1
   

Plagued by Search2Web

Forums: Computers
Email this Topic Print this Page
 
 
kcalder
 
Reply Sat 26 Mar, 2005 03:38 am
Hi,

I have read other posts on this subject as I am plagued with this demonic invention (and possibly others) and cannot get rid of it/them. So far I have tried quite a few adware removers and currently have SpySweeper installed (which seems to routinely ignore the problem). In the session while posting this, I have run lopremover and have obtained SilentRunner and HJT logs as below.

All help gratefully received!

"Silent Runners.vbs", revision 33, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Window Washer" = "C:\Program Files\Webroot\Washer\wwDisp.exe" ["Webroot Software"]
"ctfmon.exe" = "D:\WINDOWS\System32\ctfmon.exe" [MS]
"H/PC Connection Agent" = ""D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"" [MS]
"SpySweeper" = ""D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0" ["Webroot Software, Inc."]
"Steam" = ""d:\program files\valve\steam\steam.exe" -silent" ["Valve Corporation"]

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
"CTStartup" = ""D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /play" ["Creative Technology Ltd."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTStartup" = ""D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run" ["Creative Technology Ltd."]
"UpdReg" = "D:\WINDOWS\UpdReg.EXE" ["Creative Technology Ltd."]
"SBDrvDet" = "D:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r" ["Creative Technology Ltd"]
"CTHelper" = "CTHELPER.EXE" ["Creative Technology Ltd"]
"AsioReg" = "REGSVR32.EXE /S CTASIO.DLL" [MS]
"ATIPTA" = "D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"CTSysVol" = "D:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" ["Creative Technology Ltd"]
"Zone Labs Client" = ""D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs LLC"]
"SunJavaUpdateSched" = "D:\Program Files\Java\jre1.5.0_01\bin\jusched.exe" ["Sun Microsystems, Inc."]
"Easy-PrintToolBox" = "D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon" ["CANON INC."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{00000000-6C30-11D8-9363-000AE6309654}\(Default) = "SuperAdBlockerBHO Class"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Super Ad Blocker\SABBHO.DLL" [file not found]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{601ED020-FB6C-11D3-87D8-0050DA59922B}\(Default) = "Ipswitch.WsftpBrowserHelper"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\WS_FTP Pro\wsbho2k0.dll" ["Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA"]
{DD1F4CA6-E298-35EE-4AC7-74DFCBD41862}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "D:\DOCUME~1\Keith_2\APPLIC~1\ISOFAS~1\Namebase.exe" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{6EE51AA0-77A0-11D7-B4E1-000347126E46}" = "Window Washer Shell Shredding Utility"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL" ["Webroot Software"]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{32A9D769-5B55-4a25-9A62-86B5683FE50A}" = "NikonView Drop Extension"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Nikon View\NkvDropExt.dll" ["Nikon Corporation"]
"{6B19FEC2-A45B-11CF-9045-00A0C9039735}" = "Registered ActiveX Controls"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\IDE\DEVXPGL.DLL" [MS]
"{D545EBD1-BD92-11CF-8772-00A0C9039735}" = "Developer Studio Components"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\IDE\DEVXPGL.DLL" [MS]
"{64BC5640-700F-4E7E-8462-D3092DD74B0F}" = "VDMSound LaunchPad"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\VDMSound\LaunchPad.dll" [empty string]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {CLSID}\InProcServer32\(Default) = "D:\WINDOWS\System32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {CLSID}\InProcServer32\(Default) = "D:\WINDOWS\System32\Audiodev.dll" [MS]
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}" = "Webroot Spy Sweeper Context Menu Integration"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" ["Webroot Software, Inc."]
"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{950FF917-7A57-46BC-8017-59D9BF474000}" = "Shell Extension for CDRW"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Ahead\InCD\incdshx.dll" ["Ahead Software AG"]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{D9872D13-7651-4471-9EEE-F0A00218BEBB}" = "Multiscan"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs LLC"]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {CLSID}\InProcServer32\(Default) = "D:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "D:\WINDOWS\System32\ssmypics.scr" [MS]


Enabled Wallpaper and Active Desktop:
-------------------------------------

Active Desktop is disabled.

HKCU\Control Panel\Desktop\
"Wallpaper" = "D:\Documents and Settings\Keith_2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


Startup items in "Keith_2" & "All Users" startup folders:
---------------------------------------------------------

D:\Documents and Settings\Keith_2\Start Menu\Programs\Startup
"MailWasherPro" -> shortcut to: "D:\Program Files\MailWasher Pro\MailWasher.exe D:\Program Files\MailWasher Pro\MailWasher.exe" ["eCosm"]


Enabled Scheduled Tasks:
------------------------

"1-Click Maintenance" -> launches: "D:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]
"A60DF202930E623A" -> launches: "d:\docume~1\keith_2\applic~1\grambi~1\info pure creative.exe" [null data]
"A688369A919FB476" -> launches: "d:\docume~1\sims2p~1\applic~1\grambi~1\info pure creative.exe" [file not found]
"A916D2FF91854997" -> launches: "d:\docume~1\keith_2\applic~1\grambi~1\info pure creative.exe" [null data]
"AA3348F291E0FD1A" -> launches: "d:\docume~1\verity~1.cal\applic~1\grambi~1\info pure creative.exe" [file not found]
"ABF107E8918ABD54" -> launches: "d:\docume~1\verity~1.cal\applic~1\grambi~1\info pure creative.exe" [file not found]
"AFB0156D91CF9031" -> launches: "d:\docume~1\verity~1.cal\applic~1\grambi~1\info pure creative.exe" [file not found]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
imslsp.dll ["Zone Labs LLC"], 01 - 03, 21
D:\WINDOWS\System32\ZoneLabs\vetredir.dll ["Computer Associates International, Inc."], 04 - 06, 20
%SystemRoot%\system32\mswsock.dll [MS], 07 - 09, 12 - 19
%SystemRoot%\system32\rsvpsp.dll [MS], 10 - 11


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "D:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
CA ISafe, CAISafe, "D:\WINDOWS\System32\ZoneLabs\isafe.exe" ["Computer Associates International, Inc."]
InCD Helper (read only), InCDsrvR, "D:\Program Files\Ahead\InCD\InCDsrv.exe -r" ["Ahead Software AG"]
Machine Debug Manager, MDM, ""D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"" [MS]
TrueVector Internet Monitor, vsmon, "D:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs LLC"]
TuneUp WinStyler Theme Service, TUWinStylerThemeSvc, "D:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe" ["TuneUp Software GmbH"]
Windows User Mode Driver Framework, UMWdf, "D:\WINDOWS\System32\wdfmgr.exe" [MS]
WMDM PMSP Service, WMDM PMSP Service, "D:\WINDOWS\System32\MsPMSPSv.exe" [MS]


----------
This report excludes default entries except where indicated.
To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
----------

Logfile of HijackThis v1.99.1
Scan saved at 09:22:15, on 26/03/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\ZoneLabs\isafe.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\wdfmgr.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\CTHELPER.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
D:\program files\valve\steam\steam.exe
D:\Program Files\MailWasher Pro\MailWasher.exe
D:\WINDOWS\System32\wuauclt.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://D:\WINDOWS\System32\blank.htm
O2 - BHO: SuperAdBlockerBHO Class - {00000000-6C30-11D8-9363-000AE6309654} - D:\Program Files\Super Ad Blocker\SABBHO.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - D:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: (no name) - {DD1F4CA6-E298-35EE-4AC7-74DFCBD41862} - D:\DOCUME~1\Keith_2\APPLIC~1\ISOFAS~1\Namebase.exe
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [CTStartup] "D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SBDrvDet] D:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpySweeper] "D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "d:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [CTStartup] "D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /play
O4 - Startup: MailWasherPro.lnk = D:\Program Files\MailWasher Pro\MailWasher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - D:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O15 - Trusted Zone: www.bbc.co.uk
O15 - Trusted Zone: http://www.riversidevineyard.com
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/13de6e69a8ac6cb08818/netzip/RdxIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://rcmdemo.perfora.net/app/static/activex/msxml4.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {B3E22EA2-A579-11D2-847A-00C04F7605B6} - file://F:\0000C5DD\wxpfp02a\common\en\online\code\odweb.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.blueyonder.co.uk/assets/tool/files/MotivePreQual.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - D:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - D:\WINDOWS\System32\CTsvcCDA.exe (file missing)
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 1 • Views: 513 • Replies: 1
No top replies

 
timberlandko
 
  1  
Reply Sat 26 Mar, 2005 04:05 pm
I would advise you to fully update your Windows and IE. That aside, have you disabled system restore, run the various scans and fixes while in safe mode, thoroughly cleaned out your temp files and cookies, enabled Explorer to view and Search to find all files and folders, and conducted any of the recommended online and/or downloadable free virus scans?
0 Replies
 
 

Related Topics

Super cool computer tricks, for dopes like me. - Discussion by OCCOM BILL
Clone of Micosoft Office - Question by Advocate
Do You Turn Off Your Computer at Night? - Discussion by Phoenix32890
The "Death" of the Computer Mouse - Discussion by Phoenix32890
Windows 10... - Discussion by Region Philbis
Surface Pro 3: What do you think? - Question by neologist
Windows 8 tips thread - Discussion by Wilso
Mac help/can't install new printer, don't remember passwd - Discussion by ossobuco
GOOGLE CHROME - Question by Setanta
.Net and Firefox... - Discussion by gungasnake
Hacking a computer and remote access - Discussion by trying2learn
 
  1. Forums
  2. » Plagued by Search2Web
Copyright © 2025 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.05 seconds on 12/27/2025 at 07:38:18