Hello to whomever is taking on this problem,
Logfile of Trend Micro
HijackThis v2.0.2
Scan saved at 7:36:31 PM, on
1/17/2010
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.21148)
Boot mode: Normal
Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\csrss.exe
C:\WINDOWS.0\system32\winlogon.e
xe
C:\WINDOWS.0\system32\services.e
xe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\System32\svchost.ex
e
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\system32\spoolsv.ex
e
C:\WINDOWS.0\system32\igfxtray.e
xe
C:\WINDOWS.0\system32\hkcmd.exe
C:\WINDOWS.0\system32\igfxpers.e
xe
C:\WINDOWS.0\system32\igfxsrvc.e
xe
C:\Program
Files\Synaptics\SynTP\SynTPEnh.e
xe
C:\Program
Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft
Office\Office12\GrooveMonitor.ex
e
C:\Program
Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware
Doctor\pctsTray.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\
cls_pack.exe
C:\WINDOWS.0\system32\svchost.ex
e
C:\Program Files\Common
Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceSer
vice.exe
C:\Program
Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware
Doctor\BDT\BDTUpdateService.exe
C:\Program
Files\AIM6\aolsoftware.exe
C:\WINDOWS.0\Microsoft.NET\Frame
work\v2.0.50727\mscorsvw.exe
C:\Program
Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware
Doctor\pctsAuxs.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\
winhlp64.exe
C:\Program Files\Spyware
Doctor\pctsSvc.exe
C:\WINDOWS.0\system32\svchost.ex
e
C:\Program
Files\iPod\bin\iPodService.exe
C:\WINDOWS.0\System32\alg.exe
C:\WINDOWS.0\system32\wuauclt.ex
e
C:\Program Files\Spyware
Doctor\TFEngine\TFService.exe
C:\Program Files\Mozilla
Firefox\firefox.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\Documents and
Settings\Admin\Desktop\winlogon.
scr
C:\WINDOWS.0\explorer.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\WINDOWS.0\system32\wbem\wmipr
vse.exe
R1 -
HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?
LinkId=54896
R0 -
HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?
LinkId=69157
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?
LinkId=69157
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL
=
http://go.microsoft.com/fwlink/?
LinkId=54896
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?
LinkId=54896
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?
LinkId=69157
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant
=
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch
=
R1 -
HKCU\Software\Microsoft\Internet
Explorer\Main,First Home Page =
http://go.microsoft.com/fwlink/?
LinkId=54843
R1 -
HKCU\Software\Microsoft\Internet
Connection Wizard,ShellNext =
http://www.kaspersky-help.com/?h
l=en&link=activationcode1&syst=M
icrosoft%20Windows%20XP%20Profes
sional%20Service%20Pack%202%20(b
uild%202600)&pid=kis&version=8.0
.0.357&hotfix=
R1 -
HKCU\Software\Microsoft\Windows\
CurrentVersion\Internet
Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-FA578C2
EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\Acro
IEHelperShim.dll
O2 - BHO: Browser Defender BHO -
{2A0F3D1B-0909-4FF4-B272-609CCE6
054E7} - C:\Program
Files\Spyware
Doctor\BDT\PCTBrowserDefender.dl
l
O2 - BHO: Groove GFS Browser
Helper -
{72853161-30C5-4D22-B7F9-0BBC1D3
8A37E} - C:\Program
Files\Microsoft
Office\Office12\GrooveShellExten
sions.dll
O2 - BHO: Java(tm) Plug-In SSV
Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D
92D43} - C:\Program
Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV
Helper -
{DBC80044-A445-435b-BC74-9C25C1C
588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl
-
{E7E6F031-17CE-4C07-BC86-EABFE59
4F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\i
e\jqs_plugin.dll
O3 - Toolbar: PC Tools Browser
Guard -
{472734EA-242A-422B-ADF8-83D1E48
CC825} - C:\Program
Files\Spyware
Doctor\BDT\PCTBrowserDefender.dl
l
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS.0\system32\igfxtray.e
xe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS.0\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]
C:\WINDOWS.0\system32\igfxpers.e
xe
O4 - HKLM\..\Run: [Adobe Reader
Speed Launcher] "C:\Program
Files\Adobe\Reader
9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh]
C:\Program
Files\Synaptics\SynTP\SynTPEnh.e
xe
O4 - HKLM\..\Run:
[SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BrStsWnd]
C:\Program
Files\Brownie\BrstsWnd.exe
Autorun
O4 - HKLM\..\Run:
[GrooveMonitor] "C:\Program
Files\Microsoft
Office\Office12\GrooveMonitor.ex
e"
O4 - HKLM\..\Run: [QuickTime
Task] "C:\Program
Files\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [iTunesHelper]
"C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray]
"C:\Program Files\Spyware
Doctor\pctsTray.exe"
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-8
4C7-88D8A56B10AA}] "C:\Program
Files\Common
Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6]
"C:\Program Files\AIM6\aim6.exe"
/d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [cls_pack.exe]
C:\DOCUME~1\Admin\LOCALS~1\Temp\
cls_pack.exe
O4 - HKUS\S-1-5-19\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-20\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'NETWORK
SERVICE')
O4 - HKUS\S-1-5-18\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'Default
user')
O8 - Extra context menu item:
E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\Offic
e12\EXCEL.EXE/3000
O9 - Extra button: Send to
OneNote -
{2670000A-7350-4f3c-8081-5663EE0
C6C49} -
C:\PROGRA~1\MI1933~1\Office12\ON
BttnIE.dll
O9 - Extra 'Tools' menuitem:
S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0
C6C49} -
C:\PROGRA~1\MI1933~1\Office12\ON
BttnIE.dll
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-3C9C571
A8263} -
C:\PROGRA~1\MI1933~1\Office12\RE
FIEBAR.DLL
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba384
96583} - C:\WINDOWS.0\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba384
96583} - C:\WINDOWS.0\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F7
95683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem:
Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F7
95683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33
E833C} (WUWebControl Class) -
http://update.microsoft.com/micr
osoftupdate/v6/V5Controls/en/x86
/client/wuweb_site.cab?123172866
0234
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91
D2FC3} (MUWebControl Class) -
http://update.microsoft.com/micr
osoftupdate/v6/V5Controls/en/x86
/client/muweb_site.cab?123172863
3812
O18 - Protocol: grooveLocalGWS -
{88FED34C-F0CA-4636-A375-3CB6248
B04CD} - C:\Program
Files\Microsoft
Office\Office12\GrooveSystemServ
ices.dll
O23 - Service: Apple Mobile
Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile
Device
Support\bin\AppleMobileDeviceSer
vice.exe
O23 - Service: Bonjour Service -
Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender
Update Service - Threat Expert
Ltd. - C:\Program Files\Spyware
Doctor\BDT\BDTUpdateService.exe
O23 - Service: getPlus(R) Helper
- Unknown owner - C:\Program
Files\NOS\bin\getPlus_HelperSvc.
exe (file missing)
O23 - Service: iPod Service -
Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick
Starter
(JavaQuickStarterService) - Sun
Microsystems, Inc. - C:\Program
Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools
Auxiliary Service (sdAuxService)
- PC Tools - C:\Program
Files\Spyware
Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security
Service (sdCoreService) - PC
Tools - C:\Program Files\Spyware
Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC
Tools - C:\Program Files\Spyware
Doctor\TFEngine\TFService.exe
--
End of file - 9033 bytes
Virus Win32 pops up. The computer has Doctor Spyware with Antivirus. There is a Rootkit32 virus as well. A Trojan keeps popping up within the Windows Security system. Windows Security does not recognize the Antivirus program. There is a Networm. Win32 as well. Antivirus apparently cleaned a RogueAntiSpyware, Rootkit.TDSS and multiples of these threats. Thank you for helping me.
*Elfryanne
Logfile of Trend Micro
HijackThis v2.0.2
Scan saved at 7:36:31 PM, on
1/17/2010
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.21148)
Boot mode: Normal
Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\csrss.exe
C:\WINDOWS.0\system32\winlogon.e
xe
C:\WINDOWS.0\system32\services.e
xe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\System32\svchost.ex
e
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\system32\svchost.ex
e
C:\WINDOWS.0\system32\spoolsv.ex
e
C:\WINDOWS.0\system32\igfxtray.e
xe
C:\WINDOWS.0\system32\hkcmd.exe
C:\WINDOWS.0\system32\igfxpers.e
xe
C:\WINDOWS.0\system32\igfxsrvc.e
xe
C:\Program
Files\Synaptics\SynTP\SynTPEnh.e
xe
C:\Program
Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft
Office\Office12\GrooveMonitor.ex
e
C:\Program
Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware
Doctor\pctsTray.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\
cls_pack.exe
C:\WINDOWS.0\system32\svchost.ex
e
C:\Program Files\Common
Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceSer
vice.exe
C:\Program
Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware
Doctor\BDT\BDTUpdateService.exe
C:\Program
Files\AIM6\aolsoftware.exe
C:\WINDOWS.0\Microsoft.NET\Frame
work\v2.0.50727\mscorsvw.exe
C:\Program
Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware
Doctor\pctsAuxs.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\
winhlp64.exe
C:\Program Files\Spyware
Doctor\pctsSvc.exe
C:\WINDOWS.0\system32\svchost.ex
e
C:\Program
Files\iPod\bin\iPodService.exe
C:\WINDOWS.0\System32\alg.exe
C:\WINDOWS.0\system32\wuauclt.ex
e
C:\Program Files\Spyware
Doctor\TFEngine\TFService.exe
C:\Program Files\Mozilla
Firefox\firefox.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\Documents and
Settings\Admin\Desktop\winlogon.
scr
C:\WINDOWS.0\explorer.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\WINDOWS.0\system32\wbem\wmipr
vse.exe
R1 -
HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?
LinkId=54896
R0 -
HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?
LinkId=69157
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?
LinkId=69157
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL
=
http://go.microsoft.com/fwlink/?
LinkId=54896
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?
LinkId=54896
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?
LinkId=69157
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant
=
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch
=
R1 -
HKCU\Software\Microsoft\Internet
Explorer\Main,First Home Page =
http://go.microsoft.com/fwlink/?
LinkId=54843
R1 -
HKCU\Software\Microsoft\Internet
Connection Wizard,ShellNext =
http://www.kaspersky-help.com/?h
l=en&link=activationcode1&syst=M
icrosoft%20Windows%20XP%20Profes
sional%20Service%20Pack%202%20(b
uild%202600)&pid=kis&version=8.0
.0.357&hotfix=
R1 -
HKCU\Software\Microsoft\Windows\
CurrentVersion\Internet
Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-FA578C2
EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\Acro
IEHelperShim.dll
O2 - BHO: Browser Defender BHO -
{2A0F3D1B-0909-4FF4-B272-609CCE6
054E7} - C:\Program
Files\Spyware
Doctor\BDT\PCTBrowserDefender.dl
l
O2 - BHO: Groove GFS Browser
Helper -
{72853161-30C5-4D22-B7F9-0BBC1D3
8A37E} - C:\Program
Files\Microsoft
Office\Office12\GrooveShellExten
sions.dll
O2 - BHO: Java(tm) Plug-In SSV
Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D
92D43} - C:\Program
Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV
Helper -
{DBC80044-A445-435b-BC74-9C25C1C
588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl
-
{E7E6F031-17CE-4C07-BC86-EABFE59
4F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\i
e\jqs_plugin.dll
O3 - Toolbar: PC Tools Browser
Guard -
{472734EA-242A-422B-ADF8-83D1E48
CC825} - C:\Program
Files\Spyware
Doctor\BDT\PCTBrowserDefender.dl
l
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS.0\system32\igfxtray.e
xe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS.0\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]
C:\WINDOWS.0\system32\igfxpers.e
xe
O4 - HKLM\..\Run: [Adobe Reader
Speed Launcher] "C:\Program
Files\Adobe\Reader
9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh]
C:\Program
Files\Synaptics\SynTP\SynTPEnh.e
xe
O4 - HKLM\..\Run:
[SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BrStsWnd]
C:\Program
Files\Brownie\BrstsWnd.exe
Autorun
O4 - HKLM\..\Run:
[GrooveMonitor] "C:\Program
Files\Microsoft
Office\Office12\GrooveMonitor.ex
e"
O4 - HKLM\..\Run: [QuickTime
Task] "C:\Program
Files\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [iTunesHelper]
"C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray]
"C:\Program Files\Spyware
Doctor\pctsTray.exe"
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-8
4C7-88D8A56B10AA}] "C:\Program
Files\Common
Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6]
"C:\Program Files\AIM6\aim6.exe"
/d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [cls_pack.exe]
C:\DOCUME~1\Admin\LOCALS~1\Temp\
cls_pack.exe
O4 - HKUS\S-1-5-19\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-20\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'NETWORK
SERVICE')
O4 - HKUS\S-1-5-18\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:
[Sidebar] C:\Program
Files\Windows
Sidebar\sidebar.exe /autoRun
(User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce:
[nltide_3] rundll32
advpack.dll,LaunchINFSectionEx
nLite.inf,C,,4,N (User 'Default
user')
O8 - Extra context menu item:
E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\Offic
e12\EXCEL.EXE/3000
O9 - Extra button: Send to
OneNote -
{2670000A-7350-4f3c-8081-5663EE0
C6C49} -
C:\PROGRA~1\MI1933~1\Office12\ON
BttnIE.dll
O9 - Extra 'Tools' menuitem:
S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0
C6C49} -
C:\PROGRA~1\MI1933~1\Office12\ON
BttnIE.dll
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-3C9C571
A8263} -
C:\PROGRA~1\MI1933~1\Office12\RE
FIEBAR.DLL
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba384
96583} - C:\WINDOWS.0\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba384
96583} - C:\WINDOWS.0\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F7
95683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem:
Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F7
95683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33
E833C} (WUWebControl Class) -
http://update.microsoft.com/micr
osoftupdate/v6/V5Controls/en/x86
/client/wuweb_site.cab?123172866
0234
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91
D2FC3} (MUWebControl Class) -
http://update.microsoft.com/micr
osoftupdate/v6/V5Controls/en/x86
/client/muweb_site.cab?123172863
3812
O18 - Protocol: grooveLocalGWS -
{88FED34C-F0CA-4636-A375-3CB6248
B04CD} - C:\Program
Files\Microsoft
Office\Office12\GrooveSystemServ
ices.dll
O23 - Service: Apple Mobile
Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile
Device
Support\bin\AppleMobileDeviceSer
vice.exe
O23 - Service: Bonjour Service -
Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender
Update Service - Threat Expert
Ltd. - C:\Program Files\Spyware
Doctor\BDT\BDTUpdateService.exe
O23 - Service: getPlus(R) Helper
- Unknown owner - C:\Program
Files\NOS\bin\getPlus_HelperSvc.
exe (file missing)
O23 - Service: iPod Service -
Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick
Starter
(JavaQuickStarterService) - Sun
Microsystems, Inc. - C:\Program
Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools
Auxiliary Service (sdAuxService)
- PC Tools - C:\Program
Files\Spyware
Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security
Service (sdCoreService) - PC
Tools - C:\Program Files\Spyware
Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC
Tools - C:\Program Files\Spyware
Doctor\TFEngine\TFService.exe
--
End of file - 9033 bytes
Virus Win32 pops up. The computer has Doctor Spyware with Antivirus. There is a Rootkit32 virus as well. A Trojan keeps popping up within the Windows Security system. Windows Security does not recognize the Antivirus program. There is a Networm. Win32 as well. Antivirus apparently cleaned a RogueAntiSpyware, Rootkit.TDSS and multiples of these threats. Thank you for helping me.
*Elfryanne