1
Tech Clinic / HELP !!!! Laptop come to a hault
« on: September 08, 2006, 06:05:49 PM »
bump
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Tech Clinic / HELP !!!! Laptop come to a hault
« on: September 06, 2006, 12:36:28 AM »
Here is the Hijackthis uninstall manager list
Actiontec Bluetooth Software
Ad-Aware SE Personal
Adobe Reader 6.0
AOL Instant Messenger
AOL Toolbar 2.0
CC_ccStart
ccCommon
CleanUp!
Comcast High-Speed Internet Install Wizard
ewido anti-spyware 4.0
FairUse Wizard 2
FontSmoother 1.76
Google Toolbar for Internet Explorer
Google Web Accelerator
HandWallet
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Windows XP (KB909394)
HP PSC & OfficeJet 3.5
InterActual Player
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.1_07
Java Web Start
Kaspersky Online Scanner
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Logitech Gaming Software
Macromedia Flash Player 8
Mahjongg Master 5
Medi@Show
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft ActiveSync 4.0
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Mozilla Firefox (1.5.0.6)
MSRedist
Nokia Connectivity Cable Driver
Nokia Internet Tablet Software Update Wizard
Norton AntiVirus 2004
Norton AntiVirus 2004 (Symantec Corporation)
Norton AntiVirus Parent MSI
Norton WMI Update
Orb
Palm
PalmVNC 2.0
Pocket Tunes 3.1.3
Power2Go 3.0
PowerDVD
PowerStarter
QuickTime
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Samsung USB Driver (MCCI 4.16)
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Smart Link 56K Modem
Spb Weather
Sprint PCS Connection Manager
Symantec Script Blocking Installer
SymNet
Synaptics Pointing Device Driver
UniChrome Graphics Driver and Utilities
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
VIA Audio Driver Setup Program
Viewpoint Media Player
Vintage Slots Of Colorado, Inc StocksAndWeatherToday
WinAce Archiver
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
XP Codec Pack
Actiontec Bluetooth Software
Ad-Aware SE Personal
Adobe Reader 6.0
AOL Instant Messenger
AOL Toolbar 2.0
CC_ccStart
ccCommon
CleanUp!
Comcast High-Speed Internet Install Wizard
ewido anti-spyware 4.0
FairUse Wizard 2
FontSmoother 1.76
Google Toolbar for Internet Explorer
Google Web Accelerator
HandWallet
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Windows XP (KB909394)
HP PSC & OfficeJet 3.5
InterActual Player
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.1_07
Java Web Start
Kaspersky Online Scanner
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Logitech Gaming Software
Macromedia Flash Player 8
Mahjongg Master 5
Medi@Show
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft ActiveSync 4.0
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Mozilla Firefox (1.5.0.6)
MSRedist
Nokia Connectivity Cable Driver
Nokia Internet Tablet Software Update Wizard
Norton AntiVirus 2004
Norton AntiVirus 2004 (Symantec Corporation)
Norton AntiVirus Parent MSI
Norton WMI Update
Orb
Palm
PalmVNC 2.0
Pocket Tunes 3.1.3
Power2Go 3.0
PowerDVD
PowerStarter
QuickTime
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Samsung USB Driver (MCCI 4.16)
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Smart Link 56K Modem
Spb Weather
Sprint PCS Connection Manager
Symantec Script Blocking Installer
SymNet
Synaptics Pointing Device Driver
UniChrome Graphics Driver and Utilities
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
VIA Audio Driver Setup Program
Viewpoint Media Player
Vintage Slots Of Colorado, Inc StocksAndWeatherToday
WinAce Archiver
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
XP Codec Pack
3
Tech Clinic / HELP !!!! Laptop come to a hault
« on: September 04, 2006, 11:33:11 PM »
combofix log
Act - 06-09-04 21:28:20.20
ComboFix 06.09.04BT - Running from: C:\Documents and Settings\Act\Desktop
Microsoft Windows XP [Version 5.1.2600]
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\keyboard1.dat
C:\WINDOWS\newname.dat
C:\WINDOWS\winsysupd21.dat
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tracert.com
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\outlook
((((((((((((((((((((((((((((((( Files Created from 2006-08-04 to 2006-09-04 ))))))))))))))))))))))))))))))))))
2006-08-28 14:41 48,128 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-08-28 14:41 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2006-08-28 14:41 31,232 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2006-08-12 14:26 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll
2006-08-12 14:26 118,784 --a------ C:\WINDOWS\system32\vbalNCSM6.dll
2006-08-12 14:26 101,888 --a------ C:\WINDOWS\system32\Vb6stkit.dll
2006-08-08 00:45 175,104 --a------ C:\onoes.exe
2006-08-06 14:53 0 ---hs---- C:\WINDOWS\system32\tasklist.com
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-09-04 18:48 -------- d-------- C:\Program Files\Mozilla Firefox
2006-09-04 17:16 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-04 17:04 -------- d-------- C:\Program Files\QuoteTracker
2006-09-04 17:04 -------- d-------- C:\Program Files\Norton AntiVirus
2006-09-04 16:38 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-09-04 16:37 -------- d-------- C:\Program Files\Common Files\AOL
2006-09-04 16:34 -------- d-------- C:\Program Files\Gizmo Project
2006-09-04 16:30 -------- d-------- C:\Program Files\FairUse Wizard 2
2006-09-04 16:30 -------- d-------- C:\Program Files\BitTorrent
2006-09-04 16:30 -------- d-------- C:\Documents and Settings\Act\Application Data\AdobeUM
2006-09-04 11:23 -------- d-------- C:\Program Files\WinRAR
2006-09-03 18:57 -------- d-------- C:\Documents and Settings\Act\Application Data\BitTorrent
2006-09-02 18:32 -------- d-------- C:\Program Files\Adobe
2006-08-28 14:41 -------- d-------- C:\Program Files\Nokia
2006-08-28 14:40 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-08-26 00:26 -------- d-------- C:\Program Files\PalmVNC
2006-08-25 22:01 -------- d-------- C:\Program Files\Orb Networks
2006-08-25 16:32 -------- d-------- C:\Program Files\support.com
2006-08-16 03:02 -------- d-------- C:\Program Files\Internet Explorer
2006-08-12 14:23 -------- d-------- C:\Program Files\eGames
2006-08-06 15:42 -------- d-------- C:\Program Files\IGN
2006-07-30 22:37 -------- d-------- C:\Program Files\InterActual
2006-07-27 06:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-24 14:06 -------- d-------- C:\Program Files\StocksAndWeatherToday
2006-07-24 11:25 -------- d-------- C:\Program Files\SBSH
2006-07-23 22:10 -------- d-------- C:\Program Files\Microsoft.NET
2006-07-23 21:03 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-07-23 20:59 -------- d---s---- C:\Documents and Settings\Act\Application Data\Microsoft
2006-07-23 19:33 2508 --a------ C:\Documents and Settings\Act\Application Data\$_hpcst$.hpc
2006-07-21 01:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-19 01:46 -------- d-------- C:\Program Files\AIM
2006-07-19 01:40 -------- d-------- C:\Program Files\AOL
2006-07-19 01:40 -------- d-------- C:\Documents and Settings\Act\Application Data\Aim
2006-07-19 01:39 -------- d-------- C:\Program Files\Common Files
2006-07-19 01:39 -------- d-------- C:\Program Files\AOD
2006-07-15 01:47 -------- d-------- C:\Program Files\Palm
2006-07-12 22:25 -------- d-------- C:\Program Files\FontSmoother
2006-07-11 01:53 -------- d-------- C:\Program Files\Lavasoft
2006-07-11 01:53 -------- d-------- C:\Documents and Settings\Act\Application Data\Lavasoft
2006-07-11 01:21 -------- d-------- C:\Program Files\NewDotNet
2006-07-11 00:24 -------- d-------- C:\Program Files\TGTSoft
2006-07-08 23:41 -------- d-------- C:\Program Files\Windows NT
2006-07-05 14:32 -------- d-------- C:\Program Files\NCH Swift Sound
2006-06-15 00:29 1389 --a------ C:\Documents and Settings\Act\Application Data\.googlewebacchosts
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinVNC"="\"C:\\Program Files\\PalmVNC\\WinVNC\\WinVNC.exe\" -servicehelper"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="\"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Act^Start Menu^Programs^Startup^Palm Registration.lnk]
"path"="C:\\Documents and Settings\\Act\\Start Menu\\Programs\\Startup\\Palm Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\Palm Registration.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\Palm\\register.exe /remind /language=EN /INTL=\"false\" /PRNM=\"Palm\""
"item"="Palm Registration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Act^Start Menu^Programs^Startup^palmOne Registration.lnk]
"path"="C:\\Documents and Settings\\Act\\Start Menu\\Programs\\Startup\\palmOne Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\palmOne Registration.lnkStartup"
"location"="Startup"
"command"="C:\\Program Files\\palmOne\\register.exe /remind /language=EN /PRNM=\"palmOne\""
"item"="palmOne Registration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HotSync Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\HotSync Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\palmOne\\Hotsync.exe -logon"
"item"="HotSync Manager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HOTSYNCSHORTCUTNAME.lnk"
"backup"="C:\\WINDOWS\\pss\\HOTSYNCSHORTCUTNAME.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\palmOne\\Hotsync.exe -logon"
"item"="HOTSYNCSHORTCUTNAME"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Run Google Web Accelerator.lnk"
"backup"="C:\\WINDOWS\\pss\\Run Google Web Accelerator.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Google\\WEBACC~1\\GOOGLE~2.EXE "
"item"="Run Google Web Accelerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Aim6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLLaunch"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\AOL\\Launch\\AOLLaunch.exe\" /d locale=en-US ee://aol/imApp"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\H/PC Connection Agent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wcescomm"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\HostManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLHostManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\AOL\\1153298420\\ee\\AOLHostManager.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\HP Component Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="isuspm"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NAV CfgWiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CfgWiz"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Symantec Shared\\CfgWiz.exe /GUID NAV /CMDLINE \"REBOOT\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PalmTether]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TetherApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\PalmTether\\TetherApp.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Power2GoExpress]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\spc_w]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nzspc"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\NZSearch\\nzspc.exe\" -w"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Start WingMan Profiler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lwemon"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Logitech\\Profiler\\lwemon.exe\" /noui"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Symantec NetDriver Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SNDMon"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPLpr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPLpr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ViewMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ViewMgr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"inimapping"="0"
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20060904-170422-386
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Act.job
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: Mon 09/04/2006 21:31:57.64
ComboFix.txt
Act - 06-09-04 21:28:20.20
ComboFix 06.09.04BT - Running from: C:\Documents and Settings\Act\Desktop
Microsoft Windows XP [Version 5.1.2600]
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\keyboard1.dat
C:\WINDOWS\newname.dat
C:\WINDOWS\winsysupd21.dat
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tracert.com
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\outlook
((((((((((((((((((((((((((((((( Files Created from 2006-08-04 to 2006-09-04 ))))))))))))))))))))))))))))))))))
2006-08-28 14:41 48,128 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-08-28 14:41 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2006-08-28 14:41 31,232 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2006-08-12 14:26 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll
2006-08-12 14:26 118,784 --a------ C:\WINDOWS\system32\vbalNCSM6.dll
2006-08-12 14:26 101,888 --a------ C:\WINDOWS\system32\Vb6stkit.dll
2006-08-08 00:45 175,104 --a------ C:\onoes.exe
2006-08-06 14:53 0 ---hs---- C:\WINDOWS\system32\tasklist.com
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-09-04 18:48 -------- d-------- C:\Program Files\Mozilla Firefox
2006-09-04 17:16 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-04 17:04 -------- d-------- C:\Program Files\QuoteTracker
2006-09-04 17:04 -------- d-------- C:\Program Files\Norton AntiVirus
2006-09-04 16:38 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-09-04 16:37 -------- d-------- C:\Program Files\Common Files\AOL
2006-09-04 16:34 -------- d-------- C:\Program Files\Gizmo Project
2006-09-04 16:30 -------- d-------- C:\Program Files\FairUse Wizard 2
2006-09-04 16:30 -------- d-------- C:\Program Files\BitTorrent
2006-09-04 16:30 -------- d-------- C:\Documents and Settings\Act\Application Data\AdobeUM
2006-09-04 11:23 -------- d-------- C:\Program Files\WinRAR
2006-09-03 18:57 -------- d-------- C:\Documents and Settings\Act\Application Data\BitTorrent
2006-09-02 18:32 -------- d-------- C:\Program Files\Adobe
2006-08-28 14:41 -------- d-------- C:\Program Files\Nokia
2006-08-28 14:40 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-08-26 00:26 -------- d-------- C:\Program Files\PalmVNC
2006-08-25 22:01 -------- d-------- C:\Program Files\Orb Networks
2006-08-25 16:32 -------- d-------- C:\Program Files\support.com
2006-08-16 03:02 -------- d-------- C:\Program Files\Internet Explorer
2006-08-12 14:23 -------- d-------- C:\Program Files\eGames
2006-08-06 15:42 -------- d-------- C:\Program Files\IGN
2006-07-30 22:37 -------- d-------- C:\Program Files\InterActual
2006-07-27 06:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-24 14:06 -------- d-------- C:\Program Files\StocksAndWeatherToday
2006-07-24 11:25 -------- d-------- C:\Program Files\SBSH
2006-07-23 22:10 -------- d-------- C:\Program Files\Microsoft.NET
2006-07-23 21:03 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-07-23 20:59 -------- d---s---- C:\Documents and Settings\Act\Application Data\Microsoft
2006-07-23 19:33 2508 --a------ C:\Documents and Settings\Act\Application Data\$_hpcst$.hpc
2006-07-21 01:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-19 01:46 -------- d-------- C:\Program Files\AIM
2006-07-19 01:40 -------- d-------- C:\Program Files\AOL
2006-07-19 01:40 -------- d-------- C:\Documents and Settings\Act\Application Data\Aim
2006-07-19 01:39 -------- d-------- C:\Program Files\Common Files
2006-07-19 01:39 -------- d-------- C:\Program Files\AOD
2006-07-15 01:47 -------- d-------- C:\Program Files\Palm
2006-07-12 22:25 -------- d-------- C:\Program Files\FontSmoother
2006-07-11 01:53 -------- d-------- C:\Program Files\Lavasoft
2006-07-11 01:53 -------- d-------- C:\Documents and Settings\Act\Application Data\Lavasoft
2006-07-11 01:21 -------- d-------- C:\Program Files\NewDotNet
2006-07-11 00:24 -------- d-------- C:\Program Files\TGTSoft
2006-07-08 23:41 -------- d-------- C:\Program Files\Windows NT
2006-07-05 14:32 -------- d-------- C:\Program Files\NCH Swift Sound
2006-06-15 00:29 1389 --a------ C:\Documents and Settings\Act\Application Data\.googlewebacchosts
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinVNC"="\"C:\\Program Files\\PalmVNC\\WinVNC\\WinVNC.exe\" -servicehelper"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="\"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Act^Start Menu^Programs^Startup^Palm Registration.lnk]
"path"="C:\\Documents and Settings\\Act\\Start Menu\\Programs\\Startup\\Palm Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\Palm Registration.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\Palm\\register.exe /remind /language=EN /INTL=\"false\" /PRNM=\"Palm\""
"item"="Palm Registration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Act^Start Menu^Programs^Startup^palmOne Registration.lnk]
"path"="C:\\Documents and Settings\\Act\\Start Menu\\Programs\\Startup\\palmOne Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\palmOne Registration.lnkStartup"
"location"="Startup"
"command"="C:\\Program Files\\palmOne\\register.exe /remind /language=EN /PRNM=\"palmOne\""
"item"="palmOne Registration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HotSync Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\HotSync Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\palmOne\\Hotsync.exe -logon"
"item"="HotSync Manager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HOTSYNCSHORTCUTNAME.lnk"
"backup"="C:\\WINDOWS\\pss\\HOTSYNCSHORTCUTNAME.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\palmOne\\Hotsync.exe -logon"
"item"="HOTSYNCSHORTCUTNAME"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Run Google Web Accelerator.lnk"
"backup"="C:\\WINDOWS\\pss\\Run Google Web Accelerator.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Google\\WEBACC~1\\GOOGLE~2.EXE "
"item"="Run Google Web Accelerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Aim6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLLaunch"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\AOL\\Launch\\AOLLaunch.exe\" /d locale=en-US ee://aol/imApp"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\H/PC Connection Agent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wcescomm"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\HostManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLHostManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\AOL\\1153298420\\ee\\AOLHostManager.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\HP Component Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="isuspm"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NAV CfgWiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CfgWiz"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Symantec Shared\\CfgWiz.exe /GUID NAV /CMDLINE \"REBOOT\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PalmTether]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TetherApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\PalmTether\\TetherApp.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Power2GoExpress]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\spc_w]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nzspc"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\NZSearch\\nzspc.exe\" -w"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Start WingMan Profiler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lwemon"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Logitech\\Profiler\\lwemon.exe\" /noui"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Symantec NetDriver Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SNDMon"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPLpr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPLpr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ViewMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ViewMgr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"inimapping"="0"
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20060904-170422-386
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Act.job
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: Mon 09/04/2006 21:31:57.64
ComboFix.txt
4
Tech Clinic / HELP !!!! Laptop come to a hault
« on: September 04, 2006, 09:04:19 PM »
here is the new hijackthis log after done all your reccomendation:
Logfile of HijackThis v1.99.1
Scan saved at 6:57:32 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalmVNC\WinVNC\WinVNC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\bfu\BFU.exe
C:\bfu\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.averatec.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.averatec.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -service (file missing)
And here is the ewido report:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:51:59 PM 9/4/2006
+ Scan result:
C:\WINDOWS\pss\aimkc.exeCommon Startup -> Downloader.Qoologic.bj : Cleaned.
:mozilla.590:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.257:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.355:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.177:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.178:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.143:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.128:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.129:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.130:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.148:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.152:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.153:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.154:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.62:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.63:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.68:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.416:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.403:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.404:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.77:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.79:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.82:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.83:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.88:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.92:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.93:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.94:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.95:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.96:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.214:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.341:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.38:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.272:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.302:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.303:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.220:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.155:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.158:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.161:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.162:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.163:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.164:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.262:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.118:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.119:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.120:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.122:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.276:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.298:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.299:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.300:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.301:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.314:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.468:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.490:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.491:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.492:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.493:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.484:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.537:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.538:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.539:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.575:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.81:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.84:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.304:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.412:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.345:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.346:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.347:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.348:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.258:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.259:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.145:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.146:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.147:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.548:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.136:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.137:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.138:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.139:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.140:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.264:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.265:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.266:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.267:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.485:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.171:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.172:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.173:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.174:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.175:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.176:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.180:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.182:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.183:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.165:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.166:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.167:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.373:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.235:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.236:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.237:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.238:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.239:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.240:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.241:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.242:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.85:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.86:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.531:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.581:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.486:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.196:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.197:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.342:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.343:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.344:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Thank you again in advance for your help
Logfile of HijackThis v1.99.1
Scan saved at 6:57:32 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalmVNC\WinVNC\WinVNC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\bfu\BFU.exe
C:\bfu\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.averatec.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.averatec.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -service (file missing)
And here is the ewido report:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:51:59 PM 9/4/2006
+ Scan result:
C:\WINDOWS\pss\aimkc.exeCommon Startup -> Downloader.Qoologic.bj : Cleaned.
:mozilla.590:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.257:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.355:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.177:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.178:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.143:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.128:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.129:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.130:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.148:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.152:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.153:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.154:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.62:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.63:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.68:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.416:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.403:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.404:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.77:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.79:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.82:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.83:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.88:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.92:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.93:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.94:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.95:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.96:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.214:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.341:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.38:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.272:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.302:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.303:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.220:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.155:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.158:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.161:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.162:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.163:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.164:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.262:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.118:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.119:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.120:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.122:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.276:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.298:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.299:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.300:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.301:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.314:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.468:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.490:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.491:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.492:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.493:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.484:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.537:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.538:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.539:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.575:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.81:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.84:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.304:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.412:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.345:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.346:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.347:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.348:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.258:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.259:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.145:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.146:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.147:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.548:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.136:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.137:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.138:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.139:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.140:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.264:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.265:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.266:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.267:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.485:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.171:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.172:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.173:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.174:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.175:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.176:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.180:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.182:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.183:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.165:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.166:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.167:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.373:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.235:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.236:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.237:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.238:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.239:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.240:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.241:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.242:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.85:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.86:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.531:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.581:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.486:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.196:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.197:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.342:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.343:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.344:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Thank you again in advance for your help
5
Tech Clinic / HELP !!!! Laptop come to a hault
« on: September 04, 2006, 07:41:06 PM »
My laptop is slowly dying and I don't know what to do. First of startup time took a whole lot longer that used to (now it will take up to 7 min just to boot up), I no longer have access to Ctrl+Alt+Enter to bring up task manager, further investigation (search) reveal that I no longer have taskmrgr.exe (atleast it didnt show up when I search), Somehow I cant seem to find c:/windows/system32 folder. And after I use my laptop for 10-15 min it seem to just slow down almost to a stop ( I can't switch app, open new task etc,) I recently install and uninstall limewire if that could be the culprit
Here is my Hijackthis log file..... please advise I'm losing my mind over this
Logfile of HijackThis v1.99.1
Scan saved at 4:52:01 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalmVNC\WinVNC\WinVNC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\outlook\outlook.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\bfu\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.averatec.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.averatec.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -service (file missing)
Here is my Hijackthis log file..... please advise I'm losing my mind over this
Logfile of HijackThis v1.99.1
Scan saved at 4:52:01 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalmVNC\WinVNC\WinVNC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\outlook\outlook.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\bfu\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.averatec.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.averatec.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -service (file missing)
Pages: [1]