Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!
Aurora Problem [CLOSED]
isockermom
post Aug 26 2005, 03:09 AM
Post #1


Member
**
Posts: 27
OS: xp
I have done all that you all told me to do and still can't get rid of Aurora. I am wondering if it has something to do with Norton. Should I turn Norton off when running the programs? I am attaching a new hijack log and ediwo log. Thanks for all your help!
-------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 2:19:06 PM, 8/22/2005
+ Report-Checksum: 3E1254BB

+ Scan result:

[812] c:\winnt\system32\sjnpjg.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Guest\Cookies\guest@ehg-comcast.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Guest\Cookies\guest@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Guest\Cookies\guest@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Guest\Cookies\guest@twci.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@citi.bridgetrack[1].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@cnn.122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@data.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ehg-comcast.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ehg-danskin.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ehg-inforspaceinc.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@qksrv[1].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@test.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\2CBC4D92-E1DC-4FAD-96B7-3A9C88 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\2E178A03-4443-44B4-93C8-A9F840 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\3EDD1104-0C46-410D-845A-019991 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\5F0B4EFA-2EE6-45AC-ACFA-673886 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\730AA8FB-1AF6-42ED-868D-2A22BC -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\B983B688-2BBE-45DC-851C-BEDCF0 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\B9F50E18-0ED5-4E76-9870-0E113B -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\BCDDB03F-144D-4CD6-A37B-70CDAC -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\CDA9A540-EB3C-41EE-B582-11DC1B -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\D978EB8F-9EDA-46F8-97DB-A7A541 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\788F273A-34E9-470D-BB39-4FAEDF\F1B651AF-D25F-4BE9-96D2-E8E771 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9731AB29-AC36-443A-84A2-15648B\37CA6E52-9843-4EFA-8F03-728D41 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9731AB29-AC36-443A-84A2-15648B\4FAD96C8-1DF5-428A-A1BC-02686F -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9731AB29-AC36-443A-84A2-15648B\CD560004-1233-434E-A8BD-E77C26 -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP521\A0070862.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP521\A0070863.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP532\A0071555.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP532\A0071566.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP533\A0071629.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP533\A0071633.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINNT\system32\sjnpjg.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINNT\wt\wtupdates\Webd\4.1.1\files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINNT\wt\wtvh.dll -> Spyware.WildTangent : Cleaned with backup


::Report End
Logfile of HijackThis v1.99.1
Scan saved at 2:25:27 PM, on 8/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\System32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\explorer.exe
C:\Program Files\ewido\security suite\SecuritySuite.exe
c:\winnt\system32\qxrboua.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe
C:\WINNT\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [fwenc.exe] "C:\Program Files\CheckPoint\SecuRemote\bin\fwenc.exe"
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1102078193\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Dinst] C:\WINNT\dinst.exe
O4 - HKLM\..\Run: [kajgfs] c:\winnt\system32\qxrboua.exe r
O4 - HKLM\..\RunOnce: [OOBEDDDemise] cmd /x /c erase C:\WINNT\System32\oobe\msoobe.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\System32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [VideoMail] "C:\Program Files\Comcast Video Mail\Comcast_Video_Mail.exe" -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0c\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Lexmark X125 Settings Utility.lnk = C:\Program Files\Lexmark X125\LEX125SU.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .asx: C:\PROGRA~1\Netscape\COMMUN~1\Program\PLUGINS\npdsplay.dll
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .wma: c:\progra~1\netscape\commun~1\program\PLUGINS\npdsplay.dll
O12 - Plugin for .wmv: C:\PROGRA~1\Netscape\COMMUN~1\Program\PLUGINS\npdsplay.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comcastonli...vmLauncher2.cab
O16 - DPF: {4855C21B-E452-4661-A702-ED3493CE74DF} - http://sp.ask.com/docs/toolbar/download/askbar-inst.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://ww1.ez-tracks.com/downloader/cab/in...itial/eztdl.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://gateway.cf1live.com/eSupport/static...h/weblaunch.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://141.157.27.220:8081/plugin/h263ctrl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.38/ttinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: FwSRService - Unknown owner - C:\Program Files\CheckPoint\SecuRemote\bin\fwsrservice.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINNT\System32\wltrysvc.exe
Go to the top of the page
 
+Quote Post

Posts in this topic
- isockermom   Aurora Problem [CLOSED]   Aug 26 2005, 03:09 AM
- - isockermom   I have try all the other posts and done the steps ...   Aug 7 2005, 05:20 AM
- - Justin   Hello, welcome to the GeekstoGo Forums! My na...   Aug 7 2005, 12:57 PM
- - isockermom   Here you go. Appreciate all the help. Logfile of...   Aug 7 2005, 05:22 PM
- - Justin   You are running HijackThis from the Desktop; pleas...   Aug 7 2005, 08:51 PM
- - Justin   Due to lack of feedback, this topic has been close...   Aug 21 2005, 10:10 PM
- - Justin   Hello! Welcome Back! I will take a look ...   Aug 26 2005, 07:27 AM
- - Justin   Hello! Download Process Explorer from HERE D...   Aug 26 2005, 02:53 PM
- - isockermom   Okay....hopefully this worked. Thanks for all you...   Aug 26 2005, 06:43 PM
- - Justin   Hello! The trojan is still on your computer. ...   Aug 26 2005, 10:15 PM
- - isockermom   Well maybe this time. Logfile of HijackThis v1...   Aug 27 2005, 03:23 AM
- - isockermom   Jason, Something is still trying to excess throug...   Aug 27 2005, 03:26 AM
- - Justin   Hello! We will deal with the norton issue at ...   Aug 27 2005, 11:01 AM
- - isockermom   This is the most frustrating thing I have ever had...   Aug 28 2005, 07:43 AM
- - Justin   Hello! I understand that this is frustrating,...   Aug 28 2005, 10:28 AM
- - isockermom   I thought I would take a break....here are the new...   Sep 3 2005, 06:29 AM
- - Justin   Hello! Download APT Open apt and search in t...   Sep 3 2005, 09:55 AM
- - isockermom   I couldn't find the files here is a new log. ...   Sep 3 2005, 12:57 PM
- - Justin   Hmm odd, you still have the trojan. Lets try to g...   Sep 3 2005, 02:36 PM
- - isockermom   Got it!! My fingers are crossed. Once we...   Sep 3 2005, 03:26 PM
- - Justin   Hello! The Trojan is gone! Lets fix the ...   Sep 3 2005, 07:04 PM
- - isockermom   Maybe this time ewido security suite - Scan re...   Sep 3 2005, 08:29 PM
- - Justin   Hello! The Nail infection is not going away ...   Sep 4 2005, 09:34 AM
- - Justin   Hello! Lets try this: Run Ad-Aware with the ...   Sep 4 2005, 10:23 AM
- - isockermom   Justin: Do you think I should just reformat the h...   Sep 4 2005, 02:38 PM
- - Justin   Hello! Please do not reformat! That is a...   Sep 4 2005, 03:15 PM
- - Justin   Hello! It seems that your Antispyware Protect...   Sep 4 2005, 06:23 PM
- - isockermom   Okay let's try this. I think I still see the ...   Sep 4 2005, 08:29 PM
- - Justin   Hmm your right, it is still there. Lets try the o...   Sep 4 2005, 10:46 PM
- - isockermom   Justin, Here is the Hijack log the Ediwo log did...   Sep 5 2005, 07:00 AM
- - isockermom   Here is the other log.... -----------------------...   Sep 5 2005, 07:37 AM
- - Justin   Hello! We are just about there. Nail is gone...   Sep 5 2005, 09:42 AM
- - isockermom   Justin: I giveup....the Nail is back. I keep tur...   Sep 5 2005, 07:23 PM
- - Justin   Hello! Dont give up, this is fun! (Well ...   Sep 5 2005, 08:59 PM
- - isockermom   Justin: Finally got back to it. I actually unins...   Sep 11 2005, 05:19 PM
- - Justin   Hello! The log looks clean to me! If you...   Sep 11 2005, 07:02 PM
- - isockermom   Do I continue to post here or make a new post?   Sep 11 2005, 08:13 PM
- - Justin   You can go ahead and post it here   Sep 11 2005, 08:18 PM
- - isockermom   Justin, Here is the log for the other computer: ...   Sep 25 2005, 08:39 AM
- - Justin   Hello, Please download ewido security suite it is...   Sep 25 2005, 10:41 AM
- - Justin   Due to lack of feedback, this topic has been close...   Oct 10 2005, 09:24 PM

 

Closed TopicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

Collapse

> Similar Topics

    Topic Title Replies / Views Topic Information
No New Posts 2 / 288 26th August 2005 - 12:49 AM
roachdh started - last by Kat
No new   14 / 981 26th August 2005 - 12:49 AM
gregmuzila started - last by Kat
No New Posts   2 / 301 12th August 2005 - 04:13 PM
shatset started - last by Excal
No New Posts   13 / 545 17th August 2005 - 11:49 PM
sparkeee started - last by Trevuren

RSS Time is now: 21st November 2009 - 01:03 PM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks mentioned on this page are the property of their respective owners.

© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy | Advertising
Powered By IP.Board © 2009  IPS, Inc.