crom654
asked on
Can you tell me what I can delete from this hijackthis log?
Still getting hijacked. What items must I get rid of in this hijackthis log?
Logfile of HijackThis v1.99.0
Scan saved at 8:31:42 PM, on 2/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\system32\spools v.exe
C:\PROGRA~1\COMMON~1\AOL\A CS\AOLacsd .exe
C:\Program Files\AVPersonal\AVWUPSRV. EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\driver s\CDAC11BA .EXE
C:\WINDOWS\system32\driver s\KodakCCS .exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\ScsiAc cess.EXE
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\windows\system\hpsysdrv .exe
C:\Program Files\Hewlett-Packard\Digi tal Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tf swctrl.exe
C:\WINDOWS\System32\igfxtr ay.exe
C:\WINDOWS\System32\hkcmd. exe
C:\PROGRA~1\NORTON~1\navap w32.exe
C:\WINDOWS\System32\spool\ drivers\w3 2x86\3\hpz tsb07.exe
C:\PROGRA~1\VERIZO~1\SUPPO R~1\SMARTB ~1\MotiveS B.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\WINDOWS\System32\PD6000 SM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Real\RealPlayer\Real Play.exe
C:\PROGRA~1\COMMON~1\AOL\A OLSPY~1\AO LSP Scheduler.exe
C:\PROGRA~1\PURENE~1\PORTM A~1\PortAO L.exe
C:\Program Files\iTunes\iTunesHelper. exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon .exe
C:\Program Files\Common Files\AOL\Screensaver\ygps stra.exe
C:\WINDOWS\system32\w?nlog on.exe
C:\Documents and Settings\Owner\Application Data\wtta.exe
C:\Program Files\iPod\bin\iPodService .exe
C:\Program Files\America Online 9.0a\aoltray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Sierra\Planner\PLNRnote .exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\Hewlett-Packard\Digi tal Imaging\bin\hpomau08.exe
C:\Program Files\Hewlett-Packard\Digi tal Imaging\bin\hpotdd01.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\ba ckWeb-7288 971.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Quicken\bagent.exe
C:\Program Files\Verizon Online\SupportCenter\bin\m pbtn.exe
C:\Program Files\Hewlett-Packard\Digi tal Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digi tal Imaging\Bin\hpoSTS08.exe
C:\Program Files\Hewlett-Packard\Digi tal Imaging\Bin\hpoFXM08.exe
C:\Program Files\AVPersonal\AVGUARD.E XE
C:\DOCUME~1\Owner\LOCALS~1 \Temp\Temp orary Directory 1 for hijackthis.zip\HijackThis. exe
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEH elper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2 06D7942484 F} - C:\PROGRA~1\SPYBOT~1\SDHel per.dll
O2 - BHO: (no name) - {616C9EEA-7327-74F9-27E4-0 595BDA3DCB A} - C:\WINDOWS\system32\nafxmd .dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F ADC6B08487 2} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-5 00A16B6CF9 4} - (no file)
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-0 5D28BCF79F 5} - C:\HP\EXPLOREBAR\HPTOOLKT. DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7 859DF00B1D 6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B 5B5E98D167 C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv .exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digi tal Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tf swctrl.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD .EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtr ay.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd. exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.ex e
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navap w32.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct .exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\ drivers\w3 2x86\3\hpz tsb07.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPO R~1\SMARTB ~1\MotiveS B.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [PD6000StatusMonitor] C:\WINDOWS\System32\PD6000 SM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe " -atboottime
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [TZvZt] C:\documents and settings\owner\local settings\temp\TZvZt.exe
O4 - HKLM\..\Run: [y] C:\documents and settings\owner\local settings\temp\y.exe
O4 - HKLM\..\Run: [s7nV32g] nsebcontrol.exe
O4 - HKLM\..\Run: [X] C:\documents and settings\owner\local settings\temp\X.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\Real Play.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\ AOLSPY~1\A OLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORT MA~1\PortA OL.exe" -Run
O4 - HKLM\..\Run: [upBTCpq] C:\documents and settings\owner\local settings\temp\upBTCpq.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo n.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper. exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon .exe
O4 - HKCU\..\Run: [You've Got Pictures Screensaver] C:\Program Files\Common Files\AOL\Screensaver\ygps stra.exe
O4 - HKCU\..\Run: [Sivjmxw] C:\WINDOWS\system32\w?nlog on.exe
O4 - HKCU\..\Run: [Notn] C:\Documents and Settings\Owner\Application Data\wtta.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote .exe
O4 - Global Startup: hp officejet 4100 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\ba ckWeb-7288 971.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\m atcli.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH .HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2 \Office10\ EXCEL.EXE/ 3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.h tm
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-A DF037C8DDB C} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-A DF037C8DDB C} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B 5B5E98D167 C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B 5B5E98D167 C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5 C8D4460577 F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5 C8D4460577 F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-0 0C0F0318AF E} - C:\WINDOWS\System32\Shdocv w.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox. dll
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: {08D16C97-E70E-4315-AB6B-0 8F35E4A0BD 7} (Exam Solutions Quick Drop ME ActiveX Control) - http://online.selftestsoftware.com/QDMEAXRT.ocx
O16 - DPF: {2B323CD9-50E3-11D3-9466-0 0A0C970049 8} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5 A1EDB1D8A2 1} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0 001023E6D5 A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {A1B09066-C95C-4EF6-8DFD-3 DD0AFE610B 6} (AOL YGP Screensaver) - http://pak01.pictures.aol.com/ygp/aol/plugin/screensaver/YGPPicScreensaver.9.0.1.2.cab
O16 - DPF: {B8DBE293-99DB-4B20-8B57-1 D210C9E1C2 6} (InlineQDMECtrl.InlineQDME Ctl) - http://online.selftestsoftware.com/InlineQDMECtrl.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C 18E1ADA438 9} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-B A56D4D8D74 3} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.E XE
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\A CS\AOLacsd .exe
O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\A OLSPY~1\\a olserv.exe
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV. EXE
O23 - Service: Bluetooth Service - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\driver s\CDAC11BA .EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService .exe
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINDOWS\system32\driver s\KodakCCS .exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc3 2.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm 12.exe
O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAc cess.EXE
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.0
Scan saved at 8:31:42 PM, on 2/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\spools
C:\PROGRA~1\COMMON~1\AOL\A
C:\Program Files\AVPersonal\AVWUPSRV.
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\driver
C:\WINDOWS\system32\driver
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\ScsiAc
C:\WINDOWS\System32\svchos
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\windows\system\hpsysdrv
C:\Program Files\Hewlett-Packard\Digi
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tf
C:\WINDOWS\System32\igfxtr
C:\WINDOWS\System32\hkcmd.
C:\PROGRA~1\NORTON~1\navap
C:\WINDOWS\System32\spool\
C:\PROGRA~1\VERIZO~1\SUPPO
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\WINDOWS\System32\PD6000
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Real\RealPlayer\Real
C:\PROGRA~1\COMMON~1\AOL\A
C:\PROGRA~1\PURENE~1\PORTM
C:\Program Files\iTunes\iTunesHelper.
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon
C:\Program Files\Common Files\AOL\Screensaver\ygps
C:\WINDOWS\system32\w?nlog
C:\Documents and Settings\Owner\Application
C:\Program Files\iPod\bin\iPodService
C:\Program Files\America Online 9.0a\aoltray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Sierra\Planner\PLNRnote
C:\WINDOWS\System32\svchos
C:\Program Files\Hewlett-Packard\Digi
C:\Program Files\Hewlett-Packard\Digi
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\ba
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Quicken\bagent.exe
C:\Program Files\Verizon Online\SupportCenter\bin\m
C:\Program Files\Hewlett-Packard\Digi
C:\Program Files\Hewlett-Packard\Digi
C:\Program Files\Hewlett-Packard\Digi
C:\Program Files\AVPersonal\AVGUARD.E
C:\DOCUME~1\Owner\LOCALS~1
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: (no name) - {616C9EEA-7327-74F9-27E4-0
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-5
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-0
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digi
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tf
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtr
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.ex
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navap
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPO
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [PD6000StatusMonitor] C:\WINDOWS\System32\PD6000
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [TZvZt] C:\documents and settings\owner\local settings\temp\TZvZt.exe
O4 - HKLM\..\Run: [y] C:\documents and settings\owner\local settings\temp\y.exe
O4 - HKLM\..\Run: [s7nV32g] nsebcontrol.exe
O4 - HKLM\..\Run: [X] C:\documents and settings\owner\local settings\temp\X.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\Real
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORT
O4 - HKLM\..\Run: [upBTCpq] C:\documents and settings\owner\local settings\temp\upBTCpq.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [You've Got Pictures Screensaver] C:\Program Files\Common Files\AOL\Screensaver\ygps
O4 - HKCU\..\Run: [Sivjmxw] C:\WINDOWS\system32\w?nlog
O4 - HKCU\..\Run: [Notn] C:\Documents and Settings\Owner\Application
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote
O4 - Global Startup: hp officejet 4100 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\ba
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\m
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.h
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-A
O9 - Extra 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-A
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-0
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: {08D16C97-E70E-4315-AB6B-0
O16 - DPF: {2B323CD9-50E3-11D3-9466-0
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5
O16 - DPF: {9600F64D-755F-11D4-A47F-0
O16 - DPF: {A1B09066-C95C-4EF6-8DFD-3
O16 - DPF: {B8DBE293-99DB-4B20-8B57-1
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C
O16 - DPF: {F54C1137-5E34-4B95-95A5-B
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.E
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\A
O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\A
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.
O23 - Service: Bluetooth Service - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\driver
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINDOWS\system32\driver
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc3
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm
O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAc
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
the spyware came up with 3 problems ...
but i wudn't get into that .... coz i usually get some spyware **** installed and it had been a while that i checked for them ...
the beep is not very long .. ( i guess almost like the beep u hear when u start the comp..... but not that loud i guess ) there is only one beep ...
no i dont do a specific thing when it takes place...neither do i get an error message.
and even with the camera shot .. it just happens randomly ( i guess the camera click is like the click u hear when u use a mobile phone to take a picture ) ....
the camera click i hear it often ..... i mean now i almost ignore it ... but it keeps happening now or then...
but i wudn't get into that .... coz i usually get some spyware **** installed and it had been a while that i checked for them ...
the beep is not very long .. ( i guess almost like the beep u hear when u start the comp..... but not that loud i guess ) there is only one beep ...
no i dont do a specific thing when it takes place...neither do i get an error message.
and even with the camera shot .. it just happens randomly ( i guess the camera click is like the click u hear when u use a mobile phone to take a picture ) ....
the camera click i hear it often ..... i mean now i almost ignore it ... but it keeps happening now or then...
ASKER
Thanks folks. The hijackthis.de site was a big help, and the other suggestions were great too.
Thanks!
Hi
Thanks!
Glad someone here could help!
Clean out your temp folders - bad stuff in there
Try this - it works (safe mode?!):
http://www.ccleaner.com/
As always - best regards...
RF :)
Thanks!
Glad someone here could help!
Clean out your temp folders - bad stuff in there
Try this - it works (safe mode?!):
http://www.ccleaner.com/
As always - best regards...
RF :)
download LSPFix from here:
http://www.cexx.org/lspfix.htm
Read the instructions carefully - although this is a vaslid LSP -
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
"connwsp.dll"
Dealing with what you have on your computer make break your
LSP "Stack" - resulting in: no Internet connectivity
Just some insurance.
RF