Does My PC Look "Clean"? |
Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
  |
  Jul 20 2006, 01:15 PM
Post
#1
|
|
 Member  Posts: 20 From: Indiana, U.S.A. OS: Microsoft XP Pro SP2  |
Scan saved at 2:02:59 PM, on 7/20/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Yahoo!\Antivirus\ISafe.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\Antivirus\VetMsg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite...vex-2.0.6.0.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.apple.com.edgesuite.net/qt...meInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1139902331859 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe |
 |
 
|
|
Jul 20 2006, 02:35 PM
Post
#2
|
|
 SuperMod  Posts: 11,396 From: In the gym OS: xp home, xp pro |
Are you having any problems? I don't see an anti-viral running on start-up. Do you have one?
Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = Click on Fix Checked when finished and exit HijackThis. |
|
|
|
 Jul 21 2006, 09:58 AM
Post
#3
|
|
|
Member Posts: 20 From: Indiana, U.S.A. OS: Microsoft XP Pro SP2 |
Hi,
Thank you for responding.  QUOTE(coachwife6 @ Jul 20 2006, 03:35 PM) [snapback]737224[/snapback] I don't see an anti-viral running on start-up. Do you have one? C:\Program Files\Yahoo!\Antivirus\ISafe.exe C:\Program Files\Yahoo!\Antivirus\VetMsg.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe Is this not “anti-viral”?  QUOTE(coachwife6 @ Jul 20 2006, 03:35 PM) [snapback]737224[/snapback] Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = Click on Fix Checked when finished and exit HijackThis. Could you tell me what that is I would be “knocking out” before I do it? Thank you, Hyperspace Edit: For typo This post has been edited by Hyperspace: Jul 21 2006, 10:55 AM |
|
|
|
|
Jul 21 2006, 10:46 AM
Post
#4
|
|
|
Member Posts: 20 From: Indiana, U.S.A. OS: Microsoft XP Pro SP2 |
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = Okay...I know what these are. ^ No, I don't need to go back to my default start page, IE search page, etc... I have these changed on propose.  ____ The main reason for this thread was to see if anyone happens to notice anything out of the ordinary what could be a “security breach”. |
|
|
|
|
Jul 21 2006, 12:23 PM
Post
#5
|
|
|
SuperMod Posts: 11,396 From: In the gym OS: xp home, xp pro |
I don't see an anti-viral running on start-up. Do you have one?
QUOTE C:\Program Files\Yahoo!\Antivirus\ISafe.exe C:\Program Files\Yahoo!\Antivirus\VetMsg.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe Something that is running on start-up should start with an 04. Go to start>>run and type in msconfig. Go to the start-up tab and make sure your anti-virals are checked. If you aren't experiencing any difficulty with your machine, then I wouldn't be worried. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic Title | Replies / Views | Topic Information | |||||
|---|---|---|---|---|---|---|---|
 |
3 / 232 | 16th July 2005 - 09:46 AM ronscores started - last by ronscores |
|||||
|
9 / 254 | 9th October 2006 - 07:42 AM JCastaldi started - last by JCastaldi |
|||||
|
2 / 276 | 14th February 2008 - 03:54 PM Derek Jeter started - last by SRX660 |
|||||
|
4 / 905 | 5th March 2008 - 10:55 PM DenverR started - last by thenotch |
|||||
|
Time is now: 20th November 2008 - 06:09 AM |
| Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. |
