|
| ||
| Re: System Alert thing please help me my trip was pretty good i wish i would have gotten more of a tan though!! my computer is running slow and when i try to burn a cd it always stops after burning 10 songs and says there is a c++ error and something about media.hub and it takes it like 40 minutes to burn those 10 songs and it use to take me 5 to 10 minutes tops to burn a complete cd of like 20 songs. and i always have non responsive programs and AIM keeps putting it self on the startup when i turn on the computer (when i turn it on) and i cant even listen to music half the time that im using the internet cuz it skips and pauses the song. i keep finding and deleting or removing things, but it seems that everytime i remove something bad my computer seems to get worse. its really frustrating because i'll spend a few hours here and there just solely on trying to fix things and i never seem to get any where. |
| ||
| Re: System Alert thing please help me Quote:
== 1. Download this file from one of the following links : http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.techsupportforum.com/sectools/combofix.exe 2. Double click combofix.exe & follow the prompts. 3. When finished, it shall produce a log for you. Post that log in your next reply, along with a new hijackthis log. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall |
| ||
| Re: System Alert thing please help me ComboFix 07-09-14.2 - "Compaq_Administrator" 2007-09-15 15:39:36.1 - NTFSx86 . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\screensavers.com C:\Program Files\screensavers.com\Installer\bin\iebyterange.xml C:\Program Files\screensavers.com\Installer\bin\iebyterange.xml.backup C:\Program Files\screensavers.com\Installer\bin\siuninst.exe C:\Program Files\screensavers.com\Wallpaper\Hasbro Candyland - King Kandy.jpg C:\Program Files\screensavers.com\Wallpaper\swpstart.exe . ((((((((((((((((((((((((( Files Created from 2007-08-15 to 2007-09-15 ))))))))))))))))))))))))))))))) . 2007-09-15 15:38 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-11 19:31 <DIR> d-------- C:\Program Files\Enigma Software Group 2007-09-11 14:43 <DIR> d-------- C:\Program Files\Security Task Manager 2007-09-11 14:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecTaskMan 2007-09-11 14:31 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared 2007-09-01 00:48 4,096 --a------ C:\WINDOWS\d3dx.dat 2007-09-01 00:48 <DIR> d-------- C:\My Games 2007-09-01 00:47 <DIR> d-------- C:\My Download Files 2007-09-01 00:42 774,144 --a------ C:\Program Files\RngInterstitial.dll 2007-09-01 00:42 <DIR> d-------- C:\Program Files\Real . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-12 20:43 --------- d-------- C:\Program Files\Last.fm 2007-09-11 19:27 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec 2007-09-10 23:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion 2007-09-01 02:46 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\PlayFirst 2007-09-01 00:42 --------- d-------- C:\Program Files\Common Files\Real 2007-08-30 18:35 --------- d-------- C:\Program Files\McAfee 2007-08-17 19:34 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-08-17 19:34 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-08-17 19:19 --------- d-------- C:\Program Files\LimeWire 2007-08-16 21:32 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\ComcastToolbar 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-27 22:29 --------- d-------- C:\Program Files\Ahead 2007-07-23 16:52 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-07-23 15:33 53248 --a------ C:\WINDOWS\system32\Process.exe 2007-07-23 15:33 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-07-23 15:33 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-07-23 03:45 --------- d-------- C:\Program Files\Windows Live Safety Center 2007-07-22 23:58 --------- d-------- C:\Program Files\Trend Micro 2007-07-22 23:17 --------- d-------- C:\Program Files\Lavasoft 2007-07-22 23:17 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-22 22:28 --------- d-------- C:\Program Files\Spyware Terminator 2007-07-22 22:27 --------- d-------- C:\Program Files\Roguescanfix 2007-07-22 21:47 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-07-22 03:15 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\Viewpoint 2007-07-22 03:07 --------- d-------- C:\Program Files\Common Files\Scanner 2007-07-21 23:16 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\Canon 2007-07-21 18:16 --------- d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-07-19 01:59 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-19 01:40 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir 2007-07-19 01:20 --------- d-------- C:\Program Files\Picasa2 2007-07-12 18:31 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 09:34 823808 --a------ C:\WINDOWS\system32\wininet(2)(2).dll 2007-06-27 09:34 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 09:34 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 09:34 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 09:34 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 09:34 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 09:34 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 09:34 44544 --a------ C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 09:34 384512 --a------ C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 09:34 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 09:34 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 09:34 267776 --a------ C:\WINDOWS\system32\iertutil(2)(2).dll 2007-06-27 09:34 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 09:34 232960 --a------ C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 09:34 230400 --a------ C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 09:34 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 09:34 153088 --a------ C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 09:34 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 09:34 124928 --a------ C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 09:34 1152000 --a------ C:\WINDOWS\system32\urlmon(2)(2).dll 2007-06-27 09:34 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 09:34 105984 --a------ C:\WINDOWS\system32\url(2)(2).dll 2007-06-27 09:34 105984 --a------ C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 09:34 102400 --a------ C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 03:27 63488 --a------ C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 03:27 625152 --a------ C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 03:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 02:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 22:10 317440 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe 2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\gdi32(2)(2).dll 2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-18 17:02 425064 --a------ C:\WINDOWS\system32\Incinerator.dll 2006-05-03 18:16 251 --a------ C:\Program Files\wt3d.ini 2005-05-12 09:36 12288 --a------ C:\WINDOWS\Fonts\RandFont.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20] "SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe" [2007-06-18 17:01] "HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 12:41] "DISCover"="C:\Program Files\DISC\DISCover.exe" [2006-04-26 15:30] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 02:19 C:\WINDOWS\arpwrmsg.exe] "DiscUpdateManager"="C:\Program Files\DISC\DiscUpdateMgr.exe" [2005-09-27 02:42] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-06-18 15:58] "Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-04-27 16:17] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 07:00] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "rmoc3260.dll OCX"=regsvr32.exe /s "C:\WINDOWS\system32\rmoc3260.dll" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\ Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-09-12 20:43:07] C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\ Pin.lnk - C:\hp\bin\CLOAKER.EXE [2005-11-29 03:26:37] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk backup=C:\WINDOWS\pss\Compaq Connections.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Compaq_Administrator^Start Menu^Programs^Startup^Check For Dope Wars Updates.lnk] path=C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Check For Dope Wars Updates.lnk backup=C:\WINDOWS\pss\Check For Dope Wars Updates.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] C:\Program Files\Common Files\AOL\1146104975\ee\AOLSoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\3.bin\m3IMPipe.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) "WZCSVC"=2 (0x2) "WebClient"=2 (0x2) "Ati HotKey Poller"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "WmiApSrv"=3 (0x3) "Wmi"=3 (0x3) "WmdmPmSN"=3 (0x3) "winmgmt"=2 (0x2) "VSS"=3 (0x3) "upnphost"=3 (0x3) "stisvc"=2 (0x2) "SSDPSRV"=2 (0x2) "sp_rssrv"=2 (0x2) "sp_clamsrv"=3 (0x3) "Spooler"=2 (0x2) "SENS"=2 (0x2) "ose"=3 (0x3) "Netlogon"=3 (0x3) "mnmsrvc"=3 (0x3) "LightScribeService"=2 (0x2) "lanmanworkstation"=2 (0x2) "ehSched"=2 (0x2) "ehRecvr"=2 (0x2) "Avg7UpdSvc"=2 (0x2) "Avg7Alrt"=2 (0x2) "aspnet_state"=3 (0x3) "ALG"=3 (0x3) "ImapiService"=3 (0x3) "helpsvc"=2 (0x2) "gusvc"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime "My Web Search Bar Search Scope Monitor"="C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w "SpyHunter"=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2007-09-15 06:21:54 C:\WINDOWS\Tasks\McDefragTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-09-01 06:04:22 C:\WINDOWS\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-09-15 20:29:08 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-15 15:41:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-15 15:42:06 C:\ComboFix-quarantined-files.txt ... 2007-09-15 15:41 . --- E O F --- |
| ||
| Re: System Alert thing please help me oh okay. i feel a lil' dumb now the jotti thing said it was okay, that no threat was detected but there was 10 things that it pulled up that i have no idea what they are. and i see in the bottom of that logfile from combofix it says something about "my web search" do u know how i can that completely out of my computer because i know that that is part of the problem |
| ||
| Re: System Alert thing please help me oh n/m about the 10 things i figured it out. |
| ||
| Re: System Alert thing please help me here is another combofix logfile. i made some changes and deletions so i dont know if it changed or anything ComboFix 07-09-14.2 - "Compaq_Administrator" 2007-09-15 16:39:24.2 - NTFSx86 . ((((((((((((((((((((((((( Files Created from 2007-08-15 to 2007-09-15 ))))))))))))))))))))))))))))))) . 2007-09-15 15:38 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-11 19:31 <DIR> d-------- C:\Program Files\Enigma Software Group 2007-09-11 14:43 <DIR> d-------- C:\Program Files\Security Task Manager 2007-09-11 14:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecTaskMan 2007-09-11 14:31 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared 2007-09-01 00:48 4,096 --a------ C:\WINDOWS\d3dx.dat 2007-09-01 00:48 <DIR> d-------- C:\My Games 2007-09-01 00:47 <DIR> d-------- C:\My Download Files 2007-09-01 00:42 774,144 --a------ C:\Program Files\RngInterstitial.dll 2007-09-01 00:42 <DIR> d-------- C:\Program Files\Real . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-12 20:43 --------- d-------- C:\Program Files\Last.fm 2007-09-11 19:27 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec 2007-09-10 23:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion 2007-09-01 02:46 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\PlayFirst 2007-09-01 00:42 --------- d-------- C:\Program Files\Common Files\Real 2007-08-30 18:35 --------- d-------- C:\Program Files\McAfee 2007-08-17 19:34 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-08-17 19:34 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-08-17 19:19 --------- d-------- C:\Program Files\LimeWire 2007-08-16 21:32 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\ComcastToolbar 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-27 22:29 --------- d-------- C:\Program Files\Ahead 2007-07-23 16:52 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-07-23 15:33 53248 --a------ C:\WINDOWS\system32\Process.exe 2007-07-23 15:33 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-07-23 15:33 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-07-23 03:45 --------- d-------- C:\Program Files\Windows Live Safety Center 2007-07-22 23:58 --------- d-------- C:\Program Files\Trend Micro 2007-07-22 23:17 --------- d-------- C:\Program Files\Lavasoft 2007-07-22 23:17 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-22 22:28 --------- d-------- C:\Program Files\Spyware Terminator 2007-07-22 22:27 --------- d-------- C:\Program Files\Roguescanfix 2007-07-22 21:47 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-07-22 03:15 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\Viewpoint 2007-07-22 03:07 --------- d-------- C:\Program Files\Common Files\Scanner 2007-07-21 23:16 --------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\Canon 2007-07-21 18:16 --------- d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-07-19 01:59 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-19 01:40 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir 2007-07-19 01:20 --------- d-------- C:\Program Files\Picasa2 2007-07-12 18:31 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 09:34 823808 --a------ C:\WINDOWS\system32\wininet(2)(2).dll 2007-06-27 09:34 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 09:34 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 09:34 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 09:34 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 09:34 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 09:34 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 09:34 44544 --a------ C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 09:34 384512 --a------ C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 09:34 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 09:34 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 09:34 267776 --a------ C:\WINDOWS\system32\iertutil(2)(2).dll 2007-06-27 09:34 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 09:34 232960 --a------ C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 09:34 230400 --a------ C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 09:34 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 09:34 153088 --a------ C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 09:34 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 09:34 124928 --a------ C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 09:34 1152000 --a------ C:\WINDOWS\system32\urlmon(2)(2).dll 2007-06-27 09:34 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 09:34 105984 --a------ C:\WINDOWS\system32\url(2)(2).dll 2007-06-27 09:34 105984 --a------ C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 09:34 102400 --a------ C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 03:27 63488 --a------ C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 03:27 625152 --a------ C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 03:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 02:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 22:10 317440 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe 2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\gdi32(2)(2).dll 2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-18 17:02 425064 --a------ C:\WINDOWS\system32\Incinerator.dll 2006-05-03 18:16 251 --a------ C:\Program Files\wt3d.ini 2005-05-12 09:36 12288 --a------ C:\WINDOWS\Fonts\RandFont.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20] "SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe" [2007-06-18 17:01] "HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 12:41] "DISCover"="C:\Program Files\DISC\DISCover.exe" [2006-04-26 15:30] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 02:19 C:\WINDOWS\arpwrmsg.exe] "DiscUpdateManager"="C:\Program Files\DISC\DiscUpdateMgr.exe" [2005-09-27 02:42] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-06-18 15:58] "Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-04-27 16:17] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 07:00] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "rmoc3260.dll OCX"=regsvr32.exe /s "C:\WINDOWS\system32\rmoc3260.dll" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\ Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-09-12 20:43:07] C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\ Pin.lnk - C:\hp\bin\CLOAKER.EXE [2005-11-29 03:26:37] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk backup=C:\WINDOWS\pss\Compaq Connections.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Compaq_Administrator^Start Menu^Programs^Startup^Check For Dope Wars Updates.lnk] path=C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Check For Dope Wars Updates.lnk backup=C:\WINDOWS\pss\Check For Dope Wars Updates.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] C:\Program Files\Common Files\AOL\1146104975\ee\AOLSoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Community Tools] "C:\Program Files\MyWebSearch\bar\3.bin\m3IMPipe.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) "WZCSVC"=2 (0x2) "WebClient"=2 (0x2) "Ati HotKey Poller"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "WmiApSrv"=3 (0x3) "Wmi"=3 (0x3) "WmdmPmSN"=3 (0x3) "winmgmt"=2 (0x2) "VSS"=3 (0x3) "upnphost"=3 (0x3) "stisvc"=2 (0x2) "SSDPSRV"=2 (0x2) "sp_rssrv"=2 (0x2) "sp_clamsrv"=3 (0x3) "Spooler"=2 (0x2) "SENS"=2 (0x2) "ose"=3 (0x3) "Netlogon"=3 (0x3) "mnmsrvc"=3 (0x3) "LightScribeService"=2 (0x2) "lanmanworkstation"=2 (0x2) "ehSched"=2 (0x2) "ehRecvr"=2 (0x2) "Avg7UpdSvc"=2 (0x2) "Avg7Alrt"=2 (0x2) "aspnet_state"=3 (0x3) "ALG"=3 (0x3) "ImapiService"=3 (0x3) "helpsvc"=2 (0x2) "gusvc"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime "My Web Search Bar Search Scope Monitor"="C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w "SpyHunter"=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2007-09-15 06:21:54 C:\WINDOWS\Tasks\McDefragTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-09-01 06:04:22 C:\WINDOWS\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-09-15 21:11:35 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-15 16:40:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-15 16:41:27 C:\ComboFix-quarantined-files.txt ... 2007-09-15 16:41 C:\ComboFix2.txt ... 2007-09-15 15:42 . --- E O F --- |
| ||
| Re: System Alert thing please help me and here is the hjt loffile Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:45:40 PM, on 9/15/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\arservice.exe C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe C:\Program Files\DISC\DISCover.exe C:\WINDOWS\ARPWRMSG.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\Program Files\LimeWire\LimeWire.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe c:\windows\system\hpsysdrv.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe" O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1698084833-1717790860-103795621-1008\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O4 - HKUS\S-1-5-21-1698084833-1717790860-103795621-1008\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (User '?') O4 - HKUS\S-1-5-21-1698084833-1717790860-103795621-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [rmoc3260.dll OCX] regsvr32.exe /s "C:\WINDOWS\system32\rmoc3260.dll" (User '?') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [rmoc3260.dll OCX] regsvr32.exe /s "C:\WINDOWS\system32\rmoc3260.dll" (User 'Default user') O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User '?') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O8 - Extra context menu item: &Search - ?p=ZC O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe -- End of file - 10438 bytes |
| ||
| Re: System Alert thing please help me Scan with HijackThis and then place a check next to all the following, if present: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked". Delete the following folder; C:\Program Files\MyWebSearch =============== After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now. |
| ||
| Re: System Alert thing please help me i dont know how to find the mywebsearch stuff on my computer i tried searching for it and nothing came up Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:02:47 AM, on 9/18/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\arservice.exe C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe C:\Program Files\DISC\DISCover.exe C:\WINDOWS\ARPWRMSG.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe c:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe" O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [rmoc3260.dll OCX] regsvr32.exe /s "C:\WINDOWS\system32\rmoc3260.dll" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [rmoc3260.dll OCX] regsvr32.exe /s "C:\WINDOWS\system32\rmoc3260.dll" (User 'Default user') O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O8 - Extra context menu item: &Search - ?p=ZC O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe -- End of file - 9854 bytes |
| ||
| Re: System Alert thing please help me Try this; 1. Please download The Avenger by Swandog46 to your Desktop.
2. Copy all the text (including the 'Files to delete') contained in the code box below to your clipboard by highlighting it and pressing Ctrl+C: Quote:
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system. 3. Now, start The Avenger program by clicking on its icon on your desktop.
|
| All times are GMT -4. The time now is 3:42 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC