Trojan.Vundo virus and Adware infections, Trojan.Vundo (pmkhg.dll) Norton keeps detecting but leaves alone |
Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
  |
 Nov 27 2007, 10:04 AM
Post
#1
|
|
|
New Member  Posts: 1 OS: XP  |
I followed all of the instructions and have logs for everything. Can someone take a look at my logs and let me know if I have successfully removed the adware and viruses? I'd really appreciate any help  Thanks!I ran Vundo Fix and it came up with: VundoFix V6.6.2 Checking Java version... Java version is 1.4.2.3 Old versions of java are exploitable and should be removed. Scan started at 09:03:02 2007-11-26 Listing files found while scanning.... No infected files were found. Beginning removal... Virtumundo BE Gone Report: [11/26/2007, 9:25:40] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\cmurphy\Desktop\VirtumundoBeGone.exe" ) [11/26/2007, 9:25:52] - Detected System Information: [11/26/2007, 9:25:52] - Windows Version: 5.1.2600, Service Pack 2 [11/26/2007, 9:25:52] - Current Username: cmurphy (Admin) [11/26/2007, 9:25:52] - Windows is in NORMAL mode. [11/26/2007, 9:25:52] - Searching for Browser Helper Objects: [11/26/2007, 9:25:52] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [11/26/2007, 9:25:52] - BHO 2: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess) [11/26/2007, 9:25:52] - BHO 3: {84945E6D-73A2-4DA5-BFEE-1FD851346373} () [11/26/2007, 9:25:52] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/26/2007, 9:25:52] - Checking for HKLM\...\Winlogon\Notify\pmkhg [11/26/2007, 9:25:52] - Key not found: HKLM\...\Winlogon\Notify\pmkhg, continuing. [11/26/2007, 9:25:52] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [11/26/2007, 9:25:52] - BHO 5: {AE7CD045-E861-484f-8273-0445EE161910} (Adobe PDF Conversion Toolbar Helper) [11/26/2007, 9:25:52] - BHO 6: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [11/26/2007, 9:25:52] - BHO 7: {D5233FCD-D258-4903-89B8-FB1568E7413D} (Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile) [11/26/2007, 9:25:52] - BHO 8: {D714A94F-123A-45CC-8F03-040BCAF82AD6} () [11/26/2007, 9:25:52] - WARNING: BHO has no default name. Checking for Winlogon reference. [11/26/2007, 9:25:52] - Checking for HKLM\...\Winlogon\Notify\SbCIe02b [11/26/2007, 9:25:52] - Key not found: HKLM\...\Winlogon\Notify\SbCIe02b, continuing. [11/26/2007, 9:25:52] - BHO 9: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class) [11/26/2007, 9:25:52] - Finished Searching Browser Helper Objects [11/26/2007, 9:25:52] - Finishing up... [11/26/2007, 9:25:52] - Nothing found! Exiting... AVG Report: --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 11:25:42 AM 11/26/2007 + Scan result: C:\Documents and Settings\cmurphy\Cookies\cmurphy@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned. ::Report end ActiveScan Report: Incident Status Location Adware:adware/sidestep Not disinfected Windows Registry Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Anti Virus Software Programs\ComboFix.exe[nircmd.exe] Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Anti Virus Software Programs\ComboFix.exe[nircmd.cfexe] Potentially unwanted tool:Application/Processor Not disinfected C:\Anti Virus Software Programs\VirtumundoBeGone.exe Virus:Trj/Downloader.PJT Disinfected C:\Documents and Settings\cmurphy\Local Settings\Temp\balxlsaq.exe Virus:Trj/Downloader.PJT Disinfected C:\Documents and Settings\cmurphy\Local Settings\Temp\glsufgfh.exe Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\cmurphy\Local Settings\Temp\knhomlpk.exe Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\cmurphy\Local Settings\Temp\kvneaydk.exe Virus:Trj/Downloader.PJT Disinfected C:\Documents and Settings\cmurphy\Local Settings\Temp\tyuwqrbh.exe Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\cmurphy\Local Settings\Temporary Internet Files\Content.IE5\CVQFANIV\upd32_v14[1] Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\cmurphy\Local Settings\Temporary Internet Files\Content.IE5\S4SRU7ET\pochki20071106[1] Virus:Trj/WinAble.A Disinfected C:\qoobox\Quarantine\C\Program Files\Temporary\wininstall.exe.vir Adware:Adware/Maxifiles Not disinfected C:\qoobox\Quarantine\C\Program Files\WinAble\winable.exe.vir Potentially unwanted tool:Application/Processor Not disinfected C:\RECYCLER\S-1-5-21-119766544-3027404791-2903202233-1127\Dc1.exe Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\NirCmd.exe Super Anti-Spyware Report: SUPERAntiSpyware Scan Log Generated 11/26/2007 at 02:01 PM Application Version : 3.6.1000 Core Rules Database Version : 3350 Trace Rules Database Version: 1349 Scan type : Complete Scan Total Scan Time : 02:13:26 Memory items scanned : 534 Memory threats detected : 1 Registry items scanned : 7115 Registry threats detected : 21 File items scanned : 95504 File threats detected : 6 Adware.Vundo Variant C:\WINDOWS\SYSTEM32\PMKHG.DLL C:\WINDOWS\SYSTEM32\PMKHG.DLL HKLM\Software\Classes\CLSID\{7F2F83D3-414B-41CD-9DD5-1FC75DB36BD5} HKCR\CLSID\{7F2F83D3-414B-41CD-9DD5-1FC75DB36BD5} HKCR\CLSID\{7F2F83D3-414B-41CD-9DD5-1FC75DB36BD5}\InprocServer32 HKCR\CLSID\{7F2F83D3-414B-41CD-9DD5-1FC75DB36BD5}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F2F83D3-414B-41CD-9DD5-1FC75DB36BD5} Adware.SideStep Toolbar HKLM\Software\Classes\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0} HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0} HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0} HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\Implemented Categories HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\InprocServer32 HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\InprocServer32#ThreadingModel C:\WINDOWS\DOWNLOADED PROGRAM FILES\SBCIE02B.DLL HKLM\Software\Classes\CLSID\{D714A94F-123A-45CC-8F03-040BCAF82AD6} HKCR\CLSID\{D714A94F-123A-45CC-8F03-040BCAF82AD6} HKCR\CLSID\{D714A94F-123A-45CC-8F03-040BCAF82AD6} HKCR\CLSID\{D714A94F-123A-45CC-8F03-040BCAF82AD6}\InprocServer32 HKCR\CLSID\{D714A94F-123A-45CC-8F03-040BCAF82AD6}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D714A94F-123A-45CC-8F03-040BCAF82AD6} HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{83B28A74-640D-48F4-9F51-E80EED7CC7E0} Unclassified.Unknown Origin HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{11A69AE4-FBED-4832-A2BF-45AF82825583} HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{11A69AE4-FBED-4832-A2BF-45AF82825583} Adware.Tracking Cookie C:\Documents and Settings\admin\Cookies\admin@microsofteup.112.2o7[1].txt C:\Documents and Settings\admin\Cookies\admin@microsoftwga.112.2o7[1].txt Trojan.Downloader-Gen/DDC C:\WINDOWS\SYSTEM32\AJXGGUPS.EXE C:\WINDOWS\SYSTEM32\HQAVRJHM.EXE Hijack This Report: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:48, on 2007-11-27 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\NavNT\defwatch.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Common Files\Intuit\Entitlement Client\v3\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\LxrHP30s.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\Program Files\NavNT\rtvscan.exe C:\Program Files\Common Files\Intuit\DatabaseServer\QBPOSDBService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Intuit\DatabaseServer\QBDBMgrN.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\ACT\ACT for Windows\Act8.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\NavNT\vptray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroDist.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/ O2 - BHO: (no name) - {C9531EBA-094C-4982-A619-2189EEB510DC} - C:\WINDOWS\system32\pmkhg.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [HPWNTOOLBOX] "C:\Program Files\Hewlett-Packard\hp business inkjet 1200 series\Toolbox\HPWNTBX.exe" "-i" O4 - HKLM\..\Run: [Act! Preloader] "C:\Program Files\ACT\ACT for Windows\Act8.exe" -stayrunning O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE" /P30 "EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220" O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickBooksDB17] C:\Program Files\Intuit\QuickBooks 2005\QBDBMgrN.exe -n QB_WORKSTATION24_17 -qs -gd ALL -gk all -gp 4096 -gu all -ch 64M -c 32M -x tcpip(BroadcastListener=NO;port=10172) -ti 0 -ec simple -ct- -qi -qw -tl 120 -oe "C:\Documents and Settings\cmurphy\Local Settings\Application Data\Intuit\QuickBooks\Log\DBStartup.log" -y O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Policies\Explorer\Run: [1] net use L: \\calnt5\cartscan O4 - HKCU\..\Policies\Explorer\Run: [2] net use m: \\calnt5\apps O4 - HKCU\..\Policies\Explorer\Run: [3] net use n: \\calnt5\data O4 - HKCU\..\Policies\Explorer\Run: [5] net use W: \\aristaser1\wcdata O4 - HKUS\S-1-5-21-2323549445-1376632847-2931374540-1010\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'QBPOSDBSrvUser') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: (no name) - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - (no file) O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.com/Controls/Rovion.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190241124090 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190241116496 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aristadoes.com O17 - HKLM\Software\..\Telephony: DomainName = aristadoes.com O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aristadoes.com O18 - Protocol: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\WINDOWS\system32\QBPOSProtocol.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Commander Service - Seagull Scientific, Inc - C:\Program Files\Seagull\BarTender\7.74\CmdrSrv.exe O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intuit Entitlement Service v3 - Intuit, Inc. - C:\Program Files\Common Files\Intuit\Entitlement Client\v3\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Lexar HP30 (LxrHP30s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrHP30s.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe O23 - Service: QBPOS Database Manager (QBPOSDBServices) - Intuit Inc. - C:\Program Files\Common Files\Intuit\DatabaseServer\QBPOSDBService.exe O23 - Service: QBPOS Database Manager v6 (QBPOSDBServiceV6) - Intuit Inc. - C:\Program Files\Intuit\QuickBooks Point of Sale 6.0\DatabaseServer\QBPOSDBServiceV6.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE (file missing) -- End of file - 14077 bytes Uninstall Report from HJT: ACT! 2006 Adobe Acrobat 5.0 Adobe Acrobat 7.0.8 Standard Adobe Flash Player ActiveX Adobe Illustrator 8.0 Adobe PageMaker 7.0 Adobe Photoshop 5.5 Adobe Reader 7.0.9 Adobe® Photoshop® Album Starter Edition 3.0 Adobe® Photoshop® Album Starter Edition 3.0.1 Apple Mobile Device Support Apple Software Update ArcSoft Collage Creator ArcSoft PhotoImpression 5 Avery DesignPro BarTender 7.74.1694 Broadcom Advanced Control Suite CleanUp! ClickArt® Fonts 2 Color@Home Compatibility Pack for the 2007 Office system DesignPro 5.0 Media Edition Easy Barcode Creator e-automate Client Install Entrepreneur Magazine's Ultimate Business Forms EPSON ESPR220 Reference Guide EPSON Print CD EPSON Printer Software Epson StoryTeller Publisher EPSON Web-To-Page Google Desktop Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Google Updater HijackThis 2.0.2 HP Business Inkjet 1200 HP Business Inkjet 1200 HP Secure 3.0 Intel® Graphics Media Accelerator Driver iTunes Java 2 Runtime Environment, SE v1.4.2_03 LiveUpdate 3.0 (Symantec Corporation) LiveUpdate Notice (Symantec Corporation) Macromedia Flash Player Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Office Outlook 2003 with Business Contact Manager Update Microsoft Office Small Business Edition 2003 Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) Microsoft Web Publishing Wizard 1.52 MSN MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 Parser and SDK Norton AntiVirus Corporate Edition Norton Security Scan Panda ActiveScan Photodex Presenter Pop-Up Stopper Free Edition PowerDVD 5.5 Punch! Interior Design Suite QuickBooks Point of Sale 4.0 QuickBooks Point of Sale 6.0 QuickBooks Point Of Sale Product Listing Service QuickBooks Premier: Retail Edition 2007 QuickBooks Product Listing Service QuickTime Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB896688) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Security Update for Windows XP (KB911280) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB916281) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921503) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922760) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923694) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924191) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB924667) Security Update for Windows XP (KB925454) Security Update for Windows XP (KB925486) Security Update for Windows XP (KB925902) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB927779) Security Update for Windows XP (KB927802) Security Update for Windows XP (KB928090) Security Update for Windows XP (KB928255) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB929123) Security Update for Windows XP (KB929969) Security Update for Windows XP (KB930178) Security Update for Windows XP (KB931261) Security Update for Windows XP (KB931768) Security Update for Windows XP (KB931784) Security Update for Windows XP (KB932168) Security Update for Windows XP (KB933566) Security Update for Windows XP (KB933729) Security Update for Windows XP (KB935839) Security Update for Windows XP (KB935840) Security Update for Windows XP (KB936021) Security Update for Windows XP (KB937143) Security Update for Windows XP (KB938127) Security Update for Windows XP (KB938829) Security Update for Windows XP (KB939653) Security Update for Windows XP (KB941202) Security Update for Windows XP (KB943460) Shockwave Sonic Copy Module Sonic DLA Sonic Express Labeler Sonic RecordNow Audio Sonic RecordNow Data Sonic Update Manager Spyware Doctor 5.1 Star TSP100 Driver Installer SupportSoft Assisted Service Symantec KB-DocID:2003093015493306 The Print Shop 20 Update for Windows XP (KB894391) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB910437) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update for Windows XP (KB927891) Update for Windows XP (KB929338) Update for Windows XP (KB930916) Update for Windows XP (KB931836) Update for Windows XP (KB933360) Update for Windows XP (KB936357) Update for Windows XP (KB938828) Windows Driver Package - Star Micronics TSP100 (07/26/2006 1.0.4.0) Windows Genuine Advantage v1.3.0254.0 Windows Installer 3.1 (KB893803) Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Yahoo! Messenger Yahoo! Toolbar ZebraDesigner Pro |
 |
 
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic Title | Replies / Views | Topic Information | |||||
|---|---|---|---|---|---|---|---|
 |
7 / 1,049 | 8th October 2005 - 12:19 PM RJFisher started - last by greyknight17 |
|||||
|
3 / 263 | 13th October 2005 - 01:18 PM puterdummy started - last by tampabelle |
|||||
 |
14 / 590 | 30th October 2005 - 07:49 AM dcosentino started - last by Wizard |
|||||
|
15 / 1,257 | 19th November 2005 - 02:33 PM taco1087 started - last by Trevuren |
|||||
|
Time is now: 8th January 2009 - 12:49 PM |
| Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. |
