I have been trying to clear up my PC. I know that I have W32/Noala.b but haven’t found anything to get rid of it. I have been to several site that claim free Trojan/Spyware hunter killers but almost all that I have found want you to pay them before you can remove the problems and I don’t have a lot of money to spend. Below you will find what I have been trying, my latest HijackThis log and my Sygate Personal Firewall log. I know I have a lot of work to do. Any help you can offer me will be greatly appreciated
.
Spy Sweeper 3.0.0 = Negative
SpyHunter v 1.1.30 = 72 Registry items for BackWeb Lite
CWShreader v 1.59.1 = Negative
NoAdware v 2.01 = W32/Noala.b@MM HKEY_LOCAL_MACHINE\software\mRegValue
syscean = Negative
Logfile of HijackThis v1.98.2
Scan saved at 1:28:53 PM, on 9/3/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
http://housecall.trendmicro.com/ = Negative
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCIOMON.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCPFW.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\TMPROXY.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\SYSTEM\USBMMKBD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPCLIENT.EXE
C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPMON32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCGUIDE.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCLIENT.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\TMOAGENT.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\SCANSOFT\NATURALLYSPEAKING\PROGRAM\NATSPEAK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer customized for Verizon Online
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [USBMMKBD] usbmmkbd.exe
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPMon32.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\Internet Security\PCCIOMON.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [SpyHunter] C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Encompass_ENCMONTR] C:\Program Files\Easy Internet\ENCMONTR.EXE
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\Internet Security\PCCIOMON.exe"
O4 - HKLM\..\RunServices: [PccPfw] C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O4 - HKLM\..\RunServices: [tmproxy] C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O4 - HKCU\..\RunServices: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\RunServices: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\RunServices: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: TREND MICRO HouseCall - {2B5EA4F8-620A-4A8B-B003-4C8C5EBEA826} - http://uk.trendmicro-europe.com/enterprise/products/housecall_pre.php (file missing)
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\CONTROLPAD\Misc\a_menu.exe (file missing)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
Action Direction Protocol Remote Host Local Host Application Name
Blocked Incoming UDP 0.0.0.0 255.255.255.255 Block_all
Allowed Incoming UDP 129.44.225.94 129.44.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Incoming UDP 129.44.226.109 129.44.255.255 C:\WINDOWS\SYSTEM\KERNEL32.DLL GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Incoming UDP 129.44.226.78 129.44.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing UDP 129.44.255.255 129.44.226.78 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Blocked Incoming TCP 141.149.206.232 141.149.228.158 Block_all
Allowed Incoming UDP 141.149.228.158 141.149.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Blocked Incoming TCP 141.149.246.142 141.149.228.158 Block_all
Blocked Incoming TCP 141.149.252.222 141.149.228.158 Block_all
Allowed Outgoing UDP 141.149.255.255 141.149.228.158 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing UDP 151.202.0.85 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Blocked Outgoing ICMP 151.202.0.85 141.149.228.158 Block_all
Allowed Incoming UDP 169.254.19.207 169.254.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing UDP 169.254.255.255 169.254.19.207 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing TCP 194.112.106.208 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP 216.150.206.250 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Blocked Incoming UDP 222.88.173.5 141.149.228.158 Block_all
Blocked Outgoing ICMP 224.0.0.2 141.149.228.158 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@APPCONFIG-ICMP#C:\WINDOWS\SYSTEM\kernel32.dll
Blocked Incoming TCP 4.28.247.184 141.149.228.158 Block_all
Allowed Outgoing TCP a.as-us.falkag.net [208.184.39.146] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP a.softpedia.com [67.18.239.196] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP a840.g.akamai.net [130.81.64.12] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP activex.microsoft.com [207.46.196.108] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP ad2.ip.ro [80.86.96.70] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP ads.com.com [216.239.115.142] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP beam.to [212.254.206.30] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP bn.gewinn24.de [217.13.203.18] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP codecs.microsoft.com [130.81.64.26] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP crl.microsoft.com [131.107.103.243] 141.149.228.240 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP crl.verisign.com [12.158.80.10] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP dl1.pctools.com [67.19.31.250] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP download.com [206.16.0.235] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP download.com.com [216.239.115.131] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Blocked Outgoing TCP download.macromedia.com [216.104.212.81] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE GUI%GUICONFIG#SRULE@ADVRULECONFIG#Normal_103
Allowed Outgoing TCP download.softpedia.com [213.233.121.9] 129.44.226.78 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP download.windowsupdate.com [64.4.23.29] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP download-pdl.search.com [206.16.0.179] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP dw.com.com [216.239.115.143] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP files1.majorgeeks.com [65.110.60.130] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP hop.clickbank.net [207.114.236.43] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP housecall.trendmicro.com [66.35.253.32] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP images.webattack.com [69.28.135.164] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP imgserv.adbutler.com [216.127.38.100] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP insight1.verizon.net [199.45.45.130] 129.44.225.94 C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe Ask all running apps
Allowed Outgoing TCP insight10.verizon.net [199.45.45.139] 129.44.225.94 C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe Ask all running apps
Allowed Outgoing TCP insight2.verizon.net [199.45.45.131] 141.149.228.158 C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe Ask all running apps
Allowed Outgoing TCP itxt.vibrantmedia.com [63.211.210.221] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP liveupdate.symantecliveupdate.com [63.211.66.27] 129.44.225.94 C:\Program Files\Symantec\LiveUpdate\LuComServer.EXE Ask all running apps
Allowed Outgoing TCP log.trafic.ro [217.156.103.27] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP mjc1.com [209.157.129.87] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP pagead2.googlesyndication.com [216.239.41.104] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP pc-cillin-p.activeupdate.trendmicro.com [4.78.20.11] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP pc-cillin-p.activeupdate.trendmicro.com [4.78.20.11] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP pc-cillin-t.activeupdate.trendmicro.com [64.28.86.228] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe Ask all running apps
Allowed Outgoing TCP products.webroot.com [216.58.162.100] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP reviews.cnet.com [216.239.115.141] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP s89223352.onlinehome.us [217.160.226.83] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP security.kolla.de [212.227.118.106] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP securityresponse.symantec.com [63.211.66.61] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP sel.as-us.falkag.net [66.150.87.2] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP software-files.download.com [216.239.120.254] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP storage.trafic.ro [217.156.103.59] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP v4.windowsupdate.microsoft.com [207.46.134.126] 141.149.228.240 C:\WINDOWS\SYSTEM\WULOADER.EXE Ask all running apps
Allowed Outgoing TCP v4.windowsupdate.microsoft.com [64.4.21.28] 129.44.225.94 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP wdcs.trendmicro.com [66.35.255.43] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP windowsupdate.microsoft.com [207.46.134.92] 141.149.228.240 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP wustat.windows.com [207.46.197.59] 129.44.225.94 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP www.aquahobby.com [216.117.138.145] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.epilot.com [64.94.109.52] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.39.147] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.39.99] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.41.104] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.41.99] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.google.com [64.233.161.99] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.googleadservices.com [216.239.57.96] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.hijack-this.net [67.15.10.79] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.kephyr.com [66.98.166.66] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.majorgeeks.com [67.19.72.100] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.mytechsupport.ca [208.170.149.146] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.noadware.net [69.20.71.82] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.pctools.com [65.61.181.240] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.pestpatrol.com [209.92.194.116] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.safer-networking.org [212.227.253.104] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.snapfiles.net [69.28.135.165] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.softpedia.com [193.226.140.167] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.spychecker.com [69.28.135.166] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.spywareinfo.com [216.98.141.250] 129.44.226.78 C:\My Documents\My Downloads\CWShredder.exe Ask all running apps
Allowed Outgoing TCP www.techsupportforum.com [67.43.10.154] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.trendmicro.com [130.81.64.13] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.webroot.com [216.150.206.248] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.webrootdisp.net [66.216.97.155] 141.149.228.158 C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe Ask all running apps
Allowed Outgoing TCP www.webtraffictools.com [66.161.20.16] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.winguides.com [65.61.180.80] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.zoneedit.com [69.72.176.178] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP x.cb.kount.com [207.114.236.44] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
.
Spy Sweeper 3.0.0 = Negative
SpyHunter v 1.1.30 = 72 Registry items for BackWeb Lite
CWShreader v 1.59.1 = Negative
NoAdware v 2.01 = W32/Noala.b@MM HKEY_LOCAL_MACHINE\software\mRegValue
syscean = Negative
Logfile of HijackThis v1.98.2
Scan saved at 1:28:53 PM, on 9/3/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
http://housecall.trendmicro.com/ = Negative
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCIOMON.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCPFW.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\TMPROXY.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\SYSTEM\USBMMKBD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPCLIENT.EXE
C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPMON32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCGUIDE.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\PCCLIENT.EXE
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY\TMOAGENT.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\SCANSOFT\NATURALLYSPEAKING\PROGRAM\NATSPEAK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer customized for Verizon Online
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [USBMMKBD] usbmmkbd.exe
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\VISUALIPINSIGHT\IPMon32.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\Internet Security\PCCIOMON.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [SpyHunter] C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Encompass_ENCMONTR] C:\Program Files\Easy Internet\ENCMONTR.EXE
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\Internet Security\PCCIOMON.exe"
O4 - HKLM\..\RunServices: [PccPfw] C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O4 - HKLM\..\RunServices: [tmproxy] C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O4 - HKCU\..\RunServices: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\RunServices: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\RunServices: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: TREND MICRO HouseCall - {2B5EA4F8-620A-4A8B-B003-4C8C5EBEA826} - http://uk.trendmicro-europe.com/enterprise/products/housecall_pre.php (file missing)
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\PROGRAM FILES\VERIZON ONLINE\DIAL 4.0\CONTROLPAD\Misc\a_menu.exe (file missing)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
Action Direction Protocol Remote Host Local Host Application Name
Blocked Incoming UDP 0.0.0.0 255.255.255.255 Block_all
Allowed Incoming UDP 129.44.225.94 129.44.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Incoming UDP 129.44.226.109 129.44.255.255 C:\WINDOWS\SYSTEM\KERNEL32.DLL GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Incoming UDP 129.44.226.78 129.44.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing UDP 129.44.255.255 129.44.226.78 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Blocked Incoming TCP 141.149.206.232 141.149.228.158 Block_all
Allowed Incoming UDP 141.149.228.158 141.149.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Blocked Incoming TCP 141.149.246.142 141.149.228.158 Block_all
Blocked Incoming TCP 141.149.252.222 141.149.228.158 Block_all
Allowed Outgoing UDP 141.149.255.255 141.149.228.158 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing UDP 151.202.0.85 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Blocked Outgoing ICMP 151.202.0.85 141.149.228.158 Block_all
Allowed Incoming UDP 169.254.19.207 169.254.255.255 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing UDP 169.254.255.255 169.254.19.207 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@NBENABLEYOU#ALLOW-UDP
Allowed Outgoing TCP 194.112.106.208 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP 216.150.206.250 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Blocked Incoming UDP 222.88.173.5 141.149.228.158 Block_all
Blocked Outgoing ICMP 224.0.0.2 141.149.228.158 C:\WINDOWS\SYSTEM\kernel32.dll GUI%GUICONFIG#SRULE@APPCONFIG-ICMP#C:\WINDOWS\SYSTEM\kernel32.dll
Blocked Incoming TCP 4.28.247.184 141.149.228.158 Block_all
Allowed Outgoing TCP a.as-us.falkag.net [208.184.39.146] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP a.softpedia.com [67.18.239.196] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP a840.g.akamai.net [130.81.64.12] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP activex.microsoft.com [207.46.196.108] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP ad2.ip.ro [80.86.96.70] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP ads.com.com [216.239.115.142] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP beam.to [212.254.206.30] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP bn.gewinn24.de [217.13.203.18] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP codecs.microsoft.com [130.81.64.26] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP crl.microsoft.com [131.107.103.243] 141.149.228.240 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP crl.verisign.com [12.158.80.10] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP dl1.pctools.com [67.19.31.250] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP download.com [206.16.0.235] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP download.com.com [216.239.115.131] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Blocked Outgoing TCP download.macromedia.com [216.104.212.81] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE GUI%GUICONFIG#SRULE@ADVRULECONFIG#Normal_103
Allowed Outgoing TCP download.softpedia.com [213.233.121.9] 129.44.226.78 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP download.windowsupdate.com [64.4.23.29] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP download-pdl.search.com [206.16.0.179] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP dw.com.com [216.239.115.143] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP files1.majorgeeks.com [65.110.60.130] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP hop.clickbank.net [207.114.236.43] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP housecall.trendmicro.com [66.35.253.32] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP images.webattack.com [69.28.135.164] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP imgserv.adbutler.com [216.127.38.100] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP insight1.verizon.net [199.45.45.130] 129.44.225.94 C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe Ask all running apps
Allowed Outgoing TCP insight10.verizon.net [199.45.45.139] 129.44.225.94 C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe Ask all running apps
Allowed Outgoing TCP insight2.verizon.net [199.45.45.131] 141.149.228.158 C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe Ask all running apps
Allowed Outgoing TCP itxt.vibrantmedia.com [63.211.210.221] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP liveupdate.symantecliveupdate.com [63.211.66.27] 129.44.225.94 C:\Program Files\Symantec\LiveUpdate\LuComServer.EXE Ask all running apps
Allowed Outgoing TCP log.trafic.ro [217.156.103.27] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP mjc1.com [209.157.129.87] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP pagead2.googlesyndication.com [216.239.41.104] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP pc-cillin-p.activeupdate.trendmicro.com [4.78.20.11] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP pc-cillin-p.activeupdate.trendmicro.com [4.78.20.11] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP pc-cillin-t.activeupdate.trendmicro.com [64.28.86.228] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe Ask all running apps
Allowed Outgoing TCP products.webroot.com [216.58.162.100] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP reviews.cnet.com [216.239.115.141] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP s89223352.onlinehome.us [217.160.226.83] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP security.kolla.de [212.227.118.106] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP securityresponse.symantec.com [63.211.66.61] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP sel.as-us.falkag.net [66.150.87.2] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP software-files.download.com [216.239.120.254] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP storage.trafic.ro [217.156.103.59] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP v4.windowsupdate.microsoft.com [207.46.134.126] 141.149.228.240 C:\WINDOWS\SYSTEM\WULOADER.EXE Ask all running apps
Allowed Outgoing TCP v4.windowsupdate.microsoft.com [64.4.21.28] 129.44.225.94 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP wdcs.trendmicro.com [66.35.255.43] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP windowsupdate.microsoft.com [207.46.134.92] 141.149.228.240 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP wustat.windows.com [207.46.197.59] 129.44.225.94 C:\WINDOWS\SYSTEM\WUCRTUPD.EXE Ask all running apps
Allowed Outgoing TCP www.aquahobby.com [216.117.138.145] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.epilot.com [64.94.109.52] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.39.147] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.39.99] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.41.104] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.google.com [216.239.41.99] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.google.com [64.233.161.99] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.googleadservices.com [216.239.57.96] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.hijack-this.net [67.15.10.79] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.kephyr.com [66.98.166.66] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.majorgeeks.com [67.19.72.100] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.mytechsupport.ca [208.170.149.146] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.noadware.net [69.20.71.82] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.pctools.com [65.61.181.240] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.pestpatrol.com [209.92.194.116] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.safer-networking.org [212.227.253.104] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.snapfiles.net [69.28.135.165] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.softpedia.com [193.226.140.167] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.spychecker.com [69.28.135.166] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.spywareinfo.com [216.98.141.250] 129.44.226.78 C:\My Documents\My Downloads\CWShredder.exe Ask all running apps
Allowed Outgoing TCP www.techsupportforum.com [67.43.10.154] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.trendmicro.com [130.81.64.13] 141.149.228.240 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.webroot.com [216.150.206.248] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps
Allowed Outgoing TCP www.webrootdisp.net [66.216.97.155] 141.149.228.158 C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe Ask all running apps
Allowed Outgoing TCP www.webtraffictools.com [66.161.20.16] 129.44.225.94 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.winguides.com [65.61.180.80] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP www.zoneedit.com [69.72.176.178] 129.44.226.78 C:\Program Files\Trend Micro\Internet Security\tmproxy.exe Ask all running apps
Allowed Outgoing TCP x.cb.kount.com [207.114.236.44] 141.149.228.158 C:\Program Files\Internet Explorer\IEXPLORE.EXE Ask all running apps