jimzinhere
Thread Starter
- Joined
- Apr 9, 2008
- Messages
- 3
i have some problems similar to some other posts on here, the desktop background has changed to the "spyware detected on your pc" background, i get pop ups for "top rated spyware removers" and others i have a little exclamation mark in the bottom right hand corner of the screen,
win xp service pack 2,amd 64 pro,512mb,160gig
i have internet explorer but am trying to change to mozilla, have installed it but need to solve spyware, and wasnt sure if i should delete explorer until spyware was fixed incase it made it worse, i have spyware terminator see below i did a hijack this log aswell and that is under the first log from terminator, hopefully these may help solve it,
Spyware Terminator v2.0.0.194 (db:1.0.902.662)
Scan Time: 12/04/2008 09:59:33 length: 323 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 25201 (Critical:44)
Filter: No System items, No Safe items, No Invalid items
Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
wmsdkns.exe [Microsoft] : C:\WINDOWS\system32\wmsdkns.exe
ccProxy.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
ccSetMgr.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
ISSVC.exe [Symantec Corporation] : C:\Program Files\Norton Internet Security\ISSVC.exe
SNDSrvc.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
brsvc01a.exe [brother Industries Ltd] : C:\WINDOWS\system32\brsvc01a.exe
brss01a.exe [brother Industries Ltd] : C:\WINDOWS\system32\brss01a.exe
ALUSchedulerSvc.exe [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
navapsvc.exe [Symantec Corporation] : C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
SymWSC.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
iPodService.exe [Apple Computer, Inc.] : C:\Program Files\iPod\bin\iPodService.exe
HPwuSchd2.exe [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
aoltray.exe [America Online, Inc.] : C:\Program Files\AOL 9.0\aoltray.exe
WLLoginProxy.exe [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
SymSCUI.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - [Orbitdownloader.com] : C:\Program Files\Orbitdownloader\orbitcth.dll
02 - BHO: - {30EA05C5-7396-4155-A294-2C69B7B56BC4} - : C:\WINDOWS\system32\opnoNEUK.dll
02 - BHO: - {7CE67716-5803-4FB7-B344-0C7A17F93B5D} - : C:\WINDOWS\system32\jkkHXQjh.dll
02 - BHO: - {fd150b31-28ca-49d3-bd5c-4deffe2a63c2} - : C:\WINDOWS\system32\gxvsirmq.dll
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AntispyStorm : [AntispyStorm Inc.] : C:\Program Files\AntispyStorm\AntispyStorm.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM3b36a041 : : C:\WINDOWS\system32\JQHUOQGH.DLL
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 380593dd : : C:\WINDOWS\system32\lixxqnxf.dll
04 - Startup: %START_PROGRAMSALL%\Startup\AOL 9.0 Tray Icon.lnk [America Online, Inc.] : C:\Program Files\AOL 9.0\aoltray.exe
04 - Startup: %START_PROGRAMSALL%\Startup\Status Monitor.lnk [Brother Industries, Ltd.] : C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
Shell Extensions
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - [Apple Computer, Inc.] : C:\Program Files\iTunes\iTunesMiniPlayer.dll
SampleView - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\WINDOWS\system32\ShellvRTF.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
My Sharing Folders - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Import Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Microsoft Infotech Storage Protocol for IE 4.0 - {0A9007C0-4076-11D3-8789-0000F8105754} - [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
23 - [brother Industries Ltd] : C:\WINDOWS\system32\brsvc01a.exe
23 - [Brother Industries Ltd.] : C:\WINDOWS\system32\Drivers\BrScnUsb.sys
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\EENGINE\EECTRL.SYS
23 - [GEAR Software Inc.] : C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23 - [Apple Computer, Inc.] : C:\Program Files\iPod\bin\iPodService.exe
23 - [Symantec Corporation] : C:\Program Files\Norton Internet Security\ISSVC.exe
23 - [Symantec Corporation] : C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\VirusDefs\20080305.040\NAVENG.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\VirusDefs\20080305.040\NAVEX15.SYS
23 - [Hewlett-Packard Company] : C:\WINDOWS\system32\DRIVERS\PS2.sys
23 - [Realtek Semiconductor Corporation] : C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
23 - [Symantec Corporation] : C:\Program Files\NORTON INTERNET SECURITY\NORTON ANTIVIRUS\SAVRT.SYS
23 - [Symantec Corporation] : C:\Program Files\NORTON INTERNET SECURITY\NORTON ANTIVIRUS\SAVRTPEL.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMDNS.SYS
23 - [Symantec Corporation] : C:\Program Files\SYMANTEC\SYMEVENT.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMFW.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMIDS.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20080407.003\SymIDSCo.sys
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMNDIS.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMREDRV.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMTDI.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
23 - [America Online, Inc.] : C:\WINDOWS\system32\DRIVERS\wanatw4.sys
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkHXQjh, DLLName : : C:\WINDOWS\system32\jkkHXQjh.dll
System Policies
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr : : C:\WINDOWS\system32\jkkHXQjh.dll
Thread Files
<StartPage> : C:\WINDOWS\system32\ntnut32.exe
<StartPage> : C:\WINDOWS\system32\shdocpe.dll
<2020Search> : C:\WINDOWS\2020search2.dll
<2020Search> : C:\WINDOWS\mssvr.exe
<180searchAssistant> : C:\Program Files\180Search Assistant\180sa.exe
<180searchAssistant> : C:\Program Files\180Search Assistant\sau.exe
<180searchAssistant> : C:\WINDOWS\salm.exe
<180searchAssistant> : C:\WINDOWS\180ax.exe
<Transponder/VoiceIP> : C:\WINDOWS\voiceip.dll
<Seekmo> : C:\Program Files\Seekmo\SEEKMOHOOK.DLL
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:36:05, on 12/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wmsdkns.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntispyStorm] C:\Program Files\AntispyStorm\AntispyStorm.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [380593dd] rundll32.exe "C:\WINDOWS\system32\mhrlegkr.dll",b
O4 - HKLM\..\Run: [BM3b36a041] Rundll32.exe "C:\WINDOWS\system32\jqhuoqgh.dll",s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 9324 bytes
win xp service pack 2,amd 64 pro,512mb,160gig
i have internet explorer but am trying to change to mozilla, have installed it but need to solve spyware, and wasnt sure if i should delete explorer until spyware was fixed incase it made it worse, i have spyware terminator see below i did a hijack this log aswell and that is under the first log from terminator, hopefully these may help solve it,
Spyware Terminator v2.0.0.194 (db:1.0.902.662)
Scan Time: 12/04/2008 09:59:33 length: 323 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 25201 (Critical:44)
Filter: No System items, No Safe items, No Invalid items
Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
wmsdkns.exe [Microsoft] : C:\WINDOWS\system32\wmsdkns.exe
ccProxy.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
ccSetMgr.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
ISSVC.exe [Symantec Corporation] : C:\Program Files\Norton Internet Security\ISSVC.exe
SNDSrvc.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
brsvc01a.exe [brother Industries Ltd] : C:\WINDOWS\system32\brsvc01a.exe
brss01a.exe [brother Industries Ltd] : C:\WINDOWS\system32\brss01a.exe
ALUSchedulerSvc.exe [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
navapsvc.exe [Symantec Corporation] : C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
SymWSC.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
iPodService.exe [Apple Computer, Inc.] : C:\Program Files\iPod\bin\iPodService.exe
HPwuSchd2.exe [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
aoltray.exe [America Online, Inc.] : C:\Program Files\AOL 9.0\aoltray.exe
WLLoginProxy.exe [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
SymSCUI.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - [Orbitdownloader.com] : C:\Program Files\Orbitdownloader\orbitcth.dll
02 - BHO: - {30EA05C5-7396-4155-A294-2C69B7B56BC4} - : C:\WINDOWS\system32\opnoNEUK.dll
02 - BHO: - {7CE67716-5803-4FB7-B344-0C7A17F93B5D} - : C:\WINDOWS\system32\jkkHXQjh.dll
02 - BHO: - {fd150b31-28ca-49d3-bd5c-4deffe2a63c2} - : C:\WINDOWS\system32\gxvsirmq.dll
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AntispyStorm : [AntispyStorm Inc.] : C:\Program Files\AntispyStorm\AntispyStorm.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM3b36a041 : : C:\WINDOWS\system32\JQHUOQGH.DLL
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 380593dd : : C:\WINDOWS\system32\lixxqnxf.dll
04 - Startup: %START_PROGRAMSALL%\Startup\AOL 9.0 Tray Icon.lnk [America Online, Inc.] : C:\Program Files\AOL 9.0\aoltray.exe
04 - Startup: %START_PROGRAMSALL%\Startup\Status Monitor.lnk [Brother Industries, Ltd.] : C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
Shell Extensions
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - [Apple Computer, Inc.] : C:\Program Files\iTunes\iTunesMiniPlayer.dll
SampleView - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\WINDOWS\system32\ShellvRTF.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
My Sharing Folders - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Import Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Microsoft Infotech Storage Protocol for IE 4.0 - {0A9007C0-4076-11D3-8789-0000F8105754} - [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
23 - [brother Industries Ltd] : C:\WINDOWS\system32\brsvc01a.exe
23 - [Brother Industries Ltd.] : C:\WINDOWS\system32\Drivers\BrScnUsb.sys
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\EENGINE\EECTRL.SYS
23 - [GEAR Software Inc.] : C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23 - [Apple Computer, Inc.] : C:\Program Files\iPod\bin\iPodService.exe
23 - [Symantec Corporation] : C:\Program Files\Norton Internet Security\ISSVC.exe
23 - [Symantec Corporation] : C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\VirusDefs\20080305.040\NAVENG.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\VirusDefs\20080305.040\NAVEX15.SYS
23 - [Hewlett-Packard Company] : C:\WINDOWS\system32\DRIVERS\PS2.sys
23 - [Realtek Semiconductor Corporation] : C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
23 - [Symantec Corporation] : C:\Program Files\NORTON INTERNET SECURITY\NORTON ANTIVIRUS\SAVRT.SYS
23 - [Symantec Corporation] : C:\Program Files\NORTON INTERNET SECURITY\NORTON ANTIVIRUS\SAVRTPEL.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMDNS.SYS
23 - [Symantec Corporation] : C:\Program Files\SYMANTEC\SYMEVENT.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMFW.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMIDS.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20080407.003\SymIDSCo.sys
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMNDIS.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMREDRV.SYS
23 - [Symantec Corporation] : C:\WINDOWS\system32\Drivers\SYMTDI.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
23 - [America Online, Inc.] : C:\WINDOWS\system32\DRIVERS\wanatw4.sys
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkHXQjh, DLLName : : C:\WINDOWS\system32\jkkHXQjh.dll
System Policies
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr : : C:\WINDOWS\system32\jkkHXQjh.dll
Thread Files
<StartPage> : C:\WINDOWS\system32\ntnut32.exe
<StartPage> : C:\WINDOWS\system32\shdocpe.dll
<2020Search> : C:\WINDOWS\2020search2.dll
<2020Search> : C:\WINDOWS\mssvr.exe
<180searchAssistant> : C:\Program Files\180Search Assistant\180sa.exe
<180searchAssistant> : C:\Program Files\180Search Assistant\sau.exe
<180searchAssistant> : C:\WINDOWS\salm.exe
<180searchAssistant> : C:\WINDOWS\180ax.exe
<Transponder/VoiceIP> : C:\WINDOWS\voiceip.dll
<Seekmo> : C:\Program Files\Seekmo\SEEKMOHOOK.DLL
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:36:05, on 12/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wmsdkns.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntispyStorm] C:\Program Files\AntispyStorm\AntispyStorm.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [380593dd] rundll32.exe "C:\WINDOWS\system32\mhrlegkr.dll",b
O4 - HKLM\..\Run: [BM3b36a041] Rundll32.exe "C:\WINDOWS\system32\jqhuoqgh.dll",s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 9324 bytes