Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42873
  • Total Topics: 16082
  • Online Today: 4079
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Help! My Internet Explorer-7 dosent work. I think my system has been infected  (Read 35144 times)

0 Members and 3 Guests are viewing this topic.

cobaltazule

  • SCF VIP Member
  • *****
  • Posts: 75
  • KARMA: 9
  • Gender: Male
ok
I will do as you ask.
About that address...my mistake, I MISPELLED it. It is Microsoft.com/fwlink/?LinkId=76277.
Also, I scanned again with Kaspersky as you asked but the scan said all my files are "locked" so I am Uninstalling ALL my security programs for this next scan. I can always reinstall latter.
About Netzero...I WISH it was free. They charge me $9.50 per month, and yes alot of adwhere travels along with it.
My mother had a heart attack last night so I am a little slow in responding. Everything is ok, but I am not able to devote the time to this as I would like.
Please be paitent. I will get that scan log to you yet today.
Best wishes
       Robert

Samker's Computer Forum - SCforum.info


Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum

I'm so sorry about your mother :(, hope that she is now better?


Also, don't worry about a (my) time since We are here to help you guys.  ;)

So Robert when you have all needed logs, post them in your reply's and we will make a check.

All the Best,

Samker

cobaltazule

  • SCF VIP Member
  • *****
  • Posts: 75
  • KARMA: 9
  • Gender: Male
KASPERSKY ONLINE SCANNER REPORT 
Saturday, October 06, 2007 5:00:15 PM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 6/10/2007
Kaspersky Anti-Virus database records: 428427
 
 
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
 
Scan Target My Computer
C:\
D:\
E:\ 
 
Scan Statistics
Total number of scanned objects 61502
Number of viruses found 1
Number of infected objects 4

Number of suspicious objects 0
Duration of the scan process 00:27:03

Infected Object Name Virus Name Last Action
C:\Boot\BCD  Object is locked  skipped 
 
C:\Boot\BCD.LOG  Object is locked  skipped 
 
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db  Object is locked  skipped 
 
C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.ilg  Object is locked  skipped 
 
C:\Program Files\InstallShield Installation Information\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\Setup.ilg  Object is locked  skipped 
 
C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.ilg  Object is locked  skipped 
 
C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.ilg  Object is locked  skipped 
 
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\$Acer$.cmd  Object is locked  skipped 
 
C:\ProgramData\Microsoft\User Account Pictures\Guest.dat  Object is locked  skipped 
 
C:\ProgramData\Microsoft\User Account Pictures\RM.dat  Object is locked  skipped 
 
C:\ProgramData\NetZero\Accelerator\dblog.txt  Object is locked  skipped 
 
C:\ProgramData\NetZero\Accelerator\MainExceptions.log  Object is locked  skipped 
 
C:\ProgramData\NetZero\Accelerator\sdi.db  Object is locked  skipped 
 
C:\ProgramData\NetZero\Accelerator\sdi.lg  Object is locked  skipped 
 
C:\ProgramData\NetZero\Isp\BootExceptions.log  Object is locked  skipped 
 
C:\ProgramData\NetZero\Isp\ExecExceptions.log  Object is locked  skipped 
 
C:\ProgramData\NetZero\Isp\IspDblog.txt  Object is locked  skipped 
 
C:\ProgramData\NetZero\Isp\MainExceptions.log  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Acer Arcade\Log\Trace20071006.log  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\UsrClass.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\UsrClass.dat{29ab6020-6602-11dc-8f8c-00197e61ab50}.TM.blf  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\UsrClass.dat{29ab6020-6602-11dc-8f8c-00197e61ab50}.TMContainer00000000000000000001.regtrans-ms  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows\UsrClass.dat{29ab6020-6602-11dc-8f8c-00197e61ab50}.TMContainer00000000000000000002.regtrans-ms  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Microsoft\Windows Defender\FileTracker\{39355B70-8F7A-4F40-B2BE-EB9BC5E5355A}  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\Cookies\index.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\History\History.IE5\index.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\History\History.IE5\MSHist012007100620071007\index.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\~DF6C39.tmp  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\~DF6C40.tmp  Object is locked  skipped 
 
C:\Users\Robert Mansfield\AppData\Local\Temp\~DFB701.tmp  Object is locked  skipped 
 
C:\Users\Robert Mansfield\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe  Infected: not-a-virus:RiskTool.Win32.Reboot.f  skipped 
 
C:\Users\Robert Mansfield\Desktop\SmitfraudFix.exe/data.rar  Infected: not-a-virus:RiskTool.Win32.Reboot.f  skipped 
 
C:\Users\Robert Mansfield\Desktop\SmitfraudFix.exe  RarSFX: infected - 2  skipped 
 
C:\Users\Robert Mansfield\ntuser.dat  Object is locked  skipped 
 
C:\Users\Robert Mansfield\ntuser.dat.LOG1  Object is locked  skipped 
 
C:\Users\Robert Mansfield\ntuser.dat.LOG2  Object is locked  skipped 
 
C:\Users\Robert Mansfield\ntuser.dat{ee8063f4-562d-11dc-b393-00197e61ab50}.TM.blf  Object is locked  skipped 
 
C:\Users\Robert Mansfield\ntuser.dat{ee8063f4-562d-11dc-b393-00197e61ab50}.TMContainer00000000000000000001.regtrans-ms  Object is locked  skipped 
 
C:\Users\Robert Mansfield\ntuser.dat{ee8063f4-562d-11dc-b393-00197e61ab50}.TMContainer00000000000000000002.regtrans-ms  Object is locked  skipped 
 
C:\Users\Robert Mansfield\SmitfraudFix\Reboot.exe  Infected: not-a-virus:RiskTool.Win32.Reboot.f  skipped 
 
C:\Windows\Debug\PASSWD.LOG  Object is locked  skipped 
 
C:\Windows\Debug\sam.log  Object is locked  skipped 
 
C:\Windows\Debug\WIA\wiatrace.log  Object is locked  skipped 
 
C:\Windows\Logs\CBS\CBS.log  Object is locked  skipped 
 
C:\Windows\Logs\DPX\setupact.log  Object is locked  skipped 
 
C:\Windows\Logs\DPX\setuperr.log  Object is locked  skipped 
 
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config  Object is locked  skipped 
 
C:\Windows\Panther\UnattendGC\diagerr.xml  Object is locked  skipped 
 
C:\Windows\Panther\UnattendGC\diagwrn.xml  Object is locked  skipped 
 
C:\Windows\Panther\UnattendGC\setupact.log  Object is locked  skipped 
 
C:\Windows\Panther\UnattendGC\setuperr.log  Object is locked  skipped 
 
C:\Windows\security\database\secedit.sdb  Object is locked  skipped 
 
C:\Windows\SoftwareDistribution\EventCache\{508D358C-C3BD-45E4-B819-49207D5742EA}.bin  Object is locked  skipped 
 
C:\Windows\SoftwareDistribution\ReportingEvents.log  Object is locked  skipped 
 
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0  Object is locked  skipped 
 
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0  Object is locked  skipped 
 
C:\Windows\System32\catroot2\edb.log  Object is locked  skipped 
 
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb  Object is locked  skipped 
 
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb  Object is locked  skipped 
 
C:\Windows\System32\config\components  Object is locked  skipped 
 
C:\Windows\System32\config\COMPONENTS.LOG1  Object is locked  skipped 
 
C:\Windows\System32\config\COMPONENTS.LOG2  Object is locked  skipped 
 
C:\Windows\System32\config\default  Object is locked  skipped 
 
C:\Windows\System32\config\DEFAULT.LOG1  Object is locked  skipped 
 
C:\Windows\System32\config\DEFAULT.LOG2  Object is locked  skipped 
 
C:\Windows\System32\config\sam  Object is locked  skipped 
 
C:\Windows\System32\config\SAM.LOG1  Object is locked  skipped 
 
C:\Windows\System32\config\SAM.LOG2  Object is locked  skipped 
 
C:\Windows\System32\config\security  Object is locked  skipped 
 
C:\Windows\System32\config\SECURITY.LOG1  Object is locked  skipped 
 
C:\Windows\System32\config\SECURITY.LOG2  Object is locked  skipped 
 
C:\Windows\System32\config\software  Object is locked  skipped 
 
C:\Windows\System32\config\SOFTWARE.LOG1  Object is locked  skipped 
 
C:\Windows\System32\config\SOFTWARE.LOG2  Object is locked  skipped 
 
C:\Windows\System32\config\system  Object is locked  skipped 
 
C:\Windows\System32\config\SYSTEM.LOG1  Object is locked  skipped 
 
C:\Windows\System32\config\SYSTEM.LOG2  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms  Object is locked  skipped 
 
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms  Object is locked  skipped 
 
C:\Windows\System32\Ikeext.etl  Object is locked  skipped 
 
C:\Windows\System32\LogFiles\Scm\SCM.EVM  Object is locked  skipped 
 
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl  Object is locked  skipped 
 
C:\Windows\System32\restore\MachineGuid.txt  Object is locked  skipped 
 
C:\Windows\System32\spool\SpoolerETW.etl  Object is locked  skipped 
 
C:\Windows\System32\sysprep\Panther\diagerr.xml  Object is locked  skipped 
 
C:\Windows\System32\sysprep\Panther\diagwrn.xml  Object is locked  skipped 
 
C:\Windows\System32\sysprep\Panther\setupact.log  Object is locked  skipped 
 
C:\Windows\System32\sysprep\Panther\setuperr.log  Object is locked  skipped 
 
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof  Object is locked  skipped 
 
C:\Windows\System32\wbem\Logs\WMITracing.log  Object is locked  skipped 
 
C:\Windows\System32\wbem\repository\INDEX.BTR  Object is locked  skipped 
 
C:\Windows\System32\wbem\repository\MAPPING1.MAP  Object is locked  skipped 
 
C:\Windows\System32\wbem\repository\MAPPING2.MAP  Object is locked  skipped 
 
C:\Windows\System32\wbem\repository\OBJECTS.DATA  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Application.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\DFS Replication.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Key Management Service.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\ODiag.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\OSession.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Security.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\Setup.evtx  Object is locked  skipped 
 
C:\Windows\System32\winevt\Logs\System.evtx  Object is locked  skipped 
 
C:\Windows\Tasks\SCHEDLGU.TXT  Object is locked  skipped 
 
C:\Windows\tracing\BAP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\IpHlpSvc.LOG  Object is locked  skipped 
 
C:\Windows\tracing\KMDDSP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\NDPTSP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\PPP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASAPI32.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASBACP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASCCP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASDLG.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASEAP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASIPCP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASIPHLP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASIPV6CP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASMAN.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASPAP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASQEC.LOG  Object is locked  skipped 
 
C:\Windows\tracing\RASTAPI.LOG  Object is locked  skipped 
 
C:\Windows\tracing\remotesp.LOG  Object is locked  skipped 
 
C:\Windows\tracing\svchost_RASCHAP.LOG  Object is locked  skipped 
 
C:\Windows\tracing\svchost_RASTLS.LOG  Object is locked  skipped 
 
C:\Windows\tracing\tapi32.LOG  Object is locked  skipped 
 
C:\Windows\WindowsUpdate.log  Object is locked  skipped 
 
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd  Object is locked  skipped 
 
Scan process completed.

cobaltazule

  • SCF VIP Member
  • *****
  • Posts: 75
  • KARMA: 9
  • Gender: Male
Samker
I will run antivirus software for the infections Kaspersky found, but how do I "unlock" all those files the on-line scan could not access?
Again,my friend thank you
robert

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Good Morning Robert, (in my Country it's :)),

don't run AntiVirus now, we will do that later.

Please provide me new HJT log after uninstaling Kaspersky and eTrust PestPatrol.

After that we will continue cleaning.

Regards,

Samker

Samker's Computer Forum - SCforum.info


Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
I was just check your Kaspersky log and don't worry everything is Ok. This is just "false positive" detection.

HJT will tell us more about problem.

S.

cobaltazule

  • SCF VIP Member
  • *****
  • Posts: 75
  • KARMA: 9
  • Gender: Male
good morning samker
I am having trouble getting that eTRUST out of my system. I cannot find it in any list of programs to uninstall. I thought I had deleted it before but it continues to send popups on my screen at various times. I have tried the standard control panel options to no avail. I have vista. Is there a way I can get into system and remove it manually.
thank you for your patience.
 robert

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
No problem, we will now go to fix more problems.

First: turn of System Restore.

Second: Download CCleaner: http://scforum.info/index.php/topic,1133.0.html

Run all possible tools inside of CCleaner, but be cerafuly with this:

- Inside of Cleaner/Windows check all (except Desktop Shortcuts).

- Inside of Tools use Uninstal but don't touch Startup yet.


And after all provide us new HJT log.

cya,

Samker




cobaltazule

  • SCF VIP Member
  • *****
  • Posts: 75
  • KARMA: 9
  • Gender: Male
I will do it right now.
Thank you

cobaltazule

  • SCF VIP Member
  • *****
  • Posts: 75
  • KARMA: 9
  • Gender: Male
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:00 AM, on 10/7/2007
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\NetZero\exec.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\ROBERT~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
C:\Users\Robert Mansfield\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.44.66;64.136.52.66;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*.dir.untd.com;cf.netzero.net;qs.netzero.net;<local>
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NetZero\SearchEnh1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Pop-up Blocker - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ALaunch] C:\ACERSW\AUDIT\ALAUNCH.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O13 - Gopher Prefix:
O15 - Trusted Zone: *.netzero.com
O15 - Trusted Zone: *.netzero.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CFD893E3-54C5-444D-9FBA-DB288442A529}: NameServer = 64.136.44.74 64.136.52.74
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 6383 bytes

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising