Thread: Need to get rid of Errorsafe (and other bad stuff)
View Single Post
Old 07-01-2007, 05:29 PM   #1 (permalink)
steve33809
Registered User
 
Join Date: Jul 2007
Posts: 6
OS: XP


Need to get rid of Errorsafe (and other bad stuff)
Hi folks....heres my problem(s): For a few weeks now errorsafe has been popping up about every 15 minutes...its really annoying. I get a popup box, and when I close it, MIE opens up to some antivirus webpage. I close that, a few more boxes pop up before it stops for a bit. Tried removing it with various programs with no luck. Also, I cant start my computer in safe mode. When I try, all I get is a black screen that says "safe mode" in all 4 corners and a cursor that I can move around but theres no desktop icons or anything...I think errorsafe may be just one of my problems.

Before I came here I ran a bunch of other programs, like adaware, spybot S&D, cCleaner, AVG, Rogue remover, and maybe one or 2 more...all of those programs found bad stuff. I "fixed" whatever I could with each program. Then I came here and just finished up the following:

Step one: check. Didnt find any of those on my pc.
Step 2: Check, Panda log included in this post.
Step 3: Half check. I installed spyware blaster but not IE-Spyad because I dont use MIE, and the website said it will have no effect on Netscape, which is the browser I use. If I still need to install it, let me know and I will.
Step 4: Had a few updates, installed whatever it said I needed. I already had XP SP2.
Step 5: check. Ran dss, then HJT. Logs posted below.

dss extra.txt is attached.

Here we go:

PANDA LOG:


Incident Status Location

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\hggebbx.dll
Adware:adware/midaddle Not disinfected c:\windows\system32\PreUninstall.exe
Adware:adware/ncase Not disinfected c:\windows\system32\saieau.dat
Spyware:spyware/new.net Not disinfected c:\windows\NDNuninstall5_64.exe
Adware:adware/sidesearch Not disinfected c:\program files\Lycos
Adware:adware/savenow Not disinfected c:\program files\Save
Spyware:spyware/searchcentrix Not disinfected Windows Registry
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_classes_root\clsid\{147A976E-EEE1-4377-8EA7-4716E4CDD239}
Adware:adware/wupd Not disinfected Windows Registry
Adware:Adware/PurityScan Not disinfected C:\Documents
Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\iz8vpjxy.default\cookies.txt[.kount.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Ashley\Application Data\Mozilla\Profiles\default\uz98qyre.slt\cookies.txt[.apmebf.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Ashley\Cookies\ashley@drivecleaner[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ashley\Cookies\ashley@image.checkmystats.com[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Ashley\Cookies\ashley@stats.drivecleaner[2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Ashley\Cookies\ashley@winantivirus[2].txt
Adware:Adware/SecurityError Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temp\wschtm35.dll
Adware:Adware/Gmter Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\BZTIREQX\popup[1].htm
Adware:Adware/Gmter Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\BZTIREQX\popup[2].htm
Adware:Adware/Gmter Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\GY6YTUN6\popup[1].htm
Adware:Adware/Gmter Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\I3FV8CQB\popup[1].htm
Adware:Adware/Gmter Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\I3FV8CQB\popup[2].htm
Adware:Adware/Gmter Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\I3FV8CQB\popup[3].htm
Adware:Adware/TrustIn Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\I3FV8CQB\trustinbar[1].exe
Adware:Adware/TrustIn Not disinfected C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\I3FV8CQB\trustinbar[2].exe
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Guest\Cookies\guest@banner[1].txt
Hacktool:HackTool/EvID4226 Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\Cache(15)\3ABED17Ad01[EvID4226Patch.exe]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[.2o7.net/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[.com.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[.xiti.com/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\cookies.txt[stat.onestat.com/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Process.exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\8CKOBM85\ffa_mv20070611[1]
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\HOMKV0JN\nauj_20070613_1[1]
Adware:Adware/TrustIn Not disinfected C:\Documents and Settings\Owner\My Documents\aaa\111\7WHv3ccfng.rar[crack.exe]
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe
Adware:Adware/MediaTickets Not disinfected C:\Program Files\Outerinfo\OiUninstaller.exe
Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\ffext.mod
Virus:Malware Generic Disinfected C:\Program Files\TGTSoft\StyleXP\ECLSXP21.exe
Virus:Malware Generic Disinfected C:\Program Files\TGTSoft\StyleXP\stylexpv2.01keygeneclipse.zip[StyleXP201/ECLSXP21.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\RECYCLER\S-1-5-21-3543578137-367442929-502361721-1003\Dc262.zip[SmitfraudFix/Process.exe]
Virus:Trj/Shutdown.Z Disinfected C:\RECYCLER\S-1-5-21-3543578137-367442929-502361721-1003\Dc262.zip[SmitfraudFix/restart.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\abrvarbc.dll
Adware:Adware/ISearch Not disinfected C:\WINDOWS\system32\HyperLinker.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\mljigfd.dll
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\taskmgr.dll
Adware:Adware/FindWhatever Not disinfected C:\WINDOWS\system32\unregister.exe
Virus:Malware Generic Disinfected C:\WINDOWS\system32\VIC32.DLL



DSS MAIN TEXT LOG

Deckard's System Scanner v20070611.50
Run by Owner on 2007-07-01 at 18:59:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
72: 2007-07-01 23:00:05 UTC - RP664 - Deckard's System Scanner Restore Point
71: 2007-07-01 22:55:04 UTC - RP663 - Software Distribution Service 3.0
70: 2007-06-30 19:07:25 UTC - RP662 - System Checkpoint
69: 2007-06-29 06:08:24 UTC - RP661 - Made by Registry Mechanic
68: 2007-06-28 04:23:09 UTC - RP660 - System Checkpoint


-- First Restore Point --
1: 2007-04-03 05:03:00 UTC - RP593 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 7:02:19 PM, on 7/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hphmon05.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AdsGone\adsgone.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Owner.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com/"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\prefs.js)
O2 - BHO: (no name) - {066A2CDC-319E-4460-BA45-C24562CD51AA} - C:\WINDOWS\system32\hggebbx.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINDOWS\system32\bovnjcet.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\RealBar.dll
O2 - BHO: (no name) - {53D006A8-DC46-4648-A97E-A46AF5C73C3E} - C:\WINDOWS\system32\ddcyv.dll
O2 - BHO: (no name) - {F02EE046-5EDB-0C2F-D592-7AA2D8F23A95} - (no file)
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [ScreenPrint32] C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\nwhikdfu.dll",forkonce
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [TClockEx] C:\Program Files\tclockex\TCLOCKEX.EXE
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AdsGone 2004.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2042B57E-6336-459E-B7CE-2A0F6C9E6AF8} (IEPlayInterface Class) - http://www.lotrdvd.com/dvdkey/extend...s/iaieplay.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_2us.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: ddcyv - C:\WINDOWS\system32\ddcyv.dll
O20 - Winlogon Notify: hggebbx - C:\WINDOWS\SYSTEM32\hggebbx.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\evwenlky.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe


-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\WINDOWS\System32\shell32.dll,-153
.hlp - hlpfile - DefaultIcon - C:\WINDOWS\hh.exe,0
.inf - inffile - DefaultIcon - C:\WINDOWS\System32\shell32.dll,-151
.ini - inifile - DefaultIcon - C:\WINDOWS\System32\shell32.dll,-151
.reg - regfile - DefaultIcon - C:\WINDOWS\regedit.exe,1
.txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,-152


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SbcpHid - c:\windows\system32\drivers\sbcphid.sys
R1 StyleXPHelper - c:\program files\tgtsoft\stylexp\stylexphelper.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SunkFilt (Alcor Micro Corp - 9360) - c:\windows\system32\drivers\sunkfilt.sys <Not Verified; Alcor Micro Corp.; SunkFilt>

S3 ASPI (Advanced SCSI Programming Interface Driver) - c:\windows\system32\drivers\aspi32.sys <Not Verified; Adaptec; Adaptec's ASPI Layer>
S3 DVC (USB DVC Svc) - c:\windows\system32\drivers\dvc.sys <Not Verified; Your Corporation; Your Product Name>
S3 NPF (NetGroup Packet Filter Driver) - c:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
S3 Sunkfiltp (HP && Alcor Micro Corp for Phison) - c:\windows\system32\drivers\sunkfiltp.sys (file missing)
S3 SYMIDSCO - c:\windows\system32\drivers\symidsco.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 StyleXPService - "c:\program files\tgtsoft\stylexp\stylexpservice.exe" <Not Verified; ; StyleXPService Module>

S2 DomainService - c:\windows\system32\evwenlky.exe /service (file missing)
S3 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "c:\program files\winpcap\rpcapd.exe" -d -f "c:\program files\winpcap\rpcapd.ini" <Not Verified; CACE Technologies; Remote Packet Capture Daemon>


-- Scheduled Tasks -------------------------------------------------------------

2007-07-01 19:02:00 412 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-06-25 07:48:00 300 --a------ C:\WINDOWS\Tasks\Ad-aware 6.job


-- Files created between 2007-06-01 and 2007-07-01 -----------------------------

2007-07-01 18:46:16 0 d-------- C:\Program Files\SpywareBlaster
2007-07-01 16:45:18 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-07-01 16:45:12 0 d-------- C:\WINDOWS\LastGood
2007-07-01 16:18:27 128576 --a------ C:\WINDOWS\system32\nwhikdfu.dll
2007-07-01 16:13:21 128576 -----n--- C:\WINDOWS\system32\csqbkayp.dll
2007-07-01 14:58:44 0 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2007-07-01 14:58:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-07-01 13:04:05 128576 --a------ C:\WINDOWS\system32\qnjiglhd.dll
2007-06-30 13:17:23 128576 --a------ C:\WINDOWS\system32\lsjjiino.dll
2007-06-29 15:02:00 128576 --a------ C:\WINDOWS\system32\jirkvrba.dll
2007-06-29 11:02:52 128576 --a------ C:\WINDOWS\system32\kyopwljo.dll
2007-06-29 01:58:40 1356 --a------ C:\WINDOWS\system32\tmp.reg
2007-06-29 01:58:04 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-06-29 01:58:04 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-06-29 01:58:03 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-06-29 01:54:22 128576 --a------ C:\WINDOWS\system32\vttaauky.dll
2007-06-29 01:38:51 0 d-------- C:\Program Files\RogueRemover
2007-06-29 01:38:19 128576 -----n--- C:\WINDOWS\system32\vlbkkbai.dll
2007-06-29 00:34:17 0 d-------- C:\Program Files\Enigma Software Group
2007-06-27 13:20:39 128576 --a------ C:\WINDOWS\system32\xpyujbwl.dll
2007-06-26 11:07:39 66112 --a------ C:\WINDOWS\system32\bovnjcet.dll
2007-06-25 00:52:15 66176 --a------ C:\Documents and Settings\Ashley\ps.exe <Not Verified; @; z>
2007-06-25 00:51:02 31254 --a------ C:\WINDOWS\system32\mljigfd.dll
2007-06-25 00:50:19 66048 --a------ C:\Documents and Settings\Ashley\x.exe <Not Verified; Soeperman Enterprises Ltd.; BFU>
2007-06-25 00:50:17 159744 --a------ C:\Documents and Settings\Ashley\rm.exe <Not Verified; tingtong; xcvv>
2007-06-24 16:38:39 1863032 ---hs---- C:\WINDOWS\system32\vycdd.ini2
2007-06-23 02:27:24 62560 --a------ C:\WINDOWS\system32\abrvarbc.dll
2007-06-23 02:17:43 1856605 ---hs---- C:\WINDOWS\system32\vycdd.bak2
2007-06-22 14:17:36 1871774 ---hs---- C:\WINDOWS\system32\vycdd.bak1
2007-06-22 14:17:28 266336 --a------ C:\WINDOWS\system32\ddcyv.dll
2007-06-22 14:14:01 0 d-------- C:\bintheredunthat
2007-06-22 14:12:24 31254 --a------ C:\WINDOWS\system32\hggebbx.dll
2007-06-22 14:11:48 0 d--hs---- C:\Documents and Settings\Owner\Complete
2007-06-15 13:42:03 0 d-------- C:\New Samples
2007-06-06 01:28:17 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-06-06 01:28:16 0 d-------- C:\Program Files\DVD Shrink
2007-06-06 00:46:18 0 d-------- C:\Documents and Settings\Owner\Application Data\ImgBurn
2007-06-06 00:45:28 0 d-------- C:\Program Files\ImgBurn
2007-06-06 00:40:22 0 d-------- C:\Documents and Settings\Owner\Application Data\Common Files
2007-06-03 12:48:32 0 d-------- C:\Documents and Settings\Owner\Application Data\U3


-- Find3M Report ---------------------------------------------------------------

2007-07-01 18:19:35 0 d-------- C:\Program Files\tclockex
2007-07-01 18:19:07 0 d-------- C:\Program Files\ScreenPrint32 v3
2007-07-01 18:00:22 0 d-------- C:\Program Files\AdsGone
2007-06-28 00:05:32 0 d-------- C:\Program Files\GIANT Company Software
2007-06-26 11:10:45 352137 --a------ C:\swlist.reg
2007-06-25 13:57:32 0 d-------- C:\Program Files\Morpheus
2007-06-19 03:02:46 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-06-13 12:59:50 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeUM
2007-06-12 15:18:06 0 d-------- C:\Program Files\Common Files\?ystem
2007-06-12 15:18:06 0 d-------- C:\Program Files\Common Files\??stem
2007-06-11 10:33:10 0 d-------- C:\Program Files\Yahoo!
2007-06-11 10:32:44 0 dr-h----- C:\Documents and Settings\Owner\Application Data\yahoo!
2007-06-11 10:29:29 0 d-------- C:\Program Files\Windows Live Toolbar
2007-06-11 10:27:44 0 d-------- C:\Program Files\Soulseek
2007-06-11 10:25:09 0 d-------- C:\Program Files\NASA
2007-06-11 10:23:21 0 d-------- C:\Program Files\mIRC
2007-06-11 10:17:13 0 d-------- C:\Program Files\KaZaA Lite
2007-06-11 10:16:27 0 d-------- C:\Program Files\Easy DVD Creator
2007-06-11 10:15:42 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-06-11 10:14:48 0 d-------- C:\Program Files\Common Files\AOL
2007-06-06 00:40:09 0 d-------- C:\Documents and Settings\Owner\Application Data\HP
2007-05-31 11:41:44 0 d-------- C:\Program Files\Western Digital Technologies
2007-05-31 00:59:35 0 d-------- C:\Program Files\CCleaner
2007-05-31 00:44:39 0 d-------- C:\Program Files\MSXML 4.0
2007-05-31 00:31:35 0 d-------- C:\Program Files\Messenger
2007-05-30 23:51:35 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2007-05-30 23:51:35 0 d-------- C:\Documents and Settings\Owner\Application Data\?dobe
2007-05-30 23:51:24 0 d-------- C:\Program Files\Common Files\Adobe
2007-05-30 23:51:24 0 d-------- C:\Program Files\Common Files\?dobe
2007-05-30 23:51:24 0 d-------- C:\Program Files\Common Files\?dobe
2007-05-30 23:50:08 0 d-------- C:\Program Files\Astonsoft
2007-05-30 23:50:08 0 d-------- C:\Documents and Settings\Owner\Application Data\DeepBurner Pro
2007-05-30 23:50:07 0 d-------- C:\Program Files\MediaMonkey
2007-05-30 23:50:07 0 d-------- C:\Documents and Settings\Owner\Application Data\Walgreens
2007-05-30 23:50:07 0 d-------- C:\Documents and Settings\Owner\Application Data\Ashampoo
2007-05-30 23:50:03 0 d-------- C:\Program Files\Media Player Classic
2007-05-30 23:48:30 0 d-------- C:\Program Files\QuickTime Alternative
2007-05-30 23:48:09 0 d-------- C:\Program Files\Common Files\Ahead
2007-05-30 23:48:09 0 d-------- C:\Program Files\Ahead2
2007-05-22 10:26:11 0 d-------- C:\Program Files\OpenOffice.org1.1.2
2007-05-08 15:43:47 5 --a------ C:\WINDOWS\system32\SySVid.dat
2007-05-08 15:36:54 0 d-------- C:\Program Files\SuperAudiotool
2007-05-08 15:36:39 3082 --a------ C:\WINDOWS\system32\affv11300p4now.sys
2007-05-06 15:36:07 0 d-------- C:\Program Files\?dobe
2007-05-06 13:40:54 0 d-------- C:\Program Files\Xilisoft
2007-05-06 0423 0 d-------- C:\Program Files\ImTOO
2007-05-06 03:43:24 0 d-------- C:\Program Files\Ashampoo
2007-05-04 03:09:45 0 d-------- C:\Program Files\ATP


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{066A2CDC-319E-4460-BA45-C24562CD51AA} C:\WINDOWS\system32\hggebbx.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
{1F6581D5-AA53-4b73-A6F9-41420C6B61F1} C:\WINDOWS\system32\bovnjcet.dll
{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} C:\PROGRA~1\COMMON~1\Real\Toolbar\RealBar.dll
{53D006A8-DC46-4648-A97E-A46AF5C73C3E} C:\WINDOWS\system32\ddcyv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AutoTKit"="C:\\hp\\bin\\AUTOTKIT.EXE"
"HPHmon05"="C:\\WINDOWS\\System32\\hphmon05.exe"
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"LTMSG"="LTMSG.exe 7"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb12.exe"
"ScreenPrint32"="C:\\Program Files\\ScreenPrint32 v3\\ScreenPrint32.exe -startup"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"icq.com"="rundll32.exe \"C:\\WINDOWS\\system32\\nwhikdfu.dll\",forkonce"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"TClockEx"="C:\\Program Files\\tclockex\\TCLOCKEX.EXE"
"STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotSnD"="\"C:\\Program Files\\Spybot - Search & Destroy\\SpybotSD.exe\" /autocheck"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=dword:00000000
"StartMenuLogOff"=dword:00000000
"NoLogOff"=dword:00000000
"NoRun"=dword:00000000
"NoFind"=dword:00000000
"NoChangeStartMenu"=dword:00000000
"NoSetFolders"=dword:00000000
"NoNetSetup"=dword:00000000
"NoPrinters"=dword:00000000
"NoViewOnDrive"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{066A2CDC-319E-4460-BA45-C24562CD51AA}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcyv
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hggebbx

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
"location"="Common Startup"
"item"="America Online 9.0 Tray Icon"
"backup"="C:\\WINDOWS\\pss\\America Online 9.0 Tray Icon.lnkCommon Startup"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
"location"="Common Startup"
"command"="C:\\PROGRA~1\\UPDATE~1\\137903\\Program\\BACKWE~1.EXE -startup"
"item"="Updates from HP"
"backup"="C:\\WINDOWS\\pss\\Updates from HP.lnkCommon Startup"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Organize.lnk]
"backup"="C:\\WINDOWS\\pss\\Organize.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\HPORGA~1\\bin\\DISPLA~1.EXE \"-application\" \"core.hp.main/application.xml\" \"-appname\" \"eLife\""
"item"="Organize"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^spamsubtract.lnk]
"backup"="C:\\WINDOWS\\pss\\spamsubtract.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\INTERM~1\\SPAMSU~1\\SpamSub.exe -q"
"item"="spamsubtract"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mmtask"
"hkey"="HKLM"
"command"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmtask.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScreenPrint32]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ScreenPrint32"
"hkey"="HKLM"
"command"="C:\\Program Files\\ScreenPrint32 v3\\ScreenPrint32.exe -startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Shareaza"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Shareaza\\Shareaza.exe\" -tray"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SLock]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SpyLock"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K]
Shell\AutoRun\command K:\LaunchU3.exe -a

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3a9f5a4-12bb-11dc-b482-00038a000015}]
Shell\AutoRun\command K:\wd_windows_tools\setup.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb4dcb1c-1065-11dc-b47e-00038a000015}]
Shell\AutoRun\command K:\LaunchU3.exe -a


-- Hosts -----------------------------------------------------------------------

127.0.0.1 ads.datingyes.com
127.0.0.1 adserver2.mediainsight.de
127.0.0.1 adserver3.eudora.com
127.0.0.1 adserver4.eudora.com
127.0.0.1 adlink.deh.nl
127.0.0.1 advert.stealth.nl
127.0.0.1 www.banneroverdrive.com
#[Adcycle]
127.0.0.1 ad.120-gen.tbn.ru
127.0.0.1 ad.3ad.doubleclick.net

5642 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2007-07-01 at 19:03:25 ---------


HIJACKTHIS LOG:

Logfile of HijackThis v1.99.1
Scan saved at 7:05:48 PM, on 7/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hphmon05.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AdsGone\adsgone.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com/"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\a4f1z77c.slt\prefs.js)
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [ScreenPrint32] C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\nwhikdfu.dll",forkonce
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [TClockEx] C:\Program Files\tclockex\TCLOCKEX.EXE
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AdsGone 2004.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2042B57E-6336-459E-B7CE-2A0F6C9E6AF8} (IEPlayInterface Class) - http://www.lotrdvd.com/dvdkey/extend...s/iaieplay.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_2us.cab
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\evwenlky.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe



Thanks in advance for ANY help!

Steve
Attached Files
File Type: txt extra.txt (18.8 KB, 0 views)
steve33809 is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here