|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
08-22-2007, 08:46 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jan 2007
Posts: 156
OS: XP
|
Computer Cleanup
I have not been having any serious trouble but I have noticed a slight slowing in my internet speed and have experienced a few pop-ups. Please look at my log and let me know what I might be able to do. Thank you
Deckard's System Scanner v20070819.64 Run by mine on 2007-08-22 22:35:01 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 45: 2007-08-23 02:35:09 UTC - RP557 - Deckard's System Scanner Restore Point 44: 2007-08-22 15:43:48 UTC - RP556 - System Checkpoint 43: 2007-08-21 15:05:48 UTC - RP555 - System Checkpoint 42: 2007-08-20 13:46:18 UTC - RP554 - System Checkpoint 41: 2007-08-19 07:32:01 UTC - RP553 - Removed Ventrilo Client -- First Restore Point -- 1: 2007-05-25 15:15:05 UTC - RP513 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as mine.exe) ------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 10:36:04 PM, on 8/22/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Apoint\Apntex.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\mine\Desktop\dss.exe C:\HIJACK~1\mine.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ufl.edu/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1147317696468 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1147317667734 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F116E1D4-3D81-4179-9D7F-8F85821E5215}: NameServer = 68.1.18.30,68.11.16.30 O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: McAfee Application Installer Cleanup (0188861187632573) (0188861187632573mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\018886~1.EXE (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - C:\altera\quartus51\bin\JTAGServer.exe (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver> R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver> R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1> R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver> R2 Sentinel - c:\windows\system32\drivers\sentinel.sys <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver> R3 Tosrfbd (Bluetooth RFBUS from TOSHIBA) - c:\windows\system32\drivers\tosrfbd.sys <Not Verified; TOSHIBA CORPORATION; Bluetooth BUS Driver(WindowsXP,Windows2000)> R3 Tosrfhid (Bluetooth RFHID from TOSHIBA) - c:\windows\system32\drivers\tosrfhid.sys <Not Verified; TOSHIBA Corporation.; Bluetooth HID Driver from TOSHIBA> R3 Tosrfusb (Bluetooth USB Controller) - c:\windows\system32\drivers\tosrfusb.sys <Not Verified; TOSHIBA CORPORATION; Bluetooth USB Miniport Driver(Windows2000,WindowsXP)> S1 Tosrfcom - c:\windows\system32\drivers\tosrfcom.sys <Not Verified; TOSHIBA Corporation; Bluetooth RFCOMM Driver> S2 AlteraByteBlaster (Altera ByteBlaster) - c:\windows\system32\drivers\pgdhdlc.sys <Not Verified; Altera Corporation; Altera ByteBlaster Driver> S3 AlteraUSBBlaster (Altera USB-Blaster Device Driver) - c:\windows\system32\drivers\ftd2xx.sys <Not Verified; FTDI Ltd.; FT8U232AX> S3 FiltUSBEMPIA (USB Device Lower Filter) - c:\windows\system32\drivers\emfilter.sys <Not Verified; eMPIA Technology, Inc.; USB 28xx Video> S3 FreshIO - c:\program files\freshdevices\freshdiagnose\freshio.sys (file missing) S3 iatmunin - c:\docume~1\mine\locals~1\temp\iatmunin.sys (file missing) S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 NICCONFIGSVC - c:\program files\dell\nicconfigsvc\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc> R2 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module> R2 WLANKEEPER - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSOFSet Service> S2 0188861187632573mcinstcleanup (McAfee Application Installer Cleanup (0188861187632573)) - c:\windows\temp\018886~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing) S2 JTAGServer (Altera JTAG Server) - c:\altera\quartus51\bin\jtagserver.exe (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Broadcom 440x 10/100 Integrated Controller Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01881028&REV_02\4&2FA23535&0&00F0 Manufacturer: Broadcom Name: Broadcom 440x 10/100 Integrated Controller PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01881028&REV_02\4&2FA23535&0&00F0 Service: bcm4sbxp -- Scheduled Tasks ------------------------------------------------------------- 2007-08-01 01:00:12 350 --a------ C:\WINDOWS\Tasks\McQcTask.job 2007-04-15 15:45:02 348 --a------ C:\WINDOWS\Tasks\McDefragTask.job -- Files created between 2007-07-22 and 2007-08-22 ----------------------------- 2007-08-22 22:32:59 0 d-------- C:\ie-spyad 2007-08-22 22:32:04 0 d-------- C:\Program Files\SpywareBlaster 2007-08-22 18:42:05 0 d-------- C:\WINDOWS\system32\ActiveScan 2007-08-20 13:56:06 0 d-------- C:\WINDOWS\LastGood 2007-08-19 02:48:28 0 d-------- C:\Documents and Settings\mine\Application Data\BitTorrent 2007-08-19 02:47:41 0 d-------- C:\Program Files\BitTorrent -- Find3M Report --------------------------------------------------------------- 2007-08-22 19:21:56 0 d-------- C:\Program Files\Google 2007-08-22 19:19:03 0 d-------- C:\Program Files\Apoint 2007-08-22 18:39:38 0 d-------- C:\Program Files\XviD 2007-08-20 13:56:05 0 d-------- C:\Program Files\McAfee 2007-08-18 17:53:31 0 d-------- C:\Program Files\Mozilla Thunderbird 2007-08-08 21:36:55 0 d-------- C:\Program Files\World of Warcraft 2007-08-05 14:12:11 0 d-------- C:\Program Files\Common Files\McAfee 2007-07-22 21:01:44 0 d-------- C:\Documents and Settings\mine\Application Data\Ventrilo 2007-06-30 11:40:30 0 d-------- C:\Program Files\Common Files 2007-06-22 12:15:37 0 d-------- C:\Program Files\Java -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}] 07/27/2007 06:20 AM 324936 --a------ C:\Program Files\McAfee\MSK\mcapbho.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [09/13/2004 06:33 PM] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [10/30/2004 04:59 PM] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [12/06/2004 03:05 AM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/04/2007 02:33 AM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/15/2007 08:02 PM] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [10/18/2006 09:05 PM] "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{827D3881-317C-442A-B4ED-F576CBA700BB}"= blank [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 09/07/2004 06:08 PM 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^emRemote.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\emRemote.lnk backup=C:\WINDOWS\pss\emRemote.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Scheduler for TomMade.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Scheduler for TomMade.lnk backup=C:\WINDOWS\pss\Scheduler for TomMade.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy SpyRemover] C:\Documents and Settings\All Users\Desktop\Easy SpyRemover\EasySpyRemover.exe /smart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] AutoRun\command- E:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5672c5f5-ee66-11da-a56e-001422e94710}] AutoRun\command- E:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f692358-d250-11db-a5e4-00166f195e1a}] AutoRun\command- E:\LaunchU3.exe -- End of Deckard's System Scanner: finished at 2007-08-22 22:36:55 ------------ Incident Status Location Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\mine\Cookies\mine@2o7[1].txt Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\mine\Cookies\mine@ad.yieldmanager[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\mine\Cookies\mine@adrevolver[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\mine\Cookies\mine@adrevolver[2].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\mine\Cookies\mine@ads.pointroll[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\mine\Cookies\mine@advertising[1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\mine\Cookies\mine@atdmt[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\mine\Cookies\mine@atwola[1].txt Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\mine\Cookies\mine@casalemedia[1].txt Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\mine\Cookies\mine@ccbill[1].txt Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\mine\Cookies\mine@citi.bridgetrack[1].txt Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\mine\Cookies\mine@counter13.sextracker[1].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\mine\Cookies\mine@doubleclick[1].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\mine\Cookies\mine@fastclick[2].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\mine\Cookies\mine@mediaplex[1].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\mine\Cookies\mine@overture[1].txt Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\mine\Cookies\mine@realmedia[1].txt Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\mine\Cookies\mine@sextracker[1].txt Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\mine\Cookies\mine@statcounter[2].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\mine\Cookies\mine@tribalfusion[1].txt Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\mine\Cookies\mine@xxxcounter[1].txt Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\mine\Cookies\mine@yadro[1].txt Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\mine\Cookies\mine@zedo[2].txt Potentially unwanted tool:Application/Processor Not disinfected C:\RECYCLER\S-1-5-21-3672350697-1977981889-1021619408-1005\Dc5\SDFix.zip[SDFix.exe][SDFix\apps\Process.exe] |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
08-24-2007, 02:10 PM
|
#2 (permalink) |
|
Expert Analyst, Moderator, Security Team
Join Date: Sep 2006
Posts: 1,648
OS: xp
|
Re: Computer Cleanup
Hi CompNovice
I doubt these files are present but do check if they are please ? C:\WINDOWS\system32\csrnvrt.exe C:\WINDOWS\system32\winzrs32.exe I assume BitTorrent is uninstalled ? if so this item can be fixed using Hijackthis: O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized ----------- Im not seeing anything suspicious that could be cousing a slow internet speed. |
|
|
|
|
08-24-2007, 03:24 PM
|
#3 (permalink) |
|
Registered User
Join Date: Jan 2007
Posts: 156
OS: XP
|
Re: Computer Cleanup
LonnyRJones,
Thanks for getting back to me. I checked for the two files: C:\WINDOWS\system32\csrnvrt.exe C:\WINDOWS\system32\winzrs32.exe and they were not on my computer so I think that is ok. I also had HijackThis take care of the BitTorrent force_start. I found out that the reason that my internet was slow was that someone in my apartment complex was stealing my wireless internet, so I setup security and have had a better connection since. If you see anything else that might be dangerous to my computer please let me know, otherwise thank you for the help. |
|
|
|
|
08-24-2007, 05:21 PM
|
#4 (permalink) |
|
Expert Analyst, Moderator, Security Team
Join Date: Sep 2006
Posts: 1,648
OS: xp
|
Re: Computer Cleanup
Glad to hear you found the cause for slow internet speed
Your logs log look fine Think Prevention: Put in place a good hosts file http://www.mvps.org/winhelp2002/hosts.htm How To Download and Extract the HOSTS file: http://www.mvps.org/winhelp2002/hosts2.htm Repeat that proccess about once or twice a month To help avoid reinfection see "So how did I get infected in the first place?" http://castlecops.com/postlite7736-.html |
|
|
|
| Thread Tools | |
|
|
