Jump to content

keeps coming back...help?

clonesauce

By clonesauce
in Software Hangout

 Share

Recommended Posts

clonesauce

clonesauce

Posted
Posted

Ok, im using Ad-Aware SE Personal, Spybot S&D....The thing is, there's this thing called IST, DyFuCA, n-Case, and Exact Advertising. BargainBuddy which i've already fixed...but when I reboot my comp, they come back ALL the time...what the problem is?


clonesauce

clonesauce

Posted
  • Author
Posted

uh ok...like this?

Logfile of HijackThis v1.99.1

Scan saved at 10:49:31 PM, on 5/31/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\WINDOWS\Mixer.exe

C:\WINDOWS\system32\sstray.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\ASUS\Probe\AsusProb.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\BITWARE\NT\bwprnmon.exe

C:\WINDOWS\system32\ntvdm.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE

C:\Program Files\The Cleaner\tca.exe

C:\Program Files\The Cleaner\tcm.exe

C:\WINDOWS\system32\msxct.exe

C:\WINDOWS\jnufnepf.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\TGTSoft\StyleXP\StyleXP.exe

C:\Program Files\CursorXP\CursorXP.exe

C:\Program Files\GetRight\getright.exe

C:\Program Files\GetRight\getright.exe

C:\Program Files\Winamp\Winamp.exe

D:\Shareaza Lite\Shareaza.exe

C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

C:\Program Files\mozilla.org\Mozilla\mozilla.exe

C:\Program Files\ISTsvc\istsvc.exe

C:\Ð'o†akidniz.01\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ktnermwbyozgc.com/kesZOL9s0ml/D...aIIlPymL/0k.jsp

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank

O2 - BHO: ngpw34.clsIS - {2D7CB618-CC1C-4126-A7E3-F5B12D3BCF71} - c:\windows\ngpw34.dll

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: IExplorr29.clsIS - {54ED9B49-81D1-4866-95A6-30F01DE0047E} - c:\windows\iexplorr29.dll (file missing)

O2 - BHO: IExplorr26.clsIS - {90E34F98-E3E6-4CD7-A592-E964FED8AF78} - c:\windows\iexplorr26.dll (file missing)

O2 - BHO: IExplorr27.clsIS - {94326E3F-F51F-4863-A832-4ACD0D7D4BC3} - c:\windows\iexplorr27.dll (file missing)

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: ngsw31.clsIS - {E9147A0A-A866-4214-B47C-DA821891240F} - c:\windows\ngsw31.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [cpmdqj] C:\WINDOWS\cpmdqj.exe

O4 - HKLM\..\Run: [bwprnmon.exe] C:\BITWARE\NT\bwprnmon.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe

O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe

O4 - HKLM\..\Run: [msxct] msxct.exe

O4 - HKLM\..\Run: [n61fOTF] C:\WINDOWS\jnufnepf.exe

O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe

O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe

O4 - HKLM\..\RunServices: [system Startup] voltio.exe

O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe

O4 - HKLM\..\RunOnce: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [2mfcd] C:\DOCUME~1\User\APPLIC~1\DEFAUL~1\Okay Heck.exe

O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe

O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3279CF8-5FD6-4CA5-860C-943BBA2B2522}: NameServer = 202.78.120.2 202.78.97.2

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Martin Zugec

Martin Zugec

Posted
Posted

C:\Program Files\The Cleaner\tca.exe

C:\Program Files\The Cleaner\tcm.exe

C:\WINDOWS\system32\msxct.exe

C:\WINDOWS\jnufnepf.exe

D:\Shareaza Lite\Shareaza.exe

C:\Program Files\ISTsvc\istsvc.exe

O2 - BHO: ngpw34.clsIS - {2D7CB618-CC1C-4126-A7E3-F5B12D3BCF71} - c:\windows\ngpw34.dll

O2 - BHO: IExplorr29.clsIS - {54ED9B49-81D1-4866-95A6-30F01DE0047E} - c:\windows\iexplorr29.dll (file missing)

O2 - BHO: IExplorr26.clsIS - {90E34F98-E3E6-4CD7-A592-E964FED8AF78} - c:\windows\iexplorr26.dll (file missing)

O2 - BHO: IExplorr27.clsIS - {94326E3F-F51F-4863-A832-4ACD0D7D4BC3} - c:\windows\iexplorr27.dll (file missing)

O2 - BHO: ngsw31.clsIS - {E9147A0A-A866-4214-B47C-DA821891240F} - c:\windows\ngsw31.dll

O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll

O4 - HKLM\..\Run: [cpmdqj] C:\WINDOWS\cpmdqj.exe

O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe

O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe

O4 - HKLM\..\Run: [msxct] msxct.exe

O4 - HKLM\..\Run: [n61fOTF] C:\WINDOWS\jnufnepf.exe

O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe

O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe

O4 - HKLM\..\RunServices: [system Startup] voltio.exe

O4 - Startup: PowerReg Scheduler.exe

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

Try to clean this entries and tell me, if it helped...

clonesauce

clonesauce

Posted
  • Author
Posted

Logfile of HijackThis v1.99.1

Scan saved at 11:22:50 PM, on 5/31/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\Mixer.exe

C:\WINDOWS\system32\sstray.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\ASUS\Probe\AsusProb.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\BITWARE\NT\bwprnmon.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE

C:\WINDOWS\system32\ntvdm.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\TGTSoft\StyleXP\StyleXP.exe

C:\Program Files\CursorXP\CursorXP.exe

c:\progra~1\intern~1\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\mozilla.org\Mozilla\mozilla.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Ð'o†akidniz.01\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.xektbmpsjkcds.info/kesZOL9s0ml/...KIIlPymL/0k.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank

O2 - BHO: (no name) - {2D7CB618-CC1C-4126-A7E3-F5B12D3BCF71} - (no file)

O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: (no name) - {54ED9B49-81D1-4866-95A6-30F01DE0047E} - (no file)

O2 - BHO: IExplorr26.clsIS - {90E34F98-E3E6-4CD7-A592-E964FED8AF78} - c:\windows\iexplorr26.dll (file missing)

O2 - BHO: IExplorr27.clsIS - {94326E3F-F51F-4863-A832-4ACD0D7D4BC3} - c:\windows\iexplorr27.dll (file missing)

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {E9147A0A-A866-4214-B47C-DA821891240F} - (no file)

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [bwprnmon.exe] C:\BITWARE\NT\bwprnmon.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [2mfcd] C:\DOCUME~1\User\APPLIC~1\DEFAUL~1\Okay Heck.exe

O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe

O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3279CF8-5FD6-4CA5-860C-943BBA2B2522}: NameServer = 202.78.120.2 202.78.97.2

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...