|
| ||
| WIN98SE protection Recents escapades with "Red circles", followed by relentless attacks of unwanted "items" (one session with AdAware revealed 82 extras !!), like recent encounter with Alexa, found by AdAware (gave me some chills, reading description) and EzuLa, found by Spyware hunter 2.0, but not (I think) HijackThis and AdAware (logs posted below), made me much more serious about computer protection. I downloaded all Critical Updates, but now I just don't know what other tools to download and use, just too many of them, having multiple tools makes me wonder about possible conflicts between them, therefore I'm kindly asking this community for advice on a perfect essential pack of those free real-time detection and removal tools: - Win98SE OS, AP - laptop WLAN connection, ADSL. I have Norton AV 5.02.04 installed and AdAware 1.06 free version without AdWatch. Please give me some hints: - Personal firewall ? - Anti-spyware ? - Anti-malware ? - Did I forget something, like NAV5.0 no good and should I get something else ? Recent posts: Log Contents provided by Enigma Software Group, Inc. ###########################Runnning Processes DATA########################### processName = C:\WINDOWS\SYSTEM\KERNEL32.DLL File Size = 55296 File Path = C:\WINDOWS\SYSTEM\USER32.DLL ModuleMD5 = a35c00929e92697fc943116f14cfe2c2 processName = C:\WINDOWS\SYSTEM\MSGSRV32.EXE File Size = 45056 File Path = C:\WINDOWS\SYSTEM\CFGMGR32.DLL ModuleMD5 = 570017a206d3bec656e2f275120e534e processName = C:\WINDOWS\SYSTEM\MPREXE.EXE File Size = 81920 File Path = C:\WINDOWS\SYSTEM\MSNP32.DLL ModuleMD5 = 9dc8ac67ca154703a2561e24540e30f5 processName = C:\WINDOWS\SYSTEM\MMTASK.TSK File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = 375b0813980ae17dcc689e913ab9dd7b processName = C:\WINDOWS\SYSTEM\MSTASK.EXE File Size = 6416 File Path = C:\WINDOWS\SYSTEM\MSIDLE.DLL ModuleMD5 = 26bd5df330fc606c534a8151d7f3af95 processName = C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = 375b0813980ae17dcc689e913ab9dd7b processName = C:\WINDOWS\EXPLORER.EXE File Size = 98304 File Path = C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\MSCORLD.DLL ModuleMD5 = 05a716610d8a3cf709d790ffbe802b35 processName = C:\WINDOWS\TASKMON.EXE File Size = 28672 File Path = C:\WINDOWS\TASKMON.EXE ModuleMD5 = f795110611101279aa15997801abaca0 processName = C:\WINDOWS\SYSTEM\SYSTRAY.EXE File Size = 147456 File Path = C:\WINDOWS\SYSTEM\USBUI.DLL ModuleMD5 = 48bb1f700db4f6e3aa93badca18ecf5c processName = C:\WINDOWS\SYSTEM\IRMON.EXE File Size = 135168 File Path = C:\WINDOWS\SYSTEM\IRMON.EXE ModuleMD5 = 06607bd392a972f46a26b323edd733d3 processName = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKL.EXE File Size = 43520 File Path = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKL.EXE ModuleMD5 = 33355993e43ca867c9ca2b3be9238805 processName = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKT.EXE File Size = 47616 File Path = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKT.EXE ModuleMD5 = 93fc0fcecd1975233ecf6a1c4296ce8c processName = C:\WINDOWS\SYSTEM\ATICWD32.EXE File Size = 36864 File Path = C:\WINDOWS\SYSTEM\ATIMPPIF.DLL ModuleMD5 = 0a12c7b36cda33a8c14066f0a2a4bed4 processName = C:\WINDOWS\SYSTEM\ATITASK.EXE File Size = 14336 File Path = C:\WINDOWS\SYSTEM\ATITADEF.RSC ModuleMD5 = 1c994c2b11e4fd4756013736311c2a47 processName = C:\WINDOWS\SYSTEM\FPDISP3A.EXE File Size = 210944 File Path = C:\WINDOWS\SYSTEM\FPDISP3A.EXE ModuleMD5 = 1bc7046133e0a8aa9f151302053131be processName = C:\WINDOWS\SYSTEM\SPOOL32.EXE File Size = 36864 File Path = C:\WINDOWS\SYSTEM\MSPP32.DLL ModuleMD5 = 3e4a377d4fd175ddde49c04fd812d2ed processName = C:\PROGRAM FILES\ONSPEC\USB DISK\FLASHKSK.EXE File Size = 245760 File Path = C:\PROGRAM FILES\ONSPEC\USB DISK\FLASHKSK.EXE ModuleMD5 = 4a5a77c063122021a3579dc7007c25c1 processName = C:\WINDOWS\SYSTEM\INTERNAT.EXE File Size = 24576 File Path = C:\WINDOWS\SYSTEM\INDICDLL.DLL ModuleMD5 = 2e3dfedcf410f0878b7453bc884d3d3f processName = C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE File Size = 1930240 File Path = C:\WINDOWS\SYSTEM\MSI.DLL ModuleMD5 = 065235089c3cadee6e77c42ccd87250d processName = C:\WINDOWS\SYSTEM\USBMONIT.EXE File Size = 32768 File Path = C:\WINDOWS\SYSTEM\USBMONIT.EXE ModuleMD5 = 90abf4b2628aaed2cee93297446a6223 processName = C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE File Size = 43520 File Path = C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE ModuleMD5 = fd5cc2461987ba223501c3ec60fbfd2e processName = C:\PCSYNC\QDCTRAY.EXE File Size = 28672 File Path = C:\PCSYNC\QDCTRAY.EXE ModuleMD5 = 0e4b535454828aa2c0da7a5495c341ac processName = C:\PROGRAM FILES\PSION\PSIWIN\PSCONSV.EXE File Size = 204800 File Path = C:\PROGRAM FILES\PSION\PSIWIN\PRC32CLI.DLL ModuleMD5 = 5f45b16e497b5b70d510cc9b1479c930 processName = C:\WINDOWS\SYSTEM\DDHELP.EXE File Size = 43520 File Path = C:\WINDOWS\SYSTEM\ATIVPE32.DLL ModuleMD5 = 4f81da00ed9f021e975fbac3f4f61c93 processName = C:\WINDOWS\SYSTEM\WMIEXE.EXE File Size = 16384 File Path = C:\WINDOWS\SYSTEM\WMIEXE.EXE ModuleMD5 = 3dfe9ca6728c02ccd8309dc66b1dfeb1 processName = C:\PROGRAM FILES\PSION\PSIWIN\ELOGERR.EXE File Size = 105984 File Path = C:\PROGRAM FILES\PSION\PSIWIN\PRC32RES.DLL ModuleMD5 = 2341c2c903f2d6ec96e4f822c6de42c2 processName = C:\PROGRAM FILES\NETGEAR\WG511V2\WLANCFG5.EXE File Size = 17920 File Path = C:\WINDOWS\SYSTEM\MSADP32.ACM ModuleMD5 = 97b27a41f9a3ff5de278089f6348529e processName = C:\PROGRAM FILES\CLICKTOCONVERT\C2CMONITOR.EXE File Size = 1339392 File Path = C:\WINDOWS\SYSTEM\SHDOCVW.DLL ModuleMD5 = a79348b75da190ec91e2ba5ccf5c25be processName = C:\PROGRAM FILES\SIOL\ADSL\APP\ENTERNET.EXE File Size = 217088 File Path = C:\WINDOWS\SYSTEM\RASAPI32.DLL ModuleMD5 = 42d0948af31f83263291d2c086334793 processName = C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE File Size = 45568 File Path = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKH.DLL ModuleMD5 = 2775f21110eaf050c4221e84f9534ab1 processName = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER.EXE File Size = 49152 File Path = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\ESGI_MD5H.DLL ModuleMD5 = 825ef6e7a427885e9d0f1e994c92dc4f ###########################REGISTRY MD5 DATA########################### <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN> Name=ScanRegistry Data=C:\WINDOWS\scanregw.exe /autorun FileSize = 86016 MD5=f123231689e2ab2fa5c636b99314501f Name=TaskMonitor Data=C:\WINDOWS\taskmon.exe FileSize = 28672 MD5=f795110611101279aa15997801abaca0 Name=SystemTray Data=SysTray.Exe FileSize = 32768 MD5= Name=IrMon Data=IrMon.exe FileSize = 135168 MD5= Name=Compaq PK Daemon Data=C:\Program Files\COMPAQ\Programmable Keys 95\CPQKL.EXE FileSize = 43520 MD5=33355993e43ca867c9ca2b3be9238805 Name=Compaq PK Tray Notification Data=C:\Program Files\COMPAQ\Programmable Keys 95\cpqkt.exe FileSize = 47616 MD5=93fc0fcecd1975233ecf6a1c4296ce8c Name=SynTPLpr Data=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe FileSize = 81920 MD5=d340029a57770a09300892fdece58bc6 Name=SynTPEnh Data=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe FileSize = 180736 MD5=913d160836bccee77e32a0db8ca1b201 Name=AtiCwd32 Data=Aticwd32.exe FileSize = 20992 MD5= Name=AtiKey Data=Atitask.exe FileSize = 190976 MD5= Name=FinePrint Dispatcher Data=C:\WINDOWS\SYSTEM\fpdisp3a.exe FileSize = 210944 MD5=1bc7046133e0a8aa9f151302053131be Name=USB Disk Data=C:\PROGRA~1\ONSPEC\USBDIS~1\FLashKsk.exe FileSize = 245760 MD5=4a5a77c063122021a3579dc7007c25c1 Name=Necutray Data=LEXAREJ0.EXE FileSize = 69699 MD5= Name=internat.exe Data=internat.exe FileSize = 28672 MD5= Name=LoadPowerProfile Data=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme FileSize = MD5= Name=Norton Auto-Protect Data=C:\PROGRA~1\NORTON~3\NAVAPW32.EXE /LOADQUIET FileSize = 42496 MD5=96514acdc0249a071ca6dbb804fb3e37 Name=Gene USB Monitor Data=C:\WINDOWS\SYSTEM\USBMonit.exe FileSize = 32768 MD5=90abf4b2628aaed2cee93297446a6223 Name=CriticalUpdate Data=C:\WINDOWS\SYSTEM\wucrtupd.exe -startup FileSize = 131072 MD5=047d008c28818ff85cd77daede62bc3e Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe FileSize = 2469888 MD5=b0966fa7fbc70d83e6bdbf7257247bff <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX> <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE> <HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN> <HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE> <HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN> <HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE> #############################FILE MD5 DATA############################# <C:\WINDOWS\Start Menu\Programs\StartUp> File Path = C:\WINDOWS\Start Menu\Programs\StartUp\Microsoft Find Fast.lnk File Size = 0 md5=8384b0a602a02ba02a8ee8d9f2edade8 File Path = C:\WINDOWS\Start Menu\Programs\StartUp\Acrobat Assistant.lnk File Size = 0 md5=1cd82aaa4f4a73237fd3cbfad75043e2 File Path = C:\WINDOWS\Start Menu\Programs\StartUp\PC sync Quick Data Copy.lnk File Size = 0 md5=d4974a4aa874ea836c33f22f12adda56 File Path = C:\WINDOWS\Start Menu\Programs\StartUp\PsiWin 2.3 Connection Server.lnk File Size = 0 md5=730b942c38ae2fcd1e66964e0bc6afa8 File Path = C:\WINDOWS\Start Menu\Programs\StartUp\NETGEAR WG511v2 Wireless Assistant.lnk File Size = 0 md5=02fb61f6e6ac3a1d3205016fdf5f93a5 File Path = C:\WINDOWS\Start Menu\Programs\StartUp\C2CMonitor.lnk File Size = 0 md5=5f75b2820c45015c58bfed4cc328735f ##########################BROWSER ADD-ON DATA########################## <HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar> CLSID = {8E718888-423F-11D2-876E-00A0C9082467} FilePath = C:\WINDOWS\SYSTEM\MSDXM.OCX File Size = 1676800 File MD5 = d3d8b0684ed7a88ffce4956880907827 Description = 0 <HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars> CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars> CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = C:\WINDOWS\SYSTEM\BROWSEUI.DLL File Size = 1017856 File MD5 = 4ccefd261eb9c0481f3eadb60305a07f <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects> CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} FilePath = C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL File Size = 54248 File MD5 = fc7850324464e4d19a24a03d882b5cc4 <HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions> CLSID = {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} FilePath = File Size = 0 File MD5 = <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions> CLSID = CmdMapping FilePath = File Size = 0 File MD5 = <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks> CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be Description = ##########################LSP CHAIN DATA########################## <HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS> Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 Filepath = C:\WINDOWS\SYSTEM\mswsosp.dll File Size = 45056 File MD5 = 2eba36408c384ee019f5057dccaec178 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = a32939baa19bbb961fcf175b67d172e9 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = a32939baa19bbb961fcf175b67d172e9 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = a32939baa19bbb961fcf175b67d172e9 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = 22c581bd17d4422bfd294e7b30524709 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = 22c581bd17d4422bfd294e7b30524709 ##########################UNINSTALL DATA########################## <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL> Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InetFind DisplayName = Find... On the Internet Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSJavaVM Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTASK Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress DisplayName = Microsoft Outlook Express 6 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FrontPageExpress Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwave Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwaveflash DisplayName = Macromedia Flash Player 8 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Chl99 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Corel Uninstaller DisplayName = Corel Uninstaller Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Norton Utilities DisplayName = Norton Utilities 2000 for Windows Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Norton Web Services DisplayName = Norton Web Services Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveAdvisor DisplayName = LiveAdvisor (Symantec Corporation) InstallLocation = C:\Program Files\Common Files\Symantec Shared\LiveAdvisor Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip DisplayName = WinZip Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Compaq User-Programmable Keys DisplayName = Compaq User-Programmable Keys Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey DisplayName = Synaptics TouchPad Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Norton AntiVirus DisplayName = Norton AntiVirus 5.0 for Windows Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ATI Mach64 Display Driver DisplayName = ATI mach64 Display Driver Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ACDSee 32 DisplayName = ACDSee 32 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40 DisplayName = Microsoft Internet Explorer 6 SP1 and Internet Tools Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE_EXTRA Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Paint Shop Pro 6.0 DisplayName = Paint Shop Pro 6.0 (ESD) Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Compaq56VLGlobalInternalModem DisplayName = Compaq 56VL Global Internal Modem Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Office8.0 DisplayName = Microsoft Office 97, Professional Edition Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime 3.0 DisplayName = QuickTime 3.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 4.0 DisplayName = Adobe Acrobat 4.0 InstallLocation = C:\Program Files\Adobe\Acrobat 4.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HTPE3 DisplayName = HyperTerminal Private Edition v5.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\pcANYWHERE32 DisplayName = pcANYWHERE32 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{1727CD47-A408-11d2-AFAD-00C04F72FB3E} DisplayName = VBA InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{E8814A8F-3B06-11D3-8CD7-00C04F72C04D} DisplayName = Microsoft Visual Studio Service Pack 3 InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{BBE93894-6608-11d3-9F6A-006008A88EC8} DisplayName = Microsoft Repository InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{3388E964-4C4F-11D3-9F66-006008A88EC8} DisplayName = Visio 2000 (IE) InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\K12xxComponents DisplayName = Tektronix K12xx Protocol Tester Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinPcap DisplayName = WinPcap Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FinePrint DisplayName = FinePrint Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime DisplayName = QuickTime for Windows (16-bit) Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\USB Disk 1.00 DisplayName = OnSpec USB Disk Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{A4D7B764-4140-11D4-88EB-0050DA3579C0} DisplayName = Nero - Burning Rom InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\setup DisplayName = setup (Remove only) Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\128PATCH Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\expinst Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HTMLHelp Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\fontcore Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ADIELangPack Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEREADME Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate1.7 DisplayName = LiveUpdate 1.7 (Symantec Corporation) InstallLocation = C:\Program Files\Symantec\LiveUpdate Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DivXNetworks Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Lettra Art DisplayName = Lettra Art 5.0 By Harshal Mahadevia Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DIVXCodec DisplayName = DivX Codec 3.1alpha release Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SLD CODEC PACK 1.5.3 DisplayName = SLD CODEC PACK 1.5.3 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8E89E40-984E-11D3-A0DC-00004CE35A6C} DisplayName = Store'n'Go Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows 98 Service Pack 1 DisplayName = Windows 98 Service Pack 1 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting DisplayName = NetMeeting 3.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{99D42EC7-652B-4819-B3E6-6450C815E03F} DisplayName = Odyssey Client InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{B93D24B3-928D-4805-B379-4AA47CB3794E} DisplayName = NETGEAR WG511v2 54 Mbps Wireless PC Card InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B93D24B3-928D-4805-B379-4AA47CB3794E} DisplayName = NETGEAR WG511v2 54 Mbps Wireless PC Card InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ADSL DisplayName = ADSL Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{73006B34-9743-4A39-AC37-38EDFCEB6DCE} DisplayName = Adobe Product/Adobe Studio Update 10/2001 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal DisplayName = Ad-Aware SE Personal Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AdobeESD DisplayName = Adobe Download Manager 1.2 (Remove Only) Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A00000000001} DisplayName = Adobe Reader 6.0.1 InstallLocation = C:\Program Files\Adobe\Acrobat 6.0\Reader\ Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{47935855-8323-4340-8502-0DEAB47624BB} DisplayName = Dohodnina 2004 InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\GENEUIDE DisplayName = USB Storage Driver Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PsiWin 2.3 DisplayName = PsiWin 2.3 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{E2028666-731E-4AE7-B2CC-0A3FB7000C0A} DisplayName = JumpDrive Pro InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMP7 DisplayName = Windows Media Player 7.1 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 1.99.1 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Panda ActiveScan DisplayName = Panda ActiveScan Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Click to Convert / PDF Toolbox DisplayName = Click to Convert / PDF Toolbox Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VGX Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ieupdate DisplayName = Internet Explorer Q891781 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\oeupdate DisplayName = Outlook Express Q837009 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\908519 DisplayName = Windows 98 KB908519 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\896358 DisplayName = Windows 98 KB896358 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\888113 DisplayName = Windows 98 Q888113 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\891711 DisplayName = Windows 98 KB891711 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Q823559 DisplayName = Windows 98 Q823559 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft NetShow Player 2.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1 InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Windows Critical Update Notification DisplayName = Microsoft Windows Critical Update Notification Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE5B8E34-973C-4FBE-AC83-99F064009FC7} DisplayName = SpyHunter InstallLocation = C:\Program Files\Enigma Software Group\SpyHunter _________________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 22:22:39, on 04.06.2006 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\IRMON.EXE C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKL.EXE C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKT.EXE C:\WINDOWS\SYSTEM\ATICWD32.EXE C:\WINDOWS\SYSTEM\ATITASK.EXE C:\WINDOWS\SYSTEM\FPDISP3A.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAM FILES\ONSPEC\USB DISK\FLASHKSK.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE C:\WINDOWS\SYSTEM\USBMONIT.EXE C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE C:\PCSYNC\QDCTRAY.EXE C:\PROGRAM FILES\PSION\PSIWIN\PSCONSV.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\NETGEAR\WG511V2\WLANCFG5.EXE C:\PROGRAM FILES\CLICKTOCONVERT\C2CMONITOR.EXE C:\PROGRAM FILES\PSION\PSIWIN\ELOGERR.EXE C:\PROGRAM FILES\SIOL\ADSL\APP\ENTERNET.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\BOSTJAN\SOFTWARE\HIJACKTHIS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Encyclopćdia Britannica, Inc. O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [IrMon] IrMon.exe O4 - HKLM\..\Run: [Compaq PK Daemon] C:\Program Files\COMPAQ\Programmable Keys 95\CPQKL.EXE O4 - HKLM\..\Run: [Compaq PK Tray Notification] C:\Program Files\COMPAQ\Programmable Keys 95\cpqkt.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe O4 - HKLM\..\Run: [AtiKey] Atitask.exe O4 - HKLM\..\Run: [FinePrint Dispatcher] C:\WINDOWS\SYSTEM\fpdisp3a.exe O4 - HKLM\..\Run: [USB Disk] C:\PROGRA~1\ONSPEC\USBDIS~1\FLashKsk.exe O4 - HKLM\..\Run: [Necutray] LEXAREJ0.EXE O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~3\NAVAPW32.EXE /LOADQUIET O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe O4 - Startup: PC sync Quick Data Copy.lnk = C:\PCSYNC\QDCTRAY.EXE O4 - Startup: PsiWin 2.3 Connection Server.lnk = C:\Program Files\Psion\PsiWin\Psconsv.exe O4 - Startup: NETGEAR WG511v2 Wireless Assistant.lnk = C:\Program Files\NETGEAR\WG511v2\wlancfg5.exe O4 - Startup: C2CMonitor.lnk = C:\Program Files\ClickToConvert\C2CMonitor.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37680.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 193.189.160.23,193.189.160.13 _________________________________________________________ Ad-Aware SE Build 1.06r1 Logfile Created on:4. junij 2006 22:47:10 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R110 31.05.2006 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):6 total references Tracking Cookie(TAC index:3):10 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 04.06.2006 22:47:10 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\save as\file name mru Description : list of recent documents saved by microsoft word MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start | run Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [KERNEL32.DLL] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4293882147 Threads : 4 Priority : High FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Win32 Kernel core component InternalName : KERNEL32 LegalCopyright : Copyright (C) Microsoft Corp. 1991-1999 OriginalFilename : KERNEL32.DLL #:2 [MSGSRV32.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294944187 Threads : 1 Priority : Normal FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Windows 32-bit VxD Message Server InternalName : MSGSRV32 LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998 OriginalFilename : MSGSRV32.EXE #:3 [MPREXE.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294947403 Threads : 1 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : WIN32 Network Interface Service Process InternalName : MPREXE LegalCopyright : Copyright (C) Microsoft Corp. 1993-1998 OriginalFilename : MPREXE.EXE #:4 [mmtask.tsk] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294939955 Threads : 1 Priority : Normal FileVersion : 4.03.1998 ProductVersion : 4.03.1998 ProductName : Microsoft Windows CompanyName : Microsoft Corporation FileDescription : Multimedia background task support module InternalName : mmtask.tsk LegalCopyright : Copyright © Microsoft Corp. 1991-1998 OriginalFilename : mmtask.tsk #:5 [MSTASK.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294845587 Threads : 2 Priority : Normal FileVersion : 4.71.1972.1 ProductVersion : 4.71.1972.1 ProductName : Microsoft® Windows® Task Scheduler CompanyName : Microsoft Corporation FileDescription : Task Scheduler Engine InternalName : TaskScheduler LegalCopyright : Copyright (C) Microsoft Corp. 2000 OriginalFilename : mstask.exe #:6 [KB891711.EXE] FilePath : C:\WINDOWS\SYSTEM\KB891711\ ProcessID : 4294849083 Threads : 1 Priority : Normal FileVersion : 4.10.2223 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Windows KB891711 component InternalName : KB891711 LegalCopyright : Copyright (C) Microsoft Corp. 1991-2005 OriginalFilename : KB891711.EXE #:7 [EXPLORER.EXE] FilePath : C:\WINDOWS\ ProcessID : 4294844131 Threads : 18 Priority : Normal FileVersion : 4.72.3110.1 ProductVersion : 4.72.3110.1 ProductName : Microsoft(R) Windows NT(R) Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : Copyright (C) Microsoft Corp. 1981-1997 OriginalFilename : EXPLORER.EXE #:8 [TASKMON.EXE] FilePath : C:\WINDOWS\ ProcessID : 4294879263 Threads : 1 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Task Monitor InternalName : TaskMon LegalCopyright : Copyright (C) Microsoft Corp. 1998 OriginalFilename : TASKMON.EXE #:9 [SYSTRAY.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294860307 Threads : 2 Priority : Normal FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : System Tray Applet InternalName : SYSTRAY LegalCopyright : Copyright (C) Microsoft Corp. 1993-1998 OriginalFilename : SYSTRAY.EXE #:10 [IRMON.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294898303 Threads : 1 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft Infrared Support CompanyName : Microsoft Corporation FileDescription : Microsoft Infrared Control Panel InternalName : Infrared LegalCopyright : © 1998 Microsoft. Portions © Hewlett-Packard OriginalFilename : irmon.exe #:11 [CPQKL.EXE] FilePath : C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\ ProcessID : 4294888675 Threads : 1 Priority : Normal FileVersion : 1.10.A1 ProductVersion : 1.10.A1 ProductName : Compaq Programmable Keys CompanyName : Compaq Computer Corporation FileDescription : Compaq Programmable Keys Daemon Loader App InternalName : cpqkl LegalCopyright : Copyright © 1995,1997 Compaq Computer Corporation OriginalFilename : cpqkl.exe #:12 [CPQKT.EXE] FilePath : C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\ ProcessID : 4294779991 Threads : 1 Priority : Normal FileVersion : 1.10.D1 ProductVersion : 1.10.D1 ProductName : Compaq Programmable Keys Taskbar Notification CompanyName : Compaq Computer Corporation FileDescription : Compaq Programmable Keys Taskbar Notification InternalName : CPQKT LegalCopyright : Copyright © 1995,1998 Compaq Computer Corporation OriginalFilename : cpqkt.exe Comments : Compaq Programmable Keys Taskbar Notification #:13 [ATICWD32.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294783295 Threads : 2 Priority : Normal FileVersion : 4.11.2559 ProductVersion : 4.11.2559 ProductName : ATI Technologies Inc. CompanyName : ATI Technologies Inc. FileDescription : ATI Common Windows Display Driver Extension InternalName : ATICWD32 LegalCopyright : Copyright © ATI Technologies Inc., 1998 OriginalFilename : ATICWD32.EXE #:14 [ATITASK.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294786167 Threads : 1 Priority : Normal FileVersion : 4.11.2315 ProductVersion : 4.11.2315 ProductName : ATI Technologies, Inc. CompanyName : ATI Technologies, Inc. FileDescription : ATI Task Application InternalName : AtiTask LegalCopyright : Copyright © ATI Technologies Inc. 1998 OriginalFilename : AtiTask #:15 [FPDISP3A.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294877231 Threads : 1 Priority : Normal FileVersion : 3.60 ProductVersion : 3.60 ProductName : FinePrint CompanyName : Single Track Software FileDescription : FinePrint InternalName : fpdisp3 LegalCopyright : Copyright (c) 1995-1999 Single Track Software0 OriginalFilename : fpdisp3.exe #:16 [SPOOL32.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294778591 Threads : 2 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Spooler Sub System Process InternalName : spool32 LegalCopyright : Copyright (C) Microsoft Corp. 1994 - 1998 OriginalFilename : spool32.exe #:17 [FLASHKSK.EXE] FilePath : C:\PROGRAM FILES\ONSPEC\USB DISK\ ProcessID : 4294798091 Threads : 1 Priority : Normal FileVersion : V1.05 ProductVersion : V1.05 ProductName : FlashKiosk Application CompanyName : CompuApps, Inc. FileDescription : FlashKiosk Application for the Flash Toaster InternalName : FlashKiosk LegalCopyright : Copyright (C) 2000 CompuApps, Inc OriginalFilename : FlashKsk.EXE Comments : FlashKiosk #:18 [INTERNAT.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294814111 Threads : 1 Priority : Normal FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Keyboard Language Indicator Applet InternalName : INTERNAT LegalCopyright : Copyright (C) Microsoft Corp. 1998 OriginalFilename : INTERNAT.EXE #:19 [NAVAPW32.EXE] FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\ ProcessID : 4294807331 Threads : 6 Priority : Normal FileVersion : 5.3.2.50 ProductVersion : 5.3.2.50 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Agent InternalName : NAVAPW32 LegalCopyright : Copyright (C) Symantec Corporation 1991-1998 OriginalFilename : NAVAPW32.DLL #:20 [USBMONIT.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294714539 Threads : 1 Priority : Normal FileVersion : 1, 1, 0, 0 ProductVersion : 1, 1, 0, 0 ProductName : Gene USB Monitor CompanyName : General FileDescription : Gene USB Monitor InternalName : USBMonitor LegalCopyright : Copyright (C) 2000-2004 OriginalFilename : USBMonit.exe #:21 [ACROTRAY.EXE] FilePath : C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ ProcessID : 4294765175 Threads : 1 Priority : Normal #:22 [QDCTRAY.EXE] FilePath : C:\PCSYNC\ ProcessID : 4294770579 Threads : 1 Priority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 2, 1, 0, 1 ProductName : PC sync for Windows CompanyName : Yellow Computing Computersysteme GmbH FileDescription : QDCTray InternalName : QDCTray LegalCopyright : Yellow Computing Copyright © 1999 OriginalFilename : QDCTray.exe #:23 [PSCONSV.EXE] FilePath : C:\PROGRAM FILES\PSION\PSIWIN\ ProcessID : 4294758923 Threads : 2 Priority : Normal FileVersion : 1, 0, 0, 131 ProductVersion : 1, 0, 0, 1 ProductName : EPOC Connect. CompanyName : Symbian Ltd. FileDescription : Connection Manager Application InternalName : PSCONSV LegalCopyright : Copyright (C) Symbian Ltd. 1999 LegalTrademarks : EPOC OriginalFilename : PSCONSV.EXE #:24 [WMIEXE.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294711819 Threads : 3 Priority : Normal FileVersion : 5.00.1755.1 ProductVersion : 5.00.1755.1 ProductName : Microsoft(R) Windows NT(R) Operating System CompanyName : Microsoft Corporation FileDescription : WMI service exe housing InternalName : wmiexe LegalCopyright : Copyright (C) Microsoft Corp. 1981-1998 OriginalFilename : wmiexe.exe #:25 [WLANCFG5.EXE] FilePath : C:\PROGRAM FILES\NETGEAR\WG511V2\ ProcessID : 4294731179 Threads : 5 Priority : Normal FileVersion : 3, 1, 4, 300 ProductVersion : 1, 0, 0, 1 ProductName : NetgearCUv2 Application FileDescription : NetgearCUv2 MFC Application InternalName : NETGEAR WG511v2 Smart Configuration LegalCopyright : Copyright (C) 2003 OriginalFilename : NetgearCUv2.EXE #:26 [C2CMONITOR.EXE] FilePath : C:\PROGRAM FILES\CLICKTOCONVERT\ ProcessID : 4294680675 Threads : 2 Priority : Normal #:27 [ELOGERR.EXE] FilePath : C:\PROGRAM FILES\PSION\PSIWIN\ ProcessID : 4294588531 Threads : 2 Priority : Normal FileVersion : 1, 0, 0, 17 ProductVersion : 1, 0, 0, 1 ProductName : EPOC Connect. CompanyName : Symbian Ltd. FileDescription : logerr MFC Application InternalName : logerr LegalCopyright : Copyright (C) Symbian Ltd. 1999 LegalTrademarks : EPOC OriginalFilename : logerr.EXE #:28 [ENTERNET.EXE] FilePath : C:\PROGRAM FILES\SIOL\ADSL\APP\ ProcessID : 4294790951 Threads : 1 Priority : Normal #:29 [DDHELP.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294418311 Threads : 5 Priority : Realtime FileVersion : 4.09.00.0900 ProductVersion : 4.09.00.0900 ProductName : Microsoft® DirectX for Windows® CompanyName : Microsoft Corporation FileDescription : Microsoft DirectX Helper InternalName : DDHelp.exe LegalCopyright : Copyright © Microsoft Corp. 1994-2002 OriginalFilename : DDHelp.exe #:30 [AD-AWARE.EXE] FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\ ProcessID : 4294431559 Threads : 2 Priority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 6 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 6 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 6 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@ehg-idg.hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:anyuser@ehg-idg.hitbox.com/ Expires : 04.06.2007 22:33:16 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@as-us.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:77 Value : Cookie:anyuser@as-us.falkag.net/ Expires : 04.06.2007 22:37:56 LastSync : Hits:77 UseCount : 0 Hits : 77 Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:anyuser@doubleclick.net/ Expires : 04.06.2006 22:48:08 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:anyuser@hitbox.com/ Expires : 04.06.2007 22:33:16 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@statcounter[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:anyuser@statcounter.com/ Expires : 03.06.2011 13:02:50 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 5 Objects found so far: 11 Deep scanning and examining files (c:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@statcounter[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@statcounter[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@as-us.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@as-us.falkag[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@hitbox[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anyuser@ehg-idg.hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@ehg-idg.hitbox[1].txt Disk Scan Result for c:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 16 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 16 23:09:41 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:22:31.0 Objects scanned:66899 Objects identified:10 Objects ignored:0 New critical objects:10 |
| ||
| Re: WIN98SE protection Please download Spybot Search & Destroy. Follow all the instructions on this website to run a scan with both of these softwares. I know you said you have already ran AdAware, but just to be sure, please make sure you have the latest versions here: AdAware. Please use the above website, and make sure everything is configured right. Here is my you are clean speech Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
here are some additional utilities that will enhance your safety
|
| ||
| Re: WIN98SE protection Sorry for taking so long to reply, I've been away for a week, but today I finally managed to find so time and do my homework according to your instructions. Here's the outcome: - AdAware checked for latest version, I already have latest build 1.06. I made all necessary changes to settings. - Spybot Search&Destroy downloaded, installed and run for any bad things, it didn't find anything alarming, except complete Spyware Hunter, which is no good if you have a free version (no removal tool), so I uninstalled later on manually. - Anti Virus program: I have Norton AV 5.02.04 that is regulary updated, so I don't see the point of installing another AV program, only if you would recommend one that is more efficient than NAV, so that I would uninstall NAV and replace it with another program. - Firewall: I chose ZoneLabs Zone Alarm - free version, with all default settings untill I learn more. - Spyware Blaster: downloaded and installed - I checked for any new Win98 Microsoft updates - I made some minor changes in IE / Security / Internet settings, they were pretty much already set as they should be - Downloaded and installed SpyAd for ZonedOut + ZonedOut Utility - Downloaded and ran a batch file for MVPS Hosts Till here everything downloaded and installed smoothly, but then...I downloaded the last recommendation, Winpatrol. When I ran installation, I got "Preparing for.." window, but when it finished preparations, it disappeared and then nothing, 5 minutes still nothing, 15 minutes - nothing, but the machine literally stopped to respond. Everything, like navigating Win Explorer, opening folders, mouse pointer movement, it all worked soooooooooooooo sloooooooooooooow. Somehow I managed to reboot (I could read a book meanwhile) and start installation program again. Same story, so I crawled to Internet and Winpatrol website, trying to find some reasoning for this. And then, just out of the blue...here we go, like a snail - Winpatrol installation. It took half an hour to complete ! As I'm typing this (after another reboot following Winpatrol installation), things are a bit better, but the machine is still staggering (even letters that I type in the Reply text box are not exactly up to my speed), so perhaps this Winpatrol is just that bit too much for my aging laptop. Thanks for everything, I suppose we can close both threads as solved and answered, the "Red circles" and this one as well. If you would like to add some additional advice regarding my homework (Anti Virus recommendation, Winpatrol problems..), you are most welcome :) Kind regards Sebastian |
| ||
| Re: WIN98SE protection Quote:
|
| All times are GMT -4. The time now is 11:34 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC