Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - mandycoler

Pages: [1]

Tech Clinic / topantispyware... HELP!

« on: April 12, 2005, 09:09:16 PM »

Logfile of HijackThis v1.99.1
Scan saved at 9:08:17 PM, on 4/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\2Wire\2PortalMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\System32\hphmon03.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\HJT\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program

Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection

Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -

http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

https://download.macromedia.com/pub/shockwa...ash/swflash.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -

C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

Everything seems to be back to normal. Thank you so very very much for your help.

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Tech Clinic / topantispyware... HELP!

« on: April 12, 2005, 12:53:45 PM »

I couldn't get hoster.zip. I was able to download it but everytime I'd try to open it, I would get a message saying "The Compressed (zipped) Folder is invalid or corrupted." When I'd try to extract the files, I would get a message saying that the zip folder had no files to extract.

As far as the files that you told me to delete, I found all but three:
c:\funny.exe
c:\windows\system32\EXPLORE.EXE <-file
c:\WINDOWS\desktop.html

Tech Clinic / topantispyware... HELP!

« on: April 11, 2005, 04:15:35 PM »

I did everything you said to do and my desktop is back to normal. AVG found and deleted 9 viruses (although 5 of them were just copies of the same worm). However, when I ran another Hijackthis scan, almost all of the crap that I had deleted was back again. Here's a copy:

Logfile of HijackThis v1.99.1
Scan saved at 4:10:44 PM, on 4/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\2Wire\2PortalMon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\System32\hphmon03.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\HJT\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
O1 - Hosts: 222.89.98.219 www.wo365.com
O1 - Hosts: 222.89.98.219 cmfu.com
O1 - Hosts: 222.89.98.219 www.cmfu.com
O1 - Hosts: 222.89.98.219 9i0.com
O1 - Hosts: 222.89.98.219 www.9flash.com
O1 - Hosts: 222.89.98.219 9flash.com
O1 - Hosts: 222.89.98.219 www.nowok.net
O1 - Hosts: 222.89.98.219 nowok.net
O1 - Hosts: 222.89.98.219 wisa.com.cn
O1 - Hosts: 222.89.98.219 www.sia.com.cn
O1 - Hosts: 222.89.98.219 www.wisa.cn
O1 - Hosts: 222.89.98.219 wisa.cn
O1 - Hosts: 222.89.98.219 www.zhao99.com
O1 - Hosts: 222.89.98.219 zhao99.com
O1 - Hosts: 222.89.98.219 www.wo123.com
O1 - Hosts: 222.89.98.219 wo123.com
O1 - Hosts: 222.89.98.219 wo99.com
O1 - Hosts: 222.89.98.219 www.wo99.com
O1 - Hosts: 222.89.98.219 www.page.com.cn
O1 - Hosts: 222.89.98.219 page.com.cn
O1 - Hosts: 222.89.98.219 www.432.cn
O1 - Hosts: 222.89.98.219 432.cn
O1 - Hosts: 222.89.98.219 wysw.com
O1 - Hosts: 222.89.98.219 14.com.cn
O1 - Hosts: 222.89.98.219 www.14.com.cn
O1 - Hosts: 222.89.98.219 cnww.net
O1 - Hosts: 222.89.98.219 www.mv99.com
O1 - Hosts: 222.89.98.219 mv99.com
O1 - Hosts: 222.89.98.219 www.youav.com
O1 - Hosts: 222.89.98.219 www.mtvav.com
O1 - Hosts: 222.89.98.219 www.98983.com
O1 - Hosts: 222.89.98.219 98983.com
O1 - Hosts: 222.89.98.219 www.114.com.cn
O1 - Hosts: 222.89.98.219 114.com.cn
O1 - Hosts: 222.89.98.219 www.net114.com
O1 - Hosts: 222.89.98.219 www.skywz.com
O1 - Hosts: 222.89.98.219 skywz.com
O1 - Hosts: 222.89.98.219 www.hao6.com
O1 - Hosts: 222.89.98.219 hao6.com
O1 - Hosts: 222.89.98.219 www.678a.com
O1 - Hosts: 222.89.98.219 678a.com
O1 - Hosts: 222.89.98.219 www.7510.com
O1 - Hosts: 222.89.98.219 7510.com
O1 - Hosts: 222.89.98.219 www.zzkan.com
O1 - Hosts: 222.89.98.219 zzkan.com
O1 - Hosts: 222.89.98.219 www.ca183.com
O1 - Hosts: 222.89.98.219 ca183.com
O1 - Hosts: 222.89.98.219 3tom.com
O1 - Hosts: 222.89.98.219 www.yhjm.com
O1 - Hosts: 222.89.98.219 yhjm.com
O1 - Hosts: 222.89.98.219 www.k369.com
O1 - Hosts: 222.89.98.219 www.xxwww.com
O1 - Hosts: 222.89.98.219 xxwww.com
O1 - Hosts: 222.89.98.219 www.fm1000.net
O1 - Hosts: 222.89.98.219 fm1000.net
O1 - Hosts: 222.89.98.219 www.ok135.com
O1 - Hosts: 222.89.98.219 ok135.com
O1 - Hosts: 222.89.98.219 www.link999.com
O1 - Hosts: 222.89.98.219 link999.com
O1 - Hosts: 222.89.98.219 www.001wz.com
O1 - Hosts: 222.89.98.219 001wz.com
O1 - Hosts: 222.89.98.219 www.7t7t.com
O1 - Hosts: 222.89.98.219 7t7t.com
O1 - Hosts: 222.89.98.219 www.7k7k.com
O1 - Hosts: 222.89.98.219 7k7k.com
O1 - Hosts: 222.89.98.219 www.webcool.net
O1 - Hosts: 222.89.98.219 webcool.net
O1 - Hosts: 222.89.98.219 www.51sobu.com
O1 - Hosts: 222.89.98.219 51sobu.com
O1 - Hosts: 222.89.98.219 cy.51sobu.com
O1 - Hosts: 222.89.98.219 www.fj3721.com
O1 - Hosts: 222.89.98.219 fj3721.com
O1 - Hosts: 222.89.98.219 www.msncn.com
O1 - Hosts: 222.89.98.219 msncn.com
O1 - Hosts: 222.89.98.219 www.6235.com
O1 - Hosts: 222.89.98.219 6235.com
O1 - Hosts: 222.89.98.219 www.8goo.com
O1 - Hosts: 222.89.98.219 8goo.com
O1 - Hosts: 222.89.98.219 www.baimin.com
O1 - Hosts: 222.89.98.219 baimin.com
O1 - Hosts: 222.89.98.219 www.bwwz.com
O1 - Hosts: 222.89.98.219 bwwz.com
O1 - Hosts: 222.89.98.219 www.howow.net
O1 - Hosts: 222.89.98.219 howow.net
O1 - Hosts: 222.89.98.219 www.tongchi.com
O1 - Hosts: 222.89.98.219 tongchi.com
O1 - Hosts: 222.89.98.219 www.65658.com
O1 - Hosts: 222.89.98.219 65658.com
O1 - Hosts: 222.89.98.219 www.7o7o.com
O1 - Hosts: 222.89.98.219 7o7o.com
O1 - Hosts: 222.89.98.219 5126.net
O1 - Hosts: 222.89.98.219 www.5126.net
O1 - Hosts: 222.89.98.219 www.wangzhiku.com
O1 - Hosts: 222.89.98.219 wangzhiku.com
O1 - Hosts: 222.89.98.219 www.soyeah.com
O1 - Hosts: 222.89.98.219 soyeah.com
O1 - Hosts: 222.89.98.219 www.sowang.cn
O1 - Hosts: 222.89.98.219 sowang.cn
O1 - Hosts: 222.89.98.219 www.77177.com
O1 - Hosts: 222.89.98.219 77177.com
O1 - Hosts: 222.89.98.219 www.look8.net
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

Tech Clinic / topantispyware... HELP!

« on: April 08, 2005, 03:21:11 PM »

My computer has been infected with topantispyware for a few weeks now. I've tried everything I can think of to get rid of it but nothing is working. Please help! Here's my hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 3:15:16 PM, on 4/8/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
c:\windows\system32\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
c:\windows\explorer.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\nvsvc32.exe
c:\windows\rundll32.exe
c:\windows\system32\IEXPLORE.EXE
C:\Program Files\2Wire\2PortalMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\System32\hphmon03.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit32.exe,
O1 - Hosts: 222.89.98.219 www.wo365.com
O1 - Hosts: 222.89.98.219 cmfu.com
O1 - Hosts: 222.89.98.219 www.cmfu.com
O1 - Hosts: 222.89.98.219 9i0.com
O1 - Hosts: 222.89.98.219 www.9flash.com
O1 - Hosts: 222.89.98.219 9flash.com
O1 - Hosts: 222.89.98.219 www.nowok.net
O1 - Hosts: 222.89.98.219 nowok.net
O1 - Hosts: 222.89.98.219 wisa.com.cn
O1 - Hosts: 222.89.98.219 www.sia.com.cn
O1 - Hosts: 222.89.98.219 www.wisa.cn
O1 - Hosts: 222.89.98.219 wisa.cn
O1 - Hosts: 222.89.98.219 www.zhao99.com
O1 - Hosts: 222.89.98.219 zhao99.com
O1 - Hosts: 222.89.98.219 www.wo123.com
O1 - Hosts: 222.89.98.219 wo123.com
O1 - Hosts: 222.89.98.219 wo99.com
O1 - Hosts: 222.89.98.219 www.wo99.com
O1 - Hosts: 222.89.98.219 www.page.com.cn
O1 - Hosts: 222.89.98.219 page.com.cn
O1 - Hosts: 222.89.98.219 www.432.cn
O1 - Hosts: 222.89.98.219 432.cn
O1 - Hosts: 222.89.98.219 wysw.com
O1 - Hosts: 222.89.98.219 14.com.cn
O1 - Hosts: 222.89.98.219 www.14.com.cn
O1 - Hosts: 222.89.98.219 cnww.net
O1 - Hosts: 222.89.98.219 www.mv99.com
O1 - Hosts: 222.89.98.219 mv99.com
O1 - Hosts: 222.89.98.219 www.youav.com
O1 - Hosts: 222.89.98.219 www.mtvav.com
O1 - Hosts: 222.89.98.219 www.98983.com
O1 - Hosts: 222.89.98.219 98983.com
O1 - Hosts: 222.89.98.219 www.114.com.cn
O1 - Hosts: 222.89.98.219 114.com.cn
O1 - Hosts: 222.89.98.219 www.net114.com
O1 - Hosts: 222.89.98.219 www.skywz.com
O1 - Hosts: 222.89.98.219 skywz.com
O1 - Hosts: 222.89.98.219 www.hao6.com
O1 - Hosts: 222.89.98.219 hao6.com
O1 - Hosts: 222.89.98.219 www.678a.com
O1 - Hosts: 222.89.98.219 678a.com
O1 - Hosts: 222.89.98.219 www.7510.com
O1 - Hosts: 222.89.98.219 7510.com
O1 - Hosts: 222.89.98.219 www.zzkan.com
O1 - Hosts: 222.89.98.219 zzkan.com
O1 - Hosts: 222.89.98.219 www.ca183.com
O1 - Hosts: 222.89.98.219 ca183.com
O1 - Hosts: 222.89.98.219 3tom.com
O1 - Hosts: 222.89.98.219 www.yhjm.com
O1 - Hosts: 222.89.98.219 yhjm.com
O1 - Hosts: 222.89.98.219 www.k369.com
O1 - Hosts: 222.89.98.219 www.xxwww.com
O1 - Hosts: 222.89.98.219 xxwww.com
O1 - Hosts: 222.89.98.219 www.fm1000.net
O1 - Hosts: 222.89.98.219 fm1000.net
O1 - Hosts: 222.89.98.219 www.ok135.com
O1 - Hosts: 222.89.98.219 ok135.com
O1 - Hosts: 222.89.98.219 www.link999.com
O1 - Hosts: 222.89.98.219 link999.com
O1 - Hosts: 222.89.98.219 www.001wz.com
O1 - Hosts: 222.89.98.219 001wz.com
O1 - Hosts: 222.89.98.219 www.7t7t.com
O1 - Hosts: 222.89.98.219 7t7t.com
O1 - Hosts: 222.89.98.219 www.7k7k.com
O1 - Hosts: 222.89.98.219 7k7k.com
O1 - Hosts: 222.89.98.219 www.webcool.net
O1 - Hosts: 222.89.98.219 webcool.net
O1 - Hosts: 222.89.98.219 www.51sobu.com
O1 - Hosts: 222.89.98.219 51sobu.com
O1 - Hosts: 222.89.98.219 cy.51sobu.com
O1 - Hosts: 222.89.98.219 www.fj3721.com
O1 - Hosts: 222.89.98.219 fj3721.com
O1 - Hosts: 222.89.98.219 www.msncn.com
O1 - Hosts: 222.89.98.219 msncn.com
O1 - Hosts: 222.89.98.219 www.6235.com
O1 - Hosts: 222.89.98.219 6235.com
O1 - Hosts: 222.89.98.219 www.8goo.com
O1 - Hosts: 222.89.98.219 8goo.com
O1 - Hosts: 222.89.98.219 www.baimin.com
O1 - Hosts: 222.89.98.219 baimin.com
O1 - Hosts: 222.89.98.219 www.bwwz.com
O1 - Hosts: 222.89.98.219 bwwz.com
O1 - Hosts: 222.89.98.219 www.howow.net
O1 - Hosts: 222.89.98.219 howow.net
O1 - Hosts: 222.89.98.219 www.tongchi.com
O1 - Hosts: 222.89.98.219 tongchi.com
O1 - Hosts: 222.89.98.219 www.65658.com
O1 - Hosts: 222.89.98.219 65658.com
O1 - Hosts: 222.89.98.219 www.7o7o.com
O1 - Hosts: 222.89.98.219 7o7o.com
O1 - Hosts: 222.89.98.219 5126.net
O1 - Hosts: 222.89.98.219 www.5126.net
O1 - Hosts: 222.89.98.219 www.wangzhiku.com
O1 - Hosts: 222.89.98.219 wangzhiku.com
O1 - Hosts: 222.89.98.219 www.soyeah.com
O1 - Hosts: 222.89.98.219 soyeah.com
O1 - Hosts: 222.89.98.219 www.sowang.cn
O1 - Hosts: 222.89.98.219 sowang.cn
O1 - Hosts: 222.89.98.219 www.77177.com
O1 - Hosts: 222.89.98.219 77177.com
O1 - Hosts: 222.89.98.219 www.look8.net
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Microsoft AntiSpyware helper - {1B405DDB-BF7B-4114-AA4A-9C297AA48F48} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {1B405DDB-BF7B-4114-AA4A-9C297AA48F48} - (no file) (HKCU)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

Thank you for your help, this thing is driving me nuts!

Pages: [1]

TheTechGuide Forum

News:

Show Posts

Messages - mandycoler

Tech Clinic / topantispyware... HELP!

Tech Clinic / topantispyware... HELP!

Tech Clinic / topantispyware... HELP!

Tech Clinic / topantispyware... HELP!