Options
Glacial computer w/spyware!!
Arggghhh!! My parents have a computer that had nothing protecting it. It runs slower than my grandmother. I added a little bit of protection but there is a ton of things active that probably shouldn't be and I think my mom has a knack for finding trojans! Here is the HJT log. could you help me out please? :sad2:
Thanks in advance.
Logfile of HijackThis v1.99.1
Scan saved at 11:17:01 PM, on 7/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
c:\program files\common files\aol\1140720686\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
C:\progra~1\americ~1.0\waol.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
c:\program files\common files\aol\1140720686\ee\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\progra~1\americ~1.0\shellmon.exe
C:\WINDOWS\System32\logon.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLT4] E:\AOLSETUP.EXE -ACS
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [AOL Fast Start] "C:\progra~1\americ~1.0\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140506458481
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Again thanks for any help you can give us!
Thanks in advance.
Logfile of HijackThis v1.99.1
Scan saved at 11:17:01 PM, on 7/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
c:\program files\common files\aol\1140720686\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
C:\progra~1\americ~1.0\waol.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
c:\program files\common files\aol\1140720686\ee\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\progra~1\americ~1.0\shellmon.exe
C:\WINDOWS\System32\logon.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLT4] E:\AOLSETUP.EXE -ACS
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [AOL Fast Start] "C:\progra~1\americ~1.0\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140506458481
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Again thanks for any help you can give us!
0
Comments
Fix that in hijackthis
Go here to download ewido http://www.grisoft.cz/softw/70/filedir/inst/ewido-setup_4.0.0.172c.exe
Update it, run a complete system scan apply all actions, save a log file post that, rerun hijackthis a post that log file.
ewido anti-spyware - Scan Report
+ Created at: 7:51:04 AM 8/23/2006
+ Scan result:
C:\Documents and Settings\user\My Documents\Documents and Settings\guerodn\Local Settings\Temp\adlinstallwin32.exe -> Adware.Adstart : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\vzbb.dll -> Adware.MegaSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\user\My Documents\Documents and Settings\guerodn\Local Settings\Temp\WToolsB.dll -> Adware.Wintol : Cleaned with backup (quarantined).
C:\Documents and Settings\Dick\Cookies\dick@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Eloisa\Cookies\eloisa@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@campingworld.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379815.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379816.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379825.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379826.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379839.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379840.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379844.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379845.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379854.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379855.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379863.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379864.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379874.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00379875.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380117.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380118.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380160.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380161.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380164.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380165.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380166.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380352.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380353.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380425.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380426.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380427.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380431.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380446.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380447.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380459.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380460.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380475.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380477.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380484.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380485.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380489.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380490.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380498.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380499.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380506.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380507.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380511.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380512.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380524.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380525.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380531.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380532.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380536.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380537.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380544.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380545.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380549.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380550.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380558.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380559.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380570.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380571.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380579.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380580.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380587.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380588.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380596.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380597.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380598.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380599.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380609.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380610.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380615.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380616.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380620.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380621.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380631.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380632.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380638.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380639.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380643.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380644.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380650.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380651.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380658.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380659.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380668.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380669.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380676.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380677.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380684.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380685.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380689.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380690.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380699.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380700.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380705.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380706.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380716.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380717.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380725.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380726.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380734.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380735.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380743.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380744.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380749.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380750.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380755.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380756.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380760.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380761.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380764.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380765.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380782.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380783.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380794.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380795.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380799.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380800.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380846.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380847.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380856.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380857.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380864.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380865.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380965.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380966.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380978.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380979.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380981.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380982.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380988.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00380989.TXT -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379817.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379827.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379828.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379829.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379830.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379873.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379876.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379877.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379880.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379881.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379895.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379896.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379935.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379936.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379937.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379946.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379947.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379954.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379955.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379983.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379984.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379985.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379991.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379992.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379998.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00379999.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380008.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380009.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380015.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380016.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380021.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380025.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380030.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380051.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380052.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380055.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380067.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380074.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380088.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380089.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380111.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380171.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380172.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380218.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380219.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380236.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380237.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380238.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380245.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380246.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380247.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380255.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380256.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380266.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380294.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380295.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380354.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380355.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380356.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380357.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380441.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380442.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380448.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380449.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380450.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380461.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380462.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380463.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380486.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380487.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380488.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380500.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380505.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380533.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380534.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380535.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380551.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380568.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380569.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380589.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380622.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380630.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380640.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380641.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380642.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380653.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380662.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380670.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380671.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380686.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380687.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380688.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380701.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380707.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380708.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380709.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380733.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380751.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380784.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380785.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380801.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380802.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380803.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380848.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380849.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380858.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380866.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380867.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380869.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380976.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380977.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT\00380980.TXT -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Eloisa\Cookies\eloisa@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@cz4.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\eloyrak\Cookies\eloyrak@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@e-2dj6wfkycmd5kfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@a-1shz2prbmdj6wvny-1sez2pra2dj6wjk4oiczmgpq-1dj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyciazsdowudj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@ehg-nestlepurinapetcare.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\samerna99\Cookies\samerna99@hypertracker[2].txt -> TrackingCookie.Hypertracker : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@data1.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Eloisa\Cookies\eloisa@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT\00380727.TXT -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT\00380728.TXT -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT\00380729.TXT -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT\00380766.TXT -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT\00380767.TXT -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\samerna99\Cookies\samerna99@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\eloyrak\Cookies\eloyrak@specificpop[2].txt -> TrackingCookie.Specificpop : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\eloyrak\Cookies\eloyrak@starware[2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@starware[2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@www.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\samerna99\Cookies\samerna99@starware[2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\RECYCLER\NPROTECT\00379819.TXT -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@free.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Documents and Settings\user\My Documents\Documents and Settings\heid200\Cookies\heid200@programs.wegcash[1].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Documents and Settings\Dick\Cookies\dick@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Eloisa\Cookies\eloisa@c5.zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Eloisa\Cookies\eloisa@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Sam\Cookies\sam@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\RECYCLER\NPROTECT\00381000.TXT -> TrackingCookie.Zedo : Cleaned.
::Report end
The HT Log file follows.
Logfile of HijackThis v1.99.1
Scan saved at 7:54:04 AM, on 8/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
c:\program files\common files\aol\1140720686\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1140720686\ee\aolsoftware.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLT4] E:\AOLSETUP.EXE -ACS
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140506458481
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Thanks in advance for any help you might be able to give.
Guero
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
Fix these in HJT post a new log.
What problems are you having exactly?
Here is my last HJT log.
Logfile of HijackThis v1.99.1
Scan saved at 11:17:34 PM, on 8/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\program files\common files\aol\1140720686\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1140720686\ee\aolsoftware.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1140720686\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLT4] E:\AOLSETUP.EXE -ACS
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140506458481
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe