Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Logfile of HijackThis v1.99.0
Scan saved at 9:21:53 PM, on 10/23/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Billionton\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\System32\ZipToA.exe
C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\apps\QuickTime\qttask.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
C:\WINNT\system32\rundll32.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\winstall.exe
C:\Program Files\Billionton\Bluetooth Software\BTTray.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Imation\ImationFlashDetect.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\System32\sol.exe
C:\WINNT\explorer.exe
D:\Documents and Settings\Administrator\Desktop\spyware\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.ne...ch?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Clear Cut] C:\Program Files\ClearCut\streamer.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\apps\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus CX5400] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P19 "EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Startup: ImationFlashDetect.lnk = C:\Program Files\Imation\ImationFlashDetect.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\Billionton\Bluetooth Software\BTTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Billionton\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .m4v: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: Microsoft WFC Forms Designer - file://D:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\VJ98\wfcforms.cab
O16 - DPF: Visual Studio 6 Extensibility Libraries - file://D:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\VJ98\vstudio6.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.3.1_06) - http://fdu.blackboar...ib//jre-1_5.exe
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us22/n.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{082C5A1A-4A7B-48A9-B181-B4CB112B6334}: NameServer = 85.255.116.157
O17 - HKLM\System\CCS\Services\Tcpip\..\{73736989-253F-45F5-9283-B93516FBEF24}: NameServer = 85.255.116.157
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9F18CD5-AEBA-4834-A4D2-917BAB7AC0A4}: NameServer = 85.255.116.157
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.157 85.255.112.166
O17 - HKLM\System\CS1\Services\Tcpip\..\{082C5A1A-4A7B-48A9-B181-B4CB112B6334}: NameServer = 85.255.116.157
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.157 85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{082C5A1A-4A7B-48A9-B181-B4CB112B6334}: NameServer = 85.255.116.157
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.157 85.255.112.166
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Aluria Spyware Eliminator Service - Unknown - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Bluetooth Service - WIDCOMM, Inc. - C:\Program Files\Billionton\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel® Active Monitor - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\System32\IomegaAccess.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McShield - Unknown - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor - Unknown - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\System32\ZipToA.exe
