
Hijack Log - Major Browser Hijack
#16
Posted 13 July 2007 - 09:08 PM
Register to Remove
#17
Posted 13 July 2007 - 10:34 PM
Here is my combofix log and my new hjt log and my pc is not doing anything funny, woooohoooo!!!!! What did I do and how can I prevent this from happening again???
Combfix log:
"Audrey" - 2007-07-13 23:48:53 - ComboFix 07-07-13.8 - Service Pack 2 FAT32
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\iifdaww.dll
C:\WINDOWS\system32\efedaxx.dll
C:\WINDOWS\system32\mtxclb.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Audrey\APPLIC~1.\DriveCleaner Free
C:\DOCUME~1\Audrey\APPLIC~1.\DriveCleaner Free\Logs\update.log
C:\DOCUME~1\Audrey\APPLIC~1.\icroso~1.net
C:\DOCUME~1\Audrey\APPLIC~1.\wnsxs~1
C:\DOCUME~1\Audrey\APPLIC~1\tmp17.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp18.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp1F.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp2.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp23.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp24.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp27.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp29.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp2B.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp34.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp35.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp36.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp3F.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp40.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp5.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp54E.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp54F.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp551.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp6.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp61.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp62.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp8A.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp8B.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmp9.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmpB.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmpD.tmp.exe
C:\DOCUME~1\Audrey\APPLIC~1\tmpF.tmp.exe
C:\DOCUME~1\Audrey\Desktop.\internet explorer.lnk
C:\Documents and Settings\AUDREY.\err.log
C:\Documents and Settings\AUDREY.\ResErrors.log
C:\temp\tn3
C:\WINDOWS\start.exe
C:\WINDOWS\system32\dn356c1701.dat
C:\WINDOWS\system32\tmp2B.tmp.dll
C:\WINDOWS\system32\tmp3.tmp.dll
C:\WINDOWS\system32\tmp35.tmp.dll
C:\WINDOWS\system32\tmp36.tmp.dll
C:\WINDOWS\system32\tmp40.tmp.dll
C:\WINDOWS\system32\tmp551.tmp.dll
C:\WINDOWS\system32\tmp62.tmp.dll
C:\WINDOWS\system32\tmp8B.tmp.dll
C:\WINDOWS\system32\wcpisvit32.exe
C:\WINDOWS\wr.txt
C:\WINDOWS\xcopy.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_CMDSERVICE
-------\LEGACY_CORE
-------\LEGACY_DOMAINSERVICE
((((((((((((((((((((((((( Files Created from 2007-06-14 to 2007-07-14 )))))))))))))))))))))))))))))))
2007-07-13 23:46 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-10 20:21 <DIR> d-------- C:\DOCUME~1\Audrey\APPLIC~1\SITEguard
2007-07-10 20:02 <DIR> d-------- C:\Program Files\STOPzilla!
2007-07-10 20:02 <DIR> d-------- C:\Program Files\Common Files\iS3
2007-07-10 20:02 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla!
2007-07-09 03:01 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-07-07 22:07 115,000 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS
2007-07-05 23:34 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-07-05 22:54 <DIR> d--hs---- C:\FOUND.000
2007-07-05 22:41 <DIR> d-------- C:\WINDOWS\network diagnostic
2007-07-05 21:27 <DIR> d-------- C:\Program Files\Windows Defender
2007-07-04 22:41 <DIR> d-------- C:\DOCUME~1\Audrey\APPLIC~1\WinTouch
2007-07-03 10:42 22,016 --a------ C:\WINDOWS\b138.exe
2007-07-01 17:41 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-06-28 11:53 217,088 -ra------ C:\WINDOWS\SYSTEM32\SZBase5.dll
2007-06-22 14:59 294,912 -ra------ C:\WINDOWS\SYSTEM32\IS3DBA5.dll
2007-06-22 14:59 126,976 -ra------ C:\WINDOWS\SYSTEM32\IS3HTUI5.dll
2007-06-22 14:58 69,632 -ra------ C:\WINDOWS\SYSTEM32\IS3Hks5.dll
2007-06-22 14:58 372,736 -ra------ C:\WINDOWS\SYSTEM32\IS3UI5.dll
2007-06-22 14:57 94,208 -ra------ C:\WINDOWS\SYSTEM32\IS3Inet5.dll
2007-06-22 14:57 23,040 -ra------ C:\WINDOWS\SYSTEM32\IS3XDat5.dll
2007-06-22 14:57 184,320 -ra------ C:\WINDOWS\SYSTEM32\IS3Win325.dll
2007-06-22 14:56 90,112 -ra------ C:\WINDOWS\SYSTEM32\IS3Svc5.dll
2007-06-22 14:56 688,128 -ra------ C:\WINDOWS\SYSTEM32\IS3Base5.dll
2007-06-20 21:31 <DIR> d-------- C:\DOCUME~1\Audrey\APPLIC~1\Nova Development
2007-06-20 20:00 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2007-06-20 20:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nova Development
2007-06-20 19:59 <DIR> d-------- C:\Program Files\Nova Development
2007-06-19 18:20 <DIR> d-------- C:\Program Files\Common Files\Nova Development
2007-06-19 18:17 <DIR> d-------- C:\Program Files\Creative Home
2007-06-19 18:17 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative Home
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-08 02:10:56 806 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-07-08 02:10:56 8,014 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-07-08 02:10:56 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-07-01 21:36:12 138,080 ----a-w C:\DOCUME~1\Audrey\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:16 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:24 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 02:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 02:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 02:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 02:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 02:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 02:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 02:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 02:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 02:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 02:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2003-12-22 17:19:24 75 ----a-w C:\DOCUME~1\Audrey\APPLIC~1\fusioncache.dat
2003-11-18 20:04:08 271 --sh--w C:\Program Files\desktop.ini
2003-11-18 20:04:08 23,357 ---h--w C:\Program Files\folder.htt
2001-06-20 20:19:18 40,960 ----a-w C:\Program Files\ACMonitor_X83.exe
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}]
2007-06-28 12:01 275640 -ra------ C:\Program Files\STOPzilla!\SZSG.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]
2007-06-28 12:01 177336 -ra------ C:\Program Files\STOPzilla!\SZIEBHO.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 13:03]
"AdaptecDirectCD"="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2005-07-13 19:55]
"lxcymon.exe"="C:\Program Files\Lexmark 3400 Series\lxcymon.exe" [2006-01-25 11:02]
"EzPrint"="C:\Program Files\Lexmark 3400 Series\ezprint.exe" [2006-02-07 00:10]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 03:11]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 16:51]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-03-09 22:16]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-01-24 21:16]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
@=
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
@=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\windows\system32\iifdaww.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"DIAGENT"=C:\Program Files\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE startup
"UpdReg"=C:\WINDOWS\Updreg.exe
"AHQInit"=C:\Program Files\Creative\SBLive\Program\AHQInit.exe
"LexStart"=Lexstart.exe
"Lexmark X83 Button Monitor"=C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
"Lexmark X83 Button Manager"=C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
"LexmarkPrinTray"=PrinTray.exe
"AdaptecDirectCD"="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
"<NO NAME>"=
"updmgr"=C:\Program Files\Common files\updmgr\updmgr.exe
"WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe
"dxsoftlrkksmf"=C:\WINDOWS\SYSTEM\kckvfmk.exe
"DBSRV"=C:\WINDOWS\MICROSOFT.NET\DBSRV.EXE
"NAV Agent"=C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
"Symantec NetDriver Monitor"=C:\PROGRA~1\SYMNET~1\SNDMON.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\start.exe
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:WIN9X /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CA0A4247-44BE-11d1-A005-00805F8ABE06}
RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf
Contents of the 'Scheduled Tasks' folder
2007-07-08 03:00:02 C:\WINDOWS\tasks\Tune-up Application Start.job
2007-07-14 03:57:04 C:\WINDOWS\tasks\PCHealth Scheduler for Data Collection.job
2007-07-08 18:00:06 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-10 00:00:04 C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Audrey.job
2007-07-14 04:12:46 C:\WINDOWS\tasks\MP Scheduled Scan.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-14 00:10:28
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-07-14 0:18:23 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-14 00:18
--- E O F ---
New hjt log:
Logfile of HijackThis v1.99.1
Scan saved at 12:30:06 AM, on 7/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Creative Home\Hallmark Card Studio Express\Planner\PLNRnote.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Hijackthis\seek.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmail.com/
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ExpressPLNRnote.lnk = C:\Program Files\Creative Home\Hallmark Card Studio Express\Planner\PLNRnote.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O20 - AppInit_DLLs: c:\windows\system32\iifdaww.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\PROGRA~1\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
#18
Posted 13 July 2007 - 10:43 PM
#19
Posted 14 July 2007 - 01:33 PM
Blacklight can be run in "beginner" mode, for want of a better word, by double clicking it, or in expert mode by using the command that I posted.I am not sure what you meant by this either, did I do the scan right or no?
While I don't know exactly what the difference is between the two modes, given that it has an expert mode, I prefer to use it.
So technically you didn't do the scan right, but I don't know that it makes any real difference.
When do you see this report, every time you start the PC?the Microsoft error report asking if I want to send the error or not.
What exactly does the error report say?
How long have you been getting it?
Is this what you see:my home page was this about:SecurityRisk

#20
Posted 14 July 2007 - 02:31 PM
Edited by AudreyP, 14 July 2007 - 02:33 PM.
#21
Posted 14 July 2007 - 02:41 PM
#22
Posted 14 July 2007 - 04:25 PM
The window you see is delivered by Internet Explorer and tells you why it's there: "Your security setting level puts your computer at risk".
Have you followed the instructions: "To fix this, click on the Information Bar above, and choose Fix Settings for Me."?
I havent done that because I didnt think it was legit, so the next time I get it should I do this step?
#23
Posted 14 July 2007 - 04:59 PM
#24
Posted 14 July 2007 - 07:13 PM
Yup. Let me know if the PC self-destructs!
Hey now!! Do you really want me to follow those steps?
#25
Posted 14 July 2007 - 07:16 PM
Register to Remove
#26
Posted 15 July 2007 - 01:09 PM
Go to Start > Run, enter sfc /scannow ( note the space between the "c" and "/" ) and click on OK.
This will look for and attempt to replace any corrupt system files that can be found. There are backups of some of these files on your PC and Windows will check for a copy here first. If you are prompted to insert your Windows XP disc, do so. If you don't have this disc and are asked for it, you will have to cancel at this point.
For details on the System File Checker, click here.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If that doesn't do it, go here and follow the instructions.
Let me know how you get on.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users