Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91520 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Internet crashes and lost data


  • This topic is locked This topic is locked
33 replies to this topic

#16 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 18 March 2007 - 11:06 AM

Here is the Active Scan Report - apparently I can't disinfect from these without buying their product. What shall I try next. Thank you for all your help by the way - you guys do a great service for us out here. Incident Status Location Potentially unwanted tool:application/need2find Not disinfected hkey_current_user\software\Need2Find Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.go.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.clickbank.net/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.zedo.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.burstnet.com/] Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.yadro.ru/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[www.burstbeacon.com/] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.as-us.falkag.net/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.adrevolver.com/] Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.ct.360i.com/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.atwola.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.realmedia.com/] Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.www.myaffiliateprogram.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[server.iad.liveperson.net/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[server.iad.liveperson.net/hc/63152693] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[server.iad.liveperson.net/hc/2428793] Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\v77ffwfq.default\cookies.txt[.did-it.com/] Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Kelly\Desktop\Program Files\SDFix\apps\Process.exe Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Kelly\Desktop\SDFix\apps\Process.exe Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\fixwareout\FindT\nircmd.exe

    Advertisements

Register to Remove


#17 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 18 March 2007 - 04:05 PM

Not seeing anything that would slow you down that much.

Go HERE and do a online scan.

Save the log and post it here.

#18 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 18 March 2007 - 04:48 PM

Well I have opened the site and clicked the "Start Scan" button, but all I get is a licenses agreement. There are no buttons to click or anything else. I waited to see if the thing would just start to run, but nothing happens. My computer jams the internet connection after inactivity (the web sites won't load, I have to shut everything down and power down and re-start to get it to come back). I also have a Need2Find file that I cannot remove - don't know if this is a trojan, a virus, spyware or what.

#19 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 20 March 2007 - 05:24 AM

Little Eagle - Still can't get that program to run.
Any other options at this point?

Is there anything I need to remove from my HJT File? Newest one posted here (it certainly is shorter).

Logfile of HijackThis v1.99.1
Scan saved at 7:21:04 AM, on 3/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\QUICKENW\QW.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kelly\Desktop\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O1 - Hosts: 127.0.1.10 nfuse.oxhp.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Kelly\Desktop\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sonic RecordNow!] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol....oach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-12.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety....lscbase3401.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134766052118
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Documents and Settings\Kelly\Desktop\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

#20 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 20 March 2007 - 08:27 PM

Lets try running combofix.exe
Download it from one of the links below:

http://download.blee...Bs/combofix.exe
http://www.techsuppo...ls/combofix.exe

Double click combofix.exe & follow the prompts.
When finished, it will produce a log for you. Post that log in your next reply.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


#21 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 22 March 2007 - 07:07 AM

Here is the Combo fix log: Kelly - 07-03-22 8:52:33.28 Service Pack 2 ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Kelly\Desktop\Program Files" ((((((((((((((((((((((((((((((( Files Created from 2007-02-22 to 2007-03-22 )))))))))))))))))))))))))))))))))) 2007-03-17 18:17 3,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-03-21 21:05 -------- d-------- C:\Program Files\Mozilla Firefox 2007-03-18 12:36 -------- d-------- C:\Program Files\Windows Media Player 2007-03-18 12:36 -------- d-------- C:\Program Files\SpywareGuard 2007-03-18 12:20 -------- d-------- C:\Program Files\Internet Explorer 2007-03-18 12:20 -------- d-------- C:\Program Files\Dell Support 2007-03-17 18:11 -------- d-------- C:\Program Files\TrojanHunter 4.2 2007-03-17 11:05 -------- d-------- C:\Program Files\Incomplete 2007-03-17 10:56 -------- d-------- C:\Program Files\LimeWire 2007-03-17 09:34 -------- d-------- C:\Program Files\Java 2007-03-16 22:00 -------- d-------- C:\Program Files\BillP Studios 2007-03-16 22:00 -------- d-------- C:\Documents and Settings\Kelly\Application Data\WinPatrol 2007-03-16 17:49 -------- d-------- C:\Program Files\SpywareBlaster 2007-03-16 08:20 -------- d-------- C:\Documents and Settings\Kelly\Application Data\LimeWire 2007-02-27 17:43 -------- d-------- C:\Program Files\Southwest Airlines 2007-02-27 17:43 -------- d-------- C:\Documents and Settings\Kelly\Application Data\Southwest Airlines 2007-02-27 17:42 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-02-27 17:42 -------- d-------- C:\Program Files\Common Files 2007-02-25 03:18 775680 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avg7core.sys 2007-02-25 03:18 27776 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avg7rsxp.sys 2007-02-15 20:53 -------- d-------- C:\Program Files\Canon 2007-02-14 13:42 -------- d-------- C:\Documents and Settings\Kelly\Application Data\ZoomBrowser EX 2007-02-14 13:27 51392 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\atnt40k.sys 2007-02-14 13:27 217088 --a------ C:\WINDOWS\SYSTEM32\atasnt40.dll 2007-02-14 10:38 -------- d-------- C:\Program Files\Common Files\AOL 2007-02-12 18:15 -------- d-------- C:\Documents and Settings\Kelly\Application Data\AOL 2007-02-11 13:17 -------- d--h----- C:\Program Files\InstallShield Installation Information 2007-02-11 13:15 -------- d-------- C:\Program Files\Yahoo! Games 2007-02-09 18:44 -------- d-------- C:\Program Files\Common Files\Canon 2007-01-29 04:58 60416 --------- C:\WINDOWS\SYSTEM32\tzchange.exe 2007-01-12 12:04 115880 --------- C:\WINDOWS\SYSTEM32\pxinsi64.exe 2007-01-12 12:04 114856 --------- C:\WINDOWS\SYSTEM32\pxcpyi64.exe 2007-01-12 09:27 6054400 --a------ C:\WINDOWS\SYSTEM32\ieframe.dll 2007-01-12 09:27 51712 --------- C:\WINDOWS\SYSTEM32\msfeedsbs.dll 2007-01-12 09:27 458752 --------- C:\WINDOWS\SYSTEM32\msfeeds.dll 2007-01-12 09:27 232960 --a------ C:\WINDOWS\SYSTEM32\webcheck.dll 2007-01-08 19:04 105984 --a------ C:\WINDOWS\SYSTEM32\url.dll 2007-01-08 19:04 102400 --a------ C:\WINDOWS\SYSTEM32\occache.dll 2007-01-08 19:02 44544 --a------ C:\WINDOWS\SYSTEM32\iernonce.dll 2007-01-08 19:02 384000 --a------ C:\WINDOWS\SYSTEM32\iedkcs32.dll 2007-01-08 19:02 383488 --------- C:\WINDOWS\SYSTEM32\ieapfltr.dll 2007-01-08 19:02 266752 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll 2007-01-08 19:02 230400 --a------ C:\WINDOWS\SYSTEM32\ieaksie.dll 2007-01-08 19:02 161792 --a------ C:\WINDOWS\SYSTEM32\ieakui.dll 2007-01-08 19:02 153088 --a------ C:\WINDOWS\SYSTEM32\ieakeng.dll 2007-01-08 19:01 17408 --a------ C:\WINDOWS\SYSTEM32\corpol.dll 2007-01-08 19:00 124928 --a------ C:\WINDOWS\SYSTEM32\advpack.dll 2007-01-08 18:08 56832 --a------ C:\WINDOWS\SYSTEM32\ie4uinit.exe 2007-01-08 18:08 13824 --a------ C:\WINDOWS\SYSTEM32\ieudinit.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "Sonic RecordNow!"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup" "DellSupport"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\"" "PrinTray"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\2\\printray.exe" "MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe" "IntelMeM"="C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe" "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe" "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe" "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" "WinPatrol"="C:\\Program Files\\BillP Studios\\WinPatrol\\winpatrol.exe" "UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r" "PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\"" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "!AVG Anti-Spyware"="\"C:\\Documents and Settings\\Kelly\\Desktop\\Program Files\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "RestoreHostsFile"="cscript \"C:\\\\Documents and Settings\\\\All Users\\\\Application Data\\Juniper Networks\\restore.vbs\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex] @="" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,b1,00,00,00,00,00,00,00,c5,02,00,00,00,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{81559C35-8464-49F7-BB0E-07A383BEF910}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoCDBurning"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job C:\WINDOWS\tasks\Symantec NetDetect.job Completion time: 07-03-22 8:56:29.59 C:\ComboFix.txt ... 07-03-22 08:56 C:\ComboFix2.txt ... 07-02-21 08:15 C:\ComboFix3.txt ... 06-12-10 13:17

#22 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 24 March 2007 - 08:28 AM

Backup Your Registry with ERUNT
  • Please use the following link and scroll down to ERUNT and download it.
    http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe



I recommend you download RegSeeker. Extract it to it's own folder, open and double click RegSeeker.exe to start the program. Maximize the window and click clean registry. Check all sections and click OK. When the scan is complete, verify the backup box in lower left corner is checked and click the select all button, then select all again. Then right click within the search results and select delete. Run it again and again, deleting everything it finds until it finds nothing. Reboot and make sure your programs are working properly, control panel and add/remove programs windows open, etc (basically just do a quick check of everything). In the event anything was 'broken', you can open RegSeeker, click backups and double click any/all files to put the information back. A reboot may be required for the effects to be seen. Reboot When done.

NOTE: To be extra safe you can choose to only remove the items in RED.
Some items may come back because of the programs you have running.

#23 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 24 March 2007 - 02:01 PM

What are typical results - this found more than 1500 registries - I only removed the ones in red.

#24 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 24 March 2007 - 02:20 PM

That would not be to unusual, if you have not reformatted the computer few years.. Let's go ahead like a restore point using the control panel. After that let us run it again deleting everything it finds. After which check your programs and make sure everything is running okay. Rescan with HJT and post a new log here. Also please describe how your computer behaves at the moment.

Edited by little eagle, 24 March 2007 - 02:20 PM.


#25 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 25 March 2007 - 09:48 AM


Let's go ahead like a restore point using the control panel.
After that let us run it again deleting everything it finds.


I'm not sure what this means. What am I supposed to do in the control panel?
Then run the Reg Seeker again and delete everything including the green entries?

    Advertisements

Register to Remove


#26 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 25 March 2007 - 10:05 AM

What am I supposed to do in the control panel?

Sorry I was not clear. :blink: Didn't make any since to me either

Click start / control panel / performance and maintenance / system restore / click create a restore point then click next. Name it anything you like then click create.

Now you have a restore point that you can use should any program not work correctly.

Then run the Reg Seeker again and delete everything including the green entries?

Yes

Edited by little eagle, 25 March 2007 - 10:07 AM.


#27 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 26 March 2007 - 04:57 AM

My control panel doesn't have these options (Performance and Maintenance). I'm on Windows XP.

#28 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 26 March 2007 - 05:28 PM

When you open the control panel at the top left click on the line that says "switch to category view."

#29 kdobens

kdobens

    Authentic Member

  • Authentic Member
  • PipPip
  • 41 posts

Posted 27 March 2007 - 03:08 PM

Ok I did as you instructed.
I ran ATF Cleaner then my HiKackThis - log posted below.

The problem I'm running into is internet connection crashes or stalls. The system itself seems to be working much better and much faster. I'm on Cable Broadband with a very solid connection according to the Cable company (whom I called in the meantime in case this issue was there's and not mine). But nothing we've tried has corrected the internet problem. I'm using Mozilla, have AVG enabled and am just not sure what else to do. Thanks for your help.

Logfile of HijackThis v1.99.1
Scan saved at 5:01:37 PM, on 3/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Kelly\Desktop\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kelly\Desktop\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sonic RecordNow!] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmasy\Tmasy.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol....oach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-12.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety....lscbase3401.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134766052118
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Documents and Settings\Kelly\Desktop\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

#30 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 27 March 2007 - 06:53 PM

Click Start> Run> type in CMD tap enter key Copy/Paste: ipconfig /flushdns Please note the space, it needs to be there. Now lets check some settings on your system. Enter your Control Panel and double-click on Network Connections Then right click on your Default Connection Usually Local Area Connection for Cable and DSL Left click on Properties Double-Click on the Internet Protocol (TCP/IP) item Select the radio dial that says Obtain DNS Servers Automatically Press OK twice to get out of the properties screen and reboot if it asks

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users