-
Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.
Bkdr Coreflood.a
- Thread starter joetech
- Start date
- Status
- Joined
- Oct 9, 2001
- Messages
- 9,396
Do this:
go to http://www.lurkhere.com/~nicefiles/ , and download 'Hijack This!'.....
Unzip it to its own folder, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please copy & paste its contents to the forum.
It will possibly show other issues deserving our attention, but most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.
If you have anything disabled by MSConfig or any other startup manager, please re-enable it before scanning to post.
go to http://www.lurkhere.com/~nicefiles/ , and download 'Hijack This!'.....
Unzip it to its own folder, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please copy & paste its contents to the forum.
It will possibly show other issues deserving our attention, but most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.
If you have anything disabled by MSConfig or any other startup manager, please re-enable it before scanning to post.
joetech
Thread Starter
- Joined
- Nov 4, 2001
- Messages
- 259
Went to Houscall webpage then overlay problem appeared on next page. Went to this Forum and was unreadable due to page overlay. Had to reboot.
clicked on ZoneAlarm update but can not access,due to blank window.
Logfile of HijackThis v1.97.7
Scan saved at 6:48:32 PM, on 4/26/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\HAMPANEL.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\VSTASCAN\VSACCESS.EXE
C:\ATI\ATIDESK\ATISCHED.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0\CSTRAY.EXE
C:\PROGRAM FILES\SUPREME OFFICE SUITE3.0\PROGRAM\SOFFICE.EXE
C:\PROGRAM FILES\RINGCENTRAL\BUZME\RCUI.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTOIMPACT 5\ABMTSR.EXE
D:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0\WCS2000.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HaMFrontPanel] C:\WINDOWS\hampanel /B:Software\Intel\HaM
O4 - HKLM\..\Run: [Atikey] Atitask.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: PrintMaster Event Reminder.lnk = C:\Program Files\Canon Creative\PrintMaster\Pmremind.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Startup: Supreme Office Suite 3.0.lnk = C:\Program Files\Supreme Office Suite3.0\program\quickstart.exe
O4 - Startup: ATI Scheduler.lnk = C:\ati\atidesk\atisched.exe
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0\cstray.exe
O4 - Startup: Check for TWS Updates.lnk = C:\jts\WiseUpdt.exe
O4 - Startup: BuzMe.lnk = C:\Program Files\RingCentral\BuzMe\RCUI.exe
O4 - Startup: Album Fast Start.lnk = C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\ABMTSR.EXE
O4 - Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
clicked on ZoneAlarm update but can not access,due to blank window.
Logfile of HijackThis v1.97.7
Scan saved at 6:48:32 PM, on 4/26/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\HAMPANEL.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\VSTASCAN\VSACCESS.EXE
C:\ATI\ATIDESK\ATISCHED.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0\CSTRAY.EXE
C:\PROGRAM FILES\SUPREME OFFICE SUITE3.0\PROGRAM\SOFFICE.EXE
C:\PROGRAM FILES\RINGCENTRAL\BUZME\RCUI.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTOIMPACT 5\ABMTSR.EXE
D:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0\WCS2000.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HaMFrontPanel] C:\WINDOWS\hampanel /B:Software\Intel\HaM
O4 - HKLM\..\Run: [Atikey] Atitask.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: PrintMaster Event Reminder.lnk = C:\Program Files\Canon Creative\PrintMaster\Pmremind.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Startup: Supreme Office Suite 3.0.lnk = C:\Program Files\Supreme Office Suite3.0\program\quickstart.exe
O4 - Startup: ATI Scheduler.lnk = C:\ati\atidesk\atisched.exe
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0\cstray.exe
O4 - Startup: Check for TWS Updates.lnk = C:\jts\WiseUpdt.exe
O4 - Startup: BuzMe.lnk = C:\Program Files\RingCentral\BuzMe\RCUI.exe
O4 - Startup: Album Fast Start.lnk = C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\ABMTSR.EXE
O4 - Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
- Status
Users Who Are Viewing This Thread (Users: 0, Guests: 1)
As Seen On
Welcome to Tech Support Guy!
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
Join over 807,865 other people just like you!
