Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91701 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

help cant stay connected


  • Please log in to reply
20 replies to this topic

#1 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 13 May 2005 - 08:16 PM

about 2 weeks ago my computor started kicking itself offline every hour at about the 40 minute mark. It is off anywhere from 2 to 15 minutes.when I go to internet connection it shows me as still connected. we have 3 computors connected to mine and they all go off also. I tried doing a recovery but that didnt help.I have high speed cable internet and they dont seem to be having a problem. Thanks for any help you can come up with! grammydebbie

    Advertisements

Register to Remove


#2 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 13 May 2005 - 08:30 PM

Download hijackthis to its own folder C:/HJT for example. Extrat the zip file to that folder. Then close all browseer windows, open hijackthis and click on scan. Once the scan has completed click on Save Log, this will produce a text file log. Highlight all of the information from in that text box then right click and copy. Come back to this post you made and click on "add reply" at the bottom right and a new window will open. Paste the hijackthis log into the new window hit add reply in that new window.

HJT download >>> http://www.softpedia.../10-17-69.shtml

#3 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 13 May 2005 - 09:10 PM

Logfile of HijackThis v1.99.0
Scan saved at 11:02:29 PM, on 5/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\COMPAQ~2\Presario\XPHNARP4EN\plugin\bin\pchbutton.exe
C:\Program Files\Microsoft Plus! Digital Media Edition\Alarm Clock\AlarmClock.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\My Documents\download updates and programs\hijackthis[1]\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs" /args //b startupdelay
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [HZV62f3D] C:\documents and settings\david\local settings\temp\HZV62f3D.exe
O4 - HKLM\..\Run: [H2IBGc] C:\documents and settings\david\local settings\temp\H2IBGc.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\COMPAQ~2\Presario\XPHNARP4EN\plugin\bin\pchbutton.exe
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://sympatico.zon...pandaonline.cab
O16 - DPF: {B160422D-0A48-11D4-BD9B-00A0C9B0AB7B} (Download Class) - http://expressit.bro...in/Download.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E9348280-2D74-4933-BE25-73D946926795} (DeviceEnum Class) - http://h20270.www2.h...cdetection3.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee SecurityCenter Update Manager - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

ok I think I did this right

#4 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 13 May 2005 - 09:55 PM

Step #1

Please download and run Spybot & AdAware SE . Then follow the instructions in the link below to run.

Spybot Tutorial

AdAware Tutorial

Step # 2

Then do a virus scan here >>> Trend Micro


Reboot and post a new HiJackThis log. You need an updated version of Hijackthis which you can get from HERE.

#5 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 14 May 2005 - 11:39 AM

Logfile of HijackThis v1.99.1
Scan saved at 1:34:43 PM, on 5/14/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Owner\My Documents\download updates and programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs" /args //b startupdelay
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [HZV62f3D] C:\documents and settings\david\local settings\temp\HZV62f3D.exe
O4 - HKLM\..\Run: [H2IBGc] C:\documents and settings\david\local settings\temp\H2IBGc.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\COMPAQ~2\Presario\XPHNARP4EN\plugin\bin\pchbutton.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://sympatico.zon...pandaonline.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B160422D-0A48-11D4-BD9B-00A0C9B0AB7B} (Download Class) - http://expressit.bro...in/Download.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E9348280-2D74-4933-BE25-73D946926795} (DeviceEnum Class) - http://h20270.www2.h...cdetection3.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

ok i ran the 3 things you said and updated hijack this and am posting the new log. thank you again for your help
debbie

#6 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 14 May 2005 - 02:18 PM

Scan with hijackthis and put a check beside these lines and choose FIX

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O4 - HKLM\..\Run: [HZV62f3D] C:\documents and settings\david\local settings\temp\HZV62f3D.exe
O4 - HKLM\..\Run: [H2IBGc] C:\documents and settings\david\local settings\temp\H2IBGc.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O16 - DPF: {B160422D-0A48-11D4-BD9B-00A0C9B0AB7B} (Download Class) - http://expressit.bro...in/Download.cab

Then reboot and post a new log please.

#7 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 14 May 2005 - 04:03 PM

Logfile of HijackThis v1.99.1
Scan saved at 6:00:47 PM, on 5/14/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\Pelmiced.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Owner\My Documents\download updates and programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs" /args //b startupdelay
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\COMPAQ~2\Presario\XPHNARP4EN\plugin\bin\pchbutton.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://sympatico.zon...pandaonline.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E9348280-2D74-4933-BE25-73D946926795} (DeviceEnum Class) - http://h20270.www2.h...cdetection3.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

ok rebooted and rescanned after fixing what you said

#8 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 14 May 2005 - 05:20 PM

Download MicroWorld virus scan here >>> Micro World http://www.mwti.net/...e_utilities.asp

To run the virus scan make sure you click the following

memory, registry, startup folders, system folders, services, drive (all drives will be added) then click on scan clean. When the scan is complete hilight all the files in the LOWER box. Then ctrl + c and paste them into the thread ctrl + v.

I warn you the scan will take a long time to run and will not fix anything just identifies bad files.

#9 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 14 May 2005 - 06:57 PM

File C:\Documents and Settings\Owner\Local Settings\Temp\r1AmSlIkB.dll infected by "not-a-virus:AdWare.Midable.b" Virus. Action Taken: No Action Taken. File C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\I3YXM7MP\bbi8033[1].exe infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken. File C:\Documents and Settings\Owner\My Documents\download updates and programs\Burn4Free_Setup.exe infected by "not-a-virus:AdWare.NavExcel.d" Virus. Action Taken: No Action Taken. File C:\hp\bin\Terminator.exe tagged as not-a-virus:RiskWare.Tool.KillApp. No Action Taken. File C:\Program Files\Broderbund\The Print Shop\Unlock\SSD\SS4DlxDl.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\Program Files\Norton AntiVirus\Quarantine\14C71618.exe infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: No Action Taken. File C:\Program Files\Online Services\AOL90US\comp01.000 tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP460\A0068819.exe infected by "not-a-virus:AdWare.ToolBar.ImiBar.d" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP461\A0068830.exe infected by "Trojan-Downloader.Win32.OneClickNetSearch.h" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP462\A0068840.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP462\A0068866.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP469\A0069150.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP470\A0069169.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP471\A0069219.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP471\A0069465.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076921.exe infected by "Trojan.Win32.Scapur.h" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076922.exe infected by "not-a-virus:AdWare.VirtualBouncer.d" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076923.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076924.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076926.exe infected by "Trojan-Dropper.Win32.Small.ff" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076928.exe infected by "not-a-virus:AdWare.ToolBar.ImiBar.d" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP560\A0077229.EXE infected by "not-a-virus:AdWare.Background" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\BO2802040113.dll infected by "not-a-virus:AdWare.VirtualBouncer.d" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\SHAgentNew.dll infected by "not-a-virus:AdWare.Sahat.a" Virus. Action Taken: No Action Taken. ok This is the log in the lower box.

#10 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 14 May 2005 - 09:49 PM

Download CCleaner from the link below but do not run it yet.

Download >>>> http://www.majorgeek...wnload4191.html

Reboot to safe mode tutorial here >>>> http://service1.syma...src=sec_doc_nam

Now open ccleaner and click on "run Scanner" at the bottom right.

Next look for and delete these files

C:\Documents and Settings\Owner\My Documents\download updates and programs\Burn4Free_Setup.exe

C:\WINDOWS\system32\BO2802040113.dll

C:\WINDOWS\system32\SHAgentNew.dll

Then reboot to normal mode and post a new hijackthis log please.

    Advertisements

Register to Remove


#11 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 14 May 2005 - 11:10 PM

Logfile of HijackThis v1.99.1
Scan saved at 12:39:19 AM, on 5/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\My Documents\download updates and programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs" /args //b startupdelay
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\COMPAQ~2\Presario\XPHNARP4EN\plugin\bin\pchbutton.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://sympatico.zon...pandaonline.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E9348280-2D74-4933-BE25-73D946926795} (DeviceEnum Class) - http://h20270.www2.h...cdetection3.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

here is the new log file from hijackthis. I am still losing internet connection

#12 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 15 May 2005 - 08:24 PM

Post a new Microworld scan please.

#13 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 16 May 2005 - 11:32 AM

Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken. Object "Quicken Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "saap Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ToolBar Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "cws.therealsearch Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\LegitCheckControl.DLL". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\popcaploader.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ttinst.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "c:\Program Files\HP\Digital Imaging\hpis\temp\Install.wse.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "c:\Program Files\HP\Digital Imaging\hpis\temp\config.ini". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "c:\Program Files\HP\Digital Imaging\hpis\temp\templates.zip". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\locale.xml". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HPDialer.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HPHTTP.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HPSender.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HPUpdater.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HTTPTransport.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HPSdpApp.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\Dialer_phonebook_test.html". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\RASDialer.ini". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\HPSDP.pbk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Easy Internet signup\GRIC.SCP". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Broderbund\UMM\Air&car.ab2". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Broderbund\UMM\Gvtoffcl.ab2". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Broderbund\UMM\Health.ab2". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Broderbund\UMM\Hotels.ab2". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Broderbund\UMM\Majcorps.ab2". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Broderbund\UMM\Print60.dat". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\Templates\Data.nct". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\covered-deu.nls". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\CoverEdCtrl.ocx". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\CoverDes.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\Nero BackItUp\BackItUp-Deu.nls". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\WMPBurn\WMPBurn.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Logitech\QuickCam\QCUI.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Symantec Shared\Firewall.rul". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\popcaploader.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ttinst.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\LegitCheckControl.DLL". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Borland Shared\BDE\IDAPINST.DLL". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Real\GToolbar\BarControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{00014C0D-B007-4448-B89B-4EC3E857961D}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{00e1f738-1122-47d4-8b13-5f9229e839ff}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{00FAE562-DACA-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{00FAE568-DACA-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{0514B040-84EA-11D0-A8BF-00A0C9008A48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{070655DC-6AD9-4BB3-A7F9-78359689FBD7}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\LEDMeter.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" refers to invalid object "C:\WINDOWS\System32\msjava.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{08CE60DE-D425-11D3-891E-00104B9876B8}" refers to invalid object "C:\WINDOWS\system32\KODAKO~1.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{09101CAF-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{09101CB7-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{09101CBA-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{09101CBE-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{0B785C4A-8E74-4db2-87A7-2D5BF9C6E55C}" refers to invalid object "C:\Program Files\Ahead\WMPBurn\NeroBurnPlugin.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{10F34E64-BBB2-11D6-8A17-00E029570A3E}" refers to invalid object "C:\Program Files\America Online 9.0\sa.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1167C47F-01F9-4C08-8564-1D6C9BAAFB60}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Pathfinder.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1588A1C4-D709-4F78-8C3F-E1EEBFDE98B8}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}" refers to invalid object "C:\Program Files\America Online 9.0\axtrack.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{189504B8-50D1-4AA8-B4D6-95C8F58A6414}" refers to invalid object "C:\PROGRA~1\AMERIC~1.0\sb.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1B28020D-9DE7-11D4-A2D4-001083025146}" refers to invalid object "C:\Program Files\America Online 9.0\axclntbrg.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1C508980-77FB-411F-93CB-83E3B5392394}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1FD8D838-74A9-4DF8-936F-0D87ED49AD3C}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frcom-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{205D2DFB-BBAD-4DC4-A0BB-CDA12A1639CE}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{2293107A-87F9-4BE1-858E-FF1D96956D82}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{229b78d5-38f5-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{229b78df-38f5-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{229b78e0-38f5-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{229b78e1-38f5-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{229b78e2-38f5-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{2447902A-29D9-4101-8C63-55D46C78CBC5}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{2582BD1F-69F7-4C58-ACF7-600DB0AC1BD7}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\RECORD~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{283AEB67-7D7B-4771-9B70-634CE1CBDA82}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}" refers to invalid object "C:\Program Files\Ahead\WMPBurn\NeroBurnPlugin.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{2A426D47-51C3-4A79-B064-95FD87DAB5D1}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frcom-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{341EE246-3B05-4C23-B21A-17F2D4831FC0}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frext-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{3933DE4F-3551-11D3-AB53-00A0C976D016}" refers to invalid object "C:\Program Files\Logitech\QuickCam\Update.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{3A091B81-8FAF-4B7D-85C7-7CB5D3FDD479}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{3C9E293E-3C02-4260-9B5B-3666AD6663E0}" refers to invalid object "C:\Program Files\Easy Internet signup\HPSender.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{3CEC18D8-3C79-4570-82E6-81D54AB300C3}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{3D48B387-E74A-4651-A2ED-7FC490964319}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{42A3A9AB-F7B4-40B1-B2AA-F31E35459D4A}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\RECORD~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{443EC458-8008-4D72-A3AB-11B29EC2B065}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{444D539F-3B4A-47BC-9BBF-3EB64DE615EE}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\Axis.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{45137563-F598-4574-A987-A25867AB7068}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\bwclext.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{4634A8A8-E78E-4fed-9751-52307590D7F1}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{4C171D40-8277-11D5-AD55-00010333D0AD}" refers to invalid object "C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{4E97BE17-3300-4A4F-B380-5988DD771F1F}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Ares.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{5145942E-41DF-4658-B7C4-089F48E84A75}" refers to invalid object "C:\Program Files\America Online 9.0\axtrack.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{51B21D54-F57F-4ca1-93FF-D986E9F0A388}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{5321966D-031F-4A66-B698-2EB7C0D26705}" refers to invalid object "C:\Program Files\Easy Internet signup\HPHTTP.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{5434DB97-9FA6-11D4-824D-B0D52C000000}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{56336BCA-3D8A-11d6-A00B-0050DA18DE71}" refers to invalid object "C:\DOCUME~1\Owner\LOCALS~1\Temp\InfoWindow.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{5788DAE8-4B72-4BE6-89A0-1E6123E4CBC2}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Cerberus.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{59FA1D1E-3B4C-4311-BB1B-7BF16C607388}" refers to invalid object "C:\PROGRA~1\Ahead\COVERD~1\COVERE~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{5afdca22-0a5c-4e67-ac41-2ecc6b1ae94c}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{60A07B6D-B66C-4339-BD52-EC9520FDCE6A}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{6100E360-BB4A-4025-95FB-69CA629E4180}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\vbfrext-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{63603526-954A-42eb-8BEB-8E4BF2F636CB}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{639A19DD-1D97-4A6E-A0D1-01E04FED563F}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{6683A3CD-724F-402E-A2C3-DC410AD12D76}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{6BB7CC6C-E167-4C95-D992-6261CCCC5FE5}" refers to invalid object "C:\WINDOWS\twaintec.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{6F401070-479B-4C93-AE70-8B1372263316}" refers to invalid object "C:\PROGRA~1\NEWTEC~1\NTICD-~2\AVI2MP~1.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{741506D7-C215-48A1-8211-4CEFF2E8FE2C}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{74304484-AC4B-11D1-A50A-00C04FD7A1BD}" refers to invalid object "C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\MSIOFF9.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{756A2CB8-EC02-4DC8-8588-296C611A5365}" refers to invalid object "C:\Program Files\Common Files\aolshare\Coach\Player\coachdm2.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}" refers to invalid object "C:\Program Files\America Online 9.0\axtrack.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{77B17EA4-9E36-11D4-8244-2CFED9000000}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{7C9688C3-7279-474D-ABA5-A632373D2CDB}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{80373D03-D993-11D3-A2CE-00108335731F}" refers to invalid object "C:\Program Files\America Online 9.0\MIMEHook.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8352EDFE-28C3-4012-90BC-43B0AF7B7E57}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{83D4679F-B6D7-11D2-BF36-00C04FB90A03}" refers to invalid object "C:\PROGRA~1\MESSEN~1\rtcimsp.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{84CBABC2-D3BE-4EEF-8394-121FAC215CEF}" refers to invalid object "C:\Program Files\Common Files\aolshare\pictures\YGPPicInfo.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}" refers to invalid object "fde.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8940E505-72C6-44DE-BE85-1D746780EFBF}" refers to invalid object "C:\WINDOWS\system32\SWRT01.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{896E73F0-3851-11D3-AA54-00C04FD22F8C}" refers to invalid object "C:\Program Files\Ahead\WMPBurn\NeroBurnPlugin.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8AB5F344-B600-11D6-8A15-00E029570A3E}" refers to invalid object "C:\Program Files\America Online 9.0\sa.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8BBDA254-CE76-11D3-A2CE-00108335731F}" refers to invalid object "C:\Program Files\America Online 9.0\MIMEHook.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8DBFE843-D7DF-4cfc-B62C-05A6899139E2}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWTargetInf.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{91ACD762-9A4C-11D4-8235-86C3F4000000}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{943742F6-3A40-43FF-97F4-A1750D97B200}" refers to invalid object "C:\Program Files\Common Files\aolshare\pictures\YGPPicInfo.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{98BFD494-F6AD-4794-9038-832C0654CC43}" refers to invalid object "C:\Program Files\Common Files\aolshare\pictures\YGPUPF.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{99720901-B635-43bd-83E6-D084A990F15A}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{9D83E07A-279D-4266-BF1D-7C03914BDC05}" refers to invalid object "C:\PROGRA~1\NEWTEC~1\NTICD-~2\HOMEPL~1.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{9DC1221E-0B36-445a-A2D1-FCA92E502834}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{9EFBF860-5685-11D3-AA3D-00C04F4C5275}" refers to invalid object "cdooff.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A105BD70-BF56-4D10-BC91-41C88321F47C}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A7F78220-7648-4826-837B-6001E2AD7824}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A8DC3A14-CBFC-4BE8-995D-2FDB6C7AA9F2}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{AD41621C-A2DD-487D-A24B-8BE40116A5A3}" refers to invalid object "C:\Program Files\Common Files\aolshare\pictures\YGPPicInfo.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{AED456C4-4866-4420-863F-35767EBED514}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B0CEC9BB-C729-4445-85D7-1899E23C0298}" refers to invalid object "C:\Program Files\Easy Internet signup\HPDialer.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B1A99896-3AB9-4125-89FC-45656D918477}" refers to invalid object "C:\Program Files\Easy Internet signup\HPSender.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B4087707-EFB7-46C0-830E-714899CCE724}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B4F80028-5714-4B7B-B9B1-5748B204799A}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}" refers to invalid object "C:\Program Files\America Online 9.0\axtrack.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{BAE67246-0329-4EB0-84EC-7A52AFB5A901}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\LEDMeter.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{BB7CDE7C-5FB0-46E5-A3F4-EF118FACE08B}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{bc8a96c4-3909-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{bc8a96c5-3909-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{bc8a96c6-3909-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{bc8a96c7-3909-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{bc8a96c8-3909-11d5-9001-00c04f4c3b9f}" refers to invalid object "C:\Program Files\America Online 9.0\Media\CDDBControl.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{BCD7AC23-9FB7-4E16-9C97-D5225D2567B5}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\Axis.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{BFFFD262-7705-11D0-B5DC-444553540000}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C28BC286-884C-4a63-8A9C-6F7F5711034F}" refers to invalid object "C:\Program Files\America Online 9.0\Media\NmpX\nmpx.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C5AC3E71-AFAD-4F2F-973A-21A4F693D524}" refers to invalid object "C:\PROGRA~1\Ahead\NEROWA~1\AUDIOC~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C8B29238-05AD-421E-8B44-1C11C43FAE1C}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{CAEF9D56-0816-4984-BE91-B1B2ED801BE5}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWCHelpr-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{CD34B69E-6117-4eaf-B5B4-F9FD659BF00D}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{CF6067D7-D10C-4767-B04C-148E6EBB1574}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{D216096E-8FFA-446D-B985-0464E40F9FB4}" refers to invalid object "C:\PROGRA~1\NEWTEC~1\NTICD-~2\RESLIV~1.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{D465B936-C361-4417-9AC5-35167066F84B}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{d4ad8206-c45b-4240-a090-e063a222b66c}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{D9F99C6B-A3A6-11D4-AF64-444553546170}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E0CB08CE-AB3D-4779-9C77-62A439BFE6C3}" refers to invalid object "C:\Program Files\Common Files\aolshare\pictures\YGPPicEdit.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E13046F7-A5DF-4574-BD7A-6DC12EC10FF5}" refers to invalid object "C:\Program Files\America Online 9.0\ebrowser.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E1A46626-9FD3-11D4-824D-B0D52C000000}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E3852604-B619-11d6-94EC-00047521F020}" refers to invalid object "C:\Program Files\America Online 9.0\Media\NmpXChat\nmpxchat.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E6674EE4-57B1-42F2-A953-43705B992AD5}" refers to invalid object "C:\PROGRA~1\Ahead\NEROSO~1\EFFECT~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E80A2814-3A36-4897-8BFF-924D39C26FF8}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E981D791-F499-4837-A483-5AB22F1C548F}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{E9DD2392-EF9B-4963-BEDF-F86C0A2B762A}" refers to invalid object "C:\Program Files\America Online 9.0\AMH.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{EA09F0D8-B88C-4472-8E4B-57F12CDB388B}" refers to invalid object "C:\PROGRA~1\Ahead\NEROSO~1\EFFECT~1.OCX". Action Taken: No Action Taken. Entry "HKCR\CLSID\{EB511AE4-87FE-4EFB-91A3-428B2F2601F7}" refers to invalid object "C:\Program Files\America Online 9.0\Media\Phobos.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{efedf1ee-ad78-4de4-9878-8e110683e49f}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F091791F-D50D-4ace-9D82-05C42DBB9897}" refers to invalid object "C:\Program Files\America Online 9.0\MyCalendar.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5665-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA566B-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5671-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5677-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA567D-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5683-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5689-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA568F-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5695-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA569B-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56A1-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56A7-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56AD-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56B3-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56B9-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56BF-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56C5-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56CB-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56D1-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56D7-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56DD-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56E3-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56E9-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56EF-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56F5-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA56FB-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5701-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5707-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA570D-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5713-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA571F-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA572B-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5731-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5737-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA573D-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5749-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA574F-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5755-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA575B-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5767-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA5791-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA57DF-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA57E5-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3CA57EB-C5DA-11CF-8F28-00AA0060FD48}" refers to invalid object "C:\WINDOWS\System32\dx3j.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F3FBC8E5-93A3-11D4-8217-A85459000000}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F83865C0-92C3-11d3-B41E-0010DC973BDB}" refers to invalid object "CamExL20.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F83865C2-92C3-11d3-B41E-0010DC973BDB}" refers to invalid object "CamExL20.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F83865C3-92C3-11d3-B41E-0010DC973BDB}" refers to invalid object "CamExL20.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{FEC5F6B2-A15A-11D4-8250-9C9E8B000000}" refers to invalid object "C:\Program Files\Ahead\nero\NeroCom.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{FF544D45-5D56-41FE-914D-1A78D76A842B}" refers to invalid object "C:\PROGRA~1\NEWTEC~1\NTICD-~2\resCdmkr.dll". Action Taken: No Action Taken. Entry "HKCR\AcroExch.Document.7" refers to invalid object "{B801CA65-A1FC-11D0-85AD-444553540000}". Action Taken: No Action Taken. Entry "HKCR\AcroExch.XDPDoc" refers to invalid object "{B801CA65-A1FC-11D0-85AD-444553540000}". Action Taken: No Action Taken. Entry "HKCR\AcroPDF.PDF" refers to invalid object "{CA8A9780-280D-11CF-A24D-444553540000}". Action Taken: No Action Taken. Entry "HKCR\AcroPDF.PDF.1" refers to invalid object "{CA8A9780-280D-11CF-A24D-444553540000}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\CoachDM.WebCoachDownload" refers to invalid object "{E04EAE82-14AD-41CB-BF5A-45556ABB8347}". Action Taken: No Action Taken. Entry "HKCR\CoachDM.WebCoachDownload.1" refers to invalid object "{E04EAE82-14AD-41CB-BF5A-45556ABB8347}". Action Taken: No Action Taken. Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken. Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken. Entry "HKCR\DSP.DSP" refers to invalid object "{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}". Action Taken: No Action Taken. Entry "HKCR\DSP.DSPDMOProp_Chorus.1" refers to invalid object "{6F63B172-5543-4593-91CE-EDBA65B9FACDB}". Action Taken: No Action Taken. Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\MDTDF.Form.1" refers to invalid object "{105B80D2-95F1-11D0-B0A0-00AA00BDCB5C}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken. Entry "HKCR\Tgctlins.TgDriveSizes" refers to invalid object "{1B09DB64-6967-11D4-99CE-0090278EF9D3}". Action Taken: No Action Taken. Entry "HKCR\Tgctlins.TgDriveSizes.1" refers to invalid object "{1B09DB64-6967-11D4-99CE-0090278EF9D3}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. File C:\hp\bin\Terminator.exe tagged as not-a-virus:RiskWare.Tool.KillApp. No Action Taken. File C:\Program Files\Broderbund\The Print Shop\Unlock\SSD\SS4DlxDl.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\Program Files\Norton AntiVirus\Quarantine\14C71618.exe infected by "Trojan-Dropper.Win32.Delf.z" Virus! Action Taken: No Action Taken. File C:\Program Files\Online Services\AOL90US\comp01.000 tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP460\A0068819.exe tagged as "not-a-virus:AdWare.ToolBar.ImiBar.d". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP461\A0068830.exe infected by "Trojan-Downloader.Win32.OneClickNetSearch.h" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP462\A0068840.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP462\A0068866.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP469\A0069150.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP470\A0069169.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP471\A0069219.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP471\A0069465.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076921.exe infected by "Trojan.Win32.Scapur.h" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076922.exe tagged as "not-a-virus:AdWare.VirtualBouncer.d". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076923.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076924.dll tagged as "not-a-virus:AdWare.BiSpy.t". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076926.exe infected by "Trojan-Dropper.Win32.Small.ff" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP557\A0076928.exe tagged as "not-a-virus:AdWare.ToolBar.ImiBar.d". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP560\A0077229.EXE tagged as "not-a-virus:AdWare.Background". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP560\A0077329.dll tagged as "not-a-virus:AdWare.VirtualBouncer.d". Action Taken: No Action Taken. File C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP560\A0077330.dll tagged as "not-a-virus:AdWare.Sahat.a". Action Taken: No Action Taken.

#14 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 17 May 2005 - 07:05 PM

PLease do at least 2 of these online scans.


Trend Micro http://housecall.antivirus.com/

E Trust http://www3.ca.com/v.../virusscan.aspx

Rav http://www.ravantivirus.com/scan/

Pc Pitstop http://www.pcpitstop...ntivirus/AV.asp

Panda http://www.pandasoft...n_principal.htm

Bitdefender http://www.bitdefend.../Msie/index.php

#15 grammydebbie

grammydebbie

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 18 May 2005 - 09:03 AM

I ran panda and pitstop. pitstop found no viruses and panda found 6 adaware.The adaware were mostly from p2p

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users