cturnbow
asked on
connect to internet after running AntiSpyware
This past weekend I was in a location where dial-up was the only option...doing so blasted my PC with spyware. I have Microsoft AntiSpyware, Symantec and WinPatrol running and they seemed to catch all of them before they started running, however I had lots of clean up to do after disconnecting. Now that I'm home with high speed, I cannot connect to the internet. I've tried to do a System Restore (btw, I'm running XP), but they all fail. When I startup my PC I get a pop-up "Windows cannot find 'smsse.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search."
Can anyone help?
Can anyone help?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Here's the Hijackthis log. Thank you for your help!!
Logfile of HijackThis v1.99.1
Scan saved at 6:46:57 AM, on 3/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\System32\userin it32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EX E
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EX E
C:\Documents and Settings\Cole.D.Turnbow\De sktop\Hija ckthis\Hij ackThis.ex e
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,AutoConfigURL = http://set-proxy.accenture.com/bin/setup.proxy
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyServer = ocsmnisa02:8080
F2 - REG:system.ini: UserInit=userinit.exe,user init32.exe
O1 - Hosts: 199.200.22.97 AMRXM1105
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIE Helper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2 06D7942484 F} - C:\PROGRA~1\SPYBOT~1\SDHel per.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0 BBC1D38A37 E} - C:\Program Files\Groove Networks\Groove\Bin\Groove ShellExten sions.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1 c295661578 6} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C F10577473F 7} - c:\program files\google\googletoolbar 1.dll
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-0 40BCAF82AD 6} - C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0 0A0C908246 7} - C:\WINDOWS\System32\msdxm. ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0 09027A5CD4 F} - c:\program files\google\googletoolbar 1.dll
O4 - HKLM\..\Run: [vptray] C:\Program Files\Symantec_Client_Secu rity\Syman tec AntiVirus\vptray.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THot key.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV3 1.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCt l.EXE /Service
O4 - HKLM\..\Run: [TMEEJME.EXE] C:\Program Files\TOSHIBA\TME3\TMEEJME .EXE
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS3 2.EXE /Client
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [eSupInit] "C:\Program Files\Support.com\bin\eSup Cmd.exe" -inituser
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPA T~1\WinPat rol.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream. exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.e xe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Accenture Connection] "C:\Program Files\Accenture Connection\9341989\Program \Accenture Connection.exe"
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSui te\DATALA~ 1\DATALA~1 .EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1 \TRAYAP~1. EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bi n\jusched. exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe " -atboottime
O4 - HKLM\..\Run: [LifeScape Media Detector] C:\Program Files\Picasa\PicasaMediaDe tector.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaD etector.ex e
O4 - HKLM\..\Run: [System Update] C:\WINDOWS\System32\zvrlm. exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\W eather.exe 1
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [aauclient] C:\Program Files\ACNU\ACNUpdater.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: BlackICE Agent.lnk = ?
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Groove Virtual Office.lnk = C:\Program Files\Groove Networks\Groove\Bin\Groove .exe
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtrac t\SpySub.e xe
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar 1.dll/cmse arch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar 1.dll/cmba cklinks.ht ml
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar 1.dll/cmca che.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2 \OFFICE11\ EXCEL.EXE/ 3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar 1.dll/cmsi milar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar 1.dll/cmtr ans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\WINDOWS\System32\msjava .dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\WINDOWS\System32\msjava .dll
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-0 0105A1B41B 8} - C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3 C9C571A826 3} - C:\PROGRA~1\MICROS~2\OFFIC E11\REFIEB AR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-0 0B0D0A1DE4 5} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B 7D41EF1CB5 2} - C:\PROGRA~1\AWS\WEATHE~1\W eather.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox. dll
O15 - Trusted Zone: *.accenture.com
O15 - Trusted Zone: *.accenture.com (HKLM)
O16 - DPF: PowerBuilder DW Control & JDBC - https://directaccess.billing.com/daweb/downloads/Psdwc80.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0 060089874E D} (Support.com ActionRunner Class) - https://esupport.accenture.com/inc/sdccommon/download/tgctlar.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A 7ADCBF9BD0 2} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C 7C580BBF70 0} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-C C0A30F9028 C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {2E28242B-A689-11D4-80F2-0 040266CBB8 D} (KX-HCM10 Control) - http://woofdah.viewnetcam.com/kxhcm10.ocx
O16 - DPF: {2F175895-5819-4014-83BF-3 85FA683367 7} (IObjSafety.eSupportWS) - https://esupport.accenture.com/inc/download/IObjSafety.ocx
O16 - DPF: {4A3CBDDD-C4DC-4C38-B44F-7 04DAEF628A E} (PjAdoInfo3 Class) - https://project.solutionworks.com/opencis/objects/pjclient.cab
O16 - DPF: {640B39C1-D713-464F-92C3-7 5BD972B95E E} - http://www.sidestep.com/get/k00719/sb02a.cab
O16 - DPF: {6414512B-B978-451D-A0D8-F CFDF33E833 C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093965911637
O16 - DPF: {82774781-8F4E-11D1-AB1C-0 000F8773BF 0} (DLC Class) - http://transfers.one.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
O16 - DPF: {AF9A1421-E128-4D5F-A37E-0 39F305867B 9} (Pj11enuC Class) - https://project.solutionworks.com/opencis/objects/1033/pjcintl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-5 95F0A5519F F} (MsnMessengerSetupDownload Control Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\T cpip\Param eters: Domain = Accenture.com
O17 - HKLM\Software\..\Telephony : DomainName = Accenture.com
O17 - HKLM\System\CS1\Services\T cpip\Param eters: Domain = Accenture.com
O17 - HKLM\System\CS2\Services\T cpip\Param eters: Domain = Accenture.com
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLog on.dll
O21 - SSODL: mtklefap - {C815FA9D-1B7C-463B-F3AB-7 0C05B35BEC 1} - C:\WINDOWS\System32\cdexyx 32.dll (file missing)
O21 - SSODL: mtkle - {636EF064-658D-4574-20AA-5 551595CC78 3} - C:\WINDOWS\System32\uglxf3 2.dll (file missing)
O23 - Service: ACNUSvc - - c:\program files\acnu\acnupdatersvc.e xe
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMAN T~1\DefWat ch.exe
O23 - Service: Groove Audit Service (GrooveAuditService) - Groove Networks, Inc. - C:\Program Files\Groove Networks\Groove\Bin\Groove AuditServi ce.exe
O23 - Service: Groove Installer Service (GrooveInstallerService) - Groove Networks, Inc. - C:\Program Files\Groove Networks\Groove\Bin\Groove InstallerS ervice.exe
O23 - Service: MC/Empower i.collect Service (iCollectService) - Unknown owner - C:\WINDOWS\system32\acstp\ icserv.exe
O23 - Service: Accenture Media Viewer (MediaViewer) - - c:\program files\firm applications\media viewer\services\streamview erservice. exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMAN T~1\Rtvsca n.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc3 2.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm 12.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\RapApp.exe
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesbs3 2.exe" /Service (file missing)
O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv3 1.exe" /Service (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 6:46:57 AM, on 3/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\System32\userin
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EX
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EX
C:\Documents and Settings\Cole.D.Turnbow\De
R1 - HKCU\Software\Microsoft\Wi
R1 - HKCU\Software\Microsoft\Wi
F2 - REG:system.ini: UserInit=userinit.exe,user
O1 - Hosts: 199.200.22.97 AMRXM1105
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-0
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [vptray] C:\Program Files\Symantec_Client_Secu
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THot
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV3
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCt
O4 - HKLM\..\Run: [TMEEJME.EXE] C:\Program Files\TOSHIBA\TME3\TMEEJME
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS3
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [eSupInit] "C:\Program Files\Support.com\bin\eSup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPA
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.e
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Accenture Connection] "C:\Program Files\Accenture Connection\9341989\Program
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSui
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bi
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [LifeScape Media Detector] C:\Program Files\Picasa\PicasaMediaDe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaD
O4 - HKLM\..\Run: [System Update] C:\WINDOWS\System32\zvrlm.
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\W
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [aauclient] C:\Program Files\ACNU\ACNUpdater.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: BlackICE Agent.lnk = ?
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Groove Virtual Office.lnk = C:\Program Files\Groove Networks\Groove\Bin\Groove
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtrac
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-0
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-0
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.
O15 - Trusted Zone: *.accenture.com
O15 - Trusted Zone: *.accenture.com (HKLM)
O16 - DPF: PowerBuilder DW Control & JDBC - https://directaccess.billing.com/daweb/downloads/Psdwc80.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0
O16 - DPF: {04E214E5-63AF-4236-83C6-A
O16 - DPF: {17492023-C23A-453E-A040-C
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-C
O16 - DPF: {2E28242B-A689-11D4-80F2-0
O16 - DPF: {2F175895-5819-4014-83BF-3
O16 - DPF: {4A3CBDDD-C4DC-4C38-B44F-7
O16 - DPF: {640B39C1-D713-464F-92C3-7
O16 - DPF: {6414512B-B978-451D-A0D8-F
O16 - DPF: {82774781-8F4E-11D1-AB1C-0
O16 - DPF: {AF9A1421-E128-4D5F-A37E-0
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-5
O17 - HKLM\System\CCS\Services\T
O17 - HKLM\Software\..\Telephony
O17 - HKLM\System\CS1\Services\T
O17 - HKLM\System\CS2\Services\T
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLog
O21 - SSODL: mtklefap - {C815FA9D-1B7C-463B-F3AB-7
O21 - SSODL: mtkle - {636EF064-658D-4574-20AA-5
O23 - Service: ACNUSvc - - c:\program files\acnu\acnupdatersvc.e
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMAN
O23 - Service: Groove Audit Service (GrooveAuditService) - Groove Networks, Inc. - C:\Program Files\Groove Networks\Groove\Bin\Groove
O23 - Service: Groove Installer Service (GrooveInstallerService) - Groove Networks, Inc. - C:\Program Files\Groove Networks\Groove\Bin\Groove
O23 - Service: MC/Empower i.collect Service (iCollectService) - Unknown owner - C:\WINDOWS\system32\acstp\
O23 - Service: Accenture Media Viewer (MediaViewer) - - c:\program files\firm applications\media viewer\services\streamview
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMAN
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc3
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\RapApp.exe
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesbs3
O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv3
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I ran the winsock fix and that didn't do the trick. The strange thing is that sometimes when I reboot...AIM will be able to startup, but then after the rest of my startup programs get running, AIM and the internet are not accessable. I'll go post the log. Please let me know if you have any other thoughts on what in the startup could be cutting off my internet.
Thanks!
Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Spybot = several hits...most were fixed, those registry items that couldn't be fixed, I deleted
reran Spybot = clean
MS AntiSpyware = clean
Ad-Aware = lots of items, all cleaned
CWshredder = found nothing
sscan on Trendmicro = several things that are now cleaned
Still not able to get to internet out of Safe mode. Will run Hijackthis and submit log next.