Don’t know what all this is in the log, but the log is included in this message. If anyone has any ideas, thanks.
Logfile of HijackThis v1.99.1
Scan saved at 3:48:06 PM, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\BigFix\bigfix.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.EXE
C:\Program Files\Trend Micro\Antivirus\PCCGUIDE.EXE
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\DOCUME~1\OWNER~1.YOU\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 – BHO: Comcast Toolbar – {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} – C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 – BHO: Yahoo! IE Services Button – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 – BHO: DriveLetterAccess – {5CA3D70E-1895-11CF-8E15-001234567890} – C:\WINDOWS\system32\dla\tfswshx.dll
O2 – BHO: EWPBrowseObject Class – {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} – C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: Encarta Web Companion Helper Object – {955BE0B8-BC85-4CAF-856E-8E0D8B610560} – C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion07\ENCWCBAR.DLL
O2 – BHO: CBrowserHelperObject Object – {CA6319C0-31B7-401E-A518-A07C3DB8F777} – c:\windows\system32\BAE.dll
O3 – Toolbar: Easy-WebPrint – {327C2873-E90D-4c37-AA9D-10AC9BABA46C} – C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 – Toolbar: Encarta Web Companion – {147D6308-0614-4112-89B1-31402F9B82C4} – C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion07\ENCWCBAR.DLL
O3 – Toolbar: Comcast Toolbar – {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} – C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O4 – HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 – HKLM\..\Run: [readericon] "C:\Program Files\Digital Media Reader\readericon45G.exe"
O4 – HKLM\..\Run: [CHotkey] zHotkey.exe
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 – HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 – HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Antivirus\pccguide.exe"
O4 – HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Antivirus\PCClient.exe"
O4 – HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run
O4 – HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 – HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 – HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 – HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [CanonMyPrinter] "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" /logon
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 – HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 – HKLM\..\Run: [DetectorApp] "C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe"
O4 – HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 – HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 – HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 – HKCU\..\Run: [Power2GoExpress] NA
O4 – HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 – HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 – HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 – HKCU\..\Run: [L07AXLRD_5850515] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Uniblue RegistryBooster2] "C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" /S
O4 – Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 – Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Encarta Search Bar – {B205A35E-1FC4-4CE3-818B-899DBBB3388C} – C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 – Extra button: Real.com – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – C:\WINDOWS\system32\Shdocvw.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O11 – Options group: [INTERNATIONAL] International*
O16 – DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) – https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 – DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} – http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 – DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) – http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 – DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) – C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) – http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 – Protocol: ms-help – {314111C7-A502-11D2-BBCA-00C04F8EC294} – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 – Winlogon Notify: WRNotifier – C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 – SSODL: WPDShServiceObj – {AAA288BA-9A4C-45B0-95D7-94D524869DB5} – C:\WINDOWS\system32\WPDShServiceObj.dll
O23 – Service: Canon Camera Access Library 8 (CCALib8) – Canon Inc. – C:\Program Files\Canon\CAL\CALMAIN.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: PrismXL – New Boundary Technologies, Inc. – C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 – Service: Trend NT Realtime Service (Tmntsrv) – Trend Micro Incorporated. – C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 – Service: Trend Micro Proxy Service (tmproxy) – Trend Micro Incorporated. – C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 – Service: USBDeviceService – Unknown owner – C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe
O23 – Service: UStorage Server Service – OTi – C:\WINDOWS\system32\UStorSrv.exe
O23 – Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) – Webroot Software, Inc. – C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe