
O1 - Hosts: 127.0.0.66 mysearchnow.com
O1 - Hosts: 127.0.0.41 search200.com
O1 - Hosts: 127.0.0.31 www.search200.com
O1 - Hosts: 127.0.0.224 search.mysearchnow.com
O1 - Hosts: 127.0.0.69 www.mysearchnow.com
O1 - Hosts: 127.0.0.233 netsearchsoft.com
O1 - Hosts: 127.0.0.0 omegasearch.com
O1 - Hosts: 127.0.0.250 www.omegasearch.com
O1 - Hosts: 127.0.0.49 www.rub.to
O1 - Hosts: 127.0.0.84 searchexe.com
O1 - Hosts: 127.0.0.95 www.searchexe.com
O1 - Hosts: 127.0.0.3 searchweb2.com
O1 - Hosts: 127.0.0.28 www.searchweb2.com
O1 - Hosts: 127.0.0.81 www.spawnet.com
O1 - Hosts: 127.0.0.200 tdmy.com
O1 - Hosts: 127.0.0.94 tefs.com
O1 - Hosts: 127.0.0.243 www.tfil.com
O1 - Hosts: 127.0.0.8 tdko.com
O1 - Hosts: 127.0.0.40 www.tdko.com
O1 - Hosts: 127.0.0.200 wrn.net
O1 - Hosts: 127.0.0.60 software.wrn.net
O1 - Hosts: 127.0.0.79 www.wrn.net
O1 - Hosts: 127.0.0.239 www.mp3search.com
O1 - Hosts: 127.0.0.76 www.negativebeats.com
O1 - Hosts: 127.0.0.222 best.omega-search.com
O1 - Hosts: 127.0.0.37 www.omega-search.com
O1 - Hosts: 127.0.0.203 www.trinityacquisitions.com
O1 - Hosts: 127.0.0.63 www.errorfreesearch.com
O1 - Hosts: 127.0.0.87 isearchhere.com
O1 - Hosts: 127.0.0.71 www.isearchhere.com
O1 - Hosts: 127.0.0.234 iwantosearch.com
O1 - Hosts: 127.0.0.5 www.iwantosearch.com
O1 - Hosts: 127.0.0.52 opensearch.org
O1 - Hosts: 127.0.0.246 www.searchbee.net
O1 - Hosts: 127.0.0.76 www.searchhotsex.com
O1 - Hosts: 127.0.0.232 ifsearch.com
O1 - Hosts: 127.0.0.213 mastersearcher.com
O1 - Hosts: 127.0.0.55 aavc.com
O1 - Hosts: 127.0.0.29 www.aavc.com
O1 - Hosts: 127.0.0.229 acjp.com
O1 - Hosts: 127.0.0.219 www.acjp.com
O1 - Hosts: 127.0.0.67 ecmh.com
O1 - Hosts: 127.0.0.239 wabq.com
O1 - Hosts: 127.0.0.243 www.wabq.com
O1 - Hosts: 127.0.0.211 maximumexperience.com
O1 - Hosts: 127.0.0.92 www.maximumexperience.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1721.0\en-ca\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [USB SECURITY DEVICE CoInstaller] JupitCo.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research (HKLM)
O9 - Extra button: AOL Instant Messenger (TM) (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06b6839d2ac18374f201/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37989.8161111111
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BAF1C45-1089-48E1-83A1-118FC3FD9A41}: NameServer = 4.2.2.1,4.2.2.2
0
Comments
If you are thinking that any of the O1 - Hosts lines are bad, they are not. They were added by OmegakillerSM to help protect you, they are blocking those known bad webistes from your computer.
Dexter...