-
Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.
Solved: Remove Dr Antispy
- Thread starter mje
- Start date
- Status
cybertech
Retired Moderator
- Joined
- Apr 16, 2002
- Messages
- 72,115
Hi, Welcome to TSG!!
Click here to download HJTInstall.exe
Run HijackThis and click Open the Misc Tools section
Click Open Uninstall Manager, Save list and save the log to your Desktop.
A list of programs will open in Notepad. Post the contents of the log here in your next reply.
Click here to download HJTInstall.exe
- Save HJTInstall.exe to your desktop.
- Doubleclick on the HJTInstall.exe icon on your desktop.
- By default it will install to C:\Program Files\Trend Micro\HijackThis .
- Click on Install.
- It will create a HijackThis icon on the desktop.
- Once installed, it will launch Hijackthis.
- Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
- Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
- Come back here to this thread and Paste the log in your next reply.
- DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
Run HijackThis and click Open the Misc Tools section
Click Open Uninstall Manager, Save list and save the log to your Desktop.
A list of programs will open in Notepad. Post the contents of the log here in your next reply.
FROM mje: not sure I put the scan in the right place ! Thanks again
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:03 AM, on 7/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DrAntispy\DrAntispy.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - _{9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malware Wiped 6.6] "C:\Program Files\MW\Malware Wiped 6.6\MalwareWiped 6.6.exe" /h
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrAntispy] C:\Program Files\DrAntispy\DrAntispy.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - Startup: DrAntispy.lnk = C:\Program Files\DrAntispy\DrAntispy.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: autism.about.com
O15 - Trusted Zone: bipolar.about.com
O15 - Trusted Zone: aviation.aerotek.com
O15 - Trusted Zone: dbapps.ama-assn.org
O15 - Trusted Zone: *.arkansas.gov
O15 - Trusted Zone: www.asafetyguide.com
O15 - Trusted Zone: www.asperger.org
O15 - Trusted Zone: www.bacomatic.org
O15 - Trusted Zone: www.baltimorepsych.com
O15 - Trusted Zone: forum.bcdb.com
O15 - Trusted Zone: www.bellhelicopter.com
O15 - Trusted Zone: www.bipolarchild.com
O15 - Trusted Zone: *.blueridgehillclimb.com
O15 - Trusted Zone: www.cabelas.com
O15 - Trusted Zone: www.carbdford.com
O15 - Trusted Zone: my.cigna.com
O15 - Trusted Zone: www.cigna.com
O15 - Trusted Zone: onlinecare.cingular.com
O15 - Trusted Zone: www.collectorcartraderonline.com
O15 - Trusted Zone: *.coloradoscca.org
O15 - Trusted Zone: northarkansas.cox.net
O15 - Trusted Zone: westernarkansas.cox.net
O15 - Trusted Zone: www.crazymeds.org
O15 - Trusted Zone: *.cu.edu
O15 - Trusted Zone: www.definityhealth.com
O15 - Trusted Zone: *.dlra.org.au
O15 - Trusted Zone: ajb.dni.us
O15 - Trusted Zone: www.drbart.com
O15 - Trusted Zone: *.epguides.com
O15 - Trusted Zone: login.fidelity.com
O15 - Trusted Zone: netbenefits.fidelity.com
O15 - Trusted Zone: workplaceservices100.fidelity.com
O15 - Trusted Zone: www.fordpinto.com
O15 - Trusted Zone: www.gforceengineering.net
O15 - Trusted Zone: www.greencountrymotorsports.com
O15 - Trusted Zone: www.hankooktireusa.com
O15 - Trusted Zone: www.healthcyclopedia.com
O15 - Trusted Zone: www.healthyplace.com
O15 - Trusted Zone: *.hhs.gov
O15 - Trusted Zone: www.hopecsi.org
O15 - Trusted Zone: www.improvedtouring.com
O15 - Trusted Zone: www.intownsuites.com
O15 - Trusted Zone: www.ipl.org
O15 - Trusted Zone: www.iscracing.net
O15 - Trusted Zone: *.java.com
O15 - Trusted Zone: www.jobs.com
O15 - Trusted Zone: www.jonesnet.org
O15 - Trusted Zone: www.lifescan.com
O15 - Trusted Zone: www.malco.com
O15 - Trusted Zone: www.mapsonus.com
O15 - Trusted Zone: www.mazdatrix.com
O15 - Trusted Zone: www.mazspeed.com
O15 - Trusted Zone: host1.medcohealth.com
O15 - Trusted Zone: www.medicinenet.com
O15 - Trusted Zone: www.melissadata.com
O15 - Trusted Zone: *.members-site.net
O15 - Trusted Zone: jobsearch.monster.com
O15 - Trusted Zone: direct.motorola.com
O15 - Trusted Zone: www.motorola.com
O15 - Trusted Zone: www.mrcmfg.com
O15 - Trusted Zone: autos.msn.com
O15 - Trusted Zone: careers.msn.com
O15 - Trusted Zone: entertainment.msn.com
O15 - Trusted Zone: health.msn.com
O15 - Trusted Zone: moneycentral.msn.com
O15 - Trusted Zone: weather.msn.com
O15 - Trusted Zone: www.mutualofomaha.com
O15 - Trusted Zone: www.mycricket.com
O15 - Trusted Zone: www.myuhc.com
O15 - Trusted Zone: www.nami.org
O15 - Trusted Zone: www.nasaforums.com
O15 - Trusted Zone: www.nasaproracing.com
O15 - Trusted Zone: www.nationjob.com
O15 - Trusted Zone: *.nih.gov
O15 - Trusted Zone: www.okdhs.org
O15 - Trusted Zone: www.oklahomadday.com
O15 - Trusted Zone: www.oreillyauto.com
O15 - Trusted Zone: www.pahillclimb.org
O15 - Trusted Zone: www.patientcenters.com
O15 - Trusted Zone: *.prodracing.com
O15 - Trusted Zone: www.psycheducation.org
O15 - Trusted Zone: ajp.psychiatryonline.org
O15 - Trusted Zone: www.psycom.net
O15 - Trusted Zone: www.racingbeat.com
O15 - Trusted Zone: realguide.real.com
O15 - Trusted Zone: www.russmarshall.com
O15 - Trusted Zone: www.rx7club.com
O15 - Trusted Zone: www.sabinevalley.org
O15 - Trusted Zone: *.samhsa.gov
O15 - Trusted Zone: *.sccaforums.com
O15 - Trusted Zone: www.sears.com
O15 - Trusted Zone: www.shreve.net
O15 - Trusted Zone: *.state.ar.us
O15 - Trusted Zone: *.state.tx.us
O15 - Trusted Zone: java.sun.com
O15 - Trusted Zone: *.tarrant.tx.us
O15 - Trusted Zone: srx7.taylorrotorsports.com
O15 - Trusted Zone: www.teamtriumphtexas.com
O15 - Trusted Zone: www.tennhelp.com
O15 - Trusted Zone: www.texasscca.org
O15 - Trusted Zone: encyclopedia.thefreedictionary.com
O15 - Trusted Zone: www.torquecentral.com
O15 - Trusted Zone: *.tulsaracewaypark.com
O15 - Trusted Zone: *.tv-all-free.com
O15 - Trusted Zone: www.txkautox.com
O15 - Trusted Zone: www.uaw218.org
O15 - Trusted Zone: *.umassmed.edu
O15 - Trusted Zone: jobsearch.unicru.com
O15 - Trusted Zone: wwwapps.ups.com
O15 - Trusted Zone: zip4.usps.com
O15 - Trusted Zone: www.walmart.com
O15 - Trusted Zone: *.wheelcomponents.com
O15 - Trusted Zone: www.wwe.com
O15 - Trusted IP range: 66.218.69.11
O15 - Trusted IP range: 204.87.68.21
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 14385 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:03 AM, on 7/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DrAntispy\DrAntispy.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - _{9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malware Wiped 6.6] "C:\Program Files\MW\Malware Wiped 6.6\MalwareWiped 6.6.exe" /h
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrAntispy] C:\Program Files\DrAntispy\DrAntispy.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - Startup: DrAntispy.lnk = C:\Program Files\DrAntispy\DrAntispy.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: autism.about.com
O15 - Trusted Zone: bipolar.about.com
O15 - Trusted Zone: aviation.aerotek.com
O15 - Trusted Zone: dbapps.ama-assn.org
O15 - Trusted Zone: *.arkansas.gov
O15 - Trusted Zone: www.asafetyguide.com
O15 - Trusted Zone: www.asperger.org
O15 - Trusted Zone: www.bacomatic.org
O15 - Trusted Zone: www.baltimorepsych.com
O15 - Trusted Zone: forum.bcdb.com
O15 - Trusted Zone: www.bellhelicopter.com
O15 - Trusted Zone: www.bipolarchild.com
O15 - Trusted Zone: *.blueridgehillclimb.com
O15 - Trusted Zone: www.cabelas.com
O15 - Trusted Zone: www.carbdford.com
O15 - Trusted Zone: my.cigna.com
O15 - Trusted Zone: www.cigna.com
O15 - Trusted Zone: onlinecare.cingular.com
O15 - Trusted Zone: www.collectorcartraderonline.com
O15 - Trusted Zone: *.coloradoscca.org
O15 - Trusted Zone: northarkansas.cox.net
O15 - Trusted Zone: westernarkansas.cox.net
O15 - Trusted Zone: www.crazymeds.org
O15 - Trusted Zone: *.cu.edu
O15 - Trusted Zone: www.definityhealth.com
O15 - Trusted Zone: *.dlra.org.au
O15 - Trusted Zone: ajb.dni.us
O15 - Trusted Zone: www.drbart.com
O15 - Trusted Zone: *.epguides.com
O15 - Trusted Zone: login.fidelity.com
O15 - Trusted Zone: netbenefits.fidelity.com
O15 - Trusted Zone: workplaceservices100.fidelity.com
O15 - Trusted Zone: www.fordpinto.com
O15 - Trusted Zone: www.gforceengineering.net
O15 - Trusted Zone: www.greencountrymotorsports.com
O15 - Trusted Zone: www.hankooktireusa.com
O15 - Trusted Zone: www.healthcyclopedia.com
O15 - Trusted Zone: www.healthyplace.com
O15 - Trusted Zone: *.hhs.gov
O15 - Trusted Zone: www.hopecsi.org
O15 - Trusted Zone: www.improvedtouring.com
O15 - Trusted Zone: www.intownsuites.com
O15 - Trusted Zone: www.ipl.org
O15 - Trusted Zone: www.iscracing.net
O15 - Trusted Zone: *.java.com
O15 - Trusted Zone: www.jobs.com
O15 - Trusted Zone: www.jonesnet.org
O15 - Trusted Zone: www.lifescan.com
O15 - Trusted Zone: www.malco.com
O15 - Trusted Zone: www.mapsonus.com
O15 - Trusted Zone: www.mazdatrix.com
O15 - Trusted Zone: www.mazspeed.com
O15 - Trusted Zone: host1.medcohealth.com
O15 - Trusted Zone: www.medicinenet.com
O15 - Trusted Zone: www.melissadata.com
O15 - Trusted Zone: *.members-site.net
O15 - Trusted Zone: jobsearch.monster.com
O15 - Trusted Zone: direct.motorola.com
O15 - Trusted Zone: www.motorola.com
O15 - Trusted Zone: www.mrcmfg.com
O15 - Trusted Zone: autos.msn.com
O15 - Trusted Zone: careers.msn.com
O15 - Trusted Zone: entertainment.msn.com
O15 - Trusted Zone: health.msn.com
O15 - Trusted Zone: moneycentral.msn.com
O15 - Trusted Zone: weather.msn.com
O15 - Trusted Zone: www.mutualofomaha.com
O15 - Trusted Zone: www.mycricket.com
O15 - Trusted Zone: www.myuhc.com
O15 - Trusted Zone: www.nami.org
O15 - Trusted Zone: www.nasaforums.com
O15 - Trusted Zone: www.nasaproracing.com
O15 - Trusted Zone: www.nationjob.com
O15 - Trusted Zone: *.nih.gov
O15 - Trusted Zone: www.okdhs.org
O15 - Trusted Zone: www.oklahomadday.com
O15 - Trusted Zone: www.oreillyauto.com
O15 - Trusted Zone: www.pahillclimb.org
O15 - Trusted Zone: www.patientcenters.com
O15 - Trusted Zone: *.prodracing.com
O15 - Trusted Zone: www.psycheducation.org
O15 - Trusted Zone: ajp.psychiatryonline.org
O15 - Trusted Zone: www.psycom.net
O15 - Trusted Zone: www.racingbeat.com
O15 - Trusted Zone: realguide.real.com
O15 - Trusted Zone: www.russmarshall.com
O15 - Trusted Zone: www.rx7club.com
O15 - Trusted Zone: www.sabinevalley.org
O15 - Trusted Zone: *.samhsa.gov
O15 - Trusted Zone: *.sccaforums.com
O15 - Trusted Zone: www.sears.com
O15 - Trusted Zone: www.shreve.net
O15 - Trusted Zone: *.state.ar.us
O15 - Trusted Zone: *.state.tx.us
O15 - Trusted Zone: java.sun.com
O15 - Trusted Zone: *.tarrant.tx.us
O15 - Trusted Zone: srx7.taylorrotorsports.com
O15 - Trusted Zone: www.teamtriumphtexas.com
O15 - Trusted Zone: www.tennhelp.com
O15 - Trusted Zone: www.texasscca.org
O15 - Trusted Zone: encyclopedia.thefreedictionary.com
O15 - Trusted Zone: www.torquecentral.com
O15 - Trusted Zone: *.tulsaracewaypark.com
O15 - Trusted Zone: *.tv-all-free.com
O15 - Trusted Zone: www.txkautox.com
O15 - Trusted Zone: www.uaw218.org
O15 - Trusted Zone: *.umassmed.edu
O15 - Trusted Zone: jobsearch.unicru.com
O15 - Trusted Zone: wwwapps.ups.com
O15 - Trusted Zone: zip4.usps.com
O15 - Trusted Zone: www.walmart.com
O15 - Trusted Zone: *.wheelcomponents.com
O15 - Trusted Zone: www.wwe.com
O15 - Trusted IP range: 66.218.69.11
O15 - Trusted IP range: 204.87.68.21
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 14385 bytes
FLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:03 AM, on 7/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DrAntispy\DrAntispy.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - _{9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malware Wiped 6.6] "C:\Program Files\MW\Malware Wiped 6.6\MalwareWiped 6.6.exe" /h
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrAntispy] C:\Program Files\DrAntispy\DrAntispy.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - Startup: DrAntispy.lnk = C:\Program Files\DrAntispy\DrAntispy.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: autism.about.com
O15 - Trusted Zone: bipolar.about.com
O15 - Trusted Zone: aviation.aerotek.com
O15 - Trusted Zone: dbapps.ama-assn.org
O15 - Trusted Zone: *.arkansas.gov
O15 - Trusted Zone: www.asafetyguide.com
O15 - Trusted Zone: www.asperger.org
O15 - Trusted Zone: www.bacomatic.org
O15 - Trusted Zone: www.baltimorepsych.com
O15 - Trusted Zone: forum.bcdb.com
O15 - Trusted Zone: www.bellhelicopter.com
O15 - Trusted Zone: www.bipolarchild.com
O15 - Trusted Zone: *.blueridgehillclimb.com
O15 - Trusted Zone: www.cabelas.com
O15 - Trusted Zone: www.carbdford.com
O15 - Trusted Zone: my.cigna.com
O15 - Trusted Zone: www.cigna.com
O15 - Trusted Zone: onlinecare.cingular.com
O15 - Trusted Zone: www.collectorcartraderonline.com
O15 - Trusted Zone: *.coloradoscca.org
O15 - Trusted Zone: northarkansas.cox.net
O15 - Trusted Zone: westernarkansas.cox.net
O15 - Trusted Zone: www.crazymeds.org
O15 - Trusted Zone: *.cu.edu
O15 - Trusted Zone: www.definityhealth.com
O15 - Trusted Zone: *.dlra.org.au
O15 - Trusted Zone: ajb.dni.us
O15 - Trusted Zone: www.drbart.com
O15 - Trusted Zone: *.epguides.com
O15 - Trusted Zone: login.fidelity.com
O15 - Trusted Zone: netbenefits.fidelity.com
O15 - Trusted Zone: workplaceservices100.fidelity.com
O15 - Trusted Zone: www.fordpinto.com
O15 - Trusted Zone: www.gforceengineering.net
O15 - Trusted Zone: www.greencountrymotorsports.com
O15 - Trusted Zone: www.hankooktireusa.com
O15 - Trusted Zone: www.healthcyclopedia.com
O15 - Trusted Zone: www.healthyplace.com
O15 - Trusted Zone: *.hhs.gov
O15 - Trusted Zone: www.hopecsi.org
O15 - Trusted Zone: www.improvedtouring.com
O15 - Trusted Zone: www.intownsuites.com
O15 - Trusted Zone: www.ipl.org
O15 - Trusted Zone: www.iscracing.net
O15 - Trusted Zone: *.java.com
O15 - Trusted Zone: www.jobs.com
O15 - Trusted Zone: www.jonesnet.org
O15 - Trusted Zone: www.lifescan.com
O15 - Trusted Zone: www.malco.com
O15 - Trusted Zone: www.mapsonus.com
O15 - Trusted Zone: www.mazdatrix.com
O15 - Trusted Zone: www.mazspeed.com
O15 - Trusted Zone: host1.medcohealth.com
O15 - Trusted Zone: www.medicinenet.com
O15 - Trusted Zone: www.melissadata.com
O15 - Trusted Zone: *.members-site.net
O15 - Trusted Zone: jobsearch.monster.com
O15 - Trusted Zone: direct.motorola.com
O15 - Trusted Zone: www.motorola.com
O15 - Trusted Zone: www.mrcmfg.com
O15 - Trusted Zone: autos.msn.com
O15 - Trusted Zone: careers.msn.com
O15 - Trusted Zone: entertainment.msn.com
O15 - Trusted Zone: health.msn.com
O15 - Trusted Zone: moneycentral.msn.com
O15 - Trusted Zone: weather.msn.com
O15 - Trusted Zone: www.mutualofomaha.com
O15 - Trusted Zone: www.mycricket.com
O15 - Trusted Zone: www.myuhc.com
O15 - Trusted Zone: www.nami.org
O15 - Trusted Zone: www.nasaforums.com
O15 - Trusted Zone: www.nasaproracing.com
O15 - Trusted Zone: www.nationjob.com
O15 - Trusted Zone: *.nih.gov
O15 - Trusted Zone: www.okdhs.org
O15 - Trusted Zone: www.oklahomadday.com
O15 - Trusted Zone: www.oreillyauto.com
O15 - Trusted Zone: www.pahillclimb.org
O15 - Trusted Zone: www.patientcenters.com
O15 - Trusted Zone: *.prodracing.com
O15 - Trusted Zone: www.psycheducation.org
O15 - Trusted Zone: ajp.psychiatryonline.org
O15 - Trusted Zone: www.psycom.net
O15 - Trusted Zone: www.racingbeat.com
O15 - Trusted Zone: realguide.real.com
O15 - Trusted Zone: www.russmarshall.com
O15 - Trusted Zone: www.rx7club.com
O15 - Trusted Zone: www.sabinevalley.org
O15 - Trusted Zone: *.samhsa.gov
O15 - Trusted Zone: *.sccaforums.com
O15 - Trusted Zone: www.sears.com
O15 - Trusted Zone: www.shreve.net
O15 - Trusted Zone: *.state.ar.us
O15 - Trusted Zone: *.state.tx.us
O15 - Trusted Zone: java.sun.com
O15 - Trusted Zone: *.tarrant.tx.us
O15 - Trusted Zone: srx7.taylorrotorsports.com
O15 - Trusted Zone: www.teamtriumphtexas.com
O15 - Trusted Zone: www.tennhelp.com
O15 - Trusted Zone: www.texasscca.org
O15 - Trusted Zone: encyclopedia.thefreedictionary.com
O15 - Trusted Zone: www.torquecentral.com
O15 - Trusted Zone: *.tulsaracewaypark.com
O15 - Trusted Zone: *.tv-all-free.com
O15 - Trusted Zone: www.txkautox.com
O15 - Trusted Zone: www.uaw218.org
O15 - Trusted Zone: *.umassmed.edu
O15 - Trusted Zone: jobsearch.unicru.com
O15 - Trusted Zone: wwwapps.ups.com
O15 - Trusted Zone: zip4.usps.com
O15 - Trusted Zone: www.walmart.com
O15 - Trusted Zone: *.wheelcomponents.com
O15 - Trusted Zone: www.wwe.com
O15 - Trusted IP range: 66.218.69.11
O15 - Trusted IP range: 204.87.68.21
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 14385 bytes
FROM mje: These are the programs from the "uninstall manager" thanks mje
Scan saved at 10:05:03 AM, on 7/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DrAntispy\DrAntispy.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - _{9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malware Wiped 6.6] "C:\Program Files\MW\Malware Wiped 6.6\MalwareWiped 6.6.exe" /h
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrAntispy] C:\Program Files\DrAntispy\DrAntispy.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - Startup: DrAntispy.lnk = C:\Program Files\DrAntispy\DrAntispy.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: autism.about.com
O15 - Trusted Zone: bipolar.about.com
O15 - Trusted Zone: aviation.aerotek.com
O15 - Trusted Zone: dbapps.ama-assn.org
O15 - Trusted Zone: *.arkansas.gov
O15 - Trusted Zone: www.asafetyguide.com
O15 - Trusted Zone: www.asperger.org
O15 - Trusted Zone: www.bacomatic.org
O15 - Trusted Zone: www.baltimorepsych.com
O15 - Trusted Zone: forum.bcdb.com
O15 - Trusted Zone: www.bellhelicopter.com
O15 - Trusted Zone: www.bipolarchild.com
O15 - Trusted Zone: *.blueridgehillclimb.com
O15 - Trusted Zone: www.cabelas.com
O15 - Trusted Zone: www.carbdford.com
O15 - Trusted Zone: my.cigna.com
O15 - Trusted Zone: www.cigna.com
O15 - Trusted Zone: onlinecare.cingular.com
O15 - Trusted Zone: www.collectorcartraderonline.com
O15 - Trusted Zone: *.coloradoscca.org
O15 - Trusted Zone: northarkansas.cox.net
O15 - Trusted Zone: westernarkansas.cox.net
O15 - Trusted Zone: www.crazymeds.org
O15 - Trusted Zone: *.cu.edu
O15 - Trusted Zone: www.definityhealth.com
O15 - Trusted Zone: *.dlra.org.au
O15 - Trusted Zone: ajb.dni.us
O15 - Trusted Zone: www.drbart.com
O15 - Trusted Zone: *.epguides.com
O15 - Trusted Zone: login.fidelity.com
O15 - Trusted Zone: netbenefits.fidelity.com
O15 - Trusted Zone: workplaceservices100.fidelity.com
O15 - Trusted Zone: www.fordpinto.com
O15 - Trusted Zone: www.gforceengineering.net
O15 - Trusted Zone: www.greencountrymotorsports.com
O15 - Trusted Zone: www.hankooktireusa.com
O15 - Trusted Zone: www.healthcyclopedia.com
O15 - Trusted Zone: www.healthyplace.com
O15 - Trusted Zone: *.hhs.gov
O15 - Trusted Zone: www.hopecsi.org
O15 - Trusted Zone: www.improvedtouring.com
O15 - Trusted Zone: www.intownsuites.com
O15 - Trusted Zone: www.ipl.org
O15 - Trusted Zone: www.iscracing.net
O15 - Trusted Zone: *.java.com
O15 - Trusted Zone: www.jobs.com
O15 - Trusted Zone: www.jonesnet.org
O15 - Trusted Zone: www.lifescan.com
O15 - Trusted Zone: www.malco.com
O15 - Trusted Zone: www.mapsonus.com
O15 - Trusted Zone: www.mazdatrix.com
O15 - Trusted Zone: www.mazspeed.com
O15 - Trusted Zone: host1.medcohealth.com
O15 - Trusted Zone: www.medicinenet.com
O15 - Trusted Zone: www.melissadata.com
O15 - Trusted Zone: *.members-site.net
O15 - Trusted Zone: jobsearch.monster.com
O15 - Trusted Zone: direct.motorola.com
O15 - Trusted Zone: www.motorola.com
O15 - Trusted Zone: www.mrcmfg.com
O15 - Trusted Zone: autos.msn.com
O15 - Trusted Zone: careers.msn.com
O15 - Trusted Zone: entertainment.msn.com
O15 - Trusted Zone: health.msn.com
O15 - Trusted Zone: moneycentral.msn.com
O15 - Trusted Zone: weather.msn.com
O15 - Trusted Zone: www.mutualofomaha.com
O15 - Trusted Zone: www.mycricket.com
O15 - Trusted Zone: www.myuhc.com
O15 - Trusted Zone: www.nami.org
O15 - Trusted Zone: www.nasaforums.com
O15 - Trusted Zone: www.nasaproracing.com
O15 - Trusted Zone: www.nationjob.com
O15 - Trusted Zone: *.nih.gov
O15 - Trusted Zone: www.okdhs.org
O15 - Trusted Zone: www.oklahomadday.com
O15 - Trusted Zone: www.oreillyauto.com
O15 - Trusted Zone: www.pahillclimb.org
O15 - Trusted Zone: www.patientcenters.com
O15 - Trusted Zone: *.prodracing.com
O15 - Trusted Zone: www.psycheducation.org
O15 - Trusted Zone: ajp.psychiatryonline.org
O15 - Trusted Zone: www.psycom.net
O15 - Trusted Zone: www.racingbeat.com
O15 - Trusted Zone: realguide.real.com
O15 - Trusted Zone: www.russmarshall.com
O15 - Trusted Zone: www.rx7club.com
O15 - Trusted Zone: www.sabinevalley.org
O15 - Trusted Zone: *.samhsa.gov
O15 - Trusted Zone: *.sccaforums.com
O15 - Trusted Zone: www.sears.com
O15 - Trusted Zone: www.shreve.net
O15 - Trusted Zone: *.state.ar.us
O15 - Trusted Zone: *.state.tx.us
O15 - Trusted Zone: java.sun.com
O15 - Trusted Zone: *.tarrant.tx.us
O15 - Trusted Zone: srx7.taylorrotorsports.com
O15 - Trusted Zone: www.teamtriumphtexas.com
O15 - Trusted Zone: www.tennhelp.com
O15 - Trusted Zone: www.texasscca.org
O15 - Trusted Zone: encyclopedia.thefreedictionary.com
O15 - Trusted Zone: www.torquecentral.com
O15 - Trusted Zone: *.tulsaracewaypark.com
O15 - Trusted Zone: *.tv-all-free.com
O15 - Trusted Zone: www.txkautox.com
O15 - Trusted Zone: www.uaw218.org
O15 - Trusted Zone: *.umassmed.edu
O15 - Trusted Zone: jobsearch.unicru.com
O15 - Trusted Zone: wwwapps.ups.com
O15 - Trusted Zone: zip4.usps.com
O15 - Trusted Zone: www.walmart.com
O15 - Trusted Zone: *.wheelcomponents.com
O15 - Trusted Zone: www.wwe.com
O15 - Trusted IP range: 66.218.69.11
O15 - Trusted IP range: 204.87.68.21
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 14385 bytes
FROM mje: These are the programs from the "uninstall manager" thanks mje
cybertech
Retired Moderator
- Joined
- Apr 16, 2002
- Messages
- 72,115
Run HJT again and put a check in the following:
R3 - URLSearchHook: (no name) - _{9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O4 - HKLM\..\Run: [Malware Wiped 6.6] "C:\Program Files\MW\Malware Wiped 6.6\MalwareWiped 6.6.exe" /h
O4 - HKCU\..\Run: [DrAntispy] C:\Program Files\DrAntispy\DrAntispy.exe
O4 - Startup: DrAntispy.lnk = C:\Program Files\DrAntispy\DrAntispy.exe
Close all applications and browser windows before you click "fix checked".
Download RogueRemover from the link below.
http://www.malwarebytes.org/rogueremover.php
Unzip to a convenient location such as C:\RogueRemover.
Navigate to the folder you unzipped the files to and double click on the file named RogueRemover.exe.
Finally, select Scan and the program will walk you through the remaining steps.
When you are finished with all of that please post your HJT log again.
R3 - URLSearchHook: (no name) - _{9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O4 - HKLM\..\Run: [Malware Wiped 6.6] "C:\Program Files\MW\Malware Wiped 6.6\MalwareWiped 6.6.exe" /h
O4 - HKCU\..\Run: [DrAntispy] C:\Program Files\DrAntispy\DrAntispy.exe
O4 - Startup: DrAntispy.lnk = C:\Program Files\DrAntispy\DrAntispy.exe
Close all applications and browser windows before you click "fix checked".
Download RogueRemover from the link below.
http://www.malwarebytes.org/rogueremover.php
Unzip to a convenient location such as C:\RogueRemover.
Navigate to the folder you unzipped the files to and double click on the file named RogueRemover.exe.
Finally, select Scan and the program will walk you through the remaining steps.
When you are finished with all of that please post your HJT log again.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:27:19 PM, on 7/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - HKCU\..\Run: [RogueMonitor] C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe /monitor
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: autism.about.com
O15 - Trusted Zone: bipolar.about.com
O15 - Trusted Zone: aviation.aerotek.com
O15 - Trusted Zone: dbapps.ama-assn.org
O15 - Trusted Zone: *.arkansas.gov
O15 - Trusted Zone: www.asafetyguide.com
O15 - Trusted Zone: www.asperger.org
O15 - Trusted Zone: www.bacomatic.org
O15 - Trusted Zone: www.baltimorepsych.com
O15 - Trusted Zone: forum.bcdb.com
O15 - Trusted Zone: www.bellhelicopter.com
O15 - Trusted Zone: www.bipolarchild.com
O15 - Trusted Zone: *.blueridgehillclimb.com
O15 - Trusted Zone: www.cabelas.com
O15 - Trusted Zone: www.carbdford.com
O15 - Trusted Zone: my.cigna.com
O15 - Trusted Zone: www.cigna.com
O15 - Trusted Zone: onlinecare.cingular.com
O15 - Trusted Zone: www.collectorcartraderonline.com
O15 - Trusted Zone: *.coloradoscca.org
O15 - Trusted Zone: northarkansas.cox.net
O15 - Trusted Zone: westernarkansas.cox.net
O15 - Trusted Zone: www.crazymeds.org
O15 - Trusted Zone: *.cu.edu
O15 - Trusted Zone: www.definityhealth.com
O15 - Trusted Zone: *.dlra.org.au
O15 - Trusted Zone: ajb.dni.us
O15 - Trusted Zone: www.drbart.com
O15 - Trusted Zone: *.epguides.com
O15 - Trusted Zone: login.fidelity.com
O15 - Trusted Zone: netbenefits.fidelity.com
O15 - Trusted Zone: workplaceservices100.fidelity.com
O15 - Trusted Zone: www.fordpinto.com
O15 - Trusted Zone: www.gforceengineering.net
O15 - Trusted Zone: www.greencountrymotorsports.com
O15 - Trusted Zone: www.hankooktireusa.com
O15 - Trusted Zone: www.healthcyclopedia.com
O15 - Trusted Zone: www.healthyplace.com
O15 - Trusted Zone: *.hhs.gov
O15 - Trusted Zone: www.hopecsi.org
O15 - Trusted Zone: www.improvedtouring.com
O15 - Trusted Zone: www.intownsuites.com
O15 - Trusted Zone: www.ipl.org
O15 - Trusted Zone: www.iscracing.net
O15 - Trusted Zone: *.java.com
O15 - Trusted Zone: www.jobs.com
O15 - Trusted Zone: www.jonesnet.org
O15 - Trusted Zone: www.lifescan.com
O15 - Trusted Zone: www.malco.com
O15 - Trusted Zone: www.mapsonus.com
O15 - Trusted Zone: www.mazdatrix.com
O15 - Trusted Zone: www.mazspeed.com
O15 - Trusted Zone: host1.medcohealth.com
O15 - Trusted Zone: www.medicinenet.com
O15 - Trusted Zone: www.melissadata.com
O15 - Trusted Zone: *.members-site.net
O15 - Trusted Zone: jobsearch.monster.com
O15 - Trusted Zone: direct.motorola.com
O15 - Trusted Zone: www.motorola.com
O15 - Trusted Zone: www.mrcmfg.com
O15 - Trusted Zone: autos.msn.com
O15 - Trusted Zone: careers.msn.com
O15 - Trusted Zone: entertainment.msn.com
O15 - Trusted Zone: health.msn.com
O15 - Trusted Zone: moneycentral.msn.com
O15 - Trusted Zone: weather.msn.com
O15 - Trusted Zone: www.mutualofomaha.com
O15 - Trusted Zone: www.mycricket.com
O15 - Trusted Zone: www.myuhc.com
O15 - Trusted Zone: www.nami.org
O15 - Trusted Zone: www.nasaforums.com
O15 - Trusted Zone: www.nasaproracing.com
O15 - Trusted Zone: www.nationjob.com
O15 - Trusted Zone: *.nih.gov
O15 - Trusted Zone: www.okdhs.org
O15 - Trusted Zone: www.oklahomadday.com
O15 - Trusted Zone: www.oreillyauto.com
O15 - Trusted Zone: www.pahillclimb.org
O15 - Trusted Zone: www.patientcenters.com
O15 - Trusted Zone: *.prodracing.com
O15 - Trusted Zone: www.psycheducation.org
O15 - Trusted Zone: ajp.psychiatryonline.org
O15 - Trusted Zone: www.psycom.net
O15 - Trusted Zone: www.racingbeat.com
O15 - Trusted Zone: realguide.real.com
O15 - Trusted Zone: www.russmarshall.com
O15 - Trusted Zone: www.rx7club.com
O15 - Trusted Zone: www.sabinevalley.org
O15 - Trusted Zone: *.samhsa.gov
O15 - Trusted Zone: *.sccaforums.com
O15 - Trusted Zone: www.sears.com
O15 - Trusted Zone: www.shreve.net
O15 - Trusted Zone: *.state.ar.us
O15 - Trusted Zone: *.state.tx.us
O15 - Trusted Zone: java.sun.com
O15 - Trusted Zone: *.tarrant.tx.us
O15 - Trusted Zone: srx7.taylorrotorsports.com
O15 - Trusted Zone: www.teamtriumphtexas.com
O15 - Trusted Zone: www.tennhelp.com
O15 - Trusted Zone: www.texasscca.org
O15 - Trusted Zone: encyclopedia.thefreedictionary.com
O15 - Trusted Zone: www.torquecentral.com
O15 - Trusted Zone: *.tulsaracewaypark.com
O15 - Trusted Zone: *.tv-all-free.com
O15 - Trusted Zone: www.txkautox.com
O15 - Trusted Zone: www.uaw218.org
O15 - Trusted Zone: *.umassmed.edu
O15 - Trusted Zone: jobsearch.unicru.com
O15 - Trusted Zone: wwwapps.ups.com
O15 - Trusted Zone: zip4.usps.com
O15 - Trusted Zone: www.walmart.com
O15 - Trusted Zone: *.wheelcomponents.com
O15 - Trusted Zone: www.wwe.com
O15 - Trusted IP range: 66.218.69.11
O15 - Trusted IP range: 204.87.68.21
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 13721 bytes
Followed all the steps - I think - and here is the new log. Thanks mje
Scan saved at 3:27:19 PM, on 7/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" +c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - HKCU\..\Run: [RogueMonitor] C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe /monitor
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: autism.about.com
O15 - Trusted Zone: bipolar.about.com
O15 - Trusted Zone: aviation.aerotek.com
O15 - Trusted Zone: dbapps.ama-assn.org
O15 - Trusted Zone: *.arkansas.gov
O15 - Trusted Zone: www.asafetyguide.com
O15 - Trusted Zone: www.asperger.org
O15 - Trusted Zone: www.bacomatic.org
O15 - Trusted Zone: www.baltimorepsych.com
O15 - Trusted Zone: forum.bcdb.com
O15 - Trusted Zone: www.bellhelicopter.com
O15 - Trusted Zone: www.bipolarchild.com
O15 - Trusted Zone: *.blueridgehillclimb.com
O15 - Trusted Zone: www.cabelas.com
O15 - Trusted Zone: www.carbdford.com
O15 - Trusted Zone: my.cigna.com
O15 - Trusted Zone: www.cigna.com
O15 - Trusted Zone: onlinecare.cingular.com
O15 - Trusted Zone: www.collectorcartraderonline.com
O15 - Trusted Zone: *.coloradoscca.org
O15 - Trusted Zone: northarkansas.cox.net
O15 - Trusted Zone: westernarkansas.cox.net
O15 - Trusted Zone: www.crazymeds.org
O15 - Trusted Zone: *.cu.edu
O15 - Trusted Zone: www.definityhealth.com
O15 - Trusted Zone: *.dlra.org.au
O15 - Trusted Zone: ajb.dni.us
O15 - Trusted Zone: www.drbart.com
O15 - Trusted Zone: *.epguides.com
O15 - Trusted Zone: login.fidelity.com
O15 - Trusted Zone: netbenefits.fidelity.com
O15 - Trusted Zone: workplaceservices100.fidelity.com
O15 - Trusted Zone: www.fordpinto.com
O15 - Trusted Zone: www.gforceengineering.net
O15 - Trusted Zone: www.greencountrymotorsports.com
O15 - Trusted Zone: www.hankooktireusa.com
O15 - Trusted Zone: www.healthcyclopedia.com
O15 - Trusted Zone: www.healthyplace.com
O15 - Trusted Zone: *.hhs.gov
O15 - Trusted Zone: www.hopecsi.org
O15 - Trusted Zone: www.improvedtouring.com
O15 - Trusted Zone: www.intownsuites.com
O15 - Trusted Zone: www.ipl.org
O15 - Trusted Zone: www.iscracing.net
O15 - Trusted Zone: *.java.com
O15 - Trusted Zone: www.jobs.com
O15 - Trusted Zone: www.jonesnet.org
O15 - Trusted Zone: www.lifescan.com
O15 - Trusted Zone: www.malco.com
O15 - Trusted Zone: www.mapsonus.com
O15 - Trusted Zone: www.mazdatrix.com
O15 - Trusted Zone: www.mazspeed.com
O15 - Trusted Zone: host1.medcohealth.com
O15 - Trusted Zone: www.medicinenet.com
O15 - Trusted Zone: www.melissadata.com
O15 - Trusted Zone: *.members-site.net
O15 - Trusted Zone: jobsearch.monster.com
O15 - Trusted Zone: direct.motorola.com
O15 - Trusted Zone: www.motorola.com
O15 - Trusted Zone: www.mrcmfg.com
O15 - Trusted Zone: autos.msn.com
O15 - Trusted Zone: careers.msn.com
O15 - Trusted Zone: entertainment.msn.com
O15 - Trusted Zone: health.msn.com
O15 - Trusted Zone: moneycentral.msn.com
O15 - Trusted Zone: weather.msn.com
O15 - Trusted Zone: www.mutualofomaha.com
O15 - Trusted Zone: www.mycricket.com
O15 - Trusted Zone: www.myuhc.com
O15 - Trusted Zone: www.nami.org
O15 - Trusted Zone: www.nasaforums.com
O15 - Trusted Zone: www.nasaproracing.com
O15 - Trusted Zone: www.nationjob.com
O15 - Trusted Zone: *.nih.gov
O15 - Trusted Zone: www.okdhs.org
O15 - Trusted Zone: www.oklahomadday.com
O15 - Trusted Zone: www.oreillyauto.com
O15 - Trusted Zone: www.pahillclimb.org
O15 - Trusted Zone: www.patientcenters.com
O15 - Trusted Zone: *.prodracing.com
O15 - Trusted Zone: www.psycheducation.org
O15 - Trusted Zone: ajp.psychiatryonline.org
O15 - Trusted Zone: www.psycom.net
O15 - Trusted Zone: www.racingbeat.com
O15 - Trusted Zone: realguide.real.com
O15 - Trusted Zone: www.russmarshall.com
O15 - Trusted Zone: www.rx7club.com
O15 - Trusted Zone: www.sabinevalley.org
O15 - Trusted Zone: *.samhsa.gov
O15 - Trusted Zone: *.sccaforums.com
O15 - Trusted Zone: www.sears.com
O15 - Trusted Zone: www.shreve.net
O15 - Trusted Zone: *.state.ar.us
O15 - Trusted Zone: *.state.tx.us
O15 - Trusted Zone: java.sun.com
O15 - Trusted Zone: *.tarrant.tx.us
O15 - Trusted Zone: srx7.taylorrotorsports.com
O15 - Trusted Zone: www.teamtriumphtexas.com
O15 - Trusted Zone: www.tennhelp.com
O15 - Trusted Zone: www.texasscca.org
O15 - Trusted Zone: encyclopedia.thefreedictionary.com
O15 - Trusted Zone: www.torquecentral.com
O15 - Trusted Zone: *.tulsaracewaypark.com
O15 - Trusted Zone: *.tv-all-free.com
O15 - Trusted Zone: www.txkautox.com
O15 - Trusted Zone: www.uaw218.org
O15 - Trusted Zone: *.umassmed.edu
O15 - Trusted Zone: jobsearch.unicru.com
O15 - Trusted Zone: wwwapps.ups.com
O15 - Trusted Zone: zip4.usps.com
O15 - Trusted Zone: www.walmart.com
O15 - Trusted Zone: *.wheelcomponents.com
O15 - Trusted Zone: www.wwe.com
O15 - Trusted IP range: 66.218.69.11
O15 - Trusted IP range: 204.87.68.21
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 13721 bytes
Followed all the steps - I think - and here is the new log. Thanks mje
- Status
Users Who Are Viewing This Thread (Users: 0, Guests: 1)
As Seen On
Welcome to Tech Support Guy!
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
Join over 807,865 other people just like you!
