programs aren't opening...hjt log

Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Pokeyreese

Thread Starter
Joined
Feb 11, 2006
Messages
12
I don't know what my dad did but he's having problems with his laptop. When you go to open pretty much any program you either get an error that says "programname.exe has generated errors and will be closed by windows. You will need to restart the program." or a message that says, "this application failed to initialize properly (0xc0000005). Click on ok to terminate the application."

No spyware programs can load properly so I can't try to clean anything. Also, internet explorer will not connect to any websites, but netscape seems to be working fine.

Logfile of HijackThis v1.99.1
Scan saved at 11:31:16 AM, on 2/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\VerizonDSL\WinPoET\WrOS.EXE
C:\WINNT\Explorer.EXE
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\PRPCUI.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\VerizonDSL\WinPoET\WinPPPoverEthernet.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINNT\explorer.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\POKEYR~1\LOCALS~1\Temp\Rar$EX00.903\Hi jackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.netscape.com/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.yahoo.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WinPoET] C:\Program Files\VerizonDSL\WinPoET\WinPPPoverEthernet.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinHound] C:\Program Files\WinHound\WinHound.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe
O12 - Plugin for .com/aimtoday_flash/aimcom_animated2: C:\Program Files\VerizonDSL\Netscape\Program\PLUGINS\npswf32. dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138668276276
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\VerizonDSL\WinPoET\WrOS.EXE
 
Joined
Sep 7, 2004
Messages
49,014
* Click here to download smitRem.exe.
  • Save the file to your desktop.
  • It is a self extracting file.
  • Doubleclick the smitRem.exe and it will extract the files to a smitRem folder on your desktop.
  • Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.


* Download the trial version of Ewido Security Suite here.
  • Install ewido.
  • During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido
  • It will prompt you to update click the OK button and it will go to the main screen
  • On the left side of the main screen click update
  • Click on Start and let it update.
  • DO NOT run a scan yet. You will do that later in safe mode.

* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.


* Run Ewido:
  • Click on scanner
  • Click Complete System Scan and the scan will begin.
  • During the scan it will prompt you to clean files, click OK
  • When the scan is finished, look at the bottom of the screen and click the Save report button.
  • Save the report to your desktop


* Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.


* Next go to Control Panel > Display. Click on the "Desktop" tab then click the "Customize Desktop" button. Click on the "Web" tab. Under "Web Pages" you should see an entry checked called something like "Security info" or similar. If it is there, select that entry and click the "Delete" button. Click OK then Apply and OK.


* Restart back into Windows normally now.


* Run ActiveScan online virus scan here

When the scan is finished, anything that it cannot clean have it delete it. Make a note of the file location of anything that cannot be deleted so you can delete it yourself.
- Save the results from the scan!

Post a new HiJackThis log along with the results from ActiveScan and Ewido
 

Pokeyreese

Thread Starter
Joined
Feb 11, 2006
Messages
12
seemed to fix a lot of the problems. activescan found a lot of virus/spyware but i'd have to purchase the program to clean it all up.

heres a new log

Logfile of HijackThis v1.99.1
Scan saved at 2:27:34 PM, on 2/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\VerizonDSL\WinPoET\WrOS.EXE
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\PRPCUI.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\VerizonDSL\WinPoET\WinPPPoverEthernet.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\explorer.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\POKEYR~1\LOCALS~1\Temp\Rar$EX00.183\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://home.netscape.com/home/winsearch200.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.yahoo.com"); (C:\Program
Files\Netscape\Users\default\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search &
Destroy\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WinPoET] C:\Program Files\VerizonDSL\WinPoET\WinPPPoverEthernet.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture
Package\Picture Package Applications\Residence.exe
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture
Package\Picture Package Menu\SonyTray.exe
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint
Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINNT\web\related.htm
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog
Poker\GameClient.exe
O12 - Plugin for .com/aimtoday_flash/aimcom_animated2: C:\Program
Files\VerizonDSL\Netscape\Program\PLUGINS\npswf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138668276276
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. -
C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido
anti-malware\ewidoctrl.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program
Files\VerizonDSL\WinPoET\WrOS.EXE
 
Joined
Sep 7, 2004
Messages
49,014
Go back and read the instructions - you need to post the Ewido and Active scan logs

HiJackThis is runing from a temp directory and must be moved to run correctly

Click here to download HJTsetup.exe: http://www.thespykiller.co.uk/files/HJTSetup.exe
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 

Pokeyreese

Thread Starter
Joined
Feb 11, 2006
Messages
12
ncident Status Location

Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@did-it[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@go[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@did-it[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@banner[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ask[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@azjmp[1].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@64.62.232[1].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ct.360i[2].txt
Spyware:Cookie/Errorguard Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@errorguard[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adopt.hbmediapro[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@belnk[2].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@entrepreneur[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@winfixer[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@searchportal.information[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@dist.belnk[2].txt
Spyware:Cookie/Date Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@date[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ath.belnk[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ccbill[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@dist.belnk[3].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ath.belnk[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@go[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adultfriendfinder[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@realmedia[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adopt.hbmediapro[1].txt
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@www47.buydomains[1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@www48.seeq[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@toplist[1].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@maxserving[2].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@hc2.humanclick[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@i.screensavers[1].txt
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@kinghost[2].txt
Virus:VBS/Psyme.C Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\2FUFI9I3\TRACK29[1].CHM[track29.htm]
Virus:VBS/Psyme.C Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\2FUFI9I3\STATS7[1].CHM
Virus:VBS/Psyme.C Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\2FUFI9I3\STATS7[1].CHM[stats7.htm]
Adware:Adware/WUpd Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\SH41EVK9\Some_Beach[1].htm
Adware:Adware/IST.YourSiteBar Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\SH41EVK9\CAXY7PX2.HTM
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\K1UJG9UN\inst7[1].exe
Adware:Adware/nCase Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\GTEZC1QR\prompt_ie_win[1].js
Adware:Adware/WUpd Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\GTEZC1QR\Blake_Shelton[1].htm
Virus:Exploit/LoadImage Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\8K8IL3KD\nc[1].anr
Adware:Adware/WUpd Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\6MRRD0F3\Travis-Tritt[2].html
Virus:Exploit/LoadImage Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\1BIMAZM5\zl[1].anr
Adware:Adware/WUpd Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\0ZYNYICG\To-Be-With-You[2].html
Virus:Exploit/LoadImage Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\TPK6NN1L\zl[1].anr
Adware:Adware/WUpd Not disinfected C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\9K4711WP\Be-Mine[2].html
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Pokey Reese\Desktop\smitRem.exe[Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Pokey Reese\Desktop\smitRem\Process.exe
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@did-it[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@go[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@did-it[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@banner[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ask[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@azjmp[1].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@64.62.232[1].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ct.360i[2].txt
Spyware:Cookie/Errorguard Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@errorguard[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adopt.hbmediapro[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@belnk[2].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@entrepreneur[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@winfixer[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@searchportal.information[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@dist.belnk[2].txt
Spyware:Cookie/Date Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@date[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ath.belnk[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ccbill[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@dist.belnk[3].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ath.belnk[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@go[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adultfriendfinder[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@realmedia[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adopt.hbmediapro[1].txt
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@www47.buydomains[1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@www48.seeq[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@toplist[1].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@maxserving[2].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@hc2.humanclick[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@i.screensavers[1].txt
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@kinghost[2].txt
Adware:Adware/Look2Me Not disinfected C:\Program Files\Windows Media Player\wmplayer.exe
 

Pokeyreese

Thread Starter
Joined
Feb 11, 2006
Messages
12
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 1:14:33 PM, 2/11/2006
+ Report-Checksum: 91A186A6

+ Scan result:

C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\SH41EVK9\trk_0029[1].exe -> Adware.Pacer : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\SH41EVK9\nsh_107[1].exe -> Adware.DownloadWare : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\K1UJG9UN\init[1].js -> Downloader.IstBar.af : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\K1UJG9UN\ZWRhY0pVVXl0Sm9BQUE4OW4zVUFBQUVt[1].wmf -> Exploit.MS05-053-WMF : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\GTEZC1QR\ibar[1].js -> Downloader.IstBar.ad : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Local Settings\Temporary Internet Files\Content.IE5\O0KYUC68\WXFGdlowVXl0Sm9BQUE0bVFLNEFBQUFQ[1].wmf -> Exploit.MS05-053-WMF : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adtrak[2].txt -> TrackingCookie.Adtrak : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfkiuhdjiao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjkysndzgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfkogidzafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfl4uhd5egp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjl4ggcjoeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjkyapdzmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfkoepajklp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfk4cmdjecp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjliuidpifp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfkigkd5kcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wgkiolcjico.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjnycgc5wdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wfl4uhd5ebp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjl4ancjkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wgkiokazelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@a.tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@e-2dj6wjkyshajeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@riptownmedia.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@cz8.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@maxim.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@sonycorporate.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Cookies\pokey reese@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\StartMenuAllUsers -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\StartMenuCurrentUser -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\HKCURun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\HKLMRun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Pokey Reese\Application Data\WinHound.com\WinHound\BrowserObjects -> Adware.WinHound : Cleaned with backup
C:\Program Files\Internet Explorer\wuoumrve.exe -> Trojan.Small.ev : Cleaned with backup
C:\Program Files\VerizonDSL\WinPoET\WrDialer.exe -> Heuristic.Win32.Dialer : Cleaned with backup


::Report End
 

Pokeyreese

Thread Starter
Joined
Feb 11, 2006
Messages
12
Logfile of HijackThis v1.99.1
Scan saved at 4:33:34 PM, on 2/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\VerizonDSL\WinPoET\WrOS.EXE
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\PRPCUI.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\VerizonDSL\WinPoET\WinPPPoverEthernet.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.yahoo.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WinPoET] C:\Program Files\VerizonDSL\WinPoET\WinPPPoverEthernet.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe
O12 - Plugin for .com/aimtoday_flash/aimcom_animated2: C:\Program Files\VerizonDSL\Netscape\Program\PLUGINS\npswf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138668276276
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\VerizonDSL\WinPoET\WrOS.EXE
 
Joined
Sep 7, 2004
Messages
49,014
DownLoad EasyCleaner http://www.majorgeeks.com/download414.html

Use the clear files and Unnecessary files buttons – I do not recommend
using the Duplicates files button
as many dupes are there on purpose.

Not all files will delete – that is normal.

In the unnecessary button I check the top 4 entries
=================
Run http://www.kaspersky.com/virusscanner - Online scan

When the scan is finished Save the results from the scan!

Post a new HiJackThis log along with the results from Kaspersky scan
 
Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top