Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Attack! Attack! Computer keeps rebooting!

Started by lnijjar , Oct 18 2006 02:56 PM

  • Please log in to reply

#31
Buckeye_Sam
Posted 31 October 2006 - 10:05 AM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Hey, we finally got one to work for us! :whistling:

Delete this file.

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop(2).ini ()


===========


Please copy the following text in the code box to Notepad. Make sure there is no empty line above REGEDIT4. In Notepad go to File > Save As. Name it Fixit.reg, in the drop down box at the bottom choose "All Files", and save it on your desktop.

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"UserInit"="C:\\WINDOWS\\system32\\userinit.exe,"
"Shell"="Explorer.exe"

Locate fixit.reg on your Desktop and double-click on it. When it asks if you want to merge with the registry, click YES.


===========


Reboot your computer.


It appears as if the duplicate files may have been restored from a backup program. I don't see any reason why you couldn't delete the duplicates that show up with a (2) in the filename. If you find that there a lot of them, there are programs that you can download that will search out duplicate files and remove them for you automatically.


Please post a new hijackthis log.
Let me know how your computer is working now. Any improvement?
  • 0

Advertisements

#32
lnijjar
Posted 31 October 2006 - 10:43 AM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
For some bizarre reason - even through troubleshooting I can not get the stupid networking to work in normal mode. Here is the new HJT log. I'm going to open up system mechanic to remove all the duplicates..do a good defrag and see if that helps anything.

Logfile of HijackThis v1.99.1
Scan saved at 7:41:50 AM, on 10/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Samsung LBP SM] "C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SystemGuardAlerter] SystemGuardAlerter.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [tunebite.exe] C:\Program Files\tunebite\tunebite.exe -hidden
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Search -
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Popup Blocker - Add to Black List - C:\Program Files\iolo\Common\Lib\AddToPSBlackList.htm
O8 - Extra context menu item: Popup Blocker - Add to White List - C:\Program Files\iolo\Common\Lib\AddToPSWhiteList.htm
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.co...nipeItOpen3.asp
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai....GAPANEL_USA.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160093392515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Netscape Communications Corporation - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
  • 0

#33
Buckeye_Sam
Posted 31 October 2006 - 10:50 AM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
I see you have signs of Symantec(Norton) in your log. Has it been uninstalled completely?

Can you boot into normal mode, get a log from hijackthis in normal mode? Then post that log back here. There must be something that's loading up in normal mode that's causing problems.
  • 0

#34
lnijjar
Posted 31 October 2006 - 10:58 AM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
I had done the uninstall of Norton...then the online unistall in order to install System Mechanic.. I was still having issues..so I called IOLO..and they had me manually remove the shared folder of symantec. Should I check the box FIX in the HJT of that item?
  • 0

#35
lnijjar
Posted 31 October 2006 - 12:31 PM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Ok.ran the HJT in normal...

Logfile of HijackThis v1.99.1
Scan saved at 9:11:49 AM, on 10/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Samsung LBP SM] "C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SystemGuardAlerter] SystemGuardAlerter.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [tunebite.exe] C:\Program Files\tunebite\tunebite.exe -hidden
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Search -
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Popup Blocker - Add to Black List - C:\Program Files\iolo\Common\Lib\AddToPSBlackList.htm
O8 - Extra context menu item: Popup Blocker - Add to White List - C:\Program Files\iolo\Common\Lib\AddToPSWhiteList.htm
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.co...nipeItOpen3.asp
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai....GAPANEL_USA.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160093392515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Netscape Communications Corporation - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
  • 0

#36
Buckeye_Sam
Posted 31 October 2006 - 03:53 PM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Go ahead and fix these lines with Hijackthis.

F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\ntos.exe,
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)


So you had problems completely removing Norton through the normal uninstallation process. Was it just Norton antivirus, or was it the complete suite including the firewall?

I see Panda antivirus and Kasperky firewall. But then also the System Mechanic components. Can you tell what this process does?

C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe

What exactly does System Mechanic Pro 6 provide for you?
  • 0

#37
lnijjar
Posted 31 October 2006 - 04:34 PM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe I part of the iolo system mechanic -it's a firewall...truthfully though I have to close the process almost everytime since it runs at about 99%CPU

System Mech Pro 6 is a combo "health" type program - scans for duplicates, enhances cpu and internet speed, spyware finder/remover...etc...Kapersky came with it..which hasn't run right from the start..but I think it's because of all the damage the malware created. I still am unable to network in normal (not whining - just keepin ya updated)

Thank you :whistling: for all your assistance...

Here is the new HJT

Logfile of HijackThis v1.99.1
Scan saved at 1:20:11 PM, on 10/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Samsung LBP SM] "C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SystemGuardAlerter] SystemGuardAlerter.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [tunebite.exe] C:\Program Files\tunebite\tunebite.exe -hidden
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Search -
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Popup Blocker - Add to Black List - C:\Program Files\iolo\Common\Lib\AddToPSBlackList.htm
O8 - Extra context menu item: Popup Blocker - Add to White List - C:\Program Files\iolo\Common\Lib\AddToPSWhiteList.htm
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.co...nipeItOpen3.asp
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai....GAPANEL_USA.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160093392515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Netscape Communications Corporation - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
  • 0

#38
Buckeye_Sam
Posted 31 October 2006 - 07:03 PM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
I think this where your problem lies.

C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe I part of the iolo system mechanic -it's a firewall...truthfully though I have to close the process almost everytime since it runs at about 99%CPU

You are also using Kasperky firewall, which shows in your processes here.

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe

Two firewalls will always conflict with each other. And I'm still not sure about Norton, because if it wasn't uninstalled correctly from the beginning then it may be contributing to the problem as well.

Let's try this...

Download LSPFix from http://www.cexx.org/lspfix.zip and run it.
You will see a list of files, but don't do anything yet.
Just click Finish>>.

Reboot your computer into normal mode and check your connection.
Any difference?
  • 0

#39
lnijjar
Posted 01 November 2006 - 09:22 PM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Ok I did as requested...no luck...still no networking..it stated there were no problems. I also went and "fixed" with HJT the IOLOSysguard thingy. Still nada... I'll be leaving in the morning for 4-5 days..so I just wanted to let you know that incase my reply isn't immediate. I would like to hopefully resolve all of this (or nearly resolve) at least the internet/email networking part...other than that it's actually running pretty smoothly.

I need to also mention that I'm unable to burn DVD's or CD's ugh...what else can go wrong

Edited by lnijjar, 01 November 2006 - 11:44 PM.

  • 0

#40
Buckeye_Sam
Posted 02 November 2006 - 06:41 AM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Fixing it with Hijackthis won't quite be enough if it's acting as your second firewall. And of course we keep coming back to Norton. Your best bet would be to uninstall System Mechanic and Kaspersky and then check your connection. If you have a connection, then reinstall just one of them. If you don't have a connection then we'll have to look deeper into the Norton issue, or even contact your ISP for service.

Enjoy your trip! I'll be around when you get back. :whistling:
  • 0

Advertisements

#41
lnijjar
Posted 02 November 2006 - 08:49 AM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Sounds like a plan...I'll hit it on tuesday when I reply!! Hello Cali here I come!! (hey..it's a nice break from Kodiak Alaska!)
  • 0

#42
lnijjar
Posted 07 November 2006 - 12:54 PM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Ok we're in business! I'm in normal and ONLINE! WOOOOOO!! I uninstalled Kapersky and Sys Mech. Can we maybe fine tune things now and see how things are going? Here's the latest HJT

Logfile of HijackThis v1.99.1
Scan saved at 9:54:40 AM, on 11/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\avtask.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148023627\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Samsung LBP SM] "C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [tunebite.exe] C:\Program Files\tunebite\tunebite.exe -hidden
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Search -
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Popup Blocker - Add to Black List - C:\Program Files\iolo\Common\Lib\AddToPSBlackList.htm
O8 - Extra context menu item: Popup Blocker - Add to White List - C:\Program Files\iolo\Common\Lib\AddToPSWhiteList.htm
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.co...nipeItOpen3.asp
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai....GAPANEL_USA.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160093392515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe (file missing)
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Netscape Communications Corporation - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
  • 0

#43
Buckeye_Sam
Posted 07 November 2006 - 03:53 PM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Alright! :whistling:

Your log looks pretty good. There's a few things that we can clean up.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O8 - Extra context menu item: &Search -
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe (file missing)



And then if you want to optimize your startup, you can fix these lines also.

O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide <-- unnecessary if you are going to run AVG at startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe


Reboot to see the affects.


=============


We need to update your version of Java.
  • Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9 from HERE
    • Scroll down to where it says Java Runtime Environment (JRE) 5.0 Update 9
    • Click the "Download" button to the right.
    • Accept the license agreement.
    • Click Windows Offline Installation, Multi-language to download the file.
  • Once the program has finished downloading:
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
      • It should have next icon next to it: Posted Image
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-1_5_0_09-windowsi586-p.exe to install the newest version.
  • Go back into the Control Panel and double-click the Java Icon.
    • Under Temporary Internet Files, click the Delete Files button.
    • There are three options in the window to clear the cache - Leave ALL 3 Checked
      • Downloaded Applets
      • Downloaded Applications
      • Other Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Java Control Panel.


How is your computer working now?
As long as you're not having any other issues, I'll go ahead and post some prevention steps for you next.
  • 0

#44
lnijjar
Posted 09 November 2006 - 12:06 AM

lnijjar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
THings are looking pretty good! I'm starting to get some stupid IE window wanting to install components of Front Page...weird. Anyway..did a panda scan..came up with this

Panda Antivirus 2007 incident report

EVENT DATE RESULTS ADDITIONAL INFORMATION
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan completed 11/07/06 10:34:52 Scan: All hard disks
Virus detected: Trj/HideProc.A 11/07/06 10:30:27 Disinfected Location: C:\WINDOWS\system32\sonyhcy.exe
Virus detected: Trj/HideProc.A 11/07/06 10:30:24 Disinfected Location: C:\WINDOWS\system32\serwvdrv.exe
Virus detected: Trj/HideProc.A 11/07/06 10:30:18 Disinfected Location: C:\WINDOWS\system32\rasmxs.exe
Virus detected: Trj/HideProc.A 11/07/06 10:29:40 Disinfected Location: C:\WINDOWS\system32\ipsmsnap.exe
Virus detected: Trj/HideProc.A 11/07/06 10:28:04 Disinfected Location: C:\WINDOWS\system32\cic.exe
Spyware detected: Cookie/Atlas DMT 11/07/06 10:05:07 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[1].txt
Spyware detected: Cookie/Atlas DMT 11/07/06 10:04:58 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[1].txt
Virus detected: Trj/HideProc.A 11/07/06 10:03:30 Disinfected Location: C:\!KillBox\8(2).exe
Scan started 11/07/06 10:03:28 Scan: All hard disks
Spyware detected: Cookie/Go 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@go[2].txt
Spyware detected: Cookie/QuestionMarket 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@questionmarket[2].txt
Spyware detected: Cookie/RealMedia 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@realmedia[1].txt
Spyware detected: Cookie/Tribalfusion 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tribalfusion[1].txt
Spyware detected: Cookie/Casalemedia 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@casalemedia[2].txt
Spyware detected: Cookie/Atlas DMT 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/Com.com 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@com[2].txt
Spyware detected: Cookie/Hitbox 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
Spyware detected: Cookie/Adrevolver 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adrevolver[1].txt
Spyware detected: Cookie/Advertising 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@advertising[1].txt
Spyware detected: Cookie/PointRoll 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
Spyware detected: Cookie/Adrevolver 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adrevolver[2].txt
Spyware detected: Cookie/Hitbox 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@hitbox[2].txt
Spyware detected: Cookie/Mediaplex 11/07/06 09:56:02 Eliminated Location: C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@mediaplex[1].txt
Update 11/07/06 09:55:43 OK Identifiers of alteration of archives
Update 11/07/06 09:55:34 OK New threat signatures: 13186
Spyware detected: Cookie/Doubleclick 11/07/06 09:52:43 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[1].txt
Spyware detected: Cookie/Doubleclick 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[1].txt
Spyware detected: Cookie/Mediaplex 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@mediaplex[1].txt
Spyware detected: Cookie/Atlas DMT 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/Com.com 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@com[2].txt
Spyware detected: Cookie/Bluestreak 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@bluestreak[1].txt
Spyware detected: Cookie/2o7 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@2o7[2].txt
Spyware detected: Cookie/Adrevolver 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@adrevolver[3].txt
Spyware detected: Cookie/Adrevolver 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@adrevolver[2].txt
Spyware detected: Cookie/Advertising 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@advertising[1].txt
Spyware detected: Cookie/Traffic Marketplace 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@trafficmp[2].txt
Spyware detected: Cookie/Tribalfusion 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@tribalfusion[1].txt
Spyware detected: Cookie/Casalemedia 11/01/06 09:46:57 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@casalemedia[2].txt
Spyware detected: Cookie/PointRoll 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Advertising 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@advertising[1].txt
Spyware detected: Cookie/Zedo 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@zedo[2].txt
Spyware detected: Cookie/Casalemedia 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@casalemedia[1].txt
Spyware detected: Cookie/Atlas DMT 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[1].txt
Spyware detected: Cookie/2o7 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@2o7[2].txt
Spyware detected: Cookie/Bluestreak 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@bluestreak[2].txt
Spyware detected: Cookie/Coremetrics 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Com.com 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@com[1].txt
Spyware detected: Cookie/Mediaplex 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@mediaplex[1].txt
Spyware detected: Cookie/Hitbox 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@hitbox[1].txt
Spyware detected: Cookie/Go 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@go[2].txt
Spyware detected: Cookie/Hitbox 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Hitbox 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/FastClick 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@fastclick[2].txt
Spyware detected: Cookie/Doubleclick 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[1].txt
Spyware detected: Cookie/Overture 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@overture[2].txt
Spyware detected: Cookie/QuestionMarket 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@questionmarket[1].txt
Spyware detected: Cookie/Overture 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Server.iad.Liveperson 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/RealMedia 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@realmedia[1].txt
Spyware detected: Cookie/Tribalfusion 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@tribalfusion[1].txt
Spyware detected: Cookie/WebtrendsLive 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Traffic Marketplace 10/31/06 15:48:03 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@trafficmp[1].txt
Spyware detected: Cookie/Statcounter 10/29/06 14:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@statcounter[2].txt
Spyware detected: Cookie/Linksynergy 10/29/06 14:40:13 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@linksynergy[2].txt
Spyware detected: Cookie/2o7 10/29/06 14:40:13 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@2o7[1].txt
Spyware detected: Cookie/Doubleclick 10/29/06 14:40:13 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[2].txt
Spyware detected: Cookie/Atlas DMT 10/29/06 14:40:13 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/Mediaplex 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@mediaplex[1].txt
Spyware detected: Cookie/Hitbox 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@hitbox[1].txt
Spyware detected: Cookie/Casalemedia 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@casalemedia[1].txt
Spyware detected: Cookie/Atlas DMT 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[1].txt
Spyware detected: Cookie/Adrevolver 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@adrevolver[2].txt
Spyware detected: Cookie/Adrevolver 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@adrevolver[3].txt
Spyware detected: Cookie/Advertising 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@advertising[2].txt
Spyware detected: Cookie/FastClick 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@fastclick[1].txt
Spyware detected: Cookie/Doubleclick 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[2].txt
Spyware detected: Cookie/Coremetrics 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/QuestionMarket 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@questionmarket[2].txt
Spyware detected: Cookie/RealMedia 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@realmedia[1].txt
Spyware detected: Cookie/Traffic Marketplace 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@trafficmp[1].txt
Spyware detected: Cookie/Tribalfusion 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@tribalfusion[2].txt
Spyware detected: Cookie/YieldManager 10/28/06 12:40:14 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Atlas DMT 10/27/06 10:04:28 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/QuestionMarket 10/26/06 20:46:01 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@questionmarket[2].txt
Spyware detected: Cookie/Atlas DMT 10/26/06 20:46:01 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/Mediaplex 10/26/06 20:46:01 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@mediaplex[1].txt
Spyware detected: Cookie/Tribalfusion 10/26/06 20:46:01 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@tribalfusion[1].txt
Spyware detected: Cookie/BurstBeacon 10/26/06 20:46:01 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/BurstBeacon 10/25/06 08:40:31 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Zedo 10/25/06 08:40:31 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@zedo[1].txt
Spyware detected: Cookie/Mediaplex 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@mediaplex[1].txt
Spyware detected: Cookie/Overture 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@overture[1].txt
Spyware detected: Cookie/QuestionMarket 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@questionmarket[2].txt
Spyware detected: Cookie/RealMedia 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@realmedia[2].txt
Spyware detected: Cookie/Server.iad.Liveperson 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Traffic Marketplace 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@trafficmp[2].txt
Spyware detected: Cookie/Tribalfusion 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@tribalfusion[2].txt
Spyware detected: Cookie/Valueclick 10/25/06 08:40:30 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@valueclick[1].txt
Spyware detected: Cookie/Hitbox 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@hitbox[1].txt
Spyware detected: Cookie/FastClick 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@fastclick[1].txt
Spyware detected: Cookie/Doubleclick 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[1].txt
Spyware detected: Cookie/Apmebf 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@apmebf[2].txt
Spyware detected: Cookie/YieldManager 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Coremetrics 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Com.com 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@com[1].txt
Spyware detected: Cookie/Casalemedia 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@casalemedia[1].txt
Spyware detected: Cookie/BurstNet 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@burstnet[2].txt
Spyware detected: Cookie/Bluestreak 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@bluestreak[1].txt
Spyware detected: Cookie/Atlas DMT 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/2o7 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@2o7[2].txt
Spyware detected: Cookie/PointRoll 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Advertising 10/25/06 08:40:29 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@advertising[2].txt
Spyware detected: Cookie/QuestionMarket 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@questionmarket[2].txt
Spyware detected: Cookie/RealMedia 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@realmedia[1].txt
Spyware detected: Cookie/WUpd 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@revenue[1].txt
Spyware detected: Cookie/Statcounter 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@statcounter[2].txt
Spyware detected: Cookie/Traffic Marketplace 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@trafficmp[1].txt
Spyware detected: Cookie/Tribalfusion 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@tribalfusion[1].txt
Spyware detected: Cookie/BurstBeacon 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Zedo 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@zedo[1].txt
Spyware detected: Cookie/Seeq 10/19/06 17:55:20 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Mediaplex 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@mediaplex[1].txt
Spyware detected: Cookie/Belnk 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@belnk[1].txt
Spyware detected: Cookie/DomainSponsor 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Adrevolver 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@adrevolver[3].txt
Spyware detected: Cookie/Adrevolver 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@adrevolver[2].txt
Spyware detected: Cookie/PointRoll 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/2o7 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@2o7[1].txt
Spyware detected: Cookie/Advertising 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@advertising[1].txt
Spyware detected: Cookie/Falkag 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Falkag 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Atlas DMT 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atdmt[2].txt
Spyware detected: Cookie/Atwola 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@atwola[1].txt
Spyware detected: Cookie/FastClick 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@fastclick[1].txt
Spyware detected: Cookie/Doubleclick 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@doubleclick[1].txt
Spyware detected: Cookie/Belnk 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][2].txt
Spyware detected: Cookie/Coremetrics 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\[email protected][1].txt
Spyware detected: Cookie/Casalemedia 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@casalemedia[1].txt
Spyware detected: Cookie/BurstNet 10/19/06 17:55:19 Eliminated Location: c:\documents and settings\compaq_administrator\cookies\compaq_administrator@burstnet[2].txt
Adware detected: Adware/DeluxeComunications 10/17/06 13:56:18 Eliminated Location: c:\program files\deluxecommunications\dxc.exe
Adware detected: Adware/DeluxeComunications 10/17/06 10:57:45 Eliminated Location: C:\WINDOWS\system32\dxclib303562752.dll
Scan started 10/17/06 10:57:32 Scan: All My Computer
Update 10/17/06 08:49:49 OK Identifiers of alteration of archives
Update 10/17/06 08:49:43 OK New threat signatures: 42182
  • 0

#45
Buckeye_Sam
Posted 09 November 2006 - 04:30 PM

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
It looks like Panda was able to handle everything that it found.
Delete this folder, if still present.

c:\program files\deluxecommunications

How is everything working now? Any problems?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP