sister123

hi!

I am having difficulties with my computer, and i believe that it may be due to spyware or trojans! Please help!

Here's my info


DDS (Ver_09-10-13.01) - NTFSx86
Run by User at 19:44:09.35 on Sun 10/18/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.895.351 [GMT -4:00]

AV: Verizon Internet Security Suite Anti-Virus *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: Verizon Internet Security Suite Firewall *disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\Documents and Settings\All Users\Application Data\ZumieSearch\zumie183.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ZumieSearch\zumie.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Verizon\McciTrayApp.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMMON~1\AOL\121012~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\121012~1\EE\AOLServiceHost.exe
C:\Program Files\SpamBlockerUtility\bin\10.2.203.0\OEAddOn.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Free Ride Games\GPlayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpamBlockerUtility\bin\10.2.203.0\Weather.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAware.exe
C:\WINDOWS\explorer.exe
C:\Program Files\America Online 9.0b\waol.exe
C:\Program Files\America Online 9.0b\shellmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=7.0yahoo&bm=yh_home
mDefault_Page_URL = hxxp://lenovo.live.com
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: PopKill Class: {3c060ea2-e6a9-4e49-a530-d4657b8c449a} - c:\program files\verizon\verizon internet security suite\pkR.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: SpamBlockerUtility: {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - c:\program files\spamblockerutility\bin\10.2.203.0\HostIE.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: CPwmIEBrowserHelper Object: {f040e541-a427-4cf7-85d8-75e3e0f476c5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: TBSB04757 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\freeze.com toolbar\freeze_us.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Freeze.com Toolbar: {b7d3e479-cc68-42b5-a338-938ece35f419} - c:\program files\freeze.com toolbar\freeze_us.dll
TB: SpamBlockerUtility: {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - c:\program files\spamblockerutility\bin\10.2.203.0\HostIE.dll
EB: SpamBlockerUtility Information Window: {2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} - c:\program files\spamblockerutility\bin\10.2.203.0\HostIE.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: ShopperReports: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - c:\program files\shoppingreport\bin\2.5.0\ShoppingReport.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [Exetender] c:\program files\free ride games\GPlayer.exe /runonstartup
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [WeatherDPA] "c:\program files\spamblockerutility\bin\10.2.203.0\Weather.exe" -auto
uRun: [AOL Fast Start] "c:\program files\america online 9.0b\AOL.EXE" -b
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [AMSG] c:\progra~1\thinkv~1\amsg\amsg.exe
mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [Verizon_McciTrayApp] c:\program files\verizon\McciTrayApp.exe
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [Verizon Internet Security Suite] "c:\program files\verizon\verizon internet security suite\Rps.exe"
mRun: [-FreedomNeedsReboot] "c:\program files\verizon\verizon internet security suite\ZkRunOnceR.exe"
mRun: [HostManager] c:\program files\common files\aol\1210124238\ee\AOLHostManager.exe
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SpamBlockerUtilityOE] c:\program files\spamblockerutility\bin\10.2.203.0\OEAddOn.exe
mRun: [SBUSA] "c:\program files\spamblockerutility\bin\10.2.203.0\SBUSA.exe"
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRunOnce: [IndexCleaner] "c:\program files\verizon\verizon internet security suite\IdxClnR.exe"
StartupFolder: c:\docume~1\user\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\youtub~1.lnk - c:\program files\casio\youtube uploader for casio\YStart.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocx
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1208439693300
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx
Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\9z8diltl.default\
FF - plugin: c:\program files\gametap\bin\release\npgametaptool.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMouse.SYS [2008-4-17 16384]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2007-12-5 46656]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-12-5 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2007-12-5 249856]
R2 X4HSX32Ex;X4HSX32Ex;c:\program files\free ride games\X4HSX32Ex.sys [2008-5-14 29856]
R2 ZumieSearch Service;ZumieSearch Service;c:\documents and settings\all users\application data\zumiesearch\zumie183.exe [2009-10-18 4608]
R3 pelps2m;PS/2 Mouse Filter Driver;c:\windows\system32\drivers\pelps2m.sys [2008-4-17 18048]
R3 Radialpoint Security Services;Verizon Internet Security Suite;c:\program files\verizon\verizon internet security suite\RpsSecurityAware.exe [2008-2-26 67824]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2007-5-22 30336]
S3 JL2005C;Dual Mode Camera;c:\windows\system32\drivers\jl2005c.sys [2007-1-26 68954]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2007-2-10 29178224]

=============== Created Last 30 ================

2009-10-18 19:33 26,496 a------- c:\windows\system32\dllcache\usbstor.sys
2009-10-18 17:17 <DIR> --d----- c:\program files\ZumieSearch
2009-10-18 17:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ZumieSearch
2009-10-07 16:00 <DIR> --d----- c:\program files\CASIO
2009-10-05 16:16 6,784 -------- c:\windows\system32\drivers\serscan.sys
2009-10-05 16:16 6,784 -------- c:\windows\system32\dllcache\serscan.sys
2009-10-05 16:16 41,472 -------- c:\windows\system32\qvusd.dll
2009-10-05 16:16 41,472 -------- c:\windows\system32\dllcache\qvusd.dll
2009-10-05 16:16 71,680 -------- c:\windows\system32\fnfilter.dll
2009-10-05 16:16 71,680 -------- c:\windows\system32\dllcache\fnfilter.dll
2009-10-01 12:03 <DIR> --d----- c:\program files\America Online 9.0b

==================== Find3M ====================

2009-07-29 14:27 137,645 -------- c:\windows\HPHins15.dat
2008-05-17 15:06 774,144 -------- c:\program files\RngInterstitial.dll
2008-05-07 17:59 487,424 -------- c:\documents and settings\user\GoToAssist_phone__268_en.exe
2008-04-11 01:34 32,768 ---sh--- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat
2008-04-17 11:26 32,768 ---sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008041720080418\index.dat
2008-04-17 11:28 16,384 ---sh--- c:\windows\temp\cookies\index.dat
2008-04-17 11:28 16,384 ---sh--- c:\windows\temp\history\history.ie5\index.dat
2008-04-17 11:28 16,384 ---sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 19:44:24.10 ===============

Thank you thank you

Attached Files

attach.zip (12.9 KB, 3 views)

sister123

bump, please :)

Ried

Hello sister123,


You can begin by uninstalling the following via the Add/Remove Panel (Start->Control Panel->Add or Remove Programs)

Freeze.com Toolbar
Zumie Search 1.0 build 183

Reboot.

If you are still having 'difficulties', please provide more detail.