Jump to content

rawone

Members
  • Content Count

    38
  • Joined

  • Last visited

About rawone

  • Rank
    Member
  1. Hi TomGL2. I did as you requested and the Google home page is there. Off the top of my head I searched for baseball bats, corvette parts, honda parts (google took me to these sites) and when I clicked on them I got the same message, "Internet Explorer cannot display the web page". I then tried pc pitstop and that worked fine. Robert
  2. I have always used Google Search and now when I try, I get the message "Internet Explorer cannot display the web page". In fact I can't even get to the Google home site for help.(same message for Bing). It is like anything to do with Google is being blocked. I can use Yahoo Search with no problems. IE is working fine for every other site. I have Windows XP useing IE 8. Thank you for any help. Robert
  3. thank you ... it worked in safe mode.
  4. im using norton 2007 internet security.i was able to restore in safe mode. thank you for your time and help.
  5. I tried to use system restore and it said it was unable to restore. I tried different dates with the same message. I scanned with norton,counter spy,ad-aware,kaspersky online scanner and spybot with nothing found. Can anyone help with this problem. I have windows xp home sp2. Thank You.
  6. Thank you so much for all the time and effort you put in for me. It is truely appreciated.Good to have people out there like you.... Robert.
  7. Aaflac,Here is the scan log from ComboFix. "Robert Williams" - 07-03-10 11:36:42 Service Pack 2 ComboFix 07-03-09.3 - Running from: "C:\Documents and Settings\Robert Williams\Desktop" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\DOWNLO~1.\Quarantine ((((((((((((((((((((((((((((((( Files Created from 2007-02-10 to 2007-03-10 )))))))))))))))))))))))))))))))))) 2007-03-06 00:06 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2007-03-06 00:06 <DIR> d-------- C:\DOCUME~1\ROBERT~1\APPLIC~1\SUPERAntiSpyware.com 2007-03-06 00:06 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com 2007-03-03 14:15 <DIR> d----c--- C:\WINDOWS\SYSTEM32\DRVSTORE 2007-03-03 14:13 <DIR> d-------- C:\Program Files\Common Files\Kodak 2007-03-03 12:06 <DIR> d-------- C:\DOCUME~1\ROBERT~1\DoctorWeb 2007-03-02 19:05 <DIR> d-------- C:\Program Files\Windows Defender 2007-02-27 14:07 <DIR> d-------- C:\HJT 2007-02-20 17:38 <DIR> d-------- C:\Program Files\MSBuild 2007-02-20 17:35 <DIR> d-------- C:\WINDOWS\SYSTEM32\XPSViewer 2007-02-20 17:35 <DIR> d-------- C:\Program Files\Reference Assemblies 2007-02-20 17:34 14,048 --------- C:\WINDOWS\SYSTEM32\spmsg2.dll 2007-02-20 17:34 <DIR> d-------- C:\aba998701116d697e7c242ac 2007-02-12 17:22 538,256 --a------ C:\WINDOWS\SYSTEM32\SymNeti.dll 2007-02-12 17:22 31,888 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symids.sys 2007-02-12 17:22 28,304 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symndis.sys 2007-02-12 17:22 24,720 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symredrv.sys 2007-02-12 17:22 196,752 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symtdi.sys 2007-02-12 17:22 161,424 --a------ C:\WINDOWS\SYSTEM32\SymRedir.dll 2007-02-12 17:22 12,944 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symdns.sys 2007-02-12 17:22 110,736 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symfw.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-03-10 11:22 384 --a------ C:\WINDOWS\SYSTEM32\dvcstatebkp-{00000004-00000000-00000002-00001102-00000004-20061102}.dat 2007-03-10 11:22 384 --a------ C:\WINDOWS\SYSTEM32\dvcstate-{00000004-00000000-00000002-00001102-00000004-20061102}.dat 2007-03-09 14:38 -------- d-------- C:\Program Files\Common Files\symantec shared 2007-03-09 12:39 -------- d-------- C:\Program Files\symantec 2007-03-09 12:18 -------- d-------- C:\DOCUME~1\ROBERT~1\APPLIC~1\symantec 2007-03-06 16:12 -------- d-------- C:\Program Files\ace utilities 2007-03-06 00:03 -------- d-------- C:\Program Files\Common Files\wise installation wizard 2007-03-05 18:23 -------- d-------- C:\Program Files\norton internet security 2007-03-03 14:15 -------- d-------- C:\Program Files\kodak 2007-02-27 13:59 -------- d-------- C:\Program Files\java 2007-02-26 18:49 -------- d-------- C:\Program Files\ashampoo 2007-02-23 15:39 -------- d-------- C:\Program Files\pcpitstop 2007-02-22 11:13 48776 --a------ C:\WINDOWS\SYSTEM32\s32evnt1.dll 2007-02-22 11:13 115000 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS 2007-02-09 13:30 -------- d-------- C:\Program Files\wal-mart music downloads store 2007-02-09 13:30 -------- d-------- C:\DOCUME~1\ROBERT~1\APPLIC~1\installshield 2007-02-01 15:16 -------- d-------- C:\Program Files\quicktime 2007-02-01 15:15 -------- d-------- C:\Program Files\apple software update 2007-02-01 13:47 -------- d-------- C:\Program Files\oberon media 2007-01-11 12:16 -------- d-------- C:\DOCUME~1\ROBERT~1\APPLIC~1\adobeum 2007-01-08 19:01 17408 --a------ C:\WINDOWS\SYSTEM32\corpol.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunServer"="C:\\Program Files\\Sunbelt Software\\CounterSpy\\Consumer\\sunserver.exe" "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] "backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE " "item"="Adobe Reader Speed Launch" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk] "location"="Common Startup" "item"="America Online 9.0 Tray Icon" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk] "backup"="C:\\WINDOWS\\pss\\ATI CATALYST System Tray.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\ATITEC~1\\ATI.ACE\\CLI.exe SystemTray" "item"="ATI CATALYST System Tray" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk] "backup"="C:\\WINDOWS\\pss\\Digital Line Detect.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\DIGITA~1\\DLG.exe " "item"="Digital Line Detect" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk] "backup"="C:\\WINDOWS\\pss\\hpoddt01.exe.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe " "item"="hpoddt01.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] "backup"="C:\\WINDOWS\\pss\\Kodak EasyShare software.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Kodak\\KODAKE~1\\bin\\EASYSH~1.EXE -hx" "item"="Kodak EasyShare software" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^officejet 6100.lnk] "backup"="C:\\WINDOWS\\pss\\officejet 6100.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hposol08.exe " "item"="officejet 6100" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="cli" "hkey"="HKLM" "command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="atiptaxx" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bldbubg" "hkey"="HKLM" "command"="c:\\dell\\bldbubg.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CTDVDDET" "hkey"="HKLM" "command"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CTHELPER" "hkey"="HKLM" "command"="CTHELPER.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CTSysVol" "hkey"="HKLM" "command"="C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe /r" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellHelp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellHelp" "hkey"="HKLM" "command"="C:\\Dell\\DellHelp\\DellHelp.exe /c" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="tfswctrl" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DMXLauncher" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DVDLauncher" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iaanotif" "hkey"="HKLM" "command"="C:\\Program Files\\Intel\\Intel Application Accelerator\\iaanotif.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ISUSPM" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -scheduler" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mimboot" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mmtask" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mm_tray" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RealPlay" "hkey"="HKLM" "command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="sgtray" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdReg" "hkey"="HKLM" "command"="C:\\WINDOWS\\UpdReg.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WMPNSCFG" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "MDM"=dword:00000003 "XCOMM"=dword:00000002 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{9EF34FF2-3396-4527-9D27-04C8C1C67806}"="CounterSpy Service Hook" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" "{076394AD-7FDD-44EF-A075-32C68DBAB99B}"="" "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook" "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "TaskMgr"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system\New Key #1] "New Value #1"=hex(2):00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_COMHOST ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20070302-115518-295 O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b327h/rnl/java/RntX.cab backup-20070301-174715-281 O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab backup-20070301-174605-222 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ftp...02/cpbrkpie.cab Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\EasyShare Registration Task.job C:\WINDOWS\tasks\MP Scheduled Scan.job ******************************************************************** catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-03-10 11:38:51
  8. I scanned with Kapersky,Panda and BitDefender.All reported nothing found. Exterminate still shows the Difisim trojan.
  9. I ran Super AntiSpyware as instructed but didn't find anything.There was no log to send.
  10. Aaflac, I'm sorry but I don't exactly know what you meant by "do not include my posts in code when you reply". I'm using fast reply hoping that is what you want.Here is the new log............ Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare" "C:\\Program Files\\Logitech\\Harmony Remote\\HarmonyClient.exe"="C:\\Program Files\\Logitech\\Harmony Remote\\HarmonyClient.exe:*:Enabled:Logitech Harmony Remote Software V5" "C:\\Program Files\\Logitech\\Harmony Remote\\PatchHelper.exe"="C:\\Program Files\\Logitech\\Harmony Remote\\PatchHelper.exe:*:Enabled:Remote Control Software Patch Helper" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
  11. P C Pitstop Exterminate doesn't provide a path/file for Difisim itself but when clicked on it sends me to this eTRUST Spyware page. It does have some info on it. http://www3.ca.com/securityadvisor/pest/pe...px?id=453102058 I scanned with the Dr. Web CureIt. It didn't find anything and there was no log to send to you that I could find.
  12. Here is the AVG AS report and the new HijackThis log................. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 12:27:41 PM 3/2/2007 + Scan result: Nothing found. ::Report end Logfile of HijackThis v1.99.1 Scan saved at 12:47:21 PM, on 3/2/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [sunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omah...a-ob-assets.cab O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.5.2.26/blac...kjack-en_US.cab O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.5.2.26/vide...kjack-en_US.cab O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.5.3.37/chec...ckers-en_US.cab O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.4.0.48/crib...e-ob-assets.cab O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.2.30/chec...g-ob-assets.cab O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.5.3.44/domi...omino-en_US.cab O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.5.2.26/euch...uchre-en_US.cab O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.5.1.31/supe...bingo-en_US.cab O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/gree...k-ob-assets.cab O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.4.34/harv...t-ob-assets.cab O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.4.34/hear...s-ob-assets.cab O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.4.27/draw...poker-en_US.cab O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.5.2.26/gin/gin-en_US.cab O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.5.3.37/lott...ottso-en_US.cab O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.3.36/mahj...g-ob-assets.cab O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.5.4.27/mlsl...slots-en_US.cab O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/paig...w-ob-assets.cab O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.5.4.27/free...ecell-en_US.cab O16 - DPF: Pebble Beach 3 Hole Challenge by pogo - http://game1.pogo.com/applet-6.5.3.44/thre...ehole-en_US.cab O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.5.1.31/peng...guins-en_US.cab O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.4.27/popf...u-ob-assets.cab O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.6.0.27/popp...zoppa-en_US.cab O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.6.2.21/popp...ppit2-en_US.cab O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.6.0.27/hots...treak-en_US.cab O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.6.0.27/squa...uares-en_US.cab O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.5.3.44/ride/ride-en_US.cab O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.5.3.44/slot...owbiz-en_US.cab O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.4.4.34/spad...s-ob-assets.cab O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.5.4.27/sque...chies-en_US.cab O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.5.1.24/stax/stax-en_US.cab O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/swee...r-ob-assets.cab O16 - DPF: Top Down Baseball Challenge by pogo - http://game1.pogo.com/applet-6.5.3.44/topd...down2-en_US.cab O16 - DPF: Tornado 21 - http://download.games.yahoo.com/games/clients/y/t21t0_x.cab O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.6.0.27/peaks/peaks-en_US.cab O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.5.3.44/jumb...umbee-en_US.cab O16 - DPF: Video Poker - http://download.games.yahoo.com/games/clients/y/vpt0_x.cab O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.5.2.26/vide...poker-en_US.cab O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.5.3.37/memo...ories-en_US.cab O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.0.48/whac...n-ob-assets.cab O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.2.30/word...g-ob-assets.cab O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.23/worl...s-ob-assets.cab O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab O16 - DPF: Yahoo! Dice - http://download.games.yahoo.com/games/clients/y/dct4_x.cab O16 - DPF: Yahoo! Klondike Solitaire - http://presence.games.yahoo.com/yog/y/ks12_x.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/as...trl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/as...trl/tgctlsr.cab O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/Activ...iveXClient1.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} - http://www.pcpitstop.com/pestscan/pestscan.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax3313.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15021/CTPID.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  13. PC Pitstop Exterminate found Difisim Trojan. Here is my HJT log as requested.Thank You for any help. Logfile of HijackThis v1.99.1 Scan saved at 2:10:15 PM, on 2/27/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [sunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omah...a-ob-assets.cab O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.5.2.26/blac...kjack-en_US.cab O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.5.2.26/vide...kjack-en_US.cab O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.5.3.37/chec...ckers-en_US.cab O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.4.0.48/crib...e-ob-assets.cab O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.2.30/chec...g-ob-assets.cab O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.5.3.44/domi...omino-en_US.cab O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.5.2.26/euch...uchre-en_US.cab O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.5.1.31/supe...bingo-en_US.cab O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/gree...k-ob-assets.cab O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.4.34/harv...t-ob-assets.cab O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.4.34/hear...s-ob-assets.cab O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.4.27/draw...poker-en_US.cab O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.5.2.26/gin/gin-en_US.cab O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.5.3.37/lott...ottso-en_US.cab O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.3.36/mahj...g-ob-assets.cab O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.5.4.27/mlsl...slots-en_US.cab O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/paig...w-ob-assets.cab O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.5.4.27/free...ecell-en_US.cab O16 - DPF: Pebble Beach 3 Hole Challenge by pogo - http://game1.pogo.com/applet-6.5.3.44/thre...ehole-en_US.cab O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.5.1.31/peng...guins-en_US.cab O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.4.27/popf...u-ob-assets.cab O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.6.0.27/popp...zoppa-en_US.cab O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.6.2.21/popp...ppit2-en_US.cab O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.6.0.27/hots...treak-en_US.cab O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.6.0.27/squa...uares-en_US.cab O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.5.3.44/ride/ride-en_US.cab O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.5.3.44/slot...owbiz-en_US.cab O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.4.4.34/spad...s-ob-assets.cab O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.5.4.27/sque...chies-en_US.cab O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.5.1.24/stax/stax-en_US.cab O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/swee...r-ob-assets.cab O16 - DPF: Top Down Baseball Challenge by pogo - http://game1.pogo.com/applet-6.5.3.44/topd...down2-en_US.cab O16 - DPF: Tornado 21 - http://download.games.yahoo.com/games/clients/y/t21t0_x.cab O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.6.0.27/peaks/peaks-en_US.cab O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.5.3.44/jumb...umbee-en_US.cab O16 - DPF: Video Poker - http://download.games.yahoo.com/games/clients/y/vpt0_x.cab O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.5.2.26/vide...poker-en_US.cab O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.5.3.37/memo...ories-en_US.cab O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.0.48/whac...n-ob-assets.cab O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.2.30/word...g-ob-assets.cab O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.23/worl...s-ob-assets.cab O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab O16 - DPF: Yahoo! Dice - http://download.games.yahoo.com/games/clients/y/dct4_x.cab O16 - DPF: Yahoo! Klondike Solitaire - http://presence.games.yahoo.com/yog/y/ks12_x.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/as...trl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/as...trl/tgctlsr.cab O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/Activ...iveXClient1.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} - http://www.pcpitstop.com/pestscan/pestscan.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ftp...02/cpbrkpie.cab O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b327h/rnl/java/RntX.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax3313.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15021/CTPID.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  14. seems like its loading pages slow. im mostly concerend about using credit card and passwords.why would it disable taskmgr when i delete it (netspy keylogger) in pestpatrol? only time it wont find it is when i leave taskmgr disabled.
×
×
  • Create New...