Jump to content

plowdriver01

Members
  • Content Count

    34
  • Joined

  • Last visited

About plowdriver01

  • Rank
    Member

Previous Fields

  • System Specifications:
    AMD Duron-1GHz,20Gb,cd,cdrw,
  1. No, What they did was while we were logged on they went and created a guest account. As long as it is turned on they can access it. But we have to be logged on for them to turn it on.
  2. Thanks for everything. you guys are the greatest. .. one more thing,Is there a way to delete the guest account. Maybe my kids will not get on here. I turned it off, but what they do is turn it on and shutdown,then while we are at work they just go wild. lol
  3. Ok, Downloaded the latest spybot. It found a few things on my side and took care of them. It also found that damn abetternet on Denises' side and it took care of that ,for now. I hope this crap don.t come back. I did download the others you asked me to but did not install yet. Is there anything else I need to do? Thanks Bob
  4. Things seem alot better now. Boot up is good but sometimes it still seems to take awhile to get going on the internet. Where do I get the latest spy-bot? I am running 1.2 and cannot do all you ask me to. Also ,do I need to add those registry quotes into Denises' side too?
  5. And here is the findit scan. Microsoft Windows XP [Version 5.1.2600] The current date is: Tue 06/14/2005 PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. »»»»»»»»»»»»»»»»»»»»»»»» Todo Files found »»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» aurora Files found »»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» Suspect's »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Dont delete file's in the section without guidance If any doubt back them up first * UPX! C:\WINDOWS\UNWASH.EXE * UPX! C:\WINDOWS\TSC.EXE »»»»» lagitamate file's can/will show in this section. * UPX! C:\WINDOWS\VSAPI32.DLL »»»»»»»»»»»»»»»»»»»»»»»» Buddy file's »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» SAHAgent Files found »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» Misc checks »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»» Check for Windows\SYSTEM32\cache32_rtneg* folder. Volume in drive C has no label. Volume Serial Number is 8080-0043 Directory of C:\WINDOWS\SYSTEM32 »»»»» Checking for SAHAgent ico files. Volume in drive C has no label. Volume Serial Number is 8080-0043 Directory of C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»».
  6. Ok, Here is Ewido. ------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 5:17:56 PM, 6/14/2005 + Report-Checksum: CE7C51BE + Date of database: 6/14/2005 + Version of scan engine: v3.0 + Duration: 129 min + Scanned Files: 162474 + Speed: 20.90 Files/Second + Infected files: 4 + Removed files: 2 + Files put in quarantine: 2 + Files that could not be opened: 0 + Files that could not be cleaned: 2 + Binder: Yes + Crypter: Yes + Archives: Yes + Scanned items: C:\ C:\ + Scan result: C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@atdmt[2].txt -> Spyware.Tracking-Cookie -> Error during cleaning ::Report End
  7. Hi noahdfear Give me more stuff to do tomorrow.I can't stay on anymore tonight. Startup still seems real slow. I posted a bunch of stuff. Thanks
  8. Am I a Pain in the butt yet? Oh,will this need to be done for all users on this puter?
  9. And one more --------------------------------------------------------- ewido security suite - Connection report --------------------------------------------------------- + Created on: 4:11:22 PM, 6/13/2005 + Report-Checksum: E9C996D1 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING TCP 24.239.217.106:139 0.0.0.0:0 LISTENING TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING TCP 127.0.0.1:5001 127.0.0.1:1109 CLOSE_WAIT UDP 0.0.0.0:445 UDP 0.0.0.0:500 UDP 0.0.0.0:1029 UDP 0.0.0.0:4500 UDP 24.239.217.106:123 UDP 24.239.217.106:137 UDP 24.239.217.106:138 UDP 127.0.0.1:123 UDP 127.0.0.1:1159
  10. And this --------------------------------------------------------- ewido security suite - Startup report --------------------------------------------------------- + Created on: 4:10:01 PM, 6/13/2005 + Report-Checksum: 7560DE5C Reg\HKLM\Run VSOCheckTask "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask Reg\HKLM\Run VirusScan Online "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" Reg\HKLM\Run SO5 Integrator Pass Two C:\WINDOWS\SOINTGR.EXE Reg\HKLM\Run Lexmark X74-X75 "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" Reg\HKLM\Run MCUpdateExe C:\PROGRA~1\mcafee.com\agent\mcupdate.exe Reg\HKLM\Run MCAgentExe c:\PROGRA~1\mcafee.com\agent\mcagent.exe Reg\HKLM\Run QuickTime Task "C:\documents and settings\denise kozer\desktop\qttask.exe" -atboottime Reg\HKLM\Run gcasServ "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" Reg\HKLM\Run Zone Labs Client C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe Reg\HKLM\Run THGuard "C:\Program Files\TrojanHunter 4.2\THGuard.exe" Reg\HKCU\Run ctfmon.exe C:\WINDOWS\system32\ctfmon.exe Reg\HKCU\Run PhotoShow Deluxe Media Manager C:\PROGRA~1\SIMPLE~2\PHOTOS~1\data\xtras\mssysmgr.exe Shell\CommonStartup Adobe Reader Speed Launch.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk Shell\CommonStartup SpySubtract.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpySubtract.lnk Shell\UserStartup SpySubtract.lnk C:\Documents and Settings\Bob Kozer\Start Menu\Programs\Startup\SpySubtract.lnk
  11. Mybe this will help also --------------------------------------------------------- ewido security suite - Process report --------------------------------------------------------- + Created on: 4:08:52 PM, 6/13/2005 + Report-Checksum: A26AFF85 0: System Process 4: System Process 236: C:\Program Files\Lexmark X74-X75\lxbbbmon.exe 416: \SystemRoot\System32\smss.exe 484: \??\C:\WINDOWS\system32\csrss.exe 508: \??\C:\WINDOWS\system32\winlogon.exe 552: C:\WINDOWS\system32\services.exe 564: C:\WINDOWS\system32\lsass.exe 696: C:\Program Files\Internet Explorer\iexplore.exe 712: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe 716: C:\WINDOWS\system32\svchost.exe 744: c:\program files\mcafee.com\agent\mcagent.exe 764: C:\WINDOWS\system32\svchost.exe 816: C:\documents and settings\denise kozer\desktop\qttask.exe 828: C:\WINDOWS\System32\svchost.exe 880: C:\WINDOWS\System32\svchost.exe 1000: C:\WINDOWS\System32\svchost.exe 1132: C:\WINDOWS\system32\LEXBCES.EXE 1192: C:\WINDOWS\system32\spoolsv.exe 1200: C:\WINDOWS\system32\LEXPPS.EXE 1348: C:\WINDOWS\system32\ZoneLabs\isafe.exe 1360: C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe 1376: C:\Program Files\ewido\security suite\ewidoctrl.exe 1388: C:\Program Files\ewido\security suite\ewidoguard.exe 1456: c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe 1472: C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe 1568: c:\progra~1\mcafee.com\vso\mcvsescn.exe 1584: C:\WINDOWS\Explorer.EXE 1592: C:\WINDOWS\System32\svchost.exe 1748: C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe 1900: C:\WINDOWS\SOINTGR.EXE 1960: c:\PROGRA~1\mcafee.com\vso\mcshield.exe 2100: System Process 2120: C:\WINDOWS\system32\ctfmon.exe 2128: C:\PROGRA~1\SIMPLE~2\PHOTOS~1\data\xtras\mssysmgr.exe 2276: C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe 2400: C:\Program Files\ewido\security suite\SecuritySuite.exe 2488: C:\WINDOWS\system32\wscntfy.exe 2668: C:\Program Files\InterMute\SpySubtract\SpySub.exe
  12. Microsoft anti sptware found abetterinternet.DrPmon in restore. And abetterinternet.Aurora in restore Also, here is another Ewido scan--------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 4:05:13 PM, 6/13/2005 + Report-Checksum: 6A681DB4 + Date of database: 6/13/2005 + Version of scan engine: v3.0 + Duration: 177 min + Scanned Files: 162670 + Speed: 15.24 Files/Second + Infected files: 28 + Removed files: 14 + Files put in quarantine: 14 + Files that could not be opened: 0 + Files that could not be cleaned: 14 + Binder: Yes + Crypter: Yes + Archives: Yes + Scanned items: C:\ C:\ + Scan result: C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@atdmt[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@advertising[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@ads.addynamix[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@servedby.advertising[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@z1.adserver[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000108.dll -> Trojan.Agent.db -> Cleaned with backup C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000109.exe -> Trojan.Stervis.c -> Cleaned with backup C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000110.exe -> Trojan.Nail -> Cleaned with backup C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000112.exe -> Spyware.BetterInternet -> Cleaned with backup C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000145.exe -> Trojan.Nail -> Cleaned with backup C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@atdmt[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Bob Kozer\Cookies\bob kozer@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@advertising[2].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@ads.addynamix[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@atdmt[2].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@servedby.advertising[2].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@z1.adserver[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\Documents and Settings\Denise Kozer\Cookies\denise kozer@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Error during cleaning C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000108.dll -> Trojan.Agent.db -> Error during cleaning C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000109.exe -> Trojan.Stervis.c -> Error during cleaning C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000110.exe -> Trojan.Nail -> Error during cleaning C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000112.exe -> Spyware.BetterInternet -> Error during cleaning C:\System Volume Information\_restore{4FB61209-EAD1-424F-9C37-C5E5F5C24883}\RP3\A0000145.exe -> Trojan.Nail -> Error during cleaning ::Report End
  13. Here is the Findit's log Microsoft Windows XP [Version 5.1.2600] The current date is: Mon 06/13/2005 PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. »»»»»»»»»»»»»»»»»»»»»»»» Todo Files found »»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» aurora Files found »»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» Suspect's »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Dont delete file's in the section without guidance If any doubt back them up first * UPX! C:\WINDOWS\UNWASH.EXE * UPX! C:\WINDOWS\TSC.EXE »»»»» lagitamate file's can/will show in this section. * UPX! C:\WINDOWS\VSAPI32.DLL »»»»»»»»»»»»»»»»»»»»»»»» Buddy file's »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» SAHAgent Files found »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» Misc checks »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»» Check for Windows\SYSTEM32\cache32_rtneg* folder. Volume in drive C has no label. Volume Serial Number is 8080-0043 Directory of C:\WINDOWS\SYSTEM32 »»»»» Checking for SAHAgent ico files. Volume in drive C has no label. Volume Serial Number is 8080-0043 Directory of C:\WINDOWS\system32 04/23/2005 01:44 PM 3,262 vh e233.ico 04/23/2005 01:44 PM 4,286 mp3red51aads.ico 04/23/2005 01:44 PM 3,262 kill spyware1.ico 04/23/2005 01:44 PM 3,262 kill popups.ico 4 File(s) 14,072 bytes 0 Dir(s) 10,639,736,832 bytes free »»»»»»»»»»»»»»»»»»»»»»»». HKEY_CURRENT_USER\Software\aurora\AUI3d5OfSInst HKEY_CURRENT_USER\Software\aurora\AUC3n5trMsgSDisp HKEY_CURRENT_USER\Software\aurora\AUs3t5icky1S HKEY_CURRENT_USER\Software\aurora\AUs3t5icky2S HKEY_CURRENT_USER\Software\aurora\AUs3t5icky3S HKEY_CURRENT_USER\Software\aurora\AUs3t5icky4S HKEY_CURRENT_USER\Software\aurora\AUC1o3d5eOfSFinalAd HKEY_CURRENT_USER\Software\aurora\AUT3i5m7eOfSFinalAd HKEY_CURRENT_USER\Software\aurora\AUD3s5tSSEnd HKEY_CURRENT_USER\Software\aurora\AU3N5a7tionSCode HKEY_CURRENT_USER\Software\aurora\AUP3D5om HKEY_CURRENT_USER\Software\aurora\AUT3h5rshSCheckSIn HKEY_CURRENT_USER\Software\aurora\AUT3h5rshSMots HKEY_CURRENT_USER\Software\aurora\AUM3o5deSSync HKEY_CURRENT_USER\Software\aurora\AUI3n5ProgSCab HKEY_CURRENT_USER\Software\aurora\AUI3n5ProgSEx HKEY_CURRENT_USER\Software\aurora\AUI3n5ProgSLstest HKEY_CURRENT_USER\Software\aurora\AUB3D5om HKEY_CURRENT_USER\Software\aurora\AUE3v5nt HKEY_CURRENT_USER\Software\aurora\AUT3h5rshSBath HKEY_CURRENT_USER\Software\aurora\AUT3h5rshSysSInf HKEY_CURRENT_USER\Software\aurora\AUL3n5Title HKEY_CURRENT_USER\Software\aurora\AUC3u5rrentSMode HKEY_CURRENT_USER\Software\aurora\AUC3n5tFyl HKEY_CURRENT_USER\Software\aurora\AUI3g5noreS HKEY_CURRENT_USER\Software\aurora\AUS3t5atusOfSInst HKEY_CURRENT_USER\Software\aurora\AUL3a5stMotsSDay HKEY_CURRENT_USER\Software\aurora\AUL3a5stSSChckin
  14. Hi, Here is thelataest HJT LOG logfile of HijackThis v1.99.1 Scan saved at 12:40:17 PM, on 6/13/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\ewido\security suite\ewidoguard.exe c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe C:\WINDOWS\SOINTGR.EXE C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe C:\documents and settings\denise kozer\desktop\qttask.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe c:\program files\mcafee.com\agent\mcagent.exe C:\Program Files\Lexmark X74-X75\lxbbbmon.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\SIMPLE~2\PHOTOS~1\data\xtras\mssysmgr.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\InterMute\SpySubtract\SpySub.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HJT\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" O4 - HKLM\..\Run: [sO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\denise kozer\desktop\qttask.exe" -atboottime O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~2\PHOTOS~1\data\xtras\mssysmgr.exe O4 - Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .fpx: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O16 - DPF: PCPitstop-Tracks-Checker - http://pcpitstop.com/privacy/PCPTracks.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-24.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...81/mcinsctl.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/:f...red:/asinst.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,19/mcgdmgr.cab O16 - DPF: {BDD2F926-8158-4F62-9E0D-B3B75FD1F07F} (McObjectFactory Class) - http://download.mcafee.com/molbin/shared/M...0,2/mcmysec.cab O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...353/mcfscan.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  15. Got to go to bed, start work early tomorrow. Should be here around 2:30. Hope we can get this resolved,Thanks again.
×
×
  • Create New...