Panda Active Scan?
Feb 11, 2006
I just ran the Panda scan and it turned up a list with 18 spywares and one possible hacker tool in the registry. Their solution for these intrusions is to buy the software but I do not want to do that. I have saved the scan report so what would be the best way to manually fix/delete these things.
View 13 Replies
ADVERTISEMENT
Apr 12, 2006
i ran Panda active scan today and it found the following potential problems, would appreciate some advice on wehter to remove these
View 14 Replies
View Related
Sep 5, 2007
I installed the what I thought was a sample to Panda Internet Security from the site a while back.The icon is shown on startup for about 3 seconds then disappears.I cannot open the program (even from C Drive).When I try to uninstall it, it literally does nothing (I click the button, nothing pops up, nothing happens, the program is still there).So I tried to delete the whole program file from C:// today and a pop-up come up saying"Cannot delete scoffset.bin.incr: It is being used by another person or program".***I have also noticed when I first start up my computer and I try and go on the internet via FireFox, a similar pop up comes up saying that another person/program is using the file. FireFox then pops up normally after a couple clicks & 5 minutes later.
View 8 Replies
View Related
Nov 19, 2006
I went to use PerfectDisc yesterday, it suggested I do a bootup scan, I did, allowed it to do pagefile scan too. Ran fine. Then rebooted, went to do regular scan. it locked up on the Blue Screen of Death.
"Bad_Pool_Header" and gave some error info... 0x00000019, and so on.
Computer runs fine though otherwise, which is funny.
Then when I try to go to Registry Mechanic and scan, it goes all the way through, and on I believe the deepscan, it always goes to BSOD there. I think while it's in the HKEY section of current user.
There may be other programs that will cause the BSOD, but these 2 are the only ones so far. Please guide me through this....Anyone.
View 2 Replies
View Related
Aug 19, 2005
I have McAfee Managed Virus Scan.When I scan my computer or a folder it takes a very long time. How would I speed things up?
View 5 Replies
View Related
Mar 6, 2006
I did a virus scan using Avira Antivir. There were no viruses on the computer bit it said there were 53 warnings which are as follows:
C:pagefile.sys
[WARNING] The file could not be opened!
C:Documents and SettingsLocalServiceNTUSER.DAT
[WARNING] The file could not be opened!
C:Documents and SettingsLocalService
View 7 Replies
View Related
Jun 27, 2005
I am trying to open my active desktop, but I get a message that says IE cannot locate my active desktop html file. I need to find out how to fix this problem.
View 1 Replies
View Related
Aug 3, 2010
How can i connect my laptop to another desktop pc for a virus san?I am trying to remove a virus that cannot even let me login to my laptop.
View 2 Replies
View Related
Apr 19, 2006
Im having problems with IE, norton anti virus,spywaredoctor etc (script errors)
Ive run Ad-Adware SE & Spybot S&D in safe mode,deleted any problems found, then run HJT with the following results, can anyone help?
Logfile of HijackThis v1.99.1
Scan saved at 20:37:00, on 19/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Documents and SettingsLeeDesktopHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.co.uk/
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.ntlworld.com/start
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 62.252.192.5:8080
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: UserInit=C:WINDOWS
egedit /s C:pav.reg,C:WINDOWSsystem32pavdr.exe,C:WINDOWSsystem32userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1 oolsiesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1 oolsiesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [BJCFD] C:Program FilesBroadJumpClient FoundationCFD.exe
O4 - HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [Motive SmartBridge] C:PROGRA~1
tlBROADB~1SMARTB~1MotiveSB.exe
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus! 3MsgPlus.exe"
O4 - HKLM..Run: [LaunchApp] Alaunch
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_04�injusched.exe
O4 - HKLM..Run: [LManager] C:PROGRA~1LAUNCH~1QtZpAcer.EXE
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Yahoo! Pager] "C:Program FilesYahoo!Messengerypager.exe" -quiet
O4 - HKCU..Run: [Spyware Doctor] "C:Program FilesSpyware Doctorswdoctor.exe" /Q
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1 oolsiesdpb.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/puzzlepirate...GameLoader.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.1.2.76.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9F637568-E5F7-4CB2-BD01-818CF6C561F9} (PhotosCtrlUK Class) - http://uk.photos.groups.yahoo.com/oc...lorer1_9uk.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/eng/snooker_2_0_0_21.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPod�iniPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus
avapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%WinPcap
pcapd.exe" -d -f "%ProgramFiles%WinPcap
pcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:Program FilesSpyware Doctorsdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
Regards,
View 14 Replies
View Related
Feb 9, 2005
'PC Pitstop utility did not load.'
"NOTE: If you are using Windows XP Service Pack 2, look at the top of this page and see if the yellow Information Bar is displaying a message about PC Pitstop. so, click the Information Bar and select "Install ActiveX Control". "
I click the 'Information Bar ' but nothing is there to be selected.I dont know how to handle this and resolve it.
Running XP home SP2. Intel Pent 4 2.4 ghz
View 3 Replies
View Related
Mar 12, 2005
I can't figure out what Active X is, or if I should allow it. I read about how Firefox doesn't use or allow Active X. I assume there's a security problem somewhere, but I just don't understand. What if I don't allow Active X? Do I miss some things?
View 4 Replies
View Related
Aug 16, 2005
I've had problems with Internet Explorer ActiveX security settings. I get the following Internet Explorer dialog box message: "your current security settings prohibit running ActiveX controls on this page...
Here's when it happens: 1.when my Windows desktop is loading, I get the message. Once I click OK in the message box, Desktop appears to finish loading correctly. 2.When I�m working in Windows Explorer, and click on a folder in the left pane, the right pane remains blank and the message box pops up, 3.When I open Control Panel, the message pops up and I�m unable to open any selections such as Add/Remove Programs, 4.When I try to run Norton Antivirus, nothing happens. Other aspects of Norton Systemworks are not affected.
This happens on any folder I Try to open, Even "My Computer"
No Spyware or virusses founs on system,
OS: Win2000 Pro
Latest Version of Internet Explorer also Loaded
View 2 Replies
View Related
Oct 8, 2006
Problems running activeX on my computer. used to get a yellow bar at the top of my screen asking if I wanted to run active X does not come up anymore and can not get some programs to work without it. Also can not download from a link directly without having to right click and save target as.
View 1 Replies
View Related
Jan 30, 2007
What exactly is Active X and is it good or bad? Do I need to remove it?
View 7 Replies
View Related
Mar 9, 2007
While trying to send free email birthday card, when it opened got a box that said click for active x, when I did got another msg that said there was an error and it cleared the card.
I know that there is an area in th system for active x, but I cannot recall how to locate it to see if there is an item that needs to be enabled.
View 2 Replies
View Related
Jul 24, 2007
Whenever I go to 2 webpages/websites a little warning pops up saying click to run as Active x control on this webpage. Doesn't do it anywhere else. What do I need to do so this will stop popping up.
View 2 Replies
View Related
Aug 28, 2009
Some webpages take forever to load and sometimes don't respond at all. I figured, maybe wrongly, that my Active X Contols are not set to get the most out of the internet since I usually get a little notice at the top of the page saying my Active X settings won't allow this or that.
How do I make sure my Active X controls are set so I can get the most out of the internet?
And if it's not Active X, I'd like to find out what it is.
View 14 Replies
View Related
Mar 12, 2010
Can not down load any active x programs
View 3 Replies
View Related
Jul 7, 2005
I USE MUSICMATCH JUKEBOX, I NEEDED SOME HELP, AN ACTIVE X PROGRAM WAS GOING TO SCAN MY PC AS PART OF THEIR TECH ASSISTANCE. I BLOCKED IT. NOW I NEED TO KNOW HOW TO UNBLOCK IT ?
View 1 Replies
View Related
Jul 7, 2005
I keep getting the error message on boot that "Your current security settings prohibit running Active X controls on this page. As a result, the page may not display correctly."
However,I.E. setting are all set to default.
View 13 Replies
View Related
Jul 27, 2005
I have no idea whether this is an appropriate question, whether it is related to XP,SP2. On the internet I frequently get an Active X error message. I understand that to solve the problem I should change my
security setting from HIGH to MEDIUM. Is that worth doing? Should the
security setting be as high as possible?
View 1 Replies
View Related
Jul 28, 2005
We do not know about Active-X and wonder what it is.How can we tell if we have it? Is it needed or not needed on our notebook
(WinXPsp2; IE6; Norton Internet Security 2005)?
View 2 Replies
View Related
Aug 11, 2005
I have an OEM xp installation CD which has been installed in one computer already, for now I wanna install it in another one, how much for the active fee will I pay and how to process?
View 3 Replies
View Related
Aug 21, 2005
How can i turn off active x because internet explorer blocks some sites from
using active x
View 1 Replies
View Related
Jul 31, 2005
I am very new to XP and my active x problems are stopping me from getting windows updates.
View 1 Replies
View Related
Aug 11, 2005
I tried to use a web page for tracking a flight I got a message that"Java" was not installed.I went to a Java page for the XP SP2 download and was instructed to go to Sun Micro Systems Inc.to download it.
It it safe to use this? What is it for?
View 1 Replies
View Related
May 22, 2005
MY computer is running slow. I have a cable connection with Charter. I run McAfee firewall and antivirus, Spybot Search and Destroy, Ad-Aware SE Personal, Ace Utilities, WinASO Disk Clearner, Error Nuker and Executive Software to defrag.
I just downloaded HijackThis and ran it. Here is the print out:
Logfile of HijackThis v1.99.1
Scan saved at 7:31:57 PM, on 5/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:PROGRA~1mcafee.comagentmcagent.exe
C:PROGRA~1mcafee.comvsomcvsshld.exe
C:Program FilesMicrosoft IntelliPointpoint32.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesSwiss Army WareSpamAwayMailGuardMailGuard.exe
C:Program FilesKitcoKcastKcast.exe
C:Program FilesSwiss Army WareSpamAwayAntiSpamAntiSpam.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFAGENT.EXE
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32gearsec.exe
c:PROGRA~1mcafee.comvsomcvsrte.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSSystem32snmp.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wdfmgr.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
c:PROGRA~1mcafee.comvsomcshield.exe
C:WINDOWSSystem32alg.exe
C:Program FilesAIM95aim.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsKathieLocal SettingsTemporary Internet FilesContent.IE58F6J056JHijackThis1991[1].exe
O1 - Hosts: 127.98.9.2 pop-server.charter.net.b9
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn1ycomp5_6_0_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - C:Program FilesDragon SystemsNaturallySpeakingProgramweb_ie.dll
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:WINDOWSDownloaded Program FilesCONFLICT.1SbCIe02a.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D7EE-FE6FA781BF33} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn1ycomp5_6_0_0.dll
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe"
O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft IntelliPointpoint32.exe"
O4 - HKLM..Run: [MPFExe] C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
O4 - HKCU..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeper.exe" /0
O4 - HKCU..Run: [b9] "C:Program FilesSwiss Army WareSpamAwayMailGuardMailGuard.exe" /minimize
O4 - HKCU..Run: [KITCO] C:Program FilesKitcoKcastKcast
O4 - HKCU..RunOnce: [DelayShred] "C:Program FilesMcAfeeMcAfee Shared ComponentsShredderSHRED32.EXE" /q C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5�DUNOFS3SEARCH~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5ATL2BALO3120-2~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5�DUNOFS3�DDL_1~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5I9QV8LM1�_1793~1.SH!
O4 - Startup: AntiSpam.lnk = C:Program FilesSwiss Army WareSpamAwayAntiSpamAntiSpam.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &Check Spelling - res://C:Program FilesieSpellieSpell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:Program FilesieSpellieSpell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:Program FilesieSpellieSpell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:Program FilesieSpellieSpell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:Program FilesieSpellieSpell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:Program FilesieSpellieSpell.dll
O9 - Extra button: (no name) - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:WINDOWSDownloaded Program FilesCONFLICT.1SbCIe02a.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIM95aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O12 - Plugin for .UVR: C:Program FilesInternet ExplorerPluginsNPUPano.dll
O16 - DPF: Yahoo! MLB StatTracker - http://aud3.sports.dcn.yahoo.com/java/y/mlbst8408_x.cab
O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud14.sports.sc5.yahoo.com/j...lgcst1010_x.cab
O16 - DPF: Yahoo! NHL StatTracker - http://aud7.sports.yahoo.com/java/y/nhlst8244_x.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon...oad/tgctlar.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1493507C-8A33-4747-8696-9019F8962B5F} (QCV6C020.Install) - http://www.quickcleaner.com/qkc11/cab/QCV6C020.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yah...nst20040510.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/s...84/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/12fde57...ip/RdxIE601.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k00719/sb02a.cab
O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - http://cs5b.instantservice.com/jars...erxsigned35.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yah.../yse/ymmapi.dll
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/s...,21/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/be...aploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/i...430/mcfscan.cab
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: GEARSecurity - GEAR Software - C:WINDOWSsystem32gearsec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
View 6 Replies
View Related
May 27, 2005
Whenever i begin to incounter odd problems i run the programs in this list....
1)Spybot-Search and Destroy
2)Ad-aware SE
This is to check for spyware and registry screw-ups that make other programs(AV) to not work. I keep scanning with these till the spyware goes away, if it doesnt than its obvious i must get rid of it by other means.
3)Norton AV 2005
4)Trendmicro Online scan
5)Pando Online scan
This is to obviously check for viruses. All 3 of these tend to find any virus, and i keep scanning with them till no viruses show up(if any). If a virus keeps on appearing i try to manually remove it or move on to...
6)Hi-Jack this
Everyone here knows this powerful tool, however i doubt the majority know the ins and outs of it. It can be confusing at times so i run these 2 things:
http://www.hijackthis.de/index.php#anl
and
http://www.help2go.com/modules.php?name=HJTDetective
These 2 automatically scan your hi-jack this log. So far they seem pretty decent and pick up a lot of nasties. However who knows how often they are updated and how valid there use is now.
If i do all the scans and use all the programs here, and in the end show no sign of virsus, spyware, or odd threats, would u say the computer is safe? Can anything weave past this and still infect ones system?
View 2 Replies
View Related
Mar 24, 2006
Will AVG work with Mc Afee? When I had it with Win 98 they fought & AVG did not win. What is better AVG, Mc Afee or another?
View 3 Replies
View Related
Apr 2, 2006
My computer may have been affected by a trojan by some site, but firefox may have forbidded that site, i did my scans and things look fine but i just wanna make sure and be on the safe side. Here is my Hijack This log
Logfile of HijackThis v1.99.1
Scan saved at 12:16:06 PM, on 4/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesNorton AntiVirus
avapsvc.exe
C:Program FilesNorton AntiVirusIWPNPFMntor.exe
C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSALCWZRD.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesAOL1129239772eeAOLSoftware.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesiPod�iniPodService.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesPlaxo2.5.10.17PlaxoHelper.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesHijackThisHijackThis.exe
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.gatewaybiz.com
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.gateway.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: CBHOBJObj Object - {8A406068-D45C-40B9-A096-38AC717FB608} - C:WINDOWSBHOBJ.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1129239772eeAOLSoftware.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [PlaxoUpdate] C:Program FilesPlaxo2.5.10.17PlaxoHelper.exe -a
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitechVideoManifestEngine.exe" boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 3.0
esourcesen-USlocalsearch.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPod�iniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
View 13 Replies
View Related
May 13, 2006
3 Ghz 2 G ram. Windows XP. My Antivirus is Trend Micro PC-cillin Internet Security.
Using Mozilla and AOL (yes, I know but for me it is effectively free) as browsers.
Haven't downloaded anything from a source that might be infected- with the possible exception of a few codecs and java to optimise my net use. (swamped a few PDF files but they are all from users I know personally and trust or from JSTOR and other protected archives.)
Trend Mico-PC-cillin is reporting Verifier, Worker, and Xbeyond. All of them seem to have entered via JAVA popups which I suspect are sneaking in via Internet Explorer, a browser I never use precisely for this reason. Its is locating them in C:Documents and SettingsB Jason SchwartzApplication DataSunJavadeploymentcachejavapiv1.0
All of the files seem to have some variation on jarjar.jar
My desktop background has been replaced by a blue screen that has a phony- "you might be infected with spyware" message and that has embedded in it a hyperlink to what is almost certainly a bogus 'antispyware program.'
Besides getting rid of this sucker, do you have suggestions for how to avoid this type of issue in the future- besides the typical regiment of good computer hygenie? Should I completely remove microsoft internet explorer? Are there any good java filteration systems that protect the system without crippling net access?
Logfile of HijackThis v1.99.1
Scan saved at 12:34:45 PM, on 5/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSehomeehtray.exe
C:WINDOWSCTHELPER.EXE
C:WINDOWSsystem32CTXFIHLP.EXE
C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
C:Program FilesDellMedia ExperienceDMXLauncher.exe
C:Program FilesCreativeShared FilesModule LoaderDLLML.exe
C:WINDOWSSYSTEM32CTXFISPI.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
C:WINDOWSSystem32DLADLACTRLW.EXE
C:Program FilesCommon FilesAOL1146541775eeAOLSoftware.exe
C:Program FilesCommon FilesAOLACSAOLDial.exe
C:PROGRA~1COMMON~1AOLAOLSPY~1AOLSP Scheduler.exe
C:Program FilesRealRealPlayerRealPlay.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesTrend MicroInternet Security 12pccguide.exe
C:Program FilesCreativeSound Blaster X-FiDVDAudioCTDVDDET.EXE
C:Program FilesCreativeSound Blaster X-FiVolume PanelVolPanel.exe
C:Program FilesDell SupportDSAgnt.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesPlaxo2.5.10.21PlaxoHelper.exe
C:Program FilesTrend MicroInternet Security 12TMAS_OETMAS_OEMon.exe
C:Program FilesDigital Line DetectDLG.exe
C:Program FilesMicrosoft SQL Server80ToolsBinnsqlmangr.exe
C:Program FilesCommon FilesAOLACSAOLAcsd.exe
C:Program FilesCommon FilesAOLTopSpeed2.0aoltsmon.exe
C:WINDOWSsystem32CTsvcCDA.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:WINDOWSSystem32GEARSec.exe
C:Program FilesIntelIntel Matrix Storage Manageriaantmon.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesMicrosoft SQL ServerMSSQL$MICROSOFTSMLBIZBinnsqlservr.exe
C:Program FilesNorton GhostAgentVProSvc.exe
C:WINDOWSsystem32
vsvc32.exe
C:PROGRA~1TRENDM~1INTERN~1PcCtlCom.exe
C:WINDOWSsystem32svchost.exe
C:PROGRA~1TRENDM~1INTERN~1Tmntsrv.exe
C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
C:WINDOWSsystem32dllhost.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSeHomeehmsas.exe
C:PROGRA~1TRENDM~1INTERN~1 mproxy.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32 askmgr.exe
C:Program FilesAmerica Online 9.0awaol.exe
C:Program FilesAmerica Online 9.0ashellmon.exe
C:WINDOWSsystem32intell321.exe
C:DOCUME~1BJASON~1LOCALS~1Temp174.exe
C:PROGRA~1MOZILL~1FIREFOX.EXE
C:PROGRA~1TRENDM~1INTERN~1PCCMAIN.EXE
C:PROGRA~1TRENDM~1INTERN~1PccSScan.exe
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1BJASON~1LOCALS~1TempTemporary Directory 3 for hijackthis.zipHijackThis.exe
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dell.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSSystem32DLADLASHX_W.DLL
O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [CTHelper] CTHELPER.EXE
O4 - HKLM..Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
O4 - HKLM..Run: [DMXLauncher] C:Program FilesDellMedia ExperienceDMXLauncher.exe
O4 - HKLM..Run: [AudioDrvEmulator] "C:Program FilesCreativeShared FilesModule LoaderDLLML.exe" -1 AudioDrvEmulator "C:Program FilesCreativeShared FilesModule LoaderAudio EmulatorAudDrvEm.dll"
O4 - HKLM..Run: [ISUSPM Startup] "C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe" -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [funk] funk.exe
O4 - HKLM..Run: [002df1b1.exe] C:WINDOWSsystem32�02df1b1.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [PlaxoUpdate] C:Program FilesPlaxo2.5.10.21PlaxoHelper.exe -a
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 3.0
esourcesen-USlocalsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_03�in
pjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_03�in
pjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:Program FilesAOL Toolbar oolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:Program FilesAOL Toolbar oolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O23 - Service: Intel� Quick Resume Technology Drivers (ELService) - Intel Corporation - C:Program FilesIntelIntelDHIntel(R) Quick Resume TechnologyELService.exe
O23 - Service: GEARSecurity - GEAR Software - C:WINDOWSSystem32GEARSec.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:Program FilesIntelIntel Matrix Storage Manageriaantmon.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:Program FilesMicrosoft SQL ServerMSSQL$MICROSOFTSMLBIZBinnsqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:Program FilesIntelPROSetWiredNCSSyncNetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:Program FilesNorton GhostAgentVProSvc.exe
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:Program FilesMicrosoft SQL ServerMSSQL$MICROSOFTSMLBIZBinnsqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
View 6 Replies
View Related
