Over 1 million tech questions and answers.

Active Scan Report + DSS Report

Q: Active Scan Report + DSS Report

Incident Status Location

Spyware:Spyware/SafeSurf Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\ExtractDLL.dll
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\mit49.tmp[NNBar_VCSetup_876088_log.exe]
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\mit49.tmp.cab[NNBar_VCSetup_876088_log.exe]
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\NNBar_VCSetup_876088_log.exe
Adware:Adware/Beginto Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\smo46.tmp
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Marie-Pier\Cookies\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][1].txt
Spyware:Cookie/Enhance Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][1].txt
Spyware:Cookie/Smartadserver Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Cookies\[email protected][1].txt
Virus:Trj/Clicker.WM Disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\6FE7YX2R\ucleaner_setup[1].exe
Adware:Adware/WinAntiVirus2007 Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\856VW1MZ\WinAntiVirusPro2007FreeInstall_fr[1].cab[UWA7PV_0001_N96M0206NetInstaller.exe]
Adware:Adware/UltimateCleaner Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\LFFJLTWE\hlpsrv[1].exe
Adware:Adware/UltimateCleaner Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\LFFJLTWE\hlpsrv[2].exe
Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\LFFJLTWE\xc42[1].exe
Virus:Trj/Downloader.PCQ Disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\NLXNIQYT\lkjh[1]
Adware:Adware/Adsmart Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Local Settings\Temporary Internet Files\Content.IE5\W3PFMQ79\xc23[1].exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Mes documents\Kael\Setups\Solution\VirtumundoBeGone.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Mes documents\Setups\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Mes documents\Setups\SmitfraudFix.zip[SmitfraudFix/restart.exe]
Virus:Generic Malware Disinfected C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
Hacktool:Hacktool/Hammer Not disinfected C:\Program Files\Robster Productions\Halflife Logo Creator\HLC.exe
Adware:Adware/PurityScan Not disinfected C:\Program Files\?racle\i?xplore.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 7\RP48\A0002306.dll
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 6\RP48\A0002307.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 5\RP48\A0002308.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 4\RP48\A0002311.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 3\RP48\A0002316.dll
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 2\RP48\A0002317.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 1\RP48\A0002318.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore thread search menu 0\RP48\A0002324.dll
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 9\RP48\A0002325.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 8\RP48\A0002326.exe
Adware:Adware/VirusBursters Not disinfected C:\System Volume Information\_restore / thread search menu 7\RP48\A0002327.exe
Potentially unwanted tool:Application/VirusBursters Not disinfected C:\System Volume Information\_restore / thread search menu 6\RP48\A0002338.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 5\RP48\A0002339.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 4\RP48\A0002340.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 3\RP48\A0002341.exe
Adware:Adware/VirusBurst Not disinfected C:\System Volume Information\_restore / thread search menu 2\RP48\A0002343.dll
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 1\RP48\A0002344.dll
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore / thread search menu 0\RP48\A0002345.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore **************************************************** 9\RP48\A0002346.exe
Adware:Adware/PerfectCodec Not disinfected C:\System Volume Information\_restore **************************************************** 8\RP48\A0002347.exe
Adware:Adware/PCodec Not disinfected C:\System Volume Information\_restore **************************************************** 7\RP48\A0002351.exe
Adware:Adware/PCodec Not disinfected C:\System Volume Information\_restore **************************************************** 6\RP48\A0002352.dll
Potentially unwanted tool:Application/VirusBursters Not disinfected C:\System Volume Information\_restore **************************************************** 5\RP48\A0002355.exe[VirusBursters.exe]
Adware:Adware/SecurityError Not disinfected C:\System Volume Information\_restore **************************************************** 4\RP48\A0002356.exe[??\isecur.dll]
Adware:Adware/Mirar Not disinfected C:\System Volume Information\_restore **************************************************** 3\RP70\A0002636.exe
Virus:Trj/Downloader.PCQ Disinfected C:\VundoFix Backups\ctbgojod.exe.bad
Adware:Adware/Adsmart Not disinfected C:\WINDOWS\avp.exe
Virus:Generic Trojan Disinfected C:\WINDOWS\Downloaded Program Files\gsda.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\drvpowr.dll


Deckard's System Scanner v20070819.64
Run by Marie on 2007-08-23 19:07:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
68: 2007-08-23 23:07:42 UTC - RP277 - Deckard's System Scanner Restore Point
67: 2007-08-23 14:05:06 UTC - RP276 - AntiVir PersonalEdition Classic - 2007-08-23 10:04
66: 2007-08-22 17:34:07 UTC - RP275 - Removed ANIO Service
65: 2007-08-22 17:33:09 UTC - RP274 - Removed ANIWZCS2 Service
64: 2007-08-22 05:10:30 UTC - RP273 - Point de v?rification syst?me


-- First Restore Point --
1: 2007-06-19 16:45:44 UTC - RP210 - Point de v?rification syst?me


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-08-23 19:10:22
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Mes documents\Kael\Setups\Solution\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: Adobe PDF Reader Link Helper - **************************************************** 2 - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - **************************************************** 1 - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - **************************************************** 0 - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - / popup menu contents 9 - C:\WINDOWS\system32\jkkllih.dll (file missing)
O2 - BHO: SSVHelper Class - / popup menu contents 8 - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - / popup menu contents 7 - C:\WINDOWS\system32\qomnm.dll (file missing)
O2 - BHO: Google Toolbar Helper - / popup menu contents 6 - C:\Program Files\Google\GoogleToolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - / popup menu contents 5 - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - / popup menu contents 4 - C:\WINDOWS\system32\xjbtx.dll (file missing)
O3 - Toolbar: &Google - / popup menu contents 3 - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKEY_LOCAL_MACHINE\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKEY_LOCAL_MACHINE\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKEY_LOCAL_MACHINE\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Rtpu] "C:\PROGRA~1\YMANTE~1\dexplore.exe" -vt yazb
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - / popup menu contents 2 - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - / popup menu contents 1 - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - / popup menu contents 0 - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: (no name) - forum rules and admin links 9 - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - forum rules and admin links 8 - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - forum rules and admin links 7 - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: forum rules and admin links 6 (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: forum rules and admin links 5 (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: forum rules and admin links 4 (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: forum rules and admin links 3 (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: forum rules and admin links 2 (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/.../GAME_UNO1.cab
O16 - DPF: forum rules and admin links 1 (WUWebControl Class) - http://update.microsoft.com/windowsu...?1165285716111
O16 - DPF: forum rules and admin links 0 (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: /forum rules and admin links 9 (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: /forum rules and admin links 8 (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: /forum rules and admin links 7 (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: /forum rules and admin links 6 (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: /forum rules and admin links 5 (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: /forum rules and admin links 4 (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: cdo - /forum rules and admin links 3 - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: lid - /forum rules and admin links 2 - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: msnim - /forum rules and admin links 1 - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: mso-offdap - /forum rules and admin links 0 - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: skype4com - temp 9 - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll
O20 - AppInit_DLLs: NVDESK32.DLL
O20 - Winlogon Notify: jkkllih - C:\WINDOWS\system32\jkkllih.dll (file missing)
O20 - Winlogon Notify: winrnt32 - C:\WINDOWS\system32\winrnt32.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - "C:\Program Files\AntiVir PersonalEdition Classic\sched.exe"
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - "C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe"


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>

S3 PRISM_A02 (D-Link Wireless 802.11b/g Driver (USB)) - c:\windows\system32\drivers\prisma02.sys <Not Verified; Conexant Systems, Inc.; PRISM 802.11 Wireless LAN>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: temp 8
Description: Connexion r?seau Intel(R) PRO/100
Device ID: PCI\VEN_8086&DEV_2449&SUBSYS_30138086&REV_01\4&2B96F39&0&40F0
Manufacturer: Intel
Name: Connexion r?seau Intel(R) PRO/100
PNP Device ID: PCI\VEN_8086&DEV_2449&SUBSYS_30138086&REV_01\4&2B96F39&0&40F0
Service: E100B


-- Files created between 2007-07-23 and 2007-08-23 -----------------------------

2007-08-23 17:53:55 0 d-------- C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Application Data\Grisoft
2007-08-23 17:53:30 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2007-08-23 17:40:53 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-08-23 17:40:49 0 d-------- C:\WINDOWS\LastGood
2007-08-23 16:43:14 0 d-------- C:\VundoFix Backups
2007-08-23 13:09:23 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-08-23 10:20:19 949229 ---hs---- C:\WINDOWS\system32\mnmoq.ini2
2007-08-23 1003 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic
2007-08-23 10:01:48 934904 ---hs---- C:\WINDOWS\system32\mnmoq.bak2
2007-08-23 09:34:28 0 d-------- C:\Program Files\Ultimate Cleaner
2007-08-22 15:58:40 2 --a------ C:\WINDOWS\system32\wcpicomsv32.exe
2007-08-22 15:58:37 0 d-------- C:\Program Files\Outerinfo
2007-08-22 15:58:34 0 d-------- C:\Program Files\?racle
2007-08-22 12:15:17 6513 ---hs---- C:\WINDOWS\system32\mnmoq.bak1
2007-08-22 12:09:49 0 d-------- C:\Program Files\?ymantec
2007-08-22 12:09:43 15360 --a------ C:\WINDOWS\system32\drvpowr.dll
2007-08-22 12:09:43 96256 --a------ C:\WINDOWS\system32\drvpow.dll
2007-08-22 12:09:21 20480 --a------ C:\WINDOWS\avp.exe <Not Verified; MskSoftStudy Corp.; Anti-Virus Project (AVP) spyware removal module>
2007-08-05 20:04:17 0 d-------- C:\Program Files\Soulseek-Test


-- Find3M Report ---------------------------------------------------------------

2007-08-23 18:28:19 0 d-------- C:\Program Files\Messenger
2007-08-23 18:23:01 0 d-------- C:\Program Files\Google
2007-08-23 17:49:53 0 d-------- C:\Program Files\MSN Messenger
2007-08-23 14:38:11 0 d-------- C:\Program Files\Fichiers communs
2007-08-23 13:48:31 0 d-------- C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Application Data\Skype
2007-08-23 11:41:00 0 d-------- C:\Program Files\?ymantec
2007-08-22 15:58:34 0 d-------- C:\Program Files\?racle
2007-08-22 12:25:23 0 d-------- C:\Program Files\GameSpy Arcade
2007-08-22 10:43:16 0 d-------- C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Application Data\LimeWire
2007-08-07 09:03:59 0 d-------- C:\Program Files\Java
2007-07-20 1310 0 d-------- C:\Documents and Settings\Marie.MARIE-KT4001EGQ\Application Data\MySpace
2007-07-20 1300 0 d-------- C:\Program Files\MySpace
2007-07-13 00:51:09 0 d-------- C:\Program Files\LimeWire
2007-07-07 16:38:26 0 d-------- C:\Program Files\ElastoMania111
2007-06-14 22:48:55 445016 --a----c- C:\WINDOWS\system32\perfh00C.dat
2007-06-14 22:48:55 63614 --a----c- C:\WINDOWS\system32\perfc00C.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\ temp 7]
C:\WINDOWS\system32\jkkllih.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\ temp 6]
C:\WINDOWS\system32\qomnm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\ temp 5]
C:\WINDOWS\system32\xjbtx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-01-11 17:42]
"NvCplDaemon"="NvQTwk" []
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [2001-07-09 06:50]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 19:09]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-08 10:53]
"Rtpu"="C:\PROGRA~1\YMANTE~1\dexplore.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
" temp 4"= C:\WINDOWS\system32\jkkllih.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkllih]
jkkllih.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrnt32]
winrnt32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=NVDESK32.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ temp 3]
@="Volume shadow copy"

*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD



-- End of Deckard's System Scanner: finished at 2007-08-23 19:12:10 ------------

RELEVANCY SCORE 200
Preferred Solution: Active Scan Report + DSS Report

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Active Scan Report + DSS Report

hi EddyMeuh

Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.

===============================================

Additional Downloads

Please download these additional files/programs. Do not run them until instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.

=================


Download this file to your desktop.- Here

IMPORTANT - You must place combofix on your desktop!!

Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you.

Post the ComboFix.txt in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall


=================

Please Run a scan with HiJackThis and save the log

=================

In your next post, please include fresh logs from: ComboFix.txt
HiJackThis
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now

Read other 19 answers
RELEVANCY SCORE 101.6

Incident Status LocationAdware:adware/swimsuitnetwork Not disinfected c:\windows\system32\MYDLL.dllSpyware:spyware/cws.olehelp Not disinfected Windows RegistryMy Comp is running Good but What Should i nead to do now?

A:Panda Active Scan Report

MYDLL.dll is related to Spyware.ActualNames and often includes other malware files which ActiveScan may not have found. If you click on the Removal Tab in the Symantec link there are instructions for removing/unregistering the .dll.What OS (Win XP/2000, etc) are you using? What is your primary anti-virus and when was the last time you ran a scan? Have you performed any anti-spyware scans other than ActiveScan? If not, start here:If your running Win XP/2000, download and scan with Ewido Anti-Spyware v4.0 in "SAFE MODE".Print out the Ewido Install and Scan Instructions. Download and scan with Ad-Aware SE Personal 1.06. Setup & Configure as shown here.Download and scan with Spybot S&D 1.4. Setup & Configure as shown here.[DO NOT choose the option to install TeaTimer]Note: If you encounter any error messages while downloading the updates, manually download them from here.

Read other 6 answers
RELEVANCY SCORE 99.2

Doing as told...This dont look to pretty good...(lol)
Panda online scan results..Help



Incident Status Location

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Adam White\Cookies\adam [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Adam White\Cookies\adam [email protected][1].txt
Spyware:Cookie/BestOffersNetworks Not disinfected C:\Documents and Settings\Adam White\Cookies\adam [email protected][2].txt ... Read more

A:[SOLVED] Panda active scan report..Highjacked..Help

bump bump

Read other 5 answers
RELEVANCY SCORE 78.4

Hi Everyone,

I am getting the below error when i run the drill down report. error is populating for 5-7 seconds then generating the required report.
The attempt to connect to the report server failed. Check your connection information and that the report server is a compatible version. The request failed with HTTP status 404.

Some forums suggested to install the update in report server. but could not resolve the issue.
Cumulative Update 8 for SQL Server 2012 SP2

Read other answers
RELEVANCY SCORE 78.4

I have pulled USB port access details from Active Directory. The report came with ADs Path covering all the details like this ldap:///CN=Vineet Hooda 90055313,OU=Delhi,OU=Laptop Users,OU=xxxxx Users,DC=int,DC=xxxx,DC=in

I want only username and OU from this. How can I pull only these from Active Directory .

Thanks in Advance.

A:USB storage report from Active Directory

Moving this thread to Server Forum for better results.

Read other 1 answers
RELEVANCY SCORE 78

Dears,I have designed a database with many reports of certain importance. basically a report in my DB is one of two types; a Daily Report (requires a single criteria which is the date) and the second is a History report. To view or print a report, I have designed a Filter form to fill in with the report criteria and clicking a button to open the report.The first type (Daily R) work fine without problems. The second type (History R)has a problem. In this report, the criteria are two or three because a history report will retrieve data within a period, so I have to input (FromDate) and (ToDate)and may be adding another criteria which is called a company.In all history reports, the report header will accomodate the two input values of date and extract the rest of report items into the reprot detail area.The problem is, the desigened system doesnot respond well as expected. When I load the filter form to fill in criteria for a history report, I have input the FromDate and ToDate and selected the third criteria (if any), then, the reprot opens without data in it.on the other hand, I tried to load the report directly form opening it, inputing criteria, and it has worked fine without probelms.Would someone expect a key reason for this problem or dirtecly can solve this problem?Appreciate youtr support.Thanks in Advance.mhegazy
 

A:Solved: MS Access report load from a form having report criteria

Read other 16 answers
RELEVANCY SCORE 78

I just wanted to know if MS removed the system health report feature from performance monitor.
If so how do you start a system health report in Windows 10, it seems to differ from Windows 7
where you can find in advanced tools "Generate a system health report" ? Thanks!

Read other answers
RELEVANCY SCORE 77.6

Hello.

I have a report, with 3 sub-reports in. It collects all the data for a particular SiteID. in Each of the sub-reports, there is a cost value. One for Hardware, one for Mobiles, and one for Phone lines. I have fields at the top of report which reflects the values and totals them up. Works great, except:
When i have a SiteID with one of the subforms being empty; i.e no mobiles on the site it displays fine in the report view, but when i go to print or publish as a pdf it strips out the subform with no value, and throws an error in my calculation. I need the calculation there, which means i need it to stop striping out the subform with no value. I however cannot see how to do this...its just bugging me, its fine inthe report view, just when you send it to print.

Would grateful for some help,

Thanks Mike
 

A:Solved: Access Report removing sub-report when printing etc.

Read other 16 answers
RELEVANCY SCORE 77.6

I'll try and make this concise: BSODs occur even while desktop is not in use. Memory_Management and PFN_LIST_CORRUPT is what I remember seeing.

Also: IE9, IE10 and IE11 all "stop working" randomly. Chrome - ditto. FF32 - ditto.

I've run Memtest86 (10 passes) no errors.

The last BSOD was deliberate insofar as I was running Driver Verifier. I'm not sure if I am posting in the right area since the browser crashes and BSODs may be two separate issues ... ?

Dump files(s) attached. Please let me know if I can provide any additional info and thank you in advance for any help with this.

Attachment 342090

A:BSODs while idle; Driver Verifier report report available

*bUmP* Any wisdom out there please?

Read other 8 answers
RELEVANCY SCORE 77.2

hi
here is my HDD scan report, and I want to ask is it repairable or not?

A:HDD scan report

Check out spinrite, not only can it repair drives but it can condition a drive as well... a proven performer for over 20 years!

Read other 7 answers
RELEVANCY SCORE 77.2

Hi i'm new to computers can someone please tell me what these scan results mean

Thank you

A:Scan report Help

Welcome to PCHF
Can you tell us what program you used to make this report? Also are you having any issues with your computer?

Read other 5 answers
RELEVANCY SCORE 76.4

Here are things my computer does:

The "paste" function does not work.

Many things I try to open on my computer (whether they are programs that came with the computer, downloads, windows live, magicjack...) do not open and this message pops up: "This application failed to start because it's side-by-side configuration is incorrect. Please see the application log for more details."

Some friends recommended using malwarebytes to scan the computer... i was able to download it, but when I tried to run it, the above message came up.

A friend recommended downloading the Microsoft Visual C +++ 2008 Redistributable from their website, which I was able to do... but that was all. It didn't change any of my problems.

I am attaching the results... I HOPE someone knows what to do!!

THANKS

A:I have the report from my Combofix scan... Can someone help me?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your ... Read more

Read other 2 answers
RELEVANCY SCORE 76.4

Incident Status Location

Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\hugh\Application Data\Mozilla\Firefox\Profiles\8podr1n4.default\cookies.txt[media.fastclick.net/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\hugh\Application Data\Mozilla\Firefox\Profiles\8podr1n4.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\hugh\Application Data\Mozilla\Firefox\Profiles\8podr1n4.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Doubleclick... Read more

A:My Online Scan Report

Hi tomavfcno1 and welcome to TSF.

Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription.

--------------------------------------------------------------

Before beginning the proposed fix, read this post completely. Any questions should be kindly asked before proceeding. Ensure that there are no open browsers when carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

--------------------------------------------------------------

Please download SmitfraudFix (by S!Ri) to your Desktop.

Double-click smitfraudfix.exe to start the tool.
Select option #1 - Search by typing 1 and press "Enter"
and a text file will appear which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Do not run option #2 unless instructed to!!

--------------------------------------------------------------

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open... Read more

Read other 13 answers
RELEVANCY SCORE 76.4

Hi, looking to know what i should or should not delete in this. Main problem i'm having is internet explorer doesnt load any pages but mozilla and all other internet works fine.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:16:37 AM, on 2/19/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exec:\Program Files\Microsoft Security Essentials\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\Program Files\HP\HP Software Update\HPwuSchd2.exeC:\Program Files\Razer\Mamba\RazerTray.exeC:\Program Files\Microsoft Security Essentials\msseces.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.ex... Read more

A:Hijackthis scan report

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%�... Read more

Read other 2 answers
RELEVANCY SCORE 76.4

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:11:11, on 20/02/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\hpq\... Read more

A:Hijack This Scan Report pls

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.----------------------------------------------StartupLite sounds like the one for you.Please download StartupLite. to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve performance.See how you go with that.

Read other 20 answers
RELEVANCY SCORE 76.4

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:07:45 PM 8/4/2006

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\uninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\uninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\filesubmit\rainbowgirlwp.zip\NNWDAC638.EXE -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
[464] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Error during cleaning.
C:\Program Files\filesubmit\rainbowgirlwp.zip\Ezthemes_WhenUSaveNow_InstallerInst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Brenda\Cookies\[email protected][2].txt ... Read more

A:report from ewido scan

Hi and welcome

I have split your post off into your own thread. In the future if you have a Question/Problem please start a "New Thread".
It gets too confusing trying to address two different people's problem in the same thread and you may get overlooked.

Please continue in this thread.
 

Read other 2 answers
RELEVANCY SCORE 76.4

well... my problem started before a restore and HDD format(but format erases... yea i know...) before the crash it seemed in working order, till it crashed. after MUCH time trying to restore my files and system, i got fed up and just formatted my hard drive and re-installed windows xp. The massive 65-70GB chunk of "locked" information(presumably my backup i couldnt restore???) was gone but the directory it was under <C:\Documents and Settings\Owner\> is still there, only directly in C:\ labeled <My Backup -- 09-01-30 0235PM> it only contains the single root path leading into Owner\ which cannot be opened, deleted, altered in any way. obviously, it didn't get wiped from the formatting. Now occasionally on startup or after reboot only a few startup programs load and when i go to My Computer it has to "search/locate" just about every folder i click on and basic system operation is really slow, even seems like it freezes every now and again(but hasn't) i usually let it work itself out before just shutting my comp off cold. Takes a while sometimes but usually "catches up" with whatever it was doing, enough for me to shutdown from start menu or task manager. Then again, on occasion, it starts fine and runs good except for constant CPU usage and the computer seems to run abnormally hard(loud). I'm no professional computer tech but to the best of my knowledge and understanding this is whats going on. I've run Numerous anti virus, malware, s... Read more

A:DDS Scan Detail/Report

Hello and welcome to TSF.

If you still need help, please post a fresh DDS.txt as it has been a while since you posted.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please note that the forum is very busy and if I don?t hear from you in three days this thread will be closed.

Read other 2 answers
RELEVANCY SCORE 76.4

I can not acsess adobe.com's web site. I have tried to go through I.E. and netscape. Can you tell me what would be going on with this computer that would prevent me from this. Ive checked the security on this computer. Thanks
Here is the results to my scan.
Logfile of HijackThis v1.97.2
Scan saved at 10:53:16 AM, on 10/08/2003
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERWORKSTATION\DKSERVICE.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\TPPALDR.EXE
C:\USBSTORAGE\USBDETECTOR.EXE
C:\PROGRAM FILES\IOMEGA HOTBURN PRO\AUTOLAUNCH.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BACKWEB-8876480.EXE
C:\SMARTDRAW PHOTO\SDPHOTOBAR.EXE
C:\PROGRAM FILES\KONTIKI\BIN\KONTIKI.EXE
C:\PROGRAM FILES\COMMON FILES\INTUIT\QUICKBOOKS\QBUPDATE\QBUPDATE.EXE
C:\WINDOWS\DOWNLOADED PROGRAM FILES\EBAYTBAR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WM... Read more

A:Check my scan report, please

Read other 8 answers
RELEVANCY SCORE 76.4

i have the following error, c\:windows\system32
msiefr40.dll- i ran the highjack scan and here is my report:

can anyone help me please?

thanks,
sherri
 

A:highjack scan report

Read other 8 answers
RELEVANCY SCORE 76.4

I have scan results from GRM & COMBOFIX, thanks

A:GRM & COMBO FIX scan log report

On start up, I get message[ chrome://searchshield/content/overlay.js:234] also [js:90] & message says [do you want to continue running script? yes or no]anyone know what that means? and how to fix it? , Logs are attached. thanks

Read other 3 answers
RELEVANCY SCORE 76.4

After updating MalwareBytes Database, I did a quick scan today. It identified one malicious item as follows.

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\itunes.exe (Security.Hijack) -> No action taken.

Of course I ignored it but why is an iTunes Registry entry being identified as a malicious item? I have been using my iTunes for ever but MalwareBytes had never identified this entry as malicious earlier.

Could someone please give me an answer.

A:MalwareByte Scan Report

IFEO's, which is what this is, aren't always bad. In fact what triggered this is fairly commonplace in both good and bad apps.

In this particular case if itunes is working properly I wouldn't be too worried about it.

Read other 5 answers
RELEVANCY SCORE 76

In advice from Garmanma am posting the RSIT log report, as I tried to run the DDS report and it failed multiple times to generate a report....many thanks for all the helpROOTREPEAL ? AD, 2007-2009==================================================Scan Start Time: 2009/12/11 01:55Program Version: Version 1.3.5.0Windows Version: Windows XP SP3==================================================Drivers-------------------Name: dump_atapi.sysImage Path: C:WINDOWSSystem32Driversdump_atapi.sysAddress: 0xA9FCE000 Size: 98304 File Visible: No Signed: -Status: -Name: dump_WMILIB.SYSImage Path: C:WINDOWSSystem32Driversdump_WMILIB.SYSAddress: 0xF7B18000 Size: 8192 File Visible: No Signed: -Status: -Name: rootrepeal.sysImage Path: C:WINDOWSsystem32driversrootrepeal.sysAddress: 0xA999C000 Size: 49152 File Visible: No Signed: -Status: -Hidden/Locked Files-------------------Path: C:hiberfil.sysStatus: Locked to the Windows API!Path: C:WINDOWScurslib.dllStatus: Invisible to the Windows API!Path: C:WINDOWSsystem32curslib.dllStatus: Invisible to the Windows API!Path: C:WINDOWSsystem32wincert.dllStatus: Invisible to the Windows API!Path: C:WINDOWSsystem32configStatus: Invisible to the Windows API!Path: C:Program FilesDellMedia ExperienceIAPCSDKwinStatus: Invisible to the Windows API!Path: C:Program FilesCommon FilesAdobeTypeSptUnicodeMappingswinStatus: Invisible to the Windows API!Path: C:Program FilesInterActualInterActual PlayerPatchesartisan10000017000024000008t2xw... Read more

A:RSIT report and Info Settings report

Sorry but the first report sent was the ark.txt not the RSIT as names included with this are also the info settings, I hope I haven't messed anything up forinfo.txt logfile of random's system information tool 1.06 2009-12-11 11:35:28

======Uninstall list======

-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremui.dll::uninstall.htm"
-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mpf /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\mpfrem.ui::uninstall.htm
-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E}
-->rundll32.exe setupapi.dll,InstallHinfSection Default... Read more

Read other 12 answers
RELEVANCY SCORE 75.6

I scanned my computer with Adwcleaner in safe mode because adwcleaner wouldn't run otherwise, and the report is below. Neither Malwarebytes Pro or Hitman Pro finds anything, and after Adwcleaner says it has put the objects in quarantine and reboots the computer, the objects are back when I do another adwcleaner scan. What do I have?

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\allan\AppData\Roaming\Mozilla\Firefox\Profiles\1v5ybk8r.default-1410832319735\prefs.js ]
[ File : C:\Users\allan\AppData\Roaming\Mozilla\Firefox\Profiles\6xb7mt61.default\prefs.js ]
[ File : C:\Users\monsterzillaBAM\AppData\Roaming\Mozilla\Firefox\Profiles\hjeups96.default\prefs.js ]

Line Found : user_pref("[email protected]", true);

-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\allan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\monsterzillaBAM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Thanks in advance!

A:Firefox infected, scan report says:

Could just be tracking cookies. Do a cleaning of history in browser ( cache) ? How is Firefox and Chrome working, any pop ups or redirecting to other websites ?
Seems like the folders were web browsing history is put and browser settings.
Try resetting firefox too.

Use Windows malicious Removal tool, at run, MRT.exe

Read other 4 answers
RELEVANCY SCORE 75.6

I AM HAVING PROBLEMS WITH VIRUS,TROJANS AND WHO KNOWS WHAT ELSE I HAVE RAN SUPERANTISPYWARE AND MALWARE BYTES AND THESE ARE WHAT SAS FOUND AND REMOVED:ADWARE.TRACKING COOKIESADWARE.VUNDO VARIENT/RELROGUE.COMPONENT/TRAYWARE 2009CEROGUE.XPDELUXEPROTECTORTROJAN.ANGENT/GEN-FRAUDDROPTROJAN.ANGENT/GEN-FREDDYTROJAN.DROPPER/WIN-NVROGUE.XP ANTISPAND I WAS GETTING ALERTS FOR WIN32 VIRUSI AM ALSO HAVING PROBLEMS WITH MY IE8 BROWSING ASWELL:THIS IS WHAT I KEEP GETTING IN MY BROWSER POP UP EVERY 2-3 SEARCHES TELLING ME I AM INFECTEDInsecure Internet activity. Threat of virus attackDue to insecure Internet browsing your PC can easily get infected with viruses, worms and trojans without your knowledge, and that can lead to system slowdown, freezes and crashes.Also insecure Internet activity can result in revealing your personal information.To get full advanced real-time protection for PC and Internet activity, activate XP Deluxe Protector. We recommend you to protect your PC now and continue safe Internet browsing. Click here to get full advanced real-time protection and continue browsing. Continue to this website unprotected (not recommended).AND WANTS ME TO PURCHASE XP DELUXE PROTECTOR.I HAVE RAN A ROOT REPEAL REPORT SCAN AND A HIJACKTHIS LOG AND HAVE POSTED THEM BELOW...PLEASE HELP THANKSROOTREPEAL REPORT SCAN:ROOTREPEAL © AD, 2007-2009==================================================Scan Time: 2009/07/04 14:35Program Version: Version 1.3.0.0Windows Version: Windows XP SP3=====... Read more

A:HIJACKTHIS LOG AND ROOTREPEAL REPORT SCAN:

Hello, my name is fenzodahl512 and welcome to Bleeping Computer.. Please do the following....Please download The Comedian.exe by Rorschach112 to your desktopPlease disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..Double click the program to run it. It will only take around several minutes to run.It will do a series of tasks and tell you when each one is finished.You will be prompted to press any key after each stepWhen it is done it will close and exit itself automatically.You can delete The_Comedian.exe once it is finishedSTOP! if you can't complete this step.. Tell me more about it..NEXTPlease download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and ... Read more

Read other 17 answers
RELEVANCY SCORE 75.6

I did a virus scan using Avira Antivir. There were no viruses on the computer bit it said there were 53 warnings which are as follows:

C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\World of Destiny\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\World of Destiny\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\World of Destiny\Application Data\Microsoft\Windows Defender\FileTracker\{EF947A62-7966-422B-88F2-591853D7BF54}
[WARNING] The file could n... Read more

A:Solved: Warnings in scan report

Read other 9 answers
RELEVANCY SCORE 75.6

hi,
im new and will need some help,
here's my log report
what should i do?
thanks for help
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOINTGR.EXE
C:\Program Files\Navnt\POPROXY.EXE
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Canon\MultiPASS\monitr32.exe
C:\Program Files\Canon\MultiPASS\MPTBox.exe
C:\Program Files\Messenger Plus! 2\MsgPlus.exe
C:\Program Files\DownloadWare\dw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\System32\FxRedir.EXE
C:\Program Files\Navnt\Navapw32.exe
C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
C:\Documents and Settings\Stefaan\Application Data\DownloadPlus.exe
C:\Program Files\Canon\MultiPASS\mpservic.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\RapidBlaster\rb32.exe
C:\Documents and Settings\Stefaan\Local Settings\Temp\Tijdelijke map 1 voor hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.scourweb.net/nph-search.cgi?partner=wesb1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Inter... Read more

A:[Solved] scan hijackthis log report

Read other 16 answers
RELEVANCY SCORE 75.6

Hey there, I am a member of the World of Warcraft community and fell for a post on their forums claiming to be a picture of in game action, but it was at world0fwarcraft.com - the "O" in 'of' is a zero, and many people labeled it as a keylogger. I got a windows message at the top that a download had been stopped to assure my security, the information bar below the address bar. I've only run Spybot other than Hijack This, and I didn't pick up anything (Spybot is up to date).I guess I'm paranoid that I still might have something, but heres a list of processes and my Hijack this scan:Process PID CPU Description Company Name
System Idle Process 0 100.00
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 268 Windows NT Session Manager Microsoft Corporation
csrss.exe 316 Client Server Runtime Process Microsoft Corporation
winlogon.exe 492 Windows NT Logon Application Microsoft Corporation
services.exe 540 Services and Controller app Microsoft Corporation
svchost.exe 740 Generic Host Process for Win32 Services Microsoft Corporation
wmiprvse.exe 1784 WMI Microsoft Corporation
unsecapp.exe 900 WMI Microsoft Corporation
svchost.exe 812 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 856 Generic Host Process for Win32 Services Microsoft Corporation
wscntfy.exe 3576 Windows Security Center Notification App Microsoft Corporation
svchost.exe 904 Generic Host Process for ... Read more

A:Possible Keylogger (full Scan Report)

Arthas Download SDFix and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the following :Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum with a new HijackThis logThanks

Read other 1 answers
RELEVANCY SCORE 75.6

I followed the procedure recommended by noadhfear to get rid of Smitfraud. It seemed to have worked for the most part, but a couple of days before I did it, I started having trouble with Internet Explorer, so I was not able to run the ActiveScan.
When I run IE, it will work for a very short while and then just stop and all of the IE windows are gone and a message comes up saying something like "An error has occured and an error log will be generated" - although I can't find the error log.

I have included the report from HJT and from Ewido. Please check over these and let me know what needs to be removed and if there is any sign of why IE is not running properly.

Thanks.
Astro99

Logfile of HijackThis v1.99.1
Scan saved at 11:21:05 PM, on 8/24/2005
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP1 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\explorer.exe
C:\Program Files\NavNT\vptray.exe
C:\PROGRA~1\A... Read more

A:Help with HJT Log and Scan report after removing Smitfraud

Read other 7 answers
RELEVANCY SCORE 75.6

Hi there,

I have 2 machines, a Sony Vaio VGC-LS1 & a Dell XPS1730 laptop.....not on a network....using zoom adsl X6 modem for both.

Needed help to unintsall 2 softwares: Sonic encoders & Image Station....I get an error using Revo......need this file C:\abu\software603703.SND\ but I cannot find its location.

Contacted Sony neither they could help depite taking remote acess of the machine. Ran a PC health & gave me this report.

1. "The computer's video card is unsatisfactory "

Your computer's video card has been checked and is found to be not as per recommendations
The video card application demands a lot of space and resources from your computer. Thus it is essential to assess the requirements of this application to determine the condition of your computer.
I am using there own bultin Intel 945 GM graphic acelerator??

2. "The Internet Connection Sharing Service needs to be disabled "

The Internet Connection Sharing Service has been enabled.
The Internet Connection Sharing (ICS) service is applicable to provide network address translation, addressing, name resolution and/or intrusion prevention services to a home computer or small office network. This service helps multiple users on your network to browse through a single account. You need to enable this service if your computer is in a network but can be disabled otherwise.

3. "Non optimal internet configuration settings "

Your current internet configuration settings... Read more

Read other answers
RELEVANCY SCORE 75.6

Good morning,

I had my hijack log analysed and was asked totake certain actions which i did. Because the computer was in safemode when the scan was performed I had to save the report file with the results. I saved it to DEsktop then, because I was in another user's account I then transferred it to a floppy.

Now that I ahve tried to post to the hijack log I cannot get the report in readable format. By this I mean I went through "File" on my browser and opened the report - it came up with a number of small squares and letters (the usual jargon when a file is opened in the wrong application).

What do i have to do to post it into my hijack log thread to ensure that you guys could lookat it since i am not seing anything here that allows opening of files.

Thanks

Tempest

Read other answers
RELEVANCY SCORE 75.6

hello everyone, i dont know much about this but i have been having trouble with windows live onecare, the firewall is off on both windows and onecare. when i try to turn on onecare firewall it says one care cant turn on your firewall at this time please try later, sometimes when i go to windows firewall it is greyed out and says at the top firewall is controlled by group policy. i am running vista home premium on this pc but i have the same problem on my XP laptop. both the machines are on my home network. this is the scan result. i would really love some help here.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 08:58:28, on 15/05/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18226)Boot mode: NormalRunning processes:C:\Program Files (x86)\ASUS\AASP\1.00.61\aaCenter.exeC:\Windows\System32\spool\drivers\x64\3\WrtMon.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Windows\SysWOW64\CTHELPER.EXEC:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exeC:\Program Files (x86)\Google\Google Desktop Search\GoogleServices.exeC:\Program Files (x86)\Google\Google Desktop Search\GoogleServices.exeC:\Program Files (x86)\Microsoft Windows OneCare Live\winssnotify.exeC:\Windows\System32\spool\drivers\x64\3\... Read more

A:Hijackthis scan report need help understanding it

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

Read other 2 answers
RELEVANCY SCORE 75.6

Hi there,

I have 2 machines, a Sony Vaio VGC-LS1 & a Dell XPS1730 laptop.....not on a network....using zoom adsl X6 modem for both.

Needed help to unintsall 2 softwares: Sonic encoders & Image Station....I get an error using Revo......need this file C:\abu\software603703.SND\ but I cannot find its location.

Contacted Sony neither they could help depite taking remote acess of the machine. Ran a PC health & gave me this report.

1. "The computer's video card is unsatisfactory "

Your computer's video card has been checked and is found to be not as per recommendations

The video card application demands a lot of space and resources from your computer. Thus it is essential to assess the requirements of this application to determine the condition of your computer.

I am using there own bultin Intel 945 GM graphic acelerator??

2. "The Internet Connection Sharing Service needs to be disabled "

The Internet Connection Sharing Service has been enabled.

The Internet Connection Sharing (ICS) service is applicable to provide network address translation, addressing, name resolution and/or intrusion prevention services to a home computer or small office network. This service helps multiple users on your network to browse through a single account. You need to enable this service if your computer is in a network but can be disabled otherwise.

3. "Non optimal internet configuration settings "

Your current internet config... Read more

Read other answers
RELEVANCY SCORE 75.6

Howdy,

I just ran a Kaslersky online scan .When the scan was completed I got a window that tells me it picked up a few thing.

I did not see a tab to click to view the items. I clicked on the help tab. It said that after the scan I would be able to view what these items are. Is does not mention where to click to view.
I have a screen shot if that would be helpful.
Dennis

A:How To View Kaspersky Scan Report

hi again dennis
does it have a save log button?
if it does that should pull it up(i think don't usually use kapersky)
hope that helps
mz30

Read other 14 answers
RELEVANCY SCORE 74.8

i attempted logging into a game account of mine and got the message that my login info was incorrect. (i log into this account daily and am 100% on my login info). i saw an announcement from the game company on the login screen warning people not to use the same password on webistes and to run virus checks and such because there have been keyloggers stealing guild wars accounts for money recently. my question is not how to get the account back, but how to get rid of these things and MAKE SURE THEY DON'T COME BACK. thanks a lot - peace everyonea-squared Free - Version 4.5Last update: 12/23/2009 9:20:07 PMScan settings:Scan type: Deep ScanObjects: Memory, Traces, Cookies, C:\Scan archives: OnHeuristics: OffADS Scan: OnScan start: 12/27/2009 4:01:45 PM[3816] C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE detected: Riskware.AdWare.Mywebsearch!IKC:\Program Files (x86)\MyWebSearch\bar\2.bin\mwsoestb.dll detected: Adware.Win32.MyWebSearch!A2c:\program files (x86)\funwebproducts detected: Trace.Directory.FunWebProducts!A2c:\program files (x86)\funwebproducts\screensaver detected: Trace.Directory.MyWebSearch Toolbar!A2c:\program files (x86)\funwebproducts\screensaver\images detected: Trace.Directory.MyWebSearch Toolbar!A2c:\program files (x86)\mywebsearch\bar detected: Trace.Directory.MyWebSearch Toolbar!A2c:\program files... Read more

A:help: analyze a scan report (identify keyloggers)

Let's get another opinion.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at th... Read more

Read other 5 answers
RELEVANCY SCORE 74.8

Hello everyone,
I'm using a Toshiba Satellite laptop that I purchased in December 2010 and I received a few messages today telling me that "Windows detected a hard disk problem" and advising me to backup everything and contact the manufacturer. The HDD is a Toshiba MK5065GSXN. I'm using Windows 7 64bit. I performed a disk scan and am hoping that someone can help me interpret the results (the steps I followed were taken from this thread: http://www.sevenforums.com/crashes-d...k-warning.html).

Thank you very much for any help or advice you can give!

Checking file system on C: The type of the file system is NTFS. Volume label is TI105927W0F. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 228096 file records processed. File verification completed. 3044 large file records processed. 0 bad file records processed. 0 EA records processed. 60 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 298156 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 228096 file SDs/SIDs processed. Cleaning up 189 unused index entries from index $SII of file 0x9. Cleaning up 189 unused index entries from index $SDH of file 0x9. Cleaning up 189 unused security descriptors. Security descriptor verification completed. 35031 data files processed. CHKDSK is verifying Usn Journal... 3644... Read more

A:HDD failure on its way? disk scan report inside

Checkdisk cleaned up the file system that had some entries that pointed nowhere, but did not find any bad sectors on the drive. That is good news.

The next thing to try is a HDD diagnostic program that can be booted from a CD or USB stick so it can run outside of the OS. Toshiba does not offer one but most folks use the Hitachi Drive Fitness Test instead.
https://www1.hgst.com/hdd/support/download.htm

(Note: Toshiba HDDs are usually manufactured by Fujitsu. Fujitsu does have a diagnostic but it only boots from floppy disk - the last time I checked)

Read other 2 answers
RELEVANCY SCORE 74.8

Hello!

I have been running regular virus scans and everything has shown to be clean, but things seemed a bit slow so I ran a Kaspersky online scan and got this report. Maybe it is something simple but I have never encountered this before:

KASPERSKY ONLINE SCANNER REPORT
Sunday, April 22, 2007 3:41:26 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 22/04/2007
Kaspersky Anti-Virus database records: 282984
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 107859
Number of viruses found 0
Number of infected objects 0 / 0
Number of suspicious objects 0
Duration of the scan process 00:53:06

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local... Read more

A:Solved: Suspicious online scan report

Read other 16 answers
RELEVANCY SCORE 74.8

ACTIVESCAN REPORT PLEASE SOMEONE I NEED SOME HELP

Incident Status Location

Adware:Adware/Lop Not disinfected c:\docume~1\owner\applic~1\mfcdmo~1\bendclock.exe
Adware:Adware/PurityScan Not disinfected c:\progra~1\asembl~1\javaw.exe
Adware:Adware/Lop Not disinfected C:\DOCUME~1\Owner\APPLIC~1\CORNBI~1\oncebalm.exe
Adware:Adware/Lop Not disinfected c:\docume~1\owner\applic~1\mfcdmo~1\bendcl~1.exe
Virus:Trj/Downloader.DFM Disinfected Operating system
Adware:adware/mediatickets Not disinfected C:\WINDOWS\system32\oins.exe
Spyware:spyware/marketscore Not disinfected c:\windows\system32\rk.bin
Adware:adware/oemji Not disinfected C:\Documents and Settings\Owner\Application Data\defaultgood.wl
Adware:adware/gator Not disinfected c:\windows\GatorPdpSetup.log
Spyware:spyware/new.net Not disinfected c:\windows\NDNuninstall6_38.exe
Spyware:application/bestoffer Not disinfected c:\windows\smdat32a.sys
Potentially unwanted tool:application/altnet Not disinfected c:\program files\Altnet
Adware:adware/instafinder Not disinfected c:\program files\INSTAFINK
Potentially unwanted tool:application/myway Not disinfected c:\program files\MyWay
Potentially unwanted tool:application/need2find Not disinfected c:\program files\Need2Find
Spyware:spyware/rxtoolbar Not disinfected c:\program files\RXToolBar
Adware:adware/lop Not disinfected C:\Documents and Settings\Owner\Favorites\ Internet
Potentially unwanted tool:application/regclean32 Not disinfected C:\Documents and Settings\Owner... Read more

A:Solved: Scan Report.. its from a friend of mine plz at least help her lol

Read other 16 answers
RELEVANCY SCORE 74.8

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:17:08 PM 9/9/2006

+ Scan result:

C:\WINDOWS\system32\vtutrop.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Cleaned with backup (quarantined).
[1988] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[284] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[596] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[620] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[776] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[836] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
C:\WINDOWS\system32\ldapi32.exe -> Backdoor.Dosia : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ntcvx32.dll -> Backdoor.Dosia : Cleaned with backup (quarantined).
[2060] C:\WINDOWS\system32\ntcvx32.dll -> Backdoor.Dosia : Error during cleaning.
[2292] C:\WINDOWS\system32\ntcvx32.dll -> Backdoor.Dosia : Error during cleaning.
C:\Documents and Settings\Danilo Ambrosio\Local... Read more

A:Ewido Anti-spyware - Scan Report

Hello pnoiboi03_ and welcome to BleepingComputer. My name is Charles and I will be helping you to clean your computer today. Click here to download HJTSetup.exeSave HJTsetup.exe to your desktop. Double click on the HJTsetup.exe icon on your desktop, and follow the installation guide to install HijackThis.Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log. Click Save to save the log file and then the log will open in notepad. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. Come back here to this thread and Paste the log in your next reply.DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required. Post back with the log it creates.Thanks,CharlesEDIT: I see you are already being helped by somebody. Please do [b]not[/b[ start new topics, as we get confused and do not realise that somone is already helping you.

Read other 1 answers
RELEVANCY SCORE 74.8

I've been infected with spysheriff as well. here are my HJT and Ewido scan logs:

Logfile of HijackThis v1.99.1
Scan saved at 1:09:32 AM, on 6/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\unzipped\hijackthis\HijackThis.exe

F1 - win.ini: run=C:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\info32.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 -... Read more

A:Hijack This Log, Ewido Scan Report, need to rid spysheriff

Read other 7 answers
RELEVANCY SCORE 74.8

I ran an EWIDO scan with two ‘infected’ items found. There seems to be a ? as to whether or not these are a true problem. Therefore, I ask your advice as to what to do. I can not remove them with EWIDO, since I am using a lapsed trial version. The info from the “report” follows:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:54:49 AM, 11/10/2005
+ Report-Checksum: 5CD01CE8

+ Scan result:

C:\WINDOWS\system32\MRT.exe -> Heuristic.Win32.AVKiller : Ignored
C:\System Volume Information\_restore{8A76E78A-6A78-49A6-A7E2-9B95E126EFAD}\RP384\A0059194.exe -> Heuristic.Win32.AVKiller : Ignored
::Report End

Thanks, {redoak}
p.s. Note the 'word' "AVKiller" at the end of each entry. Significance?
 

A:Solved: EWIDO scan report - problems?

Read other 7 answers
RELEVANCY SCORE 74

I'm really struggling with this, i've disinfected everything except this hijacker off my browser.

.
DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Chris at 8:40:21 on 2011-06-05
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4095.1358 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe ... Read more

Read other answers
RELEVANCY SCORE 73.2

What is the syntax for displaying the Report filter in the body of the Report if---

1. The filter is set in VBA, in the DoCmd.OpenReport command OR

2. The filter is set in the Report properties filter OR

3. The filter is set in the query referenced as the data source to the report?

Thanks in advance for help!!!
 

A:Displaying Report Filter in Report

Read other 7 answers
RELEVANCY SCORE 73.2

I am using Access 2003 and want to put the file (database) name and the report name in the footer of my report. I'm using =CurrentProject.Name as the control source in a text box of the footer to get the file name. Is there a command I can use to add the report name?
 

A:Add report name in Access report footer

Hi Trilby

You could try this:

In the VBA code module (Class Module) for your report write a simple function (I've called it Get_Report_Name in my example):

Private Function Get_Report_Name() As String

Get_Report_Name = Me.NAME

End Function

In your report footer: add a text box at the position where you want to display the report name. In the Control Source property for the new text box enter: =Get_Report_Name()

This should display the report name when the report is run.

Deej
 

Read other 2 answers
RELEVANCY SCORE 73.2

Please help. I have a sluggish computer. I'm running Win XP, F-Secure Antivirus software. I have previously did RunThis.bat and AVG antispyware scan. I was able to attach combofix report, but not hijack this.

Hijack This:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:26:54 AM, on 1/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\WinPatrol\winpatrol.exe
C:\Program Files\VoSKY Call Center\USBDRAM.exe
C:\Program Files\VoSKY Call Center\USBVoSKY.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe
C:\Program Files\Charter High-Speed Secu... Read more

Read other answers
RELEVANCY SCORE 73.2

Hi Everyone,

Yesterday, I ran a complete system scan with AVG free Version 7.5.432 & it said that everything was fine, except that it noted that there was a change to the hosts (Object Result Status
C:\WINDOWS\system32\drivers\etc\hosts Change Changed). I have pasted a copy of the report below, along with the report from last month which had no such note.

A few days ago, I did download a "test" from http://www.greenborder.com/ at http://www.greenborder.com/test/ & AVG identified it as a trojan, I just moved it to the virus vault and deleted it. I know it probably was not a trojan, but I just deleted it anyway. I also recently upgraded to the new Zone alarm Free 7.0.302.000 but I think I did the AVG full scan before installing the new ZA.

Is this anything to be alarmed about ? I would appreciate any advice or comments. I'm running Windows XP Media Center Version 2002 SP2. I'm also running Zone Alarm Free, Windows defender, and I scan periodically with AVG anti-spyware, spybot, and a-squared free.

Thanks
John

AVG Report from yesterday 1/19/2007

tem Name Item Value
General properties
Report name Complete Test
Start time 1/19/2007 3:50:44 PM
End time 1/19/2007 4:00:26 PM (total: 9:41.9 Min)
Launch method Scanning launched manually
Scanning result No threats found
Report status Scanning completed successfully

Object summary
Scanned 17241
Threats Found 0
Cleaned 0
Moved to vault 0
Deleted 0
Errors 0
Object Result Status
C:\WINDOWS\system32\drivers... Read more

Read other answers
RELEVANCY SCORE 72

I have a very simple data base 3 tables

Product table with 2 fields productid and productdescription

Sale1 is the basic information of a sale invoice number and who items are sold to

Sale2 is the details and shows qty , item, price, and GST charged if any (some people or organizations are tax exempt so it becomes zero.

I've got my form and subform to run correctly

I've got my report to print all items correctly but I can't total the value

the line value for each item is a textbox

=Sum([QTY] * [Saleprice])*([GST])+([QTY] * [Saleprice])

This does return the correct value for that line item.

HOW can I correctly total the sum of all items into the reporrt footer???

HELP please the sale is tomorrow through Sunday.
 

A:Solved: Total in Report Footer ACCESS 2010 Report - Total NOT working

Add a duplicate of your current calculating field and set it's "Running Sum" (under data tab) to yes overall.
Then in the footer use the new field as the totals Control Source.
 

Read other 2 answers