http://www.pandasoft...n_principal.htm
beach_pictures_packed.pif
Started by
Rubinho
, Jun 04 2005 03:19 PM
#16
Posted 08 June 2005 - 07:38 AM
#17
Posted 08 June 2005 - 04:00 PM
Here's the result. Still some infected files....
Incident Status Location
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050602-153715.backup
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050602-164815.backup
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.bak
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\1.hosts
Adware:Adware/StatBlaster No disinfected C:\WINDOWS\system32\O
Adware:Adware/StatBlaster No disinfected C:\WINDOWS\system32\O.BAT
Spyware:Spyware/Cydoor No disinfected C:\WINDOWS\system32\cd_clint.dll
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\ar3.jar-5157872c-675b6b2d.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\ar3.jar-5157872c-675b6b2d.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\arc.zip-3bf7ea67-66cce157.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\archive.jar-77052ac7-1d968663.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\archive.jar-15cf4db0-200975a5.zip[Dummy.class]
Adware:Adware/CWS.Aboutblank No disinfected C:\Recycled\Q330995.exe
Incident Status Location
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050602-153715.backup
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050602-164815.backup
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.bak
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\1.hosts
Adware:Adware/StatBlaster No disinfected C:\WINDOWS\system32\O
Adware:Adware/StatBlaster No disinfected C:\WINDOWS\system32\O.BAT
Spyware:Spyware/Cydoor No disinfected C:\WINDOWS\system32\cd_clint.dll
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\ar3.jar-5157872c-675b6b2d.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\ar3.jar-5157872c-675b6b2d.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\arc.zip-3bf7ea67-66cce157.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\archive.jar-77052ac7-1d968663.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\ruben\.jpi_cache\jar\1.0\archive.jar-15cf4db0-200975a5.zip[Dummy.class]
Adware:Adware/CWS.Aboutblank No disinfected C:\Recycled\Q330995.exe
#18
Posted 08 June 2005 - 04:40 PM
Please download the Killbox by Option^Explicit. *In the event you already have Killbox, this is a new version that I need you to download.
* Save it to your desktop.
* Please double-click Killbox.exe to run it.
* Select "Delete on Reboot".
* Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C
C:\WINDOWS\system32\O.BAT
C:\WINDOWS\system32\cd_clint.dll
C:\Recycled\Q330995.exe
* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
If your computer does not restart automatically, please restart it manually.
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb;en-us;310405
Run the scan again and see if it turns up anything.
* Save it to your desktop.
* Please double-click Killbox.exe to run it.
* Select "Delete on Reboot".
* Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C
C:\WINDOWS\system32\O.BAT
C:\WINDOWS\system32\cd_clint.dll
C:\Recycled\Q330995.exe
* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
If your computer does not restart automatically, please restart it manually.
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb;en-us;310405
Run the scan again and see if it turns up anything.
#19
Posted 11 June 2005 - 08:14 AM
Unfortunately I can't turn off System Restore. Every time I click on the System Restore tab in Control Panel -> System, the system produces an error:
"an exception has occured during the execution of shell32.dll, Control_RunnDLL "C:\windows\system32\sysdm.cpl", System"
"an exception has occured during the execution of shell32.dll, Control_RunnDLL "C:\windows\system32\sysdm.cpl", System"
#20
Posted 12 June 2005 - 08:27 PM
Proceed without turning off system restore.
#21
Posted 24 June 2005 - 08:03 AM
I apologise for the fact that it's been so long since I last replied, but I've just had two crucial weeks in which I couldn't afford to lose my computer.
I did what you told me, Killbox and another scan.
Here's the result:
Incident Status Location
Adware:Adware/StatBlaster No disinfected C:\WINDOWS\system32\O
I did what you told me, Killbox and another scan.
Here's the result:
Incident Status Location
Adware:Adware/StatBlaster No disinfected C:\WINDOWS\system32\O
Edited by Rubinho, 24 June 2005 - 08:04 AM.
#22
Posted 24 June 2005 - 12:06 PM
Since it's been so long, I need to see another log, along with what problems you're having.
#23
Posted 27 June 2005 - 08:07 AM
Well, at the moment I don't really experience any problems.
Here's the log:
Logfile of HijackThis v1.99.1
Scan saved at 16:05:20, on 27-6-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\IP Insight\ARMon32a.exe
D:\Program Files\Alias\Maya6.5\docs\wrapper.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Alias\mentalraysatellite3.4\bin\raysatserver.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Palm\HOTSYNC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
D:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bk.tudelf...141570/internet
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.planet.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer provided by Planet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = proxy.planet.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}
- D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HotSync Manager.lnk = D:\Palm\HOTSYNC.EXE
O4 - Global Startup: SpySubtract.lnk = C:\Program
Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program
files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Gelijkwaardige pagina's -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program
files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program
files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.planet.nl
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing)
-
http://a840.g.akamai...trendmicro.com/
housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} (Autodesk WHIP!
Control) - ftp://ftp.autodesk.com/pub/whip/english/whip.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pdownloader.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{690DDB54-8FF3-4702-8247-6139AF7D7C87
}: NameServer = 192.168.1.1
O17 -
HKLM\System\CS1\Services\Tcpip\..\{690DDB54-8FF3-4702-8247-6139AF7D7C87
}: NameServer = 192.168.1.1
O23 - Service: Alias Wavefront Help Server (AWHelpServer) - Unknown
owner - D:\Program Files\AliasWavefront\Maya5.0\docs\Wrapper.exe" -s
"D:\Program Files\AliasWavefront\Maya5.0\docs/Wrapper.conf (file
missing)
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Inverse IP InSight Client (InverseLaunchIPI) - Inverse
Network Technology - C:\Program Files\IP Insight\LaunchIPI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner -
C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia
Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) -
Unknown owner - D:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s
"D:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -
Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RaySat Server (RaySatServer) - Unknown owner -
C:\Program Files\Alias\mentalraysatellite3.4\bin\raysatserver.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe
Here's the log:
Logfile of HijackThis v1.99.1
Scan saved at 16:05:20, on 27-6-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\IP Insight\ARMon32a.exe
D:\Program Files\Alias\Maya6.5\docs\wrapper.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Alias\mentalraysatellite3.4\bin\raysatserver.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Palm\HOTSYNC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
D:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bk.tudelf...141570/internet
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.planet.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer provided by Planet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = proxy.planet.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}
- D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HotSync Manager.lnk = D:\Palm\HOTSYNC.EXE
O4 - Global Startup: SpySubtract.lnk = C:\Program
Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program
files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Gelijkwaardige pagina's -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program
files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program
files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.planet.nl
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing)
-
http://a840.g.akamai...trendmicro.com/
housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} (Autodesk WHIP!
Control) - ftp://ftp.autodesk.com/pub/whip/english/whip.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pdownloader.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{690DDB54-8FF3-4702-8247-6139AF7D7C87
}: NameServer = 192.168.1.1
O17 -
HKLM\System\CS1\Services\Tcpip\..\{690DDB54-8FF3-4702-8247-6139AF7D7C87
}: NameServer = 192.168.1.1
O23 - Service: Alias Wavefront Help Server (AWHelpServer) - Unknown
owner - D:\Program Files\AliasWavefront\Maya5.0\docs\Wrapper.exe" -s
"D:\Program Files\AliasWavefront\Maya5.0\docs/Wrapper.conf (file
missing)
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Inverse IP InSight Client (InverseLaunchIPI) - Inverse
Network Technology - C:\Program Files\IP Insight\LaunchIPI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner -
C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia
Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) -
Unknown owner - D:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s
"D:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -
Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RaySat Server (RaySatServer) - Unknown owner -
C:\Program Files\Alias\mentalraysatellite3.4\bin\raysatserver.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe
#24
Posted 28 June 2005 - 09:20 PM
have you downloaded several new programs? There are new ones on your log and a few I don't recognize.
C:\Program Files\Alias\mentalraysatellite3.4\bin\raysatserver.exe
What is the above?
Please turn off wordwrap and repost. It's difficult for me to read. Thanks.
C:\Program Files\Alias\mentalraysatellite3.4\bin\raysatserver.exe
What is the above?
Please turn off wordwrap and repost. It's difficult for me to read. Thanks.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users