Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

apropos--the download trojan from [bleep]! [CLOSED]


  • This topic is locked This topic is locked

#1
Lor-ee

Lor-ee

    New Member

  • Member
  • Pip
  • 2 posts
OK... It's about day 4 and I've managed to rid myself of all (I think) but one beast called apropos-browser modifier who has lodged itself into my HKEY_LOCAL_MACHINE and it won't go away--I first had that ever-so-popular "180search" and all of his buddies and now I'm down to pop-ups from "Rednova".
There was also this one called "dyfuca", which made me feel real good!!

Anyway thank you good people for combating the evil ones!

Here is my HJT and a Bio of PC.

Lor-ee :tazz:


Logfile of HijackThis v1.99.1
Scan saved at 5:32:47 PM, on 10/02/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\xmeshyl\bsrumds.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\winlog.exe
C:\WINDOWS\SYSTEM32\USRshutA.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\lori\My Documents\Unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SE...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SE...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.Google.com"); (C:\Documents and Settings\lori\Application Data\Mozilla\Profiles\default\ksxpr341.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CMOZILLA.ORG%5CMOZILLA%5Csearchplugins%5Cjeeves.src"); (C:\Documents and Settings\lori\Application Data\Mozilla\Profiles\default\ksxpr341.slt\prefs.js)
O1 - Hosts: 216.39.69.102 view.atdmt.com
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll (file missing)
O4 - HKLM\..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [] winlog.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [yroesr] C:\WINDOWS\system32\hywytk\yroesr.exe
O4 - HKLM\..\Run: [bsrumds] C:\WINDOWS\system32\xmeshyl\bsrumds.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\RunServices: [] winlog.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {1DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - http://www.activewor...ldsDownload.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol....oach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1118607674953
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1125677287640
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.co...aploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: bsrumdsxmeshyl - Unknown owner - C:\WINDOWS\system32\xmeshyl\bsrumds.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ormcfkdecav - Unknown owner - C:\WINDOWS\system32\fkdecav\ormc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe





Belarc Advisor
The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple computers in a corporate, educational, military or government installation is prohibited. See the license agreement for details. The information on this page was created locally on your computer by the Belarc Advisor. Your computer profile was not sent to a web server. Click here for more info.



System Security Status
CIS Benchmark Score
Unknown
Available only for Windows 2000, XP Pro, and 2003


Virus Protection
OK
Up-to-date


Microsoft Security Updates
OK
Up-to-date



Computer Profile Summary
Computer Name: Lori-
Profile Date: Sunday, October 02, 2005 5:39:21 PM
Advisor Version: 7.0m
Windows Logon: lori

Click here for Belarc's System Management products, for large and small companies.

Operating System System Model
Windows XP Home Edition Service Pack 2 (build 2600) Compaq Presario 061
*Edited by an Admin to remove Windows password
Enclosure Type: Desktop
Processor a Main Circuit Board b
2.80 gigahertz Intel Celeron
8 kilobyte primary memory cache
128 kilobyte secondary memory cache Board: MICRO-STAR INTERNATIONAL CO., LTD Gamila/Giovani/Neon series 030
Serial Number: 3C11299786
Bus Clock: 100 megahertz
BIOS: Phoenix Technologies, LTD 3.05 11/25/2003
Drives Memory Modules c,d
33.81 Gigabytes Usable Hard Drive Capacity
25.97 Gigabytes Hard Drive Free Space

CREATIVE CD4831E TS030808 [CD-ROM drive]
MITSUMI CR-4804TE [CD-ROM drive]
3.5" format removeable media [Floppy drive]

Maxtor 6Y060L0 [Hard drive] (33.82 GB) -- drive 0, s/n Y23RA8NC, rev YAR41BW0, SMART Status: Healthy 248 Megabytes Installed Memory

Slot 'A0' has 256 MB
Slot 'A1' is Empty
Local Drive Volumes


c: (NTFS on drive 0) 33.81 GB 25.97 GB free
Network Drives
None detected
Users (mouse over user name for details) Printers
local user accounts last logon
lori 10/02/2005 5:27:25 PM (admin)
local system accounts
Administrator never (admin)
ASPNET never
Guest never
HelpAssistant never
SUPPORT_388945a0 never

DISABLED Marks a disabled account; LOCKED OUT Marks a locked account

hp deskjet 940c on USB002
Controllers Display
Standard floppy disk controller
Primary IDE Channel [Controller]
Secondary IDE Channel [Controller]
Standard Dual Channel PCI IDE Controller Intel® 82845G/GL/GE/PE/GV Graphics Controller [Display adapter]
KDS Canada Xtreme Flat XF7b [Monitor]
Bus Adapters Multimedia
Intel® 82801DB/DBM USB 2.0 Enhanced Host Controller - 24CD
Standard Universal PCI to USB Host Controller (3x) Realtek AC'97 Audio
Communications Other Devices
U.S. Robotics 56K Fax Win [Modem]


RAS Async Adapter
IP Address: 66.81.54.138 / 32
Gateway: 66.81.54.138
Physical Address: 00:53:45:00:00:00
Realtek RTL8139 Family PCI Fast Ethernet NIC
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PS/2 Compatible Mouse
USB Root Hub (4x)
Virus Protection [Back to Top]
Norton AntiVirus Version 10.00
Virus Definitions Version 09/28/2005 Rev 7
Last Disk Scan on Monday, September 26, 2005 3:08:28 AM
Realtime File Scanning On

Missing Microsoft Security Hotfixes [Back to Top]

All required security hotfixes (using the 09/13/2005 Microsoft Security Bulletin Summary) have been installed.

Installed Microsoft Hotfixes [Back to Top]
.NETFramework
1.1
no verification data S867460 on 05/17/2005 (details...)
no verification data M886903 on 05/19/2005 (details...)
Internet Explorer 6
SP0
passed verification (details...)
Internet Explorer
no verification data SP2 (SP2)
Windows Media Player
passed verification Q828026 (details...)
SP0
no verification data Q828026 on 06/12/2005 (details...)
Windows XP
SP2
no verification data KB811113[SP] on 06/27/2005 (details...)
SP3
passed verification KB873333 on 06/28/2005 (details...)
passed verification KB873339 on 06/28/2005 (details...)
passed verification KB883939 on 06/28/2005 (details...)
passed verification KB885250 on 06/28/2005 (details...)
passed verification KB885835 on 06/28/2005 (details...)
passed verification KB885836 on 06/28/2005 (details...)
passed verification KB886185 on 06/28/2005 (details...)
passed verification KB887472 on 06/28/2005 (details...)

Windows XP
SP3 (continued)
passed verification KB887742 on 06/28/2005 (details...)
passed verification KB888302 on 06/28/2005 (details...)
passed verification KB890046 on 06/28/2005 (details...)
no verification data KB890175 on 06/28/2005 (details...)
passed verification KB890859 on 06/28/2005 (details...)
passed verification KB891781 on 06/28/2005 (details...)
passed verification KB893066 on 06/28/2005 (details...)
passed verification KB893086 on 06/28/2005 (details...)
passed verification KB893756 on 08/13/2005 (details...)
passed verification KB893803V2 on 06/28/2005 (details...)
passed verification KB894391 on 08/13/2005 (details...)
passed verification KB896358 on 06/28/2005 (details...)
passed verification KB896422 on 06/28/2005 (details...)
passed verification KB896423 on 08/13/2005 (details...)
passed verification KB896428 on 06/28/2005 (details...)
passed verification KB896727 on 08/13/2005 (details...)
passed verification KB898461 on 06/29/2005 (details...)
passed verification KB899587 on 08/13/2005 (details...)
passed verification KB899588 on 08/13/2005 (details...)
passed verification KB899591 on 08/13/2005 (details...)
passed verification KB901214 on 07/12/2005 (details...)
no verification data KB903235 on 07/12/2005 (details...)

Click here to see all available Microsoft security hotfixes for this computer.

[installed security hotfix] Marks a security hotfix (using the 09/13/2005 Microsoft Security Bulletin Summary)
verifies OK Marks a hotfix that verifies correctly
fails verification Marks a hotfix that fails verification (note that failing hotfixes need to be reinstalled)
Unmarked hotfixes lack the data to allow verification

Click here for Belarc's System Management products, for large and small companies.

Software Licenses [Back to Top]

Adobe Systems, Inc. - Adobe Photoshop 6.0 Licence # removed
Belarc - Advisor d973529f
Microsoft - Internet Explorer Licence # removed
Microsoft - Office 2000 Disc 2 Licence # removed
Microsoft - Office 2000 Premium Licence # removed
Microsoft - Picture It! Express 7.0 Licence # removed
Microsoft - WebFldrs XP Licence # removed
Microsoft - Windows Support Tools Licence # removed
Microsoft - Windows XP Home Edition Licence # removed
Symantec Corporation - MSRedist 1
Symantec Corporation - Norton AntiVirus 2004 1
Symantec Corporation - Norton WMI Update 1
Symantec Corp - SymNet 1
Software Versions (mouse over * for details, click * for location) [Back to Top]
Address Book Palm Sync Install *
Adobe Acrobat Version 7.0.0.0 *
Adobe ImageReady ™ 3.0 Version 3.0 *
Adobe Photoshop Version 6.0 *
Adobe Reader Version 7.0.2.2005060200 *
Adobe Systems AdobeDownloadManager Version 2.0 *
Adobe Systems, Inc. Adobe Gamma Loader Version 1, 0, 0, 1 *
AdpBrowser Application Version 1, 0, 0, 49 *
Ambient Design Ltd. ArtRage 1.1 Version 1, 1, 0, 0 *
America Online Version 10.0.20.1.US.1 *
America Online Version 9.00.001 *
America Online, Inc - AOL Connectivity Service Version 2.0.20.1.US.1 *
America Online, Inc. - AOL Connectivity Service Version 2.0.20.1.US.1 *
AOL Companion Version 1, 6, 2, 0 *
AOL Spyware Protection Service *
AOLSP Scheduler Version 1, 5, 0, 0 *
Apple Computer, Inc. - QuickTime QuickTime 7.0.2a38 *
Avnex Ltd - Vcs 4.0. Core dispatcher Version 4, 0, 42, 0 *
Banner Blue Software Incorporated - Microsoft Organization Chart Version 2,0,0,1016 *
Belarc, Inc. - Advisor Version 7.0m *
bsrumds *
Calculator with Support for Advanced functions *
CallWave Service Version 3.07.9 (13-May-2005) *
Cinematronics - 3D Pinball Version 5.1.2600.2180 *
Configure Planet Quest *
Crystal Office Systems - Tetris Version 1.35 *
Equinox Software - Image Editor Version 1, 0, 1, 0 *
erasoft - IconCool Version 1.00 *
EyeBrowse (Standard Edition) Version 2.70.1113 *
GameHouse Super Collapse! Version 2.71 *
GTek Technologies Ltd. - GTCoach Version 3, 0, 0, 1 *
Icatch(VI) SnapDetect *
Inno Setup Version 51.13.0.0 *
InstallShield Software Corporation - InstallDriver Module Version 9.01 *
Intel® Common User Interface Version 7.0.0.4020 *
Intel® Processor Identification Utility Version 1.5 *
Jordan Russell - Inno Setup Uninstaller Version 51.8.0.0 *
Ken Foster - Desktop Architect Version 2, 0, 2, 0 *
Lavasoft Ad-Aware SE SE 106 *
Listen.com - Check Web For Update Version 1.0.0.0 *
LiveUpdate Version 1.0.0.0 *
Microsoft ® .NET Framework Version 1.1.4322.2032 *
Microsoft ® Windows Script Host Version 5.6.0.8820 *
Microsoft - Envelope Manager - Direct Mail Manager Version 2.01.0025 *
Microsoft and Digital Renaissance - Windows Media Author Version 4, 0, 0, 3638 *
Microsoft AntiSpyware (Beta 1) Version 1.00.0615 *
Microsoft App-wide Setup for Windows Version 1.2 *
Microsoft Clip Gallery Version 5.1.00.1221 *
Microsoft Corporation - Internet Explorer Version 6.00.2900.2180 *
Microsoft Corporation - Messenger Version 4.7.3001 *
Microsoft Corporation - Windows Installer - Unicode Version 3.1.4000.1823 *
Microsoft Corporation - Windows Movie Maker Version 2.1.4026.0 *
Microsoft Corporation - Windows XP Video Decoder Checkup Utility Version 1.0.0.1 *
Microsoft Corporation - Windows® NetMeeting® Version 3.01 *
Microsoft Corporation - Zone.com Version 1.2.626.1 *
Microsoft Data Access Components Version 3.525.1117.0 *
Microsoft Office 2000 Small Business Edition Version 9.0.1423 *
Microsoft Office 2000 Version 9.0.2719 *
Microsoft Photo Editor Version 3.01 *
Microsoft Picture It! 7.0 Version 7.00.0716.0 *
Microsoft Plus! Digital Media Edition Version 1.1.0.3464 *
Microsoft PowerPoint for Windows Version 9.0.2716 *
Microsoft Snapshot Viewer Application Version 9.0.0.2402 *
Microsoft Windows Malicious Software Removal Tool Version 1.8.0782.10 *
Microsoft Windows Media Player Version 6.4.09.1125 *
Microsoft® MSN ® Communications System Version 6.10.0016.1624 * Microsoft® Windows Media Player Version 10.00.00.3802 *
Microsoft® Access Version 9.0.2719 *
Microsoft® Business Planner Version 1, 0, 0, 1 *
Microsoft® Corporation - Update Detection Module Version 7.00.0716.0 *
Microsoft® FrontPage® 2000 Version 4.0.2.2717 *
Microsoft® GIF Animator Version 1.0.0.101 *
Microsoft® Publisher 2000 Version 6.0 Version 6.0 *
Microsoft® Query Version 9.00.2612 *
Microsoft® Windows Media Services Version 4.00.0.3688 *
Mind Control Software - DMA Launcher Version 0,0,2,2 *
Mischel Internet Security - TrojanHunter Guard Version 1.0.0.0 *
Mischel Internet Security - TrojanHunter Version 4.1.0.0 *
Mozilla - Firefox Version 1.4 *
Mozilla Version 1.7.8: 2005051112 *
MSBP_STB.EXE *
Netscape - Browser Personal *
Netscape Version 8.0.2.0 *
Nullsoft - Winamp Version 5.1 *
Opera Internet Browser Version 8.0 *
ormcfkdecav *
PowerQuest Program Launcher Version 8.0.0.0 *
Pure Networks, Inc. - Port Magic Version 1.2.1393.0 *
Quick StartUp *
RealNetworks Rhapsody Music Subscription Service Version 3.0.0.1141 *
RealNetworks, Inc. - RealPlayer (32-bit) Version 0.1.0.3292 *
RealNetworks, Inc. - RealPlayer (32-bit) Version 6.0.12.1235 *
RealNetworks, Inc. - RealPlayer (32-bit) Version 7.0.0.2639 *
RenderGold 2.5 *
Safer Networking Limited - Spybot - Search & Destroy Version 1, 4, 0, 3 *
Safer Networking Limited - SpyBot-S&D Version 1, 4, 0, 3 *
Soeperman Enterprises Ltd. - HijackThis Version 1.99.0001 *
SpywareBlaster AutoUpdate Version 3.04 *
SpywareBlaster Version 3.04 *
Stardock CursorXP Version 1, 3, 0, 0 *
Startup Inspector for Windows Version 2.08 *
Steven R. Gould - Windows CleanUp! Version 4.0 *
StyleXP Application Version 0, 30, 0, 0 *
StyleXPService Module Version 0, 20, 0, 3000 *
Sun Microsystems, Inc. - Java™ 2 Platform Standard Edition 5.0 Update 2 Version 5.0.20.9 *
Sun Microsystems, Inc. - Java™ 2 Platform Standard Edition 5.0 Update 4 Version 5.0.40.5 *
Sunplus Amcap Version 1, 0, 0, 2 *
Symantec AntiVirus AutoProtect Version 9.2 *
Symantec Corporation - Common Client Version 2.1.7.2 *
Symantec Corporation - LiveUpdate Version 2.6.14.0 *
Symantec Corporation - Norton AntiVirus Version 10.00.2 *
Symantec Corporation - Norton Security Center Version 2005.1 *
Symantec Integrator Version 6.5.610 *
Symantec ScriptBlocking Version 1, 1, 1, 131 *
Symantec Security Drivers Version 5.5 *
Symantec Shared Components Version 3.0 *
Tetris Arena *
U.S. Robotics - Ridler Application 1 beta 5 Version 1, 0, 0, 5 *
U.S. Robotics Corporation - U.S. Robotics Modem Driver Version 4. 11. 21 *
Ubound Solutions - EyeBrowse Recovery Version 1.00.0007 *
Ubound Solutions - VBLaunch Version 1.0.0.1 *
VERITAS Software Corporation - RecordNow Version 3.10 *
WinZip Version 9.0 SR-1 (6224) *
Wizards to adjust .NET Framework security, assign trust to assemblies, and fix broken .NET applications. Version 1.0.5000.0 *
X2 Studios, Ltd. - LiquidIcon Editor Version 1.00.0004 *
Yaser Rajabi - XPepius Version 2.0.6 *
yroesr *
Zone Labs Client Version 6.0.667.000 *
Zone Labs Uninstaller Version 6.0.667.0 *
Zone Labs, LLC - Internet Access Monitor Version 6.0.667.000 *
Zone Labs, LLC - TrueVector Service Version 6.0.667.000 *
* Click to see where software is installed.
a. Megahertz measurement may be inaccurate if other programs were busy during last analysis.
b. Data may be transferred on the bus at one, two, or four times the Bus Clock rate.
c. Memory slot contents may not add up to Installed Memory if some memory is not recognized by Windows.
d. Memory slot contents is reported by the motherboard BIOS. Contact system vendor if slot contents are wrong.
e. This may be the manufacturer's factory installed product key rather than yours.
Copyright 2000-5, Belarc, Inc. All rights reserved.
Legal notice. U.S. Patents 6085229, 5665951 and Patents pending.
- Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: yroesrhywytk - Unknown owner - C:\WINDOWS\system32\hywytk\yroesr.exe

Edited by ~Kat~, 04 October 2005 - 11:42 AM.

  • 0

Advertisements


#2
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Hi and welcome to GeeksToGo! My name is Sam and I will be helping you. :tazz:

I apologize for the delay getting to your log, the helpers here are very busy.
If you still need help, please post a fresh Hijack log, in this thread, so I can help you with your Malware Problems.

If you have resolved this issue please let us know.
  • 0

#3
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP