mitcorb

Members
  • Content Count

    19
  • Joined

  • Last visited

Community Reputation

0 Neutral

About mitcorb

  • Rank
    Member
  1. Well, Raziel: I just updated about 10 minutes ago with definition 148.0032 It appears that the program did not re-initialize after update, the icon did not reappear in the lower right tray, and the last scan date did not update. It says last scan April 22, 2009, which is not true. I estimate that I have scanned at least 6 times since that date, including deep scans. Are you aware of any persistent issues regarding the info on the User Interface? Thanks, mitcorb By the way, this condition exists on other machines I have access to.
  2. ok, Raziel. I will wait. Then I will reply to this thread. Thanks, mitcorb
  3. Adaware AE Free Version: I just updated 5 minutes ago. As the title tries to explain, Reinitialize didn't happen. In other words, the UI disappears and is supposed to reappear. It did not. I had to activate the desktop shortcut to reopen the application. Or maybe this is what is intended. I know the icon disappears in the system tray. What's up? Also, in previous months, almost from the time I first downloaded AAW-AE the "Last Scan date" has never been correct. Today the Last Scan Date says I have never scanned. I thought I saw a mention of this being a known issue, but maybe you have fixed it and I did not see mention of any fixes. Thanks for any info you can provide.
  4. Here is an oddity that has persisted since installing AAW2007 free. I thought that this issue was widespread and well known, so I did not report it: In the status screen, the last update is not reported, nor is the date of the last update reported. Well, it did update and report correctly on April 17, 2008, which was a surprise. So, I thought that the problem had been resolved. It has returned. I realize that this is just a visual. Any comments are welcome.
  5. I did not see this as a symptom in the other posts. After updating AAW2007 free version, a blank error box pops up. The box is titled Error, the contents are blank and the button at the bottom is blank and flickering or throbbing. Attempts to cancel the box are unsuccessful. Finally, I just decided to rapidly click on both the empty button and the red x at the top right until it disappeared. I don't know if these clues will help with the repair. Yes I did see Calamity Jane's post and link, but I did not try this yet, in case the above is unrelated.
  6. Evidently, this issue does not warrant a reply or I have in some way offended those who would reply. For both conditions I apologize. If anyone is still interested I am willing to continue this topic. Thank you. mitcorb
  7. I have spent two hours attempting to download Adaware 2007 free version. Used both IE7 and Firefox. Accessed the download page through Lavasoft pages and going directly to Download.com. Tried at Majorgeeks also, but there is too much noise on that site. The largest transfer I received was 14.2 Mb of the 17 indicated before it failed to proceed. Cancelling and restarting, even exiting, cleaning out the internet cache and starting again did not improve the situation. I still have not completed the download of the exe. This computer has been serviced for infections through this forum and through techsupportforums.com. As a result, I am wary of the possibility that there may be malware designed to block downloads of Adaware products. Currently AdawareSE on this computer takes a long time to initialize, which is not the case with other programs on this machine. Any suggestions would be greatly appreciated. Please place this post in the most appropriate forum. Sincerely, mitcorb
  8. Thank you Ai_Tak for your assistance. After my last post, and studying the logs,I started rooting around the internet for a better understanding of the items in the log. Do you happen to know how I suddenly have two little blue boxes under my username? Is that because of perseverance or longevity?
  9. See " [firstboltstoretrust] " and " [forkwave] " in the 04 series in the HijackThis log. Does the fact that these are still showing up mean that the extraction did not happen? What about supposed legacy entries in the scans such as Weatherbug? How can I expand my understanding of these scans and learn to use them routinely as maintenance tools?
  10. I have re run Avenger with the corrected input. Here is the avenger log: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\bckjnibi ******************* Script file located at: \??\C:\WINDOWS\jfabrejo.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\Documents and Settings\mainuser\Application Data\Sixth Base Send\Firstmetainter.exe deleted successfully. File C:\Documents and Settings\All Users\Application Data\hide anti first bolt\camp seek.exe deleted successfully. Completed script processing. ******************* Finished! Terminate. Here is the HJT log: Logfile of HijackThis v1.99.1 Scan saved at 1:09:32 PM, on 3/15/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Nhksrv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~3\NORTON~4\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\PROGRA~1\NORTON~3\NORTON~4\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\DELLMMKB.EXE C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\EMS Free Surfer Companion\fs30.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\AOL\1136153873\ee\AOLSoftware.exe C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Netropa\OSD.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\Program Files\INS\VitalAgent\Program\VtlAgent.exe C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe C:\PROGRA~1\VITALS~1\Net.Medic\Program\syshook.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Media Bonus Pack for Windows XP\PowerToys\mpxptray.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE O4 - HKLM\..\Run: [AHQInit] "C:\Program Files\Creative\SBLive\Program\AHQInit.exe" O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [freesurfer] C:\Program Files\EMS Free Surfer Companion\fs30.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1136153873\ee\AOLSoftware.exe" O4 - HKLM\..\Run: [iPHSend] "C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe" O4 - HKLM\..\Run: [D-Link Wireless G WUA-1340] "C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe" O4 - HKLM\..\Run: [ANIWZCS2Service] "C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [firstboltstoretrust] "C:\Documents and Settings\All Users\Application Data\hide anti first bolt\camp seek.exe" O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [system Kernal Support] system.exe O4 - HKCU\..\Run: [stratas] xmconfig.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [forkwave] C:\DOCUME~1\mainuser\APPLIC~1\SIXTHB~1\Firstmetainter.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: MPXPTray.lnk = C:\Program Files\Windows Media Bonus Pack for Windows XP\PowerToys\mpxptray.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O4 - Global Startup: MyVitalAgent.lnk = C:\Program Files\INS\VitalAgent\Program\VtlAgent.exe O4 - Global Startup: Net.Medic.lnk = C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Get siteinfo data (fsc) - C:\Program Files\EMS Free Surfer Companion\fslauncher.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AOLInstantMessenger\aim.exe O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exe O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/ac...supportutil.CAB O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} - http://207.188.7.150/11459043ee4ed8c41000/netzip/RdxIE.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200210...meInstaller.exe O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...tallMgr_v01.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/01f7632fa2cdcebd5021/netzip/RdxIE2.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} (VoilaXctl Class) - http://www.belarc.com/Programs/advisor.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {72D59B9C-1E59-4958-803A-ABDEE2D4CFA6} - http://download.divx.com/player/DivXPlayerInstaller.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/d052c1d...all/xscan53.cab O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} - http://www.techsmith.com/codec/tsccinst.cab O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\Autodesk Architectural Desktop 3\AcDcToday.ocx O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - http://www.parallelgraphics.com/bin/cortvrml.cab O16 - DPF: {8D83D301-E841-11D1-B155-00600823BCF9} (WebLine Browser Integration Classes) - http://live.landsend.com/webline/applets/msie40x.cab O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} - http://support.dell.com/us/en/systemprofiler/SysProfLcd.CAB O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (NOXLATE) - file://C:\Program Files\Autodesk Architectural Desktop 3\InstFred.ocx O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - https://www-secure.symantec.com/techsupp/ac.../ActiveData.cab O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\Autodesk Architectural Desktop 3\AcPreview.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{A64C0F55-C836-41BA-A602-5AEA1EE64BCC}: NameServer = 4.2.2.2,4.2.2.3 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~4\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe (file missing) O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  11. I did not copy the "FILES TO DELETE" line. I will rerun the app with this in mind and follow your previous instructions I do have an error log from the failed attempt. I was using IE7. I primarily use Google as a search engine, otherwise I type in URLs. While in Google, if I click on a link, it will cause either a Symantec Firewall Alert on c2lop or another IE window attempts to load. These I simply close by clicking them off in the tray before they fully load. Before I ever posted to the forum, I was testing Spysweeper from Webroot free version for evaluation on a suggestion from a friend. Spysweeper first notified me of the c2lop by announcing the urls shown in my first post. I have since uninstalled Spysweeper because of the nag factor to purchase the full product. After I uninstalled, Symantec Personal Firewall started alerting on c2lop intrusion attempt. Whenever I use IE7 and access LavasoftUSA webpage I get the Symantec Firewall alert on c2lop. I think Spysweeper was preempting this before and taking over the alerting. Also, prior to testing Spysweeper I was noticing that an error message was appearing on session shutdown announcing that campseek dll could not start because the system was shutting down. This was with all programs closed. Sorry to be so verbose, here. I'm thinking this extra info may be helpful. Thank you for your attention. I know you are busy, as I have seen your posts on many of the other issues. Apparently some of your colleagues also post on other forums.
  12. May I weigh in? I am not an expert. I believe I have seen this before in my Temporary Internet Files. This is a Cookie placed by an advertising entity. It has shown up as a tracking cookie. It is widespread, meaning that it will be placed on your computer when you visit popular sites. AdAware probably shows it as a TAC3 because it tracks. If you use IE as your browser, you can delete these along with other activity by right clicking the IE desktop icon, select Properties from te context menu and you should see a delete button. Clicking this will open a menu with several delete buttons. Firefox has a similar utility. You will probably see more of these tracking cookies than you will see more serious threats.
  13. I followed the instructions to run NoLop program. Apparently this did not clear the problem as my Symantec alert indicates that an intrusion attempt by C2Lop was blocked. This alert was triggered while using a popular search engine. This alert has been seen for several days. I waited for a response to my last post. Last night I proceeded with Avenger. I followed the available instructions. The items to apply to the script were in quotes. I tried the program both with quotes and without, both with boldface and without. I copied the items to the clipboard and saved them in Wordpad. I shut down everything that was open and activated Avenger. I pasted the items into the editor and proceeded. Avenger said that it did not recognize the information as script format. Then several error boxes opened in series to inform me that the program run was unsuccessful. I await any further suggestions you may have. Thank you.
  14. For some reason I was not experiencing the multiple IE ad windows for a couple of days. I did at least one full system scan with AdawareSE and it seemed to calm down. Now, after the NoLop treatment the problem seems to have returned.
  15. I selected nolop. What follows is the nolop log from C:\ : NoLop! Log by Skate_Punk_21 Fix running from: C:\Documents and Settings\mainuser\Desktop [3/9/2007] [7:48:48 PM] ---Infection Files Found/Removed--- C:\WINDOWS\tasks\AE6E193C90818350.job Beginning Removal... Rebooting... The system rebooted apparently successfully. I noticed that NoLop also created a folder in C called Nolopbackup with a .job extension. Is this of any concern? Below is the HijackThis log. I noticed that there is one reference at 04... HKLM...Run..[firstboltstoretrust]path and filename. Does this item remain after completion? Also there are other unwanted items such as Weatherbug mentioned in the HJT log. These are from an uninstall/ extraction several years ago. Can or should something be done about these references? Thank you for the assistance and I will await any further instructions. Logfile of HijackThis v1.99.1 Scan saved at 8:10:11 PM, on 3/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Nhksrv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~3\NORTON~4\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\PROGRA~1\NORTON~3\NORTON~4\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\DELLMMKB.EXE C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Netropa\OSD.exe C:\Program Files\EMS Free Surfer Companion\fs30.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\AOL\1136153873\ee\AOLSoftware.exe C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Media Bonus Pack for Windows XP\PowerToys\mpxptray.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\PROGRA~1\NORTON~3\NORTON~2\Navw32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE O4 - HKLM\..\Run: [AHQInit] "C:\Program Files\Creative\SBLive\Program\AHQInit.exe" O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [freesurfer] C:\Program Files\EMS Free Surfer Companion\fs30.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1136153873\ee\AOLSoftware.exe" O4 - HKLM\..\Run: [iPHSend] "C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe" O4 - HKLM\..\Run: [D-Link Wireless G WUA-1340] "C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe" O4 - HKLM\..\Run: [ANIWZCS2Service] "C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [firstboltstoretrust] "C:\Documents and Settings\All Users\Application Data\hide anti first bolt\camp seek.exe" O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [system Kernal Support] system.exe O4 - HKCU\..\Run: [stratas] xmconfig.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [forkwave] C:\DOCUME~1\mainuser\APPLIC~1\SIXTHB~1\Firstmetainter.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: MPXPTray.lnk = C:\Program Files\Windows Media Bonus Pack for Windows XP\PowerToys\mpxptray.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O4 - Global Startup: MyVitalAgent.lnk = C:\Program Files\INS\VitalAgent\Program\VtlAgent.exe O4 - Global Startup: Net.Medic.lnk = C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Get siteinfo data (fsc) - C:\Program Files\EMS Free Surfer Companion\fslauncher.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AOLInstantMessenger\aim.exe O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exe O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/ac...supportutil.CAB O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} - http://207.188.7.150/11459043ee4ed8c41000/netzip/RdxIE.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200210...meInstaller.exe O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...tallMgr_v01.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/01f7632fa2cdcebd5021/netzip/RdxIE2.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} (VoilaXctl Class) - http://www.belarc.com/Programs/advisor.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {72D59B9C-1E59-4958-803A-ABDEE2D4CFA6} - http://download.divx.com/player/DivXPlayerInstaller.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/d052c1d...all/xscan53.cab O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} - http://www.techsmith.com/codec/tsccinst.cab O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\Autodesk Architectural Desktop 3\AcDcToday.ocx O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - http://www.parallelgraphics.com/bin/cortvrml.cab O16 - DPF: {8D83D301-E841-11D1-B155-00600823BCF9} (WebLine Browser Integration Classes) - http://live.landsend.com/webline/applets/msie40x.cab O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} - http://support.dell.com/us/en/systemprofiler/SysProfLcd.CAB O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (NOXLATE) - file://C:\Program Files\Autodesk Architectural Desktop 3\InstFred.ocx O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - https://www-secure.symantec.com/techsupp/ac.../ActiveData.cab O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\Autodesk Architectural Desktop 3\AcPreview.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{A64C0F55-C836-41BA-A602-5AEA1EE64BCC}: NameServer = 4.2.2.2,4.2.2.3 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~4\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe (file missing) O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe