Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack Log - PLEASE help me :)


  • Please log in to reply
6 replies to this topic

#1 graphixfae

graphixfae

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 01 March 2005 - 08:18 PM

Logfile of HijackThis v1.99.1
Scan saved at 8:06:41 PM, on 3/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\PROGRA~1\Toolbar\TBPSSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\System32\winupdt.exe
C:\WINDOWS\system32\Ydlnhn.exe
C:\Program Files\366z626l\366z626l.exe
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
C:\PROGRA~1\Toolbar\TBPS.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system\flgbepwar.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\America Online 9.0\waol.exe
C:\PROGRA~1\Toolbar\PIB.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
c:\PROGRA~1\Toolbar\radio.exe
C:\Program Files\Common Files\WinTools\WSup.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\America Online 9.0\aolwbspd.exe
C:\Program Files\366z626l\366z626l1\366z626l1.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\system32\nlstwh32.exe
C:\WINDOWS\system32\notgest.exe
C:\Program Files\CxtPls\CxtPls.exe
C:\DOCUME~1\April\LOCALS~1\Temp\Temporary Directory 1 for HijackThis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50220
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50220
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50220
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll
O2 - BHO: DLMaxObj Class - {00000000-59D4-4008-9058-080011001200} - C:\WINDOWS\dlmax.dll
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: (no name) - {017C20C1-F86F-11D8-9B25-000ACD002AE3} - C:\WINDOWS\Helper101.dll
O2 - BHO: (no name) - {23494621-EF93-49DA-AD85-F539DF674336} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {3927192E-C435-47BD-BB01-48F4D484ADE5} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {41414E18-33C1-49EE-82FB-F2D801617D58} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {46E62E9F-1F5A-4524-84B0-88DDB9066A3D} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: CAUN Object - {59F12660-2B92-4554-98F9-87295AD8A0CE} - C:\WINDOWS\System32\AUNBHO.dll
O2 - BHO: (no name) - {5A636315-047A-4E0F-8FAB-704F4070C1D3} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {7FE1FDAD-F982-4472-B82B-827E5B5874A5} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll
O2 - BHO: (no name) - {94A21090-B967-4451-9A57-F40F09531B60} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {9855C997-2FAE-4614-83EF-7C45A19677A1} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: SDWin32 Class - {A75A4F58-F7D2-4F5C-9B2E-6E24109E2E0A} - C:\WINDOWS\System32\wbmxt.dll
O2 - BHO: (no name) - {ABC3CD85-2160-4DDC-8B9A-5C62589BB2FC} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C26E51BD-082C-4E1A-9837-42EC4BC529EE} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C5331569-6EF5-4871-8514-8802A78508E4} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {CA778C4C-967D-4FA3-98F1-5CB577F66566} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {D9A69297-2FD7-4C93-A46C-1C67798D2E4F} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {DD78FD0A-42BF-4491-96F2-A29B403116C4} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {E9348FBB-DF21-496F-BAAB-DD3FDF7C282A} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {F42BFDD9-2DF4-4CF1-97AC-CAA6B581F344} - C:\Program Files\366z626l\366z626l.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\System32\winupdt.exe
O4 - HKLM\..\Run: [ebcluv] c:\windows\system32\ebcluv.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\Dxfhrg.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\system32\Ydlnhn.exe
O4 - HKLM\..\Run: [366z626l] C:\Program Files\366z626l\366z626l.exe
O4 - HKLM\..\Run: [wbmxtc] C:\WINDOWS\System32\wbmxtc.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [0F9g3FV] notgest.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Common Files\Adobe\ESD\AdobeDownloadManager.exe" restart=1
O4 - HKCU\..\Run: [HoqmRPZ9Q] nlstwh32.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.1.3.21/mahj...g-ob-assets.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup...p1/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6943CB0-E599-4D09-B385-14FBDD9A634D}: NameServer = 205.188.146.145
O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\aolserv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: WebSeach Toolbar support NT service (TBPSSvc) - Unknown owner - C:\PROGRA~1\Toolbar\TBPSSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 02 March 2005 - 05:42 PM

Please follow the steps posted here and then reboot and post a new log:

http://www.bleepingcomputer.com/forums/t/3275/how-to-remove-websearch-and-the-websearch-toolbar/

#3 graphixfae

graphixfae
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 02 March 2005 - 08:25 PM

Ok, I followed the steps, and here is the new log...

Logfile of HijackThis v1.99.1
Scan saved at 8:16:22 PM, on 3/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\system32\Dxfhrg.exe
C:\WINDOWS\system32\Ydlnhn.exe
C:\Program Files\366z626l\366z626l.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\system32\oskprop2.exe
C:\WINDOWS\system\flgbepwar.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\odfoex32.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\CxtPls\CxtPls.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\366z626l\366z626l1\366z626l1.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: (no name) - {017C20C1-F86F-11D8-9B25-000ACD002AE3} - C:\WINDOWS\Helper101.dll
O2 - BHO: (no name) - {23494621-EF93-49DA-AD85-F539DF674336} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {3927192E-C435-47BD-BB01-48F4D484ADE5} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {3EF243B4-8C78-4F21-B12A-58F4E283BFC0} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {41414E18-33C1-49EE-82FB-F2D801617D58} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {46E62E9F-1F5A-4524-84B0-88DDB9066A3D} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CAUN Object - {59F12660-2B92-4554-98F9-87295AD8A0CE} - C:\WINDOWS\System32\AUNBHO.dll
O2 - BHO: (no name) - {5A636315-047A-4E0F-8FAB-704F4070C1D3} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {7FE1FDAD-F982-4472-B82B-827E5B5874A5} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {94A21090-B967-4451-9A57-F40F09531B60} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {9855C997-2FAE-4614-83EF-7C45A19677A1} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {9A2F68C5-B80B-4C99-91A7-10DAA173EB1C} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: SDWin32 Class - {A75A4F58-F7D2-4F5C-9B2E-6E24109E2E0A} - C:\WINDOWS\System32\wbmxt.dll
O2 - BHO: (no name) - {ABC3CD85-2160-4DDC-8B9A-5C62589BB2FC} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C26E51BD-082C-4E1A-9837-42EC4BC529EE} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C4A67A84-B7AA-4549-ADBB-959EC8089CB9} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C5331569-6EF5-4871-8514-8802A78508E4} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {CA778C4C-967D-4FA3-98F1-5CB577F66566} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {D9A69297-2FD7-4C93-A46C-1C67798D2E4F} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {DD78FD0A-42BF-4491-96F2-A29B403116C4} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {E9348FBB-DF21-496F-BAAB-DD3FDF7C282A} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {F42BFDD9-2DF4-4CF1-97AC-CAA6B581F344} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {FD24602F-64F2-4B98-B74C-BD5D97A0CF26} - C:\Program Files\366z626l\366z626l.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [ebcluv] c:\windows\system32\ebcluv.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\Dxfhrg.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\system32\Ydlnhn.exe
O4 - HKLM\..\Run: [366z626l] C:\Program Files\366z626l\366z626l.exe
O4 - HKLM\..\Run: [wbmxtc] C:\WINDOWS\System32\wbmxtc.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM\..\Run: [saie] c:\windows\system32\saie.exe
O4 - HKLM\..\Run: [olub] C:\WINDOWS\olub.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [0F9g3FV] oskprop2.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Common Files\Adobe\ESD\AdobeDownloadManager.exe" restart=1
O4 - HKCU\..\Run: [HoqmRPZ9Q] odfoex32.exe
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup...p1/imloader.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\aolserv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 02 March 2005 - 09:34 PM

Click on start, settings, control panel and double-click on add/remove programs. From with add/remove program uninstall the following if they exist:

SurfSidekick2


Print out these instructions and then close all windows including Internet Explorer.

Then I want you to fix some of those entries. Please do the following:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button:

R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: (no name) - {017C20C1-F86F-11D8-9B25-000ACD002AE3} - C:\WINDOWS\Helper101.dll
O2 - BHO: (no name) - {23494621-EF93-49DA-AD85-F539DF674336} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {3927192E-C435-47BD-BB01-48F4D484ADE5} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {3EF243B4-8C78-4F21-B12A-58F4E283BFC0} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {41414E18-33C1-49EE-82FB-F2D801617D58} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {46E62E9F-1F5A-4524-84B0-88DDB9066A3D} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: CAUN Object - {59F12660-2B92-4554-98F9-87295AD8A0CE} - C:\WINDOWS\System32\AUNBHO.dll
O2 - BHO: (no name) - {5A636315-047A-4E0F-8FAB-704F4070C1D3} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {7FE1FDAD-F982-4472-B82B-827E5B5874A5} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {94A21090-B967-4451-9A57-F40F09531B60} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {9855C997-2FAE-4614-83EF-7C45A19677A1} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {9A2F68C5-B80B-4C99-91A7-10DAA173EB1C} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: SDWin32 Class - {A75A4F58-F7D2-4F5C-9B2E-6E24109E2E0A} - C:\WINDOWS\System32\wbmxt.dll
O2 - BHO: (no name) - {ABC3CD85-2160-4DDC-8B9A-5C62589BB2FC} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C26E51BD-082C-4E1A-9837-42EC4BC529EE} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C4A67A84-B7AA-4549-ADBB-959EC8089CB9} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {C5331569-6EF5-4871-8514-8802A78508E4} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {CA778C4C-967D-4FA3-98F1-5CB577F66566} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {D9A69297-2FD7-4C93-A46C-1C67798D2E4F} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {DD78FD0A-42BF-4491-96F2-A29B403116C4} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {E9348FBB-DF21-496F-BAAB-DD3FDF7C282A} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {F42BFDD9-2DF4-4CF1-97AC-CAA6B581F344} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {FD24602F-64F2-4B98-B74C-BD5D97A0CF26} - C:\Program Files\366z626l\366z626l.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [ebcluv] c:\windows\system32\ebcluv.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\Dxfhrg.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\system32\Ydlnhn.exe
O4 - HKLM\..\Run: [366z626l] C:\Program Files\366z626l\366z626l.exe
O4 - HKLM\..\Run: [wbmxtc] C:\WINDOWS\System32\wbmxtc.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM\..\Run: [saie] c:\windows\system32\saie.exe
O4 - HKLM\..\Run: [olub] C:\WINDOWS\olub.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [0F9g3FV] oskprop2.exe
O4 - HKCU\..\Run: [HoqmRPZ9Q] odfoex32.exe
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe

Reboot your computer into Safe Mode

Then delete these files or directories (Do not be concerned if they do not exist)

C:\Program Files\MySearch\
C:\Program Files\CxtPls\
C:\WINDOWS\Helper101.dll
C:\WINDOWS\System32\AUNBHO.dll
C:\WINDOWS\System32\wbmxt.dll
C:\Program Files\366z626l\
c:\windows\system32\ebcluv.exe
C:\WINDOWS\system32\Dxfhrg.exe
C:\WINDOWS\system32\Ydlnhn.exe
C:\Program Files\366z626l\
C:\WINDOWS\System32\wbmxtc.exe
C:\WINDOWS\farmmext.exe
c:\windows\system32\saie.exe
C:\WINDOWS\olub.exe
C:\Program Files\AutoUpdate\
c:\windows\system32\oskprop2.exe
c:\windows\system32\odfoex32.exe
C:\Program Files\SurfSideKick 2\

Reboot your computer to go back to normal mode and post a new log.

#5 graphixfae

graphixfae
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 03 March 2005 - 06:54 PM

Ok, I followed your instructions and here's is the newest log... (by the way, thank you so much for your time!)

Logfile of HijackThis v1.99.1
Scan saved at 6:49:12 PM, on 3/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system\flgbepwar.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\America Online 9.0\aoltray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {85E81897-8AA2-4B6A-B450-65A6C8EE9D7C} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {DEC8A467-95C5-4530-BCFA-327F3C53C2D1} - C:\Program Files\366z626l\366z626l.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Common Files\Adobe\ESD\AdobeDownloadManager.exe" restart=1
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup...p1/imloader.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\aolserv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 04 March 2005 - 12:37 AM

Fix these:

O2 - BHO: (no name) - {85E81897-8AA2-4B6A-B450-65A6C8EE9D7C} - C:\Program Files\366z626l\366z626l.dll
O2 - BHO: (no name) - {DEC8A467-95C5-4530-BCFA-327F3C53C2D1} - C:\Program Files\366z626l\366z626l.dll

Reboot and post a ne wlog

#7 graphixfae

graphixfae
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 04 March 2005 - 01:16 AM

new log:

Logfile of HijackThis v1.99.1
Scan saved at 1:15:30 AM, on 3/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system\flgbepwar.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\PROGRA~1\COMMON~1\AOL\110989~1\EE\AOLHOS~1.EXE
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\PROGRA~1\COMMON~1\AOL\110989~1\EE\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1109899060\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Common Files\Adobe\ESD\AdobeDownloadManager.exe" restart=1
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup...p1/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6943CB0-E599-4D09-B385-14FBDD9A634D}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\aolserv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users