Tech Support Forum - View Single Post

Khaos9999 · 07-09-2005, 09:23 PM

Here's the active log

Incident Status Location

Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/nCase No disinfected C:\WINDOWS\system32\FLEOK
Spyware:Spyware/Dyfuca No disinfected Windows Registry
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles
Adware:Adware/BookedSpace No disinfected C:\WINDOWS\bsx32
Adware:Adware/WinTools No disinfected Windows Registry
Spyware:Spyware/TVMedia No disinfected C:\WINDOWS\Bundles
Adware:Adware/DelFinMedia No disinfected C:\WINDOWS\system32\vmss
Adware:Adware/AdLogix No disinfected Windows Registry
Adware:Adware/TopRebates No disinfected C:\WINDOWS\bundles\WebRebates*.exe
Adware:Adware/Beginto No disinfected Windows Registry
Adware:Adware/PowerSearch No disinfected C:\WINDOWS\system32\stlb2.xml
Spyware:Spyware/SurfSideKick No disinfected Windows Registry
Adware:Adware/TopSpyware No disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Adware:Adware/Novo No disinfected Windows Registry
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Joe Braucht\Application Data\Sskcwrd.dll
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Joe Braucht\Application Data\Sskknwrd.dll
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Joe Braucht\Local Settings\Temporary Internet Files\Ssk.log
Adware:Adware/Pacimedia No disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\activeshopper.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\AdSmartMedia_bundle.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\adv0ltc0m.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ast_5_adsav.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\b2s-162813.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Beryllium.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\bruzmoh.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\bs5-goodyr1.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\bs5-tsrkqn.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Century.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\CSv10P070.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\cxt_big.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Decade.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\d_ic.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\e2g51.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ez_advolt.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\HelperInstaller.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\icmedia2_56.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ICMMedia_1cmm3d1a.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ic_ssk.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\iehost.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\InvestorIntelligenceInstallWeb.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\newmb.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\optimizejames.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\rop_marketing_1_168.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\runsearch.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\s4Sept.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\sahagent-dectest1001.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\sahagent-seedcorn1002.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\saie1101.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\setup_silent_26221.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\shopinst.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\snackman.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\stlb2_seed.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\thin-8-1-x-x.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\TrafficSpec8.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Verti1.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\videoinst.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\vl_ezstub.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\WebRebates_Auto_InstallSilent.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\winversion.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\wrapperouter.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\Cache\videoinst.exe
Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\idm32.dll
Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\mzsign32.dll
Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\rym.dll
Adware:Adware/nCase No disinfected C:\WINDOWS\system32\saieau.dat
Adware:Adware/nCase No disinfected C:\WINDOWS\system32\saie_gdf.dat
Adware:Adware/nCase No disinfected C:\WINDOWS\system32\saie_kyf.dat
Adware:Adware/PowerSearch No disinfected C:\WINDOWS\system32\stlb2.xml
Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.008
Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.bin
Adware:Adware/AdLogix No disinfected C:\WINDOWS\Temp\adlinstallwin32.exe
Adware:Adware/Envolo No disinfected C:\WINDOWS\Temp\AutoUpdate0\setup.inf
Spyware:Spyware/Virtumonde No disinfected C:\WINDOWS\Temp\bw2.exe
Spyware:Spyware/Overpro No disinfected C:\WINDOWS\Temp\nsdtmp09.dll
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\Temp\THI2F0E.tmp\zserv.inf

WOW I think that could be bad
here' the hijack log too

Logfile of HijackThis v1.99.1
Scan saved at 9:20:11 PM, on 7/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Dual-Band Wireless A+G Notebook Adapter\WPC55AG.exe
C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\EZSP_PX.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\system32\RAMASST.exe
D:\Spyware\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.destinycc.org/
O4 - HKLM\..\Run: [WPC55AG.exe] C:\Program Files\Dual-Band Wireless A+G Notebook Adapter\WPC55AG.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\EZSP_PX.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.com/app/ST/ActiveX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120429946030
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = destinycc.org
O17 - HKLM\Software\..\Telephony: DomainName = destinycc.org
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = destinycc.org
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR1\RpcSandraSrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Thanks For the help

07-09-2005, 09:23 PM	#3 (permalink)
Khaos9999 Registered User Join Date: Jul 2005 Posts: 6 OS: XP Pro	Here's the active log Incident Status Location Adware:Adware/SaveNow No disinfected Windows Registry Adware:Adware/nCase No disinfected C:\WINDOWS\system32\FLEOK Spyware:Spyware/Dyfuca No disinfected Windows Registry Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles Adware:Adware/BookedSpace No disinfected C:\WINDOWS\bsx32 Adware:Adware/WinTools No disinfected Windows Registry Spyware:Spyware/TVMedia No disinfected C:\WINDOWS\Bundles Adware:Adware/DelFinMedia No disinfected C:\WINDOWS\system32\vmss Adware:Adware/AdLogix No disinfected Windows Registry Adware:Adware/TopRebates No disinfected C:\WINDOWS\bundles\WebRebates*.exe Adware:Adware/Beginto No disinfected Windows Registry Adware:Adware/PowerSearch No disinfected C:\WINDOWS\system32\stlb2.xml Spyware:Spyware/SurfSideKick No disinfected Windows Registry Adware:Adware/TopSpyware No disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp Adware:Adware/Novo No disinfected Windows Registry Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Joe Braucht\Application Data\Sskcwrd.dll Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Joe Braucht\Application Data\Sskknwrd.dll Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Joe Braucht\Local Settings\Temporary Internet Files\Ssk.log Adware:Adware/Pacimedia No disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\activeshopper.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\AdSmartMedia_bundle.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\adv0ltc0m.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ast_5_adsav.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\b2s-162813.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Beryllium.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\bruzmoh.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\bs5-goodyr1.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\bs5-tsrkqn.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Century.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\CSv10P070.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\cxt_big.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Decade.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\d_ic.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\e2g51.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ez_advolt.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\HelperInstaller.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\icmedia2_56.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ICMMedia_1cmm3d1a.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\ic_ssk.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\iehost.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\InvestorIntelligenceInstallWeb.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\newmb.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\optimizejames.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\rop_marketing_1_168.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\runsearch.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\s4Sept.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\sahagent-dectest1001.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\sahagent-seedcorn1002.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\saie1101.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\setup_silent_26221.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\shopinst.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\snackman.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\stlb2_seed.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\thin-8-1-x-x.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\TrafficSpec8.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\Verti1.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\videoinst.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\vl_ezstub.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\WebRebates_Auto_InstallSilent.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\winversion.exe Adware:Adware/PortalScan No disinfected C:\WINDOWS\bundles\wrapperouter.exe Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\Cache\videoinst.exe Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\idm32.dll Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\mzsign32.dll Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\rym.dll Adware:Adware/nCase No disinfected C:\WINDOWS\system32\saieau.dat Adware:Adware/nCase No disinfected C:\WINDOWS\system32\saie_gdf.dat Adware:Adware/nCase No disinfected C:\WINDOWS\system32\saie_kyf.dat Adware:Adware/PowerSearch No disinfected C:\WINDOWS\system32\stlb2.xml Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.008 Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.bin Adware:Adware/AdLogix No disinfected C:\WINDOWS\Temp\adlinstallwin32.exe Adware:Adware/Envolo No disinfected C:\WINDOWS\Temp\AutoUpdate0\setup.inf Spyware:Spyware/Virtumonde No disinfected C:\WINDOWS\Temp\bw2.exe Spyware:Spyware/Overpro No disinfected C:\WINDOWS\Temp\nsdtmp09.dll Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\Temp\THI2F0E.tmp\zserv.inf WOW I think that could be bad here' the hijack log too Logfile of HijackThis v1.99.1 Scan saved at 9:20:11 PM, on 7/9/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Dual-Band Wireless A+G Notebook Adapter\WPC55AG.exe C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\System32\EZSP_PX.EXE C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\WINDOWS\system32\RAMASST.exe D:\Spyware\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.destinycc.org/ O4 - HKLM\..\Run: [WPC55AG.exe] C:\Program Files\Dual-Band Wireless A+G Notebook Adapter\WPC55AG.exe O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\EZSP_PX.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409 O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.com/app/ST/ActiveX.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120429946030 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = destinycc.org O17 - HKLM\Software\..\Telephony: DomainName = destinycc.org O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = destinycc.org O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR1\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR1\RpcSandraSrv.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe Thanks For the help