|
Donations |
|
 |
|
|
|
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
|
|
|
Survey |
|
|
|
|
|
|
|
|
Translate |
|
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
 Posted: Thu Jun 03, 2004 10:26 am Post subject: hijacking? please help |
|
|
| My pc is screwed up. I can't use ie and can't see the contents of control panel,accessories,and others. I installed new Norton proffessional and spybot and adaware and still have big problems. Every 15-20 mins ie opens (2"x2" window) and freezes or it opens a white screen (total) and I have to ctrl-alt-del and end task 2x to make it go away. MY important applications still work. My home page changed to"http://213.159.117.132/redir.php" and I can't change it. I guess I've been hijacked? What can I do |
|
| Back to top |
|
 |
magictouch
1st Responder
Joined: May 02, 2004
Posts: 697
Location: Denmark
|
| Posted: Fri Jun 04, 2004 1:20 am Post subject: |
|
|
If you think you are hacked, get a firewall:
Firewall: http://www.zonelabs.com/store/content/c...wnload.jsp
Download hijackthis: http://www.spywareinfo.com/~merijn/downloads.html
Unzip to own folder. Scan, scan button change to-save log, post it here
_________________
Please, do not PM me with HJT log´s, thank you. |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Fri Jun 04, 2004 8:11 am Post subject: |
|
|
ok thanks. i downloaded the two programs and installed them. here is the logfile from hijackthis:
Logfile of HijackThis v1.97.7
Scan saved at 8:07:05 AM, on 06/04/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\GWMDMMSG.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM32\WINTIME.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\SVCHOSD.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SVCHOST.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\MWA\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com/"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\6x1j7rwb.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\6x1j7rwb.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: . - {D34F08C5-4F18-477c-86CB-1A9BEECFE37B} - C:\WINDOWS\APPLICATION DATA\IECJ\IECJ.DLL
O2 - BHO: (no name) - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [WorksFUD] c:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinTime] C:\WINDOWS\system32\wintime.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Aplune Service] svchosd.exe
O4 - HKLM\..\Run: [Advanced Tools Check] c:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\Run: [RegistryMechanic] C:\PROGRAM FILES\REGISTRY MECHANIC\REGMECH.exe /QS
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [RNBOStart] c:\WINDOWS\SYSTEM\sentstrt.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Windows Deafult Configuration] C:\WINDOWS\svchost.exe
O8 - Extra context menu item: &Define - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .avi: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npavi32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc...wflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200...taller.exe
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://www.techsmith.com/codec/tsccinst.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06f0cf3fd96...xIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/C...2887847222
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://support.charter.com/sdccommon/download/tgctlins.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://support.charter.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {715A3997-ADE8-4399-AD92-353958D75076} (XUpdater Control) - http://www.bluefalcon.com/software/stre...SS_POC.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns...?DSFID=215
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.gsu.edu/activex/AxisCamControl.ocx
O19 - User stylesheet: (file missing) |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Fri Jun 04, 2004 12:24 pm Post subject: |
|
|
| can anyone help me further? |
|
| Back to top |
|
|
magictouch
1st Responder
Joined: May 02, 2004
Posts: 697
Location: Denmark
|
| Posted: Fri Jun 04, 2004 2:52 pm Post subject: |
|
|
Try onlinescan:
http://housecall.trendmicro.com/housecall/start_corp.asp
http://www.pandasoftware.com/activescan...ncipal.htm
Run both
Then run Spybot-Adware again:
Spybot: http://www.majorgeeks.com/download2471.html
Install, update, immunize and run. Fix all, marked with red
Adware: http://www.lavasoftusa.com/support/download/#free
Go to Start > Programs > Lavasoft and click on AdAware 6 to open the program
Look at the icons on the top right of the page and click on the world and let AdAware update the spyware reference list
Once the update is finished click on the Gear icon (second from the left) to access the preferences/settings window
In the "General" window make sure the following are selected:
Automatically save log-file
Automatically quarantine objects prior to removal
Safe Mode (always request confirmation)
Click on the "Scanning" button on the left and select :
Scan Within Archives
Scan Active Processes
Scan Registry
Deep Scan Registry
Scan my IE favorites for banned URLs
Scan my Hosts file
Under Click here to select drives + folders, choose:
All of your hard drives
Click on the "Advanced" button on the left and select:
Include additional process information
Include additional file information
Include environment information
Include additional object details
Click the "Tweak" button and select:
Under the "Scanning Engine":
Unload recognized processes during scanning
Include basic Ad-aware settings in logfile
Include additional Ad-aware settings in logfile
Under the Cleaning Engine:
Let Windows remove files in use at next reboot
Click on "Proceed" to save the settings.
Click -Start- and on the next screen choose "Activate in-depth Scan" at the bottom of the page and then choose:
Use Custom Scanning Options
Click -Next- and AdAware will scan your hard drive(s) with the options you have selected.
After scan,put a checkmark to all what it find, then click "finish"
REBOOT
Protect your computer:
Ccleaner: http://www.ccleaner.com/
Ie Spyad: http://www.staff.uiuc.edu/~ehowes/main.htm
----------------------------------------------------------------
Spywareblaster: http://www.javacoolsoftware.com/spywareblaster.html
Spywareguard: http://www.javacoolsoftware.com/spywareguard.html
Update both at least, once in a week.
Tell if your startpage still get redirected?
Post new log
_________________
Please, do not PM me with HJT log´s, thank you. |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Sat Jun 05, 2004 7:09 am Post subject: |
|
|
| Thankyou. I have done all these things. Many things have been fixed, but my ie starts by itself every 20 min. or so as a small 1"x1" window and then screen goes completely white. I have to ctrl/alt/del and end task 2x to make it go away. All else seems to be ok. Homepage is always "about:blank". Thanks so much for helping me so far. I had no idea there was so much good freeware out there (nor so much malware). What should I do further? |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Mon Jun 07, 2004 6:27 am Post subject: |
|
|
| help? |
|
| Back to top |
|
|
magictouch
1st Responder
Joined: May 02, 2004
Posts: 697
Location: Denmark
|
| Posted: Mon Jun 07, 2004 6:33 am Post subject: |
|
|
Sorry i kept you waiting.
Post new log
_________________
Please, do not PM me with HJT log´s, thank you. |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Mon Jun 07, 2004 10:11 am Post subject: |
|
|
new logfile:
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Monday, June 07, 2004 9:48:48 AM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R298 20.04.2004
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R298 20.04.2004
Internal build : 229
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 1067557 Bytes
Signature data size : 1049356 Bytes
Reference data size : 18137 Bytes
Signatures total : 23569
Target categories : 10
Target families : 455
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:25 %
Total physical memory:261064 kb
Available physical memory:9496 kb
Total page file size:1836084 kb
Available on page file:1655288 kb
Total virtual memory:2093056 kb
Available virtual memory:2053888 kb
OS:Windows (9
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
06-07-2004 9:48:48 AM - Scan started. (Custom mode)
Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293895221
Threads : 8
Priority : High
FileSize : 460 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1991-1999
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294960213
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:3 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294961573
Threads : 2
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:4 [gwmdmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 4292883461
Threads : 2
Priority : Normal
FileSize : 99 KB
FileVersion : 3.3.17 10/31/2001 19:49:40
ProductVersion : 3.3.17 10/31/2001 19:49:40
Copyright : Copyright
CompanyName : GTW
FileDescription : Modem Messaging Applet
InternalName : smdmstat.exe
OriginalFilename : smdmstat.exe
ProductName : GTW Modem Messaging Applet
Created on : 02/04/2002 12:16:50 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 11/27/2001 11:55:10 AM
#:5 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4292901581
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:6 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4292912541
Threads : 2
Priority : Normal
FileSize : 109 KB
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
Copyright : Copyright (C) Microsoft Corp. 2000
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 06/18/2001 4:33:20 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 06/18/2001 4:33:20 PM
#:7 [ccevtmgr.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\
ProcessID : 4292910201
Threads : 32
Priority : Normal
FileSize : 249 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 11/10/2003 6:25:34 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 11/10/2003 5:30:04 PM
#:8 [ccsetmgr.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\
ProcessID : 4292933385
Threads : 15
Priority : Normal
FileSize : 229 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 11/10/2003 6:25:34 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 11/10/2003 5:30:12 PM
#:9 [nprotect.exe]
FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\
ProcessID : 4292928929
Threads : 3
Priority : Normal
FileSize : 132 KB
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
Copyright : Copyright (C) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
OriginalFilename : NPROTECT.EXE
ProductName : Norton Utilities
Created on : 06/01/2004 10:18:51 AM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 08/14/2002 10:03:00 AM
#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4292978025
Threads : 17
Priority : Normal
FileSize : 176 KB
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
Copyright : Copyright (C) Microsoft Corp. 1981-1997
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:11 [taskmon.exe]
FilePath : C:\WINDOWS\
ProcessID : 4293099853
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1998
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
OriginalFilename : TASKMON.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:12 [systray.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293124961
Threads : 2
Priority : Normal
FileSize : 32 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
OriginalFilename : SYSTRAY.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:13 [loadqm.exe]
FilePath : C:\WINDOWS\
ProcessID : 4293154993
Threads : 4
Priority : Normal
FileSize : 7 KB
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
OriginalFilename : LOADQM.EXE
ProductName : QMgr Loader
Created on : 10/11/2002 12:49:56 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/03/2000 9:23:10 PM
#:14 [realsched.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\
ProcessID : 4293107625
Threads : 2
Priority : Normal
FileSize : 176 KB
FileVersion : 0.1.0.3018
ProductVersion : 0.1.0.3018
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealPlayer (32-bit)
Created on : 05/06/2004 8:05:27 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/06/2004 8:05:28 PM
#:15 [wintime.exe]
FilePath : C:\WINDOWS\SYSTEM32\
ProcessID : 4293104125
Threads : 1
Priority : Normal
FileSize : 5 KB
Created on : 05/27/2004 8:02:58 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/27/2004 8:03:00 PM
#:16 [symlcsvc.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\
ProcessID : 4293189185
Threads : 1
Priority : Normal
FileSize : 572 KB
FileVersion : 1, 8, 48, 77
ProductVersion : 1, 8, 48, 77
Copyright : Copyright (C) 2003
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
OriginalFilename : symlcsvc.exe
ProductName : Symantec Core Component
Created on : 05/28/2004 6:23:29 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/28/2004 6:23:30 PM
#:17 [ccapp.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\
ProcessID : 4293185241
Threads : 29
Priority : Normal
FileSize : 69 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 11/10/2003 6:25:34 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 11/10/2003 5:30:02 PM
#:18 [svchosd.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293198201
Threads : 3
Priority : Normal
FileSize : 6 KB
Created on : 05/28/2004 7:57:36 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/28/2004 7:57:38 PM
#:19 [wmiexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293235365
Threads : 3
Priority : Normal
FileSize : 16 KB
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
OriginalFilename : wmiexe.exe
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:20 [rundll.exe]
FilePath : C:\WINDOWS\
ProcessID : 4293268093
Threads : 1
Priority : Normal
FileSize : 4 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1991-1998
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:21 [svchost.exe]
FilePath : C:\WINDOWS\
ProcessID : 4293291869
Threads : 1
Priority : Normal
FileSize : 3 KB
Created on : 06/04/2004 9:42:32 AM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 06/04/2004 9:42:34 AM
#:22 [sgmain.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4293286845
Threads : 1
Priority : Normal
FileSize : 352 KB
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
Copyright : Copyright (C) 2002-2003 Javacool Software LLC
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC
FileDescription : SpywareGuard
InternalName : sgmain
OriginalFilename : sgmain.exe
ProductName : SpywareGuard
Created on : 08/29/2003 11:05:35 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 08/29/2003 11:05:36 PM
#:23 [sgbhp.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4293425009
Threads : 2
Priority : Normal
FileSize : 228 KB
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
Copyright : Copyright (C) 2002-2003 Javacool Software LLC.
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC.
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
OriginalFilename : sgbhp.exe
ProductName : SG Browser Hijacking Protection
Created on : 08/29/2003 3:14:56 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 08/29/2003 3:14:58 PM
#:24 [aroutaps.exe]
FilePath : C:\PROGRAM FILES\ALPHA01\
ProcessID : 4293041933
Threads : 4
Priority : Normal
FileSize : 2332 KB
FileVersion : 198, 0, 0, 0
ProductVersion : 198, 0, 0, 0
Copyright : Copyright
CompanyName : Licom Systems Ltd
FileDescription : Licom AlphaCAM
InternalName : MILLAPS
OriginalFilename : MILLAPS.EXE
ProductName : AlphaCAM
Created on : 04/24/2003 5:06:04 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/24/2001 2:14:04 PM
#:25 [spool32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293640917
Threads : 2
Priority : Normal
FileSize : 44 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1994 - 1998
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
OriginalFilename : spool32.exe
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:26 [hpw5bkg.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293669537
Threads : 1
Priority : Normal
FileSize : 16 KB
FileVersion : 1998.0914.0.0
ProductVersion : 1998.0914.0.0
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : Background EXE for HP DeskJet Printing System for Windows
InternalName : HPW5BK
OriginalFilename : HPW5BKG.EX
ProductName : HP Printing System for Windows
Created on : 05/08/2003 2:41:13 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 09/25/1998 12:06:00 PM
#:27 [hpw5dsm.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293672705
Threads : 1
Priority : Normal
FileSize : 115 KB
FileVersion : 1998.0914.0.0
ProductVersion : 1998.0914.0.0
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : Status Monitor for HP DeskJet Printing System for Windows
InternalName : HPW5DS
OriginalFilename : HPW5DSM.DL
ProductName : HP Printing System for Windows
Created on : 05/08/2003 2:41:14 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 09/25/1998 12:06:00 PM
#:28 [hpw5net.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293671809
Threads : 1
Priority : Normal
FileSize : 33 KB
FileVersion : 1998.0914.0.0
ProductVersion : 1998.0914.0.0
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : HP DeskJet Printing System for Windows
InternalName : HPW5NE
OriginalFilename : HPW5NET.DL
ProductName : HP Printing System for Windows
Created on : 05/08/2003 2:41:15 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 09/25/1998 12:06:00 PM
#:29 [ltw32.exe]
FilePath : C:\CABWARE\
ProcessID : 4293148381
Threads : 1
Priority : Normal
FileSize : 1018 KB
Copyright : rig
Created on : 01/10/2003 6:50:08 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 01/10/2003 6:50:08 PM
#:30 [cnc.exe]
FilePath : C:\CABWARE\
ProcessID : 4293239117
Threads : 1
Priority : Normal
FileSize : 1310 KB
FileVersion : 5.0.7.0
ProductVersion : 5.07.0
Copyright : Copyright
CompanyName : Planit-Cabnetware, Inc.
FileDescription : CNC for Windows98/2000
InternalName : CNC
OriginalFilename : CNC.EXE
ProductName : CNC Link
Created on : 01/15/2003 4:49:50 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 01/15/2003 4:49:50 PM
#:31 [cadctlbxv3.exe]
FilePath : C:\PROGRAM FILES\CADCODE\
ProcessID : 4292942793
Threads : 5
Priority : Normal
FileSize : 8452 KB
FileVersion : 3.08.0003
ProductVersion : 3.08.0003
Copyright : Copyright
CompanyName : CCSI, CADCode Systems
FileDescription : CADCode ToolBox Machine Integration System
InternalName : CADCTLBXv3
OriginalFilename : CADCTLBXv3.exe
ProductName : CADCode ToolBox
Created on : 01/28/2004 9:41:10 AM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 09/06/2002 3:25:30 PM
#:32 [pstores.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293578705
Threads : 3
Priority : Normal
FileSize : 79 KB
FileVersion : 5.00.1877.3
ProductVersion : 5.00.1877.3
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : Protected storage server
InternalName : Protected storage server
OriginalFilename : Protected storage server
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 01/01/1601
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 04/24/1999 2:22:00 AM
#:33 [opscan.exe]
FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
ProcessID : 4293694069
Threads : 16
Priority : Normal
FileSize : 65 KB
FileVersion : 10.0.2.610
ProductVersion : 10.0.2.610
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Out of Process Scan Server
InternalName : OPScan
OriginalFilename : OPScan.exe
ProductName : Norton AntiVirus
Created on : 12/05/2003 8:40:32 PM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 12/04/2003 10:22:30 PM
#:34 [zlclient.exe]
FilePath : C:\PROGRAM FILES\ZONE LABS\ZONEALARM\
ProcessID : 4293716489
Threads : 6
Priority : Normal
FileSize : 681 KB
FileVersion : 5.0.590.015
ProductVersion : 5.0.590.015
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : Zone Labs Client
InternalName : zlclient
OriginalFilename : zlclient.exe
ProductName : Zone Labs Client
Created on : 06/04/2004 11:56:12 AM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/17/2004 8:56:14 AM
#:35 [vsmon.exe]
FilePath : C:\WINDOWS\SYSTEM\ZONELABS\
ProcessID : 4293762793
Threads : 16
Priority : Normal
FileSize : 893 KB
FileVersion : 5.0.590.015
ProductVersion : 5.0.590.015
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
OriginalFilename : vsmon.exe
ProductName : TrueVector Service
Created on : 06/04/2004 11:56:09 AM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 05/17/2004 8:55:26 AM
#:36 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4293760985
Threads : 2
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 02/13/2004 9:51:51 AM
Last accessed : 06/07/2004 4:00:00 AM
Last modified : 07/13/2003 1:00:20 AM
Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Deep scanning and examining files (C
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Disk scan result for C:\ALACRITY\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\brother 1440 drivers\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\cabs\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\CAD_SYS\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\CADFILES\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\Config.Msi\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\Filetopia3\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\formula spreadsheets\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\HET_TA\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\HPFONTS\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\HPLJ5K.T\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\icons\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\LICOMCFG\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\LICOMDAT\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\LICOMDIR\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\lj252\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\mwa\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\mwacad\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\My Documents\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\My Downloads\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\My Drivers\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\My Music\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\PicsNP\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\printer drivers\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\Program Files\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\RECYCLED\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\TEMP\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\unzipped\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\WINDOWS\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Disk scan result for C:\WUTemp\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Scanning Hosts file(C:\WINDOWS\hosts)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Hosts file scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
2 entries scanned.
New objects :0
Objects found so far: 0
9:59:07 AM Scan complete
Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00:10:18:960
Objects scanned :101028
Objects identified :0
Objects ignored :0
New objects :0
You're not keeping me waiting! I really appreciate any help. |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Mon Jun 07, 2004 10:14 am Post subject: |
|
|
I should have posted hijackthis log? here it is:
Logfile of HijackThis v1.97.7
Scan saved at 10:13:06 AM, on 06/07/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\GWMDMMSG.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM32\WINTIME.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\SVCHOSD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SVCHOST.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\PROGRAM FILES\ALPHA01\AROUTAPS.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\HPW5BKG.EXE
C:\WINDOWS\SYSTEM\HPW5DSM.EXE
C:\WINDOWS\SYSTEM\HPW5NET.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\MWA\PC\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com/"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\6x1j7rwb.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\6x1j7rwb.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: . - {D34F08C5-4F18-477c-86CB-1A9BEECFE37B} - C:\WINDOWS\APPLICATION DATA\IECJ\IECJ.DLL
O2 - BHO: (no name) - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [WorksFUD] c:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinTime] C:\WINDOWS\system32\wintime.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Aplune Service] svchosd.exe
O4 - HKLM\..\Run: [Advanced Tools Check] c:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\Run: [RegistryMechanic] C:\PROGRAM FILES\REGISTRY MECHANIC\REGMECH.exe /QS
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [RNBOStart] c:\WINDOWS\SYSTEM\sentstrt.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Windows Deafult Configuration] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [ccleaner] "C:\PROGRAM FILES\CCLEANER\CCLEANER.exe" /AUTO
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &Define - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .avi: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npavi32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc...wflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200...taller.exe
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://www.techsmith.com/codec/tsccinst.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06f0cf3fd96...xIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/C...2887847222
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://support.charter.com/sdccommon/download/tgctlins.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://support.charter.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {715A3997-ADE8-4399-AD92-353958D75076} (XUpdater Control) - http://www.bluefalcon.com/software/stre...SS_POC.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - https://components.viewpoint.com/MTSIns...?DSFID=215
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.gsu.edu/activex/AxisCamControl.ocx
O19 - User stylesheet: (file missing)
Thanks |
|
| Back to top |
|
|
magictouch
1st Responder
Joined: May 02, 2004
Posts: 697
Location: Denmark
|
| Posted: Mon Jun 07, 2004 11:47 am Post subject: |
|
|
Boot to safe mode - F8. Run hijackthis, close all other windows. scan, checkmark these and Fix:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
O2 - BHO: . - {D34F08C5-4F18-477c-86CB-1A9BEECFE37B} - C:\WINDOWS\APPLICATION DATA\IECJ\IECJ.DLL
O2 - BHO: (no name) - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - (no file)
O4 - HKLM\..\Run: [Aplune Service] svchosd.exe
O19 - User stylesheet: (file missing)
Find and delete: svchosd.exe
Reboot and post new Hjt Log
Still have problems?
_________________
Please, do not PM me with HJT log´s, thank you. |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Mon Jun 07, 2004 2:59 pm Post subject: |
|
|
Logfile of HijackThis v1.97.7
Scan saved at 2:54:45 PM, on 06/07/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\GWMDMMSG.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM32\WINTIME.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SVCHOST.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\MWA\PC\HIJACKTHIS.EXE
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com/"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\6x1j7rwb.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\6x1j7rwb.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [WorksFUD] c:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinTime] C:\WINDOWS\system32\wintime.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Advanced Tools Check] c:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [RNBOStart] c:\WINDOWS\SYSTEM\sentstrt.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Windows Deafult Configuration] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [ccleaner] "C:\PROGRAM FILES\CCLEANER\CCLEANER.exe" /AUTO
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &Define - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .avi: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npavi32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc...wflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200...taller.exe
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://www.techsmith.com/codec/tsccinst.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06f0cf3fd96...xIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/C...2887847222
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://support.charter.com/sdccommon/download/tgctlins.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://support.charter.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {715A3997-ADE8-4399-AD92-353958D75076} (XUpdater Control) - http://www.bluefalcon.com/software/stre...SS_POC.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - https://components.viewpoint.com/MTSIns...?DSFID=215
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.gsu.edu/activex/AxisCamControl.ocx
new logfile. thanks. I did all you said. If I touch ie it does the small window and white screen thing still ( I am using netscape now). It either says: "about:blank"or "windows/dl". |
|
| Back to top |
|
|
magictouch
1st Responder
Joined: May 02, 2004
Posts: 697
Location: Denmark
|
| Posted: Tue Jun 08, 2004 6:12 am Post subject: |
|
|
Run Cwshredder:
http://www.softpedia.com/public/cat/10/17/10-17-150.shtml
Unzip to own folder. Check for updates. Push Fix button
_________________
Please, do not PM me with HJT log´s, thank you. |
|
| Back to top |
|
|
match2
Trooper
Joined: Jun 03, 2004
Posts: 18
Location: USA
|
| Posted: Tue Jun 08, 2004 11:45 am Post subject: |
|
|
| Ok. I did that. It said the system was clean. My ie works, but opens minimized (when I open it myself) and still opens by itself with "C:\WINDOWS\dl.html" as the address. Thanks for all your help so far. Any more ideas? |
|
| Back to top |
|
|
magictouch
1st Responder
Joined: May 02, 2004
Posts: 697
Location: Denmark
|
| Posted: Tue Jun 08, 2004 12:10 pm Post subject: |
|
|
A few more ideas
Find:C:\WINDOWS\dl.html, and delete it.
When you have opened IE,drag that IE window to the size you want without clicking the maximize button. Once you have it to the size you want, close the window. They should all open that size now hopefully.
_________________
Please, do not PM me with HJT log´s, thank you. |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB 2.0.8a © 2001 phpBB Group
Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
|
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
