Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

WIn Fixer and more [CLOSED]

Started by metaxy6 , Aug 17 2005 05:38 PM

  • This topic is locked This topic is locked

#31
metaxy6
Posted 24 August 2005 - 08:01 AM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Ok, we got the Java/Byte Verify. Thank you. I've also disabled caching, so that should keep it out.

AVG now runs clean, not detecting any infections.

A visit to the AVG forums has got me understanding what to do with files in the vault.

I took the steps you advised, and still can't do anything with Active Scan.
To be clear, the setttings (Run ActiveX Controls... and Script ActiveX Controls...) remain enabled, but Active Scan will not run.


I tried downloading the trial of Panda's Pro version to see what that would find. It must have conflicted (with AVG?) because I encountered problems at startup. They cleared after uninstall.
Should I uninstall AVG and try this Pro version again?
  • 0

Advertisements

#32
don77
Posted 24 August 2005 - 04:39 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
No keep AVG,

See if you can run bitdefender

Let me know if it runs
  • 0

#33
metaxy6
Posted 24 August 2005 - 07:15 PM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Ok, succesfully ran Bit Defender. Showed a lot of infections. Here is the log summary report followed by the details they provide (you'll notice that a lot of these are in the Norton quarantine, which I didn't know whether to delete when I ran ranv):



Infected Files
47

Virus Detected

Trojan.Downloader.Vb.EU
1

Adware.Begint.A
1

Trojan.Registrator.B
1

Trojan.Downloader.AZT
1

Trojan.Startpage.NK
4

Adware.BookedSpace.E
1

Trojan.PSW.Hooker.2.C
1

Win32.Badtrans.B@mm
1

BehavesLike:Trojan.Downloader
1

Application.WurldMedia.A
2

Win32.FunLove
33









C:\WINDOWS\SYSTEM\lamjeo.dll
Detected with: Application.WurldMedia.A

C:\WINDOWS\SYSTEM\lamjeo.dll
Disinfection failed

C:\WINDOWS\SYSTEM\lamjeo.dll
Deleted

C:\WINDOWS\SYSTEM\mobupd.exe=>wise0015
Detected with: Application.WurldMedia.A

C:\WINDOWS\SYSTEM\mobupd.exe=>wise0015
Disinfection failed

C:\WINDOWS\SYSTEM\mobupd.exe=>wise0015
Deleted

C:\WINDOWS\SYSTEM\mobupd.exe
Update failed

C:\WINDOWS\SYSTEM\GSM3-0511.exe
Infected with: Trojan.Registrator.B

C:\WINDOWS\SYSTEM\GSM3-0511.exe
Disinfection failed

C:\WINDOWS\SYSTEM\GSM3-0511.exe
Deleted

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)=>zlib_nsis0001
Suspected of: BehavesLike:Trojan.Downloader

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)
Update failed

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)=>zlib_nsis0002
Detected with: Adware.Begint.A

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)
Update failed

C:\WINDOWS\SYSTEM\dist001.exe
Infected with: Trojan.Downloader.Vb.EU

C:\WINDOWS\SYSTEM\dist001.exe
Disinfection failed

C:\WINDOWS\SYSTEM\dist001.exe
Deleted

C:\WINDOWS\SYSTEM\btnetw-ventura-hot_246765.exe
Infected with: Trojan.Downloader.AZT

C:\WINDOWS\SYSTEM\btnetw-ventura-hot_246765.exe
Disinfection failed

C:\WINDOWS\SYSTEM\btnetw-ventura-hot_246765.exe
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\76485288.exe=>(Quarantine-1)
Infected with: Win32.Badtrans.B@mm

C:\Program Files\Norton AntiVirus\Quarantine\76485288.exe=>(Quarantine-1)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2C570278.dll=>(Quarantine-1)
Infected with: Trojan.PSW.Hooker.2.C

C:\Program Files\Norton AntiVirus\Quarantine\2C570278.dll=>(Quarantine-1)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2C570278.dll=>(Quarantine-1)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Infected with: Win32.FunLove

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe=>(Quarantine-1)
Disinfected

C:\Program Files\Norton AntiVirus\Quarantine\627A64D4.exe
Update failed

C:\Program Files\Norton AntiVirus\Quarantine\2D901499.exe=>(Quarantine-1)
Infected with: Trojan.Startpage.NK

C:\Program Files\Norton AntiVirus\Quarantine\2D901499.exe=>(Quarantine-1)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2D901499.exe=>(Quarantine-1)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5DE40436.exe=>(Quarantine-1)
Infected with: Trojan.Startpage.NK

C:\Program Files\Norton AntiVirus\Quarantine\5DE40436.exe=>(Quarantine-1)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5DE40436.exe=>(Quarantine-1)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60AF6F23.exe=>(Quarantine-1)
Infected with: Trojan.Startpage.NK

C:\Program Files\Norton AntiVirus\Quarantine\60AF6F23.exe=>(Quarantine-1)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\60AF6F23.exe=>(Quarantine-1)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\61115AB7.exe=>(Quarantine-1)
Infected with: Trojan.Startpage.NK

C:\Program Files\Norton AntiVirus\Quarantine\61115AB7.exe=>(Quarantine-1)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\61115AB7.exe=>(Quarantine-1)
Deleted

C:\Program Files\HJT\backups\backup-20050817-204618-452.dll
Detected with: Adware.BookedSpace.E

C:\Program Files\HJT\backups\backup-20050817-204618-452.dll
Disinfection failed

C:\Program Files\HJT\backups\backup-20050817-204618-452.dll
  • 0

#34
don77
Posted 25 August 2005 - 05:06 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Can you search for C:\Program Files\Norton AntiVirus\Quarantine
see if we can get rid of the folder I would have thought running the uninstaller and removing the program would have wiped these as well,
If you have lick getting rid of the last of Nortons, Could you run another scan with Bit defender and post back what it finds,

The last 3 on the list are backups made by HJT so no worry about those,
  • 0

#35
metaxy6
Posted 25 August 2005 - 08:51 PM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Ok, last of Norton is gone. Bit Defender log is as follows:

Summary:

Identified Viruses 2
Infected Files 2
Suspect Files 1
Warnings 0
Disinfected 0
Deleted Files 3


Details:

C:\WINDOWS\SYSTEM\mobupd.exe=>wise0015
Detected with: Application.WurldMedia.A

C:\WINDOWS\SYSTEM\mobupd.exe=>wise0015
Disinfection failed

C:\WINDOWS\SYSTEM\mobupd.exe=>wise0015
Deleted

C:\WINDOWS\SYSTEM\mobupd.exe
Update failed

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)=>zlib_nsis0001
Suspected of: BehavesLike:Trojan.Downloader

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\WINDOWS\SYSTEM\weirdontheweb_ventura.exe=>(NSIS o)
Update failed

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)=>zlib_nsis0002
Detected with: Adware.Begint.A

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\WINDOWS\SYSTEM\246765-ventura-hot.exe=>(NSIS o)
Update failed
  • 0

#36
don77
Posted 27 August 2005 - 07:08 AM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Sorry for the delay I would like to look at something here,

Please download L2m9xfix here:
http://swandog46.gee...om/l2m9xfix.exe

Save it to the desktop and run it. Extract the files, and then open the l2m9xfix folder you just created and run RunThis.bat.

A window will open, and your desktop will disappear, then reappear. Please be patient until the batch says it is completed.

Then please restart your computer, and post a new HijackThis log as well as the entire text of the log.txt file which should be in the same folder as RunThis.bat.
  • 0

#37
metaxy6
Posted 27 August 2005 - 09:36 AM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Ok, done.


Log of L2M9XFix v1

************

Running from directory:
C:\WINDOWS\Desktop\l2m9xfix

************

Files found:

************

Registry entries found:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"AT&T CSM6.0"="AT&T CSM6.0"
"YPC 3.0.1"="Yahoo! Parental Controls"

************

Killing Explorer
Done!

Killing Rundll32
Done!

Removing malicious CLSID(s)
Done!

Restarting Explorer
Done!

Deleting malicious files
Done!

Finished!

------------------------------


Logfile of HijackThis v1.99.1
Scan saved at 10:35:42 AM, on 8/27/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPCLIENT.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMON32.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\COMMON FILES\ADAPTEC SHARED\CREATECD\CREATECD50.EXE
C:\PROGRAM FILES\HJT\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.marriott.att.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F1 - win.ini: run=hpfsched
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\mzheng\prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [CreateCD50] C:\PROGRA~1\COMMON~1\ADAPTE~1\CREATECD\CREATE~1.EXE -r
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: SoftStuff Wallpaper Changer.lnk = C:\Softstuf\softstrt.exe
O4 - Startup: America Online 5.0 Tray Icon.lnk = C:\America Online 5.0\aoltray.exe
O4 - Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npswf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.marriott.att.net
O16 - DPF: {9BB641DB-045B-42B4-BAE2-CBAAD66B0CC4} (Spotlife Composer) - http://yahoo.spotlif...23/SLCmpser.cab
O16 - DPF: {7CF052DE-C74F-421B-B04A-3B3037EF5887} (CCMPGui Class) - http://64.124.45.181.../proxy/CCMP.cab
O16 - DPF: {4226E9B7-D637-40E8-893A-13298AB41477} - http://www.callwave....DL_DownLoad.CAB
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) - http://scpwbb.ops.pl...quicksilver.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = uchicago.edu
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 128.135.4.2,128.135.12.73,128.135.72.200
  • 0

#38
don77
Posted 27 August 2005 - 04:08 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Interesting I just found I had the same problem trying to run Active scan on one of my computers with 98 on it, When you get the Active X error click try again, Next it should bring you to the window asking what to scan, choose "My computer" be patient took a bit for it to load but after a few minutes maybe 5 or so it ran just fine,
Give it a shot and let me know if it works,
  • 0

#39
metaxy6
Posted 27 August 2005 - 07:58 PM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Nope. Same deal. I get halfway through the load - about 30 secs- and the error message appears.

Try again and again, same deal.
  • 0

#40
don77
Posted 27 August 2005 - 08:43 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Odd you can run bitdefender no problem,
Could have over and check for any windows updates
Here
  • 0

Advertisements

#41
metaxy6
Posted 27 August 2005 - 10:11 PM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
That's the kicker. Can't download the Windows updates either.
The error message sugests that it is probably an ActiveX issue also.
I've tried the enable ActiveX controls, I've tried lowering the security settings to nothing. No dice.
  • 0

#42
don77
Posted 28 August 2005 - 08:44 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Lets give this a try,
Go to Start - Run
Type in MSINFO32 Click on Tools Click on DirectX Diagnostiac Tool,
Give it a couple minutes to load,
Click Next Page, Click Save All information, Save it to your desk top, Then go and find DxDiag
Copy and paste back the the following please.
System Information
and
DxDiag Notes

Don't post the whole log just the top 2 items please

Edited by don77, 28 August 2005 - 08:44 PM.

  • 0

#43
metaxy6
Posted 29 August 2005 - 06:14 PM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
I'd love to report any progress, but

start > run > MSINFO32 only loads Windows Help and Support for me.
  • 0

#44
don77
Posted 29 August 2005 - 07:17 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts

only loads Windows Help and Support for me

Right thats what we need to see, On the top of the page look for Tools
In the drop down box look for DirectX Diagnostiac Tool and then follow the rest of the instructions
  • 0

#45
metaxy6
Posted 29 August 2005 - 07:36 PM

metaxy6

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
but the help and support will not actually load. it just hangs - i let it go this last time for about 15 mins.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP