Find your solution!

Sekaidus · 24-Nov-2006, 09:15 PM **#31**

it's just gonna start up explorer again though. Explorer wants to use all my tsr's.

**valis** · 24-Nov-2006, 09:21 PM **#32**

run the panda scan and paste the log here please.

Sekaidus · 24-Nov-2006, 09:23 PM **#33**

Will do.

Sekaidus · 24-Nov-2006, 11:12 PM **#34**

My Panda report doesn't want to present itself. The AVG and hjt report look like this
Logfile of HijackThis v1.99.1
Scan saved at 11:03:54 PM, on 11/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\New Folder\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com.../fix_homepage/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:00:36 PM 11/24/2006

+ Scan result:

HKU\S-1-5-21-3109758247-1983099084-2541831245-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP70\A0013267.dll -> Adware.SpywareStorm : Cleaned with backup (quarantined).
C:\WINDOWS\system32\hggebyw.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\khfefdc.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\yaywvts.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\drvgiz.dll -> Not-A-Virus.Hoax.Win32.Renos.fw : Cleaned with backup (quarantined).
C:\WINDOWS\system32\drvnos.dll -> Not-A-Virus.Hoax.Win32.Renos.fw : Cleaned with backup (quarantined).
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@bodybuildingcom. 112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ford.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@goodyear.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@msninvite.112.2o 7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@msnportal.112.2o 7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@partygaming.122. 2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@riptownmedia.122 .2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@stpetersburgtime s.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@usatoday1.112.2o 7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@rotator.adjuggle r[2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@epilot[1].txt -> TrackingCookie.Epilot : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@e-2dj6wfloeodzmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@a.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.

I'm rerunning panda.

Sekaidus · 24-Nov-2006, 11:15 PM **#35**

hjt looks the same except for the avg and the rundll32. Irritating!

Sekaidus · 24-Nov-2006, 11:17 PM **#36**

you think I should delete the R0's just for giggles?

**valis** · 24-Nov-2006, 11:18 PM **#37**

well, now we know what you got....wait for an expert.....no response 12 hours, type bump, or I'll take a crack at it.

**valis** · 24-Nov-2006, 11:18 PM **#38**

Quote:

Originally Posted by Sekaidus

you think I should delete the R0's just for giggles?

no.

Sekaidus · 24-Nov-2006, 11:23 PM **#39**

Panda doesn't want to run another scan. Maybe I should try again tommorrow? I save the log to a brand new panda folder, but the folder is empty. At this point I dunno what to do.

Sekaidus · 24-Nov-2006, 11:26 PM **#40**

Quote:

Originally Posted by valis

well, now we know what you got....wait for an expert.....no response 12 hours, type bump, or I'll take a crack at it.

Thanks again for the help. Talk to you tommorrow I hope. have a good weekend.

Sekaidus · 25-Nov-2006, 10:13 AM **#41**

Heh, It was set to view only programs not all files. That's why it looked empty. I did another one today the new panda scan looks like this.

Incident Status Location

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atwola[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@azjmp[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@belnk[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@cgi-bin[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@drivecleaner[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ehg-dig.hitbox[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@go[2].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@hc2.humanclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@hitbox[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@i.screensavers[2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@landing.domainsp onsor[1].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@maxserving[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@realmedia[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@searchportal.inf ormation[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@statcounter[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@stats.driveclean er[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@toplist[1].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tucows[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@www.systemdoctor[1].txt
Spyware:Cookie/Virusbursters Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@www.virusburster s[2].txt
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Possible Virus. Not disinfected C:\WINDOWS\system32\awtqo.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\awtsq.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\awvtt.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\ddabb.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\ddcyv.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\geebc.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\jkhfe.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\jkkll.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\mllmj.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\mllmm.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\mllmn.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\pmnnm.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\ssqrq.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\ssqrr.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\ssttq.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\ssttt.dll
Possible Virus. Not disinfected C:\WINDOWS\system32\vtsqr.dll

**valis** · 25-Nov-2006, 10:18 AM **#42**

okay, here's the deal. We've got it narrowed down toa virus. Mark this solved, and then post a new hjt log in the security forum.

v

**dvk01** · 25-Nov-2006, 10:26 AM **#43**

We are in security with this one now & it's showing vundo

Please download
VundoFix.exe
to your desktop.

Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button."
when VundoFix appears at reboot.

Sekaidus · 25-Nov-2006, 10:48 AM **#44**

Wow I actually have system idle with explorer running.

Logfile of HijackThis v1.99.1
Scan saved at 10:46:54 AM, on 11/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\New Folder\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com.../fix_homepage/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {462CE203-FF7F-4EC1-9FD0-19332105B0D3} - C:\WINDOWS\system32\vtsqr.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {755bbd1a-aa59-456c-afeb-b4c42c4dcb6f} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: winmbj32 - C:\WINDOWS\SYSTEM32\winmbj32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

**valis** · 25-Nov-2006, 11:03 AM **#45**

thanks dvk.

Tag Cloud
adware audio bios blue screen boot bsod computer connection crash dell desktop driver email error excel firefox freeze google hard drive hardware hijackthis install internet laptop linux malware network no sound outlook problem recovery router screen server slow sound speakers spyware startup trojan usb video virus vista webcam windows windows 7 windows vista windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for: