View Full Version : Hijack This Log. Can someone please review.Thanks
mahadevi551
12-18-2006, 03:07 PM
Logfile of HijackThis v1.99.1
Scan saved at 11:34:32 AM, on 12/18/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\eBLVD\ebhost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\WinAntiSpyware 2006 Free\was6.exe
C:\Program Files\WinAntiSpyware 2006 Free\uwas6cw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
C:\Program Files\WinAntiSpyware 2006 Free\uwasffNT.exe
C:\Program Files\Adobe\Acrobat 5.0\Acrobat\Acrobat.exe
C:\Program Files\Common Files\Adobe\Web\AOM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Scene Genesis\SceneAccess Client\SceneAccess1-2-3.exe
C:\mitchell\aces\ESTIMATE.EXE
C:\Program Files\Scene Genesis\SceneAccess Client\SceneAccess1-2-3.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centralappraisalservice.com/ats/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinAntiSpyware 2006 Free] "C:\Program Files\WinAntiSpyware 2006 Free\was6.exe" /min
O4 - HKLM\..\Run: [DC6_Check] "C:\Program Files\Common Files\WinAntiSpyware 2006 Free\uwasdc.exe"
O4 - HKLM\..\Run: [ERS_Check] "C:\Program Files\Common Files\WinAntiSpyware 2006 Free\uwasers.exe"
O4 - HKLM\..\Run: [uwas6cw] "C:\Program Files\WinAntiSpyware 2006 Free\uwas6cw.exe" -c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe
O4 - Startup: PaperMaster Live Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
O4 - Startup: PaperMaster Tray Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - [url]http://wwws.musicmatch.com/mmz/openWebRadio.html[/url] (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: [url]http://*.centralappraisalservice.com[/url]
O15 - Trusted Zone: *.claimforce.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - [url]http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[/url]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - [url]https://www.claimsmanager.adpclaims.com/ComponentDownload/isetup.cab[/url]
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - [url]https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx[/url]
O16 - DPF: {C5432542-213E-4513-9093-F2A538D2916B} (PCSecureUpload.DirTree) - [url]http://www.processclaims.com/dll/PCSecureUpload.CAB[/url]
O16 - DPF: {DE21B5EC-C60D-42E7-B282-F3541DB0AD40} (FileSystem.FolderPath) - [url]http://www.processclaims.com/dll/FileSystem.CAB[/url]
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - [url]http://www.processclaims.com/dll/ikcntrls.cab[/url]
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: eBLVD - ENC - C:\Program Files\eBLVD\ebhost.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\System32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\System32\hpboid.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
What problems are you having?
mahadevi551
12-18-2006, 03:19 PM
IE keeps shutting down with an error message.Unfortunately, I don't have that in front of me. Or I open up a couple of windows and they will all close with no reason given. Someone accepted the "Download WinAntiSpyware 2006" on this computer now I have a crazy number of irritating pop ups. I have run Ad Aware SE and everything else (spyware, adware, etc..) was removed/quaratined. Unable to remove WinAntiSpyware. I found a link thru Google that suggested downloading Microsoft Windows Defender. Will this help?
classicsoftware
12-18-2006, 05:05 PM
Please download SmitfraudFix (http://siri.urz.free.fr/Fix/SmitfraudFix.zip) (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm (http://www.beyondlogic.org/consulting/processutil/processutil.htm)]
Post a new HJT log, the Smitfruad log and tell us how the system is running
Budfred
12-18-2006, 07:16 PM
Also, please run the free BitDefender virus scan from here...
http://www.bitdefender.com.sg/PRODUCT-14-sg--BitDefender-8-Free-Edition.html
mahadevi551
12-19-2006, 01:33 PM
Computer is running the same. Still keep receiving the WinAntiSpyware alert windows.
SmitFraudFix v2.131
Scan done at 10:12:09.17, Tue 12/19/2006
Run from C:\Documents and Settings\Office\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Office
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Office\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Office\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
mahadevi551
12-19-2006, 01:34 PM
Logfile of HijackThis v1.99.1
Scan saved at 10:30:37 AM, on 12/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\eBLVD\ebhost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\WinAntiSpyware 2006 Free\was6.exe
C:\Program Files\WinAntiSpyware 2006 Free\uwas6cw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 5.0\Acrobat\Acrobat.exe
C:\Program Files\Common Files\Adobe\Web\AOM.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\software downloads\bitdefender_free_v8.exe
C:\DOCUME~1\Office\LOCALS~1\Temp\IXP000.TMP\Setup. Exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\Installer\MSIF8.tmp
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdc.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centralappraisalservice.com/ats/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinAntiSpyware 2006 Free] "C:\Program Files\WinAntiSpyware 2006 Free\was6.exe" /min
O4 - HKLM\..\Run: [DC6_Check] "C:\Program Files\Common Files\WinAntiSpyware 2006 Free\uwasdc.exe"
O4 - HKLM\..\Run: [ERS_Check] "C:\Program Files\Common Files\WinAntiSpyware 2006 Free\uwasers.exe"
O4 - HKLM\..\Run: [uwas6cw] "C:\Program Files\WinAntiSpyware 2006 Free\uwas6cw.exe" -c
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender8\bdswitch.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Office\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - Startup: PaperMaster Live Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
O4 - Startup: PaperMaster Tray Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - [url]http://wwws.musicmatch.com/mmz/openWebRadio.html[/url] (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: [url]http://*.centralappraisalservice.com[/url]
O15 - Trusted Zone: *.claimforce.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - [url]http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[/url]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - [url]https://www.claimsmanager.adpclaims.com/ComponentDownload/isetup.cab[/url]
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - [url]https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx[/url]
O16 - DPF: {C5432542-213E-4513-9093-F2A538D2916B} (PCSecureUpload.DirTree) - [url]http://www.processclaims.com/dll/PCSecureUpload.CAB[/url]
O16 - DPF: {DE21B5EC-C60D-42E7-B282-F3541DB0AD40} (FileSystem.FolderPath) - [url]http://www.processclaims.com/dll/FileSystem.CAB[/url]
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - [url]http://www.processclaims.com/dll/ikcntrls.cab[/url]
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: eBLVD - ENC - C:\Program Files\eBLVD\ebhost.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\System32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\System32\hpboid.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
mahadevi551
12-19-2006, 05:12 PM
My browsers are still closing down, but this error message pops up:
The instruction at "0x7c901010" referenced memory at "0x00000014"
The memory couldnt be read.
Click OK to terminate program
Click Cancel to debug program.
What does this mean?
classicsoftware
12-19-2006, 11:29 PM
Try to uninstall the Winantivirus from Ad/remove programs....
If it does not work or it is not there then open Hijackthis and place a check next to:
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [WinAntiSpyware 2006 Free] "C:\Program Files\WinAntiSpyware 2006 Free\was6.exe" /min
O4 - HKLM\..\Run: [DC6_Check] "C:\Program Files\Common Files\WinAntiSpyware 2006 Free\uwasdc.exe"
O4 - HKLM\..\Run: [ERS_Check] "C:\Program Files\Common Files\WinAntiSpyware 2006 Free\uwasers.exe"
O4 - HKLM\..\Run: [uwas6cw] "C:\Program Files\WinAntiSpyware 2006 Free\uwas6cw.exe" -c
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
Unless you are sure about this I woiuld also remove it.
O23 - Service: eBLVD - ENC - C:\Program Files\eBLVD\ebhost.exe
Close all open program and browser windows and click fix checked.
Budfred
12-19-2006, 11:33 PM
Also, I am guessing that you didn't run the BitDefender scan I asked you to run... Please report on that...
mahadevi551
12-21-2006, 12:56 PM
I did run BitDefender. Then I ran HJT again because I couldnt find the lines that I was told to select and delete. So here is my new HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 9:19:40 AM, on 12/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\eBLVD\ebhost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centralappraisalservice.com/ats/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: BhoApp Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\Program Files\WinBudget\bin\matrix.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - Startup: PaperMaster Live Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
O4 - Startup: PaperMaster Tray Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.centralappraisalservice.com
O15 - Trusted Zone: *.claimforce.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - https://www.claimsmanager.adpclaims.com/ComponentDownload/isetup.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {C5432542-213E-4513-9093-F2A538D2916B} (PCSecureUpload.DirTree) - http://www.processclaims.com/dll/PCSecureUpload.CAB
O16 - DPF: {DE21B5EC-C60D-42E7-B282-F3541DB0AD40} (FileSystem.FolderPath) - http://www.processclaims.com/dll/FileSystem.CAB
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - http://www.processclaims.com/dll/ikcntrls.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: eBLVD - ENC - C:\Program Files\eBLVD\ebhost.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\System32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\System32\hpboid.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
mahadevi551
12-21-2006, 01:10 PM
I can't post this as it includes too many characters. Is there another, shorter report to post?
I can't post this as it includes too many characters. Is there another, shorter report to post?
Break it up over two or more posts...
mahadevi551
12-21-2006, 02:05 PM
//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 21/12/2006 09:33:59
//
//-----------------------------------------------------------------
Statistics
Scan path : C:\WINDOWS\system32\
Folders : 215
Files : 6683
Archives : 32
Packed files : 263
Identified viruses : 0
Infected files : 0
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 0
Renamed files : 0
I/O errors : 12
Scan time : 00:06:14
Scan speed (files/sec) : 17
Virus definitions : 355330
Scan plugins : 14
Archive plugins : 38
Unpack plugins : 6
Mail plugins : 6
System plugins : 1
Scan options
Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user
Scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report
Scanned files
C:\=>Master Boot Record OK
C:\=>Primary partition 1 OK
C:\=>Primary partition 2 (Active) OK
C:\=>Primary partition 3 OK
C:\WINDOWS\system32\$NCSP$.INF OK
C:\WINDOWS\system32\$WINNT$.INF OK
C:\WINDOWS\system32\1033\DWINTL.DLL OK
C:\WINDOWS\system32\12520437.cpx OK
C:\WINDOWS\system32\12520850.cpx OK
C:\WINDOWS\system32\6to4svc.dll OK
C:\WINDOWS\system32\a3d.dll OK
C:\WINDOWS\system32\AAAAMON.DLL OK
C:\WINDOWS\system32\access.cpl OK
C:\WINDOWS\system32\ACCTRES.DLL OK
C:\WINDOWS\system32\accwiz.exe OK
C:\WINDOWS\system32\ACELPDEC.AX OK
C:\WINDOWS\system32\ACFPDF.dll OK
C:\WINDOWS\system32\ACFPDF.drv OK
C:\WINDOWS\system32\ACFPDF.txt OK
C:\WINDOWS\system32\ACFPDFUI.dll OK
C:\WINDOWS\system32\ACLEDIT.DLL OK
C:\WINDOWS\system32\aclui.dll OK
C:\WINDOWS\system32\activeds.dll OK
C:\WINDOWS\system32\ACTIVEDS.TLB OK
C:\WINDOWS\system32\actmovie.exe OK
C:\WINDOWS\system32\actxprxy.dll OK
C:\WINDOWS\system32\adistres.dll OK
C:\WINDOWS\system32\admparse.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\ACELite.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\AGM.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\Bib.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\CoolType.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\NPSVGVw.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\ReadMe.html OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVG Viewer License.txt OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGAbout.svg OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGControl.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGHelp.html OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGRSRC.DLL OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGView.dll OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.dict OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.dict=>(unicode) OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.ini OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/SVGViewer.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Attr.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/CDATASection.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/CharacterData.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Comment.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Document.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DocumentFragment.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DocumentType.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DOMException.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DOMImplementation.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Element.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Entity.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/EntityReference.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/NamedNodeMap.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Node.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/NodeList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Notation.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/ProcessingInstruction.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Text.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/Counter.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSS2Properties.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSCharsetRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSFontFaceRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSImportRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSMediaRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSPageRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSPrimitiveValue.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSRuleList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSStyleDeclaration.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSStyleRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSStyleSheet.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSUnknownRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSValue.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSValueList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/DocumentCSS.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/DOMImplementationCSS.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/ElementCSSInlineStyle.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/Rect.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/RGBColor.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/ViewCSS.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/DocumentEvent.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/Event.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/EventException.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/EventListener.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/EventTarget.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/MouseEvent.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/UIEvent.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/smil/ElementTimeControl.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/DocumentStyle.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/LinkStyle.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/MediaList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/StyleSheet.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/StyleSheetList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/views/AbstractView.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/views/DocumentView.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/GetSVGDocument.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAltGlyphDefElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAltGlyphElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAltGlyphItemElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAngle.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateColorElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedAngle.class OK
mahadevi551
12-21-2006, 02:08 PM
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedBoolean.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedEnumeration.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedInteger.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedLength.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedLengthList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedNumber.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedNumberList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedPathData.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedPoints.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedPreserveAspectRatio.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedRect.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedString.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedTransformList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateMotionElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateTransformElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimationElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGCircleElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGClipPathElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGColor.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGColorProfileElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGColorProfileRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGComponentTransferFunctionElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGCSSRule.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGCursorElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDefinitionSrcElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDefsElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDescElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDocument.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGElementInstance.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGElementInstanceList.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGEllipseElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGEvent.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGException.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGExternalResourcesRequired.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEBlendElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEColorMatrixElement.class OK
C:\WINDOWS\system32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEComponentTransferElement.class OK
Skip the scanned files part...
mahadevi551
12-21-2006, 03:17 PM
When I looked through the whole report from BitDefender I didn't see anything else besides Scanned files. Maybe I'm in the wrong place?
Budfred
12-21-2006, 04:41 PM
If you can't find the BitDefender log, just post an updated HJT log after a reboot so we can see if the garbage is still there... Also, report on how the computer is running...
mahadevi551
12-21-2006, 05:18 PM
Logfile of HijackThis v1.99.1
Scan saved at 2:17:17 PM, on 12/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\eBLVD\ebhost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\WINDOWS\system32\wuauclt.exe
c:\program files\internet explorer\iexplore.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
C:\Program Files\HijackThis.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centralappraisalservice.com/ats/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 0.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - Startup: PaperMaster Live Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GDllCmd.exe
O4 - Startup: PaperMaster Tray Menu 7.0.lnk = C:\Program Files\PAPERMASTER PRO 7.0\J2GTray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: [url]http://*.centralappraisalservice.com[/url]
O15 - Trusted Zone: *.claimforce.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - [url]http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[/url]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - [url]https://www.claimsmanager.adpclaims.com/ComponentDownload/isetup.cab[/url]
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - [url]https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx[/url]
O16 - DPF: {C0A63B86-4B21-11D3-BD95-D426EF2C7949} (:-) VideoSoft FlexGrid 7.0 (Light)) - [url]http://processclaims.com/dll/vsflex7L.cab[/url]
O16 - DPF: {C5432542-213E-4513-9093-F2A538D2916B} (PCSecureUpload.DirTree) - [url]http://www.processclaims.com/dll/PCSecureUpload.CAB[/url]
O16 - DPF: {DE21B5EC-C60D-42E7-B282-F3541DB0AD40} (FileSystem.FolderPath) - [url]http://www.processclaims.com/dll/FileSystem.CAB[/url]
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - [url]http://www.processclaims.com/dll/ikcntrls.cab[/url]
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: eBLVD - ENC - C:\Program Files\eBLVD\ebhost.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\System32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\System32\hpboid.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
vBulletin v3.6.1, Copyright ©2000-2012, Jelsoft Enterprises Ltd.