lastshot
In Runtime
- Messages
- 203
- Location
- Westchester, Ny
Well, i just finished running avg, ad aware and some other programs and i still got some stuff goin on. My homepage keeps being changed, and i got this toolbar icon pop up that likes to exit me outta games so taht it can tell me to "click here" Any Help will be greatly appreciated, so Thank you in advance
Logfile of HijackThis v1.99.1
Scan saved at 1:30:56 PM, on 1/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec
Shared\AppCore\AppSvc32.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\windows\System32\svchost.exe
C:\windows\wanmpsvc.exe
C:\windows\System32\alg.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-
LC\symlcsvc.exe
C:\windows\Explorer.EXE
C:\windows\AGRSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\windows\system32\ctfmon.exe
I:\Programs\Antivirus\Ad Aware\aawservice.exe
c:\program files\common files\aol\1125368218
\ee\aolsoftware.exe
c:\program files\common files\aol\1125368218
\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP
Scheduler.exe
c:\program files\common files\aol\1125368218
\ee\aolsoftware.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
D:\john's stuff\Ragnarok\INSTALLED HERE\Lightside -
Legend Ragnarok\llroexe2.exe
C:\Hijacke this HJT!\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
MSN.com
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://securityresponse.symantec.com/avcenter/fix_homepa
ge
R1 - HKLM\Software\Microsoft\Internet
Explorer\SearchURL,(Default) = about:blank
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-
D42A53123C75} - C:\Program Files\Common Files\Symantec
Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01
\bin\ssv.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-
7bd156758a37} - (no file)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-
B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar
2.0\aoltb.dll
O2 - BHO: (no name) - {E8F0534B-E8D3-CE03-A2DA-
ECCB5EEE0AC2} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-
AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0
\aoltb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738
-B738-FBEE9C7B26DF} - C:\Program Files\Common
Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program
files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program
Files\Corel\WordPerfect Office 2002
\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common
Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton
Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program
Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program
Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-
4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program
Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-
4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [RAM Idle]
I:\Programs\Antivirus\OPtimizer\fo-cx185\Customizer
XP\RAM_2K.exe
O4 - HKLM\..\Run: [Optimum Online net guide] "C:\Program
Files\Optimum Online\Netsurf.exe" -trayicon
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32
\ctfmon.exe
O4 - Global Startup: Microsoft Find Fast.lnk =
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet
Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar Search -
c:\program files\aol\aol toolbar 2.0\resources\en-
US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5
-00401C608501} - C:\Program Files\Java\jre1.6.0_01
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-
8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar
2.0\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E
-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF:
START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: Squelchies by pogo -
http://squelchies.pogo.com/applet/squelchies/squelchies
-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo -
http://holdem2.pogo.com/applet-5.8.6.20/holdem/holdem-
ob-assets.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} -
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5}
(Keynote Connector Launcher 2) -
http://webeffective.keynote.com/applications/pconnector/
download/ConnectorLauncher.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}
(Facebook Photo Uploader 4 Control) -
http://upload.facebook.com/controls/FacebookPhotoUploade
r2.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC}
(Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/FacebookPhotoUploade
r.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
(Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/
bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
(DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Control
s/en/x86/client/muweb_site.cab?1167662930234
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -
http://a19.g.akamai.net/7/19/7125/4058/ftp.coupons.com/r
3302/Coupons.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525}
(IWinAmpActiveX Class) -
http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl
.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269}
(BTDownloadCtrl Control) -
http://www.shockwave.com/content/thinktanks/sis/BTDownlo
adCtrl.cab
O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222}
(AxRUploadControl Object) -
http://www.imagestation.com/common/classes/SonyISUpload.
cab?v=1,0,0,37
O17 - HKLM\System\CCS\Services\Tcpip\..\{10CCFB5F-2646-
450E-B94F-E1610DABF455}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{5901FAA4-0056-
443F-8D92-377E99430593}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A45C9C8-DF84-
43ED-8E68-28D7AF0848DA}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9ABC834-7EEF-
4E96-90A3-8F6EBD55D555}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CS2\Services\Tcpip\Parameters:
NameServer = 85.255.114.108 85.255.112.143
O17 - HKLM\System\CS2\Services\Tcpip\..\{10CCFB5F-2646-
450E-B94F-E1610DABF455}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CS3\Services\Tcpip\Parameters:
NameServer = 85.255.114.108 85.255.112.143
O17 - HKLM\System\CS3\Services\Tcpip\..\{10CCFB5F-2646-
450E-B94F-E1610DABF455}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:
NameServer = 85.255.114.108 85.255.112.143
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32
\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7
-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O21 - SSODL: died - {7fa55359-7223-410f-bc82-
efb3e3ded07f} - (no file)
O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-
a82270ac449e} - (no file)
O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-
7b56fb11140b} - (no file)
O21 - SSODL: didymiums - {e6adaaf0-79b2-4cf1-a660-
50a0b33991a1} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) -
Unknown owner - I:\Programs\Antivirus\Ad
Aware\aawservice.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL
LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service
(AOLService) - Unknown owner - C:\Program Files\Common
Files\AOL\AOL Spyware Protection\\aolserv.exe (file
missing)
O23 - Service: Apple Mobile Device - Apple, Inc. -
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec
Corporation - C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -
Unknown owner - C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) -
Unknown owner - C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service
(CLTNetCnService) - Unknown owner - C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe" /h
ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation
- C:\Program Files\Common Files\Symantec
Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation
(ISPwdSvc) - Symantec Corporation - C:\Program
Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate
Notice Ex) - Unknown owner - C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner
- C:\Program Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}
\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}
\PifEng.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) -
NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Unknown owner -
C:\Program Files\Common Files\Symantec Shared\CCPD-
LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: WAN Miniport (ATW) Service
(WANMiniportService) - America Online, Inc. -
C:\windows\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 1:30:56 PM, on 1/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec
Shared\AppCore\AppSvc32.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\windows\System32\svchost.exe
C:\windows\wanmpsvc.exe
C:\windows\System32\alg.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-
LC\symlcsvc.exe
C:\windows\Explorer.EXE
C:\windows\AGRSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\windows\system32\ctfmon.exe
I:\Programs\Antivirus\Ad Aware\aawservice.exe
c:\program files\common files\aol\1125368218
\ee\aolsoftware.exe
c:\program files\common files\aol\1125368218
\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP
Scheduler.exe
c:\program files\common files\aol\1125368218
\ee\aolsoftware.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
D:\john's stuff\Ragnarok\INSTALLED HERE\Lightside -
Legend Ragnarok\llroexe2.exe
C:\Hijacke this HJT!\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
MSN.com
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://securityresponse.symantec.com/avcenter/fix_homepa
ge
R1 - HKLM\Software\Microsoft\Internet
Explorer\SearchURL,(Default) = about:blank
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-
D42A53123C75} - C:\Program Files\Common Files\Symantec
Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01
\bin\ssv.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-
7bd156758a37} - (no file)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-
B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar
2.0\aoltb.dll
O2 - BHO: (no name) - {E8F0534B-E8D3-CE03-A2DA-
ECCB5EEE0AC2} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-
AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0
\aoltb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738
-B738-FBEE9C7B26DF} - C:\Program Files\Common
Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program
files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program
Files\Corel\WordPerfect Office 2002
\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common
Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton
Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program
Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program
Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-
4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program
Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-
4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [RAM Idle]
I:\Programs\Antivirus\OPtimizer\fo-cx185\Customizer
XP\RAM_2K.exe
O4 - HKLM\..\Run: [Optimum Online net guide] "C:\Program
Files\Optimum Online\Netsurf.exe" -trayicon
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32
\ctfmon.exe
O4 - Global Startup: Microsoft Find Fast.lnk =
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet
Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar Search -
c:\program files\aol\aol toolbar 2.0\resources\en-
US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5
-00401C608501} - C:\Program Files\Java\jre1.6.0_01
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-
8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar
2.0\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E
-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF:
START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: Squelchies by pogo -
http://squelchies.pogo.com/applet/squelchies/squelchies
-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo -
http://holdem2.pogo.com/applet-5.8.6.20/holdem/holdem-
ob-assets.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} -
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5}
(Keynote Connector Launcher 2) -
http://webeffective.keynote.com/applications/pconnector/
download/ConnectorLauncher.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}
(Facebook Photo Uploader 4 Control) -
http://upload.facebook.com/controls/FacebookPhotoUploade
r2.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC}
(Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/FacebookPhotoUploade
r.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
(Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/
bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
(DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Control
s/en/x86/client/muweb_site.cab?1167662930234
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -
http://a19.g.akamai.net/7/19/7125/4058/ftp.coupons.com/r
3302/Coupons.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525}
(IWinAmpActiveX Class) -
http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl
.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269}
(BTDownloadCtrl Control) -
http://www.shockwave.com/content/thinktanks/sis/BTDownlo
adCtrl.cab
O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222}
(AxRUploadControl Object) -
http://www.imagestation.com/common/classes/SonyISUpload.
cab?v=1,0,0,37
O17 - HKLM\System\CCS\Services\Tcpip\..\{10CCFB5F-2646-
450E-B94F-E1610DABF455}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{5901FAA4-0056-
443F-8D92-377E99430593}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A45C9C8-DF84-
43ED-8E68-28D7AF0848DA}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9ABC834-7EEF-
4E96-90A3-8F6EBD55D555}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CS2\Services\Tcpip\Parameters:
NameServer = 85.255.114.108 85.255.112.143
O17 - HKLM\System\CS2\Services\Tcpip\..\{10CCFB5F-2646-
450E-B94F-E1610DABF455}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CS3\Services\Tcpip\Parameters:
NameServer = 85.255.114.108 85.255.112.143
O17 - HKLM\System\CS3\Services\Tcpip\..\{10CCFB5F-2646-
450E-B94F-E1610DABF455}: NameServer =
85.255.114.108,85.255.112.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:
NameServer = 85.255.114.108 85.255.112.143
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32
\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7
-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O21 - SSODL: died - {7fa55359-7223-410f-bc82-
efb3e3ded07f} - (no file)
O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-
a82270ac449e} - (no file)
O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-
7b56fb11140b} - (no file)
O21 - SSODL: didymiums - {e6adaaf0-79b2-4cf1-a660-
50a0b33991a1} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) -
Unknown owner - I:\Programs\Antivirus\Ad
Aware\aawservice.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL
LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service
(AOLService) - Unknown owner - C:\Program Files\Common
Files\AOL\AOL Spyware Protection\\aolserv.exe (file
missing)
O23 - Service: Apple Mobile Device - Apple, Inc. -
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec
Corporation - C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -
Unknown owner - C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) -
Unknown owner - C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service
(CLTNetCnService) - Unknown owner - C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe" /h
ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation
- C:\Program Files\Common Files\Symantec
Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation
(ISPwdSvc) - Symantec Corporation - C:\Program
Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate
Notice Ex) - Unknown owner - C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner
- C:\Program Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}
\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}
\PifEng.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) -
NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Unknown owner -
C:\Program Files\Common Files\Symantec Shared\CCPD-
LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: WAN Miniport (ATW) Service
(WANMiniportService) - America Online, Inc. -
C:\windows\wanmpsvc.exe