bobbynichols Posted April 19, 2006 Report Share Posted April 19, 2006 I've been having bugs for some time. My wife used to go online for free slot play before she got her own 'puter, but for the most part we have practiced safe internet surfing. I've been using/used: a-squared/AdAware/Spybot/AVG/ZoneAlarm(all free versions) for years. Spybot has not worked for me for some time, however... even after numerous uninstalls and reinstalls.I've been diligent to keep all the proggies updated and run frequently and have basically just put up with poor performance for quite some time. Problems include:1) Taskbar bug - where if I load Outlook Express and read/write my mail my Earthlink icon in the Taskbar disappears when I hover over it (maybe a feature and not a bug?). 2) Problems with shutting down (the screen will say Windows is shutting down but just hangs and never does shut down by itself), 3) more than the usual crashes and bluescreens and such (I would expect Windows to "urp" only once a session before the bugs got out of hand), 4) other misc. bugs that I can't recall at this time.Your help would be appreciated and I thank you in advance for any that take their time to help.My log: (I've added some spaces between the entries to make the log more easily ledgible)Logfile of HijackThis v1.93.0Scan saved at 3:13:48 AM, on 4/19/06Platform: Windows 98 SE (Win9x 4.10.2222A)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://start.earthlink.net/AL/SearchR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://start.earthlink.netR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://start.earthlink.netR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://www.earthlink.net/partner/more/msie/button/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.earthlink.net/partner/more/msie/button/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://start.earthlink.net/AL/SearchR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=Microsoft Internet Explorer provided by EarthLinkR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer=http=localhost:8081R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - c:\Program Files\EarthLink TotalAccess\ElnIE.dllR3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLLO2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLLO2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - c:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dllO2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: EarthLink PopUp Blocker V2 - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\ELNKPUB.DLLO2 - BHO: EarthLink ScamBlocker V2 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\ESCAMBLK.DLLO2 - BHO: Earthlink Protection BHO - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\PROTCTIE.DLLO2 - BHO: Uninstall Legacy Earthlink Toolbar - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\UNINSTTB.DLLO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCXO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLLO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorunO4 - HKLM\..\Run: [systemTray] SysTray.ExeO4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM\..\Run: [sO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXEO4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startupO4 - HKLM\..\Run: [DLF_00000900] C:\WINDOWS\SYSTEM\Vcdlf1.exe /cO4 - HKLM\..\Run: [EnsoniqMixer] starter.exeO4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUpO4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [PicasaNet] "C:\Program Files\Hello\Hello.exe" -bO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUPO4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXEO4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXEO4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottimeO4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXEO4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeO4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM\..\RunServices: [sO5 Integrator Pass One] C:\WINDOWS\SOINTGR.EXEO4 - HKLM\..\RunServices: [sAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeO4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -serviceO4 - HKLM\..\RunServices: [MiniLog] C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -serviceO4 - HKLM\..\RunServices: [schedulingAgent] mstask.exeO4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXEO4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe /backgroundO4 - HKCU\..\Run: [LeechGet] "C:\Program Files\LeechGet 2004\LeechGet.exe" -intrayO4 - HKCU\..\Run: [update Service] "C:\Program Files\Common Files\Teknum Systems\update.exe" /startupO4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exeO4 - HKCU\..\Run: [E6TaskPanel] "C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE" -winstartO4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBootO4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXEO4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeO4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exeO4 - Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpobnz08.exeO4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exeO4 - Startup: APO Usb Autorun.lnk = C:\Program Files\APO\Usb Autorun\usb_autorun.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: Download using LeechGet Wizard - file://C:\PROGRAM FILES\LEECHGET 2004\\Wizard.htmlO8 - Extra context menu item: Download using LeechGet - file://C:\PROGRAM FILES\LEECHGET 2004\\AddUrl.htmlO8 - Extra context menu item: Parse with LeechGet - file://C:\PROGRAM FILES\LEECHGET 2004\\Parser.htmlO8 - Extra context menu item: &Dictionary - http://files.db3nf.com/scripts/ie.htmO8 - Extra context menu item: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htmO8 - Extra context menu item: Check &Spelling - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLCHECK.HTMO8 - Extra context menu item: &ieSpell Options - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLOPTION.HTMO8 - Extra context menu item: Get siteinfo data (fsc) - C:\Program Files\EMS Free Surfer Companion\fslauncher.htmO8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.htmlO8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.htmlO8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.htmlO8 - Extra context menu item: EarthLink Google Search - res://C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\SEARCHUI.DLL/search.htmlO8 - Extra context menu item: Refresh Pa≥ with Full Quality - c:\Program Files\EarthLink TotalAccess\Accelerator\\pac-page.htmlO8 - Extra context menu item: Refresh Pi&cture with Full Quality - c:\Program Files\EarthLink TotalAccess\Accelerator\\pac-image.htmlO9 - Extra button: Messenger (HKLM)O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)O9 - Extra button: ieSpell (HKLM)O9 - Extra 'Tools' menuitem: ieSpell (HKLM)O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM)O9 - Extra button: Free Surfer (HKLM)O9 - Extra 'Tools' menuitem: Free Surfer (HKLM)O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)O10 - Unknown file in Winsock LSP: c:\program files\earthlink totalaccess\accelerator\prplsf.dllO12 - Plugin for .wma: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npdsplay.dllO12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dllO12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dllO15 - Trusted Zone: http://free.aol.comO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/shock...ash/swflash.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2002060...all/xscan53.cabO16 - DPF: {1DEFB8C0-22A7-4E58-B735-43A169CDA2AB} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CABO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7863.9060648148O16 - DPF: {78960E0E-0B0C-11D4-8997-00104BD12D94} (AV Class) - http://www.pcpitstop.com/antivirus/PCPAV.CABO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CABO16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstall...dia/zoomviewer/O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers...ll/pinstall.cabO16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotion...ctor/WebSWK.cabO16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cabO16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cabO16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37380.cab Link to post Share on other sites
jwbirdsong Posted April 19, 2006 Report Share Posted April 19, 2006 Your HijackThis version is WAYYYY out dated. Please download HijackThis version 1.99.1 from HERE and make sure to unzip and to it's own, permanent folder. To run HijackThis click Scan and then Save log, Post the new log in a reply to this thread. I would be happy to take a look at it. Link to post Share on other sites
bobbynichols Posted April 19, 2006 Author Report Share Posted April 19, 2006 My bad... Thank you for your response... Here's the new scan:Logfile of HijackThis v1.99.1Scan saved at 3:35:19 PM, on 4/19/06Platform: Windows 98 SE (Win9x 4.10.2222A)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\SOINTGR.EXEC:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXEC:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXEC:\WINDOWS\SYSTEM\MSTASK.EXEc:\windows\SYSTEM\KB891711\KB891711.EXEC:\WINDOWS\EXPLORER.EXEC:\WINDOWS\SYSTEM\RPCSS.EXEC:\WINDOWS\SYSTEM\SYSTRAY.EXEC:\WINDOWS\SYSTEM\VCDLF1.EXEC:\PROGRAM FILES\AHEAD\INCD\INCD.EXEC:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXEC:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXEC:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXEC:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXEC:\WINDOWS\SYSTEM\QTTASK.EXEC:\WINDOWS\SYSTEM\STIMON.EXEC:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXEC:\PROGRAM FILES\MESSENGER\MSMSGS.EXEC:\PROGRAM FILES\LEECHGET 2004\LEECHGET.EXEC:\PROGRAM FILES\ATNOTES\ATNOTES.EXEC:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXEC:\PROGRAM FILES\WINZIP\WZQKPICK.EXEC:\PROGRAM FILES\CALLWAVE\IAM.EXEC:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXEC:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOBNZ08.EXEC:\WINDOWS\SYSTEM\WMIEXE.EXEC:\PROGRAM FILES\APO\USB AUTORUN\USB_AUTORUN.EXEC:\PROGRAM FILES\OPENOFFICE.ORG 2.0\PROGRAM\SOFFICE.EXEC:\WINDOWS\SYSTEM\SPOOL32.EXEC:\PROGRAM FILES\OPENOFFICE.ORG 2.0\PROGRAM\SOFFICE.BINC:\WINDOWS\SYSTEM\TAPISRV.EXEC:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXEC:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXEC:\WINDOWS\SYSTEM\HPZIPM12.EXEC:\WINDOWS\SYSTEM\RNAAPP.EXEC:\PROGRAM FILES\EARTHLINK TOTALACCESS\FASTLANE\IPCLIENT.EXEC:\PROGRAM FILES\EARTHLINK TOTALACCESS\ACCELERATOR\ELINKACC.EXEC:\PROGRAM FILES\WINZIP\WINZIP32.EXEC:\HIJACKTHIS\HIJACKTHIS.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.netR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.earthlink.net/AL/SearchR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.netR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie...ton/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.earthlink.net/AL/SearchR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by EarthLinkR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8081R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - c:\Program Files\EarthLink TotalAccess\ElnIE.dllR3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLLO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLLO2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - c:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: EarthLink PopUp Blocker V2 - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\ELNKPUB.DLLO2 - BHO: EarthLink ScamBlocker V2 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\ESCAMBLK.DLLO2 - BHO: Earthlink Protection BHO - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\PROTCTIE.DLLO2 - BHO: Uninstall Legacy Earthlink Toolbar - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\UNINSTTB.DLLO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCXO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLLO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\TOOLBAR.DLLO4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorunO4 - HKLM\..\Run: [systemTray] SysTray.ExeO4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM\..\Run: [sO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXEO4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startupO4 - HKLM\..\Run: [DLF_00000900] C:\WINDOWS\SYSTEM\Vcdlf1.exe /cO4 - HKLM\..\Run: [EnsoniqMixer] starter.exeO4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUpO4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [PicasaNet] "C:\Program Files\Hello\Hello.exe" -bO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUPO4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXEO4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXEO4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottimeO4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXEO4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeO4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM\..\RunServices: [sO5 Integrator Pass One] C:\WINDOWS\SOINTGR.EXEO4 - HKLM\..\RunServices: [sAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeO4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -serviceO4 - HKLM\..\RunServices: [MiniLog] C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -serviceO4 - HKLM\..\RunServices: [schedulingAgent] mstask.exeO4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXEO4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe /backgroundO4 - HKCU\..\Run: [LeechGet] "C:\Program Files\LeechGet 2004\LeechGet.exe" -intrayO4 - HKCU\..\Run: [update Service] "C:\Program Files\Common Files\Teknum Systems\update.exe" /startupO4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exeO4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBootO4 - HKCU\..\Run: [E6TaskPanel] "C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE" -winstartO4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXEO4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeO4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exeO4 - Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpobnz08.exeO4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exeO4 - Startup: APO Usb Autorun.lnk = C:\Program Files\APO\Usb Autorun\usb_autorun.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: Download using LeechGet Wizard - file://C:\PROGRAM FILES\LEECHGET 2004\\Wizard.htmlO8 - Extra context menu item: Download using LeechGet - file://C:\PROGRAM FILES\LEECHGET 2004\\AddUrl.htmlO8 - Extra context menu item: Parse with LeechGet - file://C:\PROGRAM FILES\LEECHGET 2004\\Parser.htmlO8 - Extra context menu item: &Dictionary - http://files.db3nf.com/scripts/ie.htmO8 - Extra context menu item: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htmO8 - Extra context menu item: Check &Spelling - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLCHECK.HTMO8 - Extra context menu item: &ieSpell Options - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLOPTION.HTMO8 - Extra context menu item: Get siteinfo data (fsc) - C:\Program Files\EMS Free Surfer Companion\fslauncher.htmO8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.htmlO8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.htmlO8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.htmlO8 - Extra context menu item: EarthLink Google Search - res://C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TOOLBAR\SEARCHUI.DLL/search.htmlO8 - Extra context menu item: Refresh Pa≥ with Full Quality - c:\Program Files\EarthLink TotalAccess\Accelerator\\pac-page.htmlO8 - Extra context menu item: Refresh Pi&cture with Full Quality - c:\Program Files\EarthLink TotalAccess\Accelerator\\pac-image.htmlO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLLO9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLLO9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLLO9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLLO9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exeO9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLLO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLLO12 - Plugin for .wma: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npdsplay.dllO12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dllO12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dllO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2002060...all/xscan53.cabO16 - DPF: {1DEFB8C0-22A7-4E58-B735-43A169CDA2AB} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CABO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {78960E0E-0B0C-11D4-8997-00104BD12D94} (AV Class) - http://www.pcpitstop.com/antivirus/PCPAV.CABO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CABO16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstall...dia/zoomviewer/O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers...ll/pinstall.cabO16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotion...ctor/WebSWK.cabO16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cabO16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cabO16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37380.cab Link to post Share on other sites
jwbirdsong Posted April 26, 2006 Report Share Posted April 26, 2006 bobbynicholsI am wayyy sorry you have set for several day with out a response...I guess i never received a noticed of your reply..If you still need assistance please post an updated HijackThis log.Again, I am truly sorry for the delay Link to post Share on other sites
jwbirdsong Posted May 14, 2006 Report Share Posted May 14, 2006 Inactive topic...If you still need help on this problem, contact me or one of the Moderators to re-open this up.Topic closed. Link to post Share on other sites
Recommended Posts