Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Data Execution Prevention - HiJack This Log


  • Please log in to reply

#1
M2theC

M2theC

    New Member

  • Member
  • Pip
  • 6 posts
Hi guys.

I have followed all the steps and done all scans and still having problems.

Laptop running extremely slow at startup and I get flooded with various DATA EXECUTION PREVENTION error messages which crash the system whenever I try close them.

Most annoying one is DEP: Run a dll as an app.. I close this and get Run a dll as an app has encountered a problem and needs to close..

I then get this error message for everything I try open.

I have disabled somethings from my startup which have helped a bit, and after everything done I still get a DEP from Automatic Updates.

Here are my logs!

Any help would be of great help!!

SUPERAntiSpyware Scan Log
Generated 03/15/2007 at 08:38 PM

Application Version : 3.6.1000

Core Rules Database Version : 3190
Trace Rules Database Version: 1200

Scan type : Complete Scan
Total Scan Time : 00:53:59

Memory items scanned : 712
Memory threats detected : 0
Registry items scanned : 6825
Registry threats detected : 1
File items scanned : 58627
File threats detected : 80

Adware.IWantSearchBar
HKU\S-1-5-21-3702592620-907076807-497797318-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}

Adware.Tracking Cookie
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][3].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][4].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][4].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][3].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:17:46, on 15/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\admServ.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Marc\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.4:30997
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 10372 bytes
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP