Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Have a red dot with white X in the system tray

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Have a red dot with white X in the system tray

Unread postby taklep » October 21st, 2008, 1:26 am

Recently while surfing the net, computer restarted and then I noticed a red dot with a white X in the system tray. Ran a couple of programs a couple of times after refering to the online help.

Malaware Antibytes
Symantec
Spybot
smitfraud
Windows defender
ccleaner

I thinl Windows defender got rid of the brastk.exe and now the dot seems to have been vanished.

Earlier last month I had a virtumonde infection which somehow I managed to clear (or atleast I think so) after referring to the online help. Was waiting for a reply from this forum but was too impatient to get my computer in working state.

I want to get an allclear from an expert. any help would be appreciated. Thanks.
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am
Advertisement
Register to Remove

Re: Have a red dot with white X in the system tray

Unread postby Shaba » October 22nd, 2008, 4:02 am

Hi taklep

Click here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby taklep » October 22nd, 2008, 8:59 am

I have run malaware antibytes, symantec, windows defender, to remove some of the threats prior to this hijach report. I had warnings of spyware.isearch, trojan.vundo, downloader, 2 more low level threats whose name I forgot.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:55:54 AM, on 10/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Serena Software\ChangeMan\DS\Client\vcs_nt_service.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Sds.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCo ... taller.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.aajtak.com/wfplayer/tdserver.cab
O16 - DPF: {042A0265-2708-427D-A870-9EB5D08E3E43} (uclContEd.uclCE) - http://www.test.gliconline.com/UCLA/pac ... ContEd.CAB
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/ww ... EL_USA.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac ... oader5.cab
O16 - DPF: {21D817CE-B22E-11D2-B514-00C04F930B5E} (GuardianDownload.Download) - http://www.qa.gliconline.com/Common/Scr ... wnload.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {2E764AF3-8311-11D2-B4EC-00C04F930B5E} (prjDownloadHelp.ctlDownloadHelp_2) - http://www.qa.gliconline.com/GuardianHe ... Help_2.CAB
O16 - DPF: {2F01ABF9-0799-11D2-B771-00C04F930B5E} (prjShowHelp_3.ctlShowHelp_3) - http://www.qa.gliconline.com/GuardianHe ... Help_3.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3A9F54EF-4D54-11D6-B18A-92A013000000} (uclaLicAppt.uclLicAppt) - http://www.qa.gliconline.com/UCLA/packa ... icAppt.CAB
O16 - DPF: {3C3F2935-7ED6-451D-9D27-98B5A439E773} (Siebel Option Pack for IE 7.5.3) - https://siebel.nro.glic.com/siebel/fins ... onPack.cab
O16 - DPF: {3E755E01-BB38-11D4-B44C-00105A0D610A} (VbpCommonControls.ctlCommonControls) - http://www.qa.gliconline.com/Common/Cab ... ntrols.CAB
O16 - DPF: {4A29B031-2581-11D6-B166-00C04F6A0212} (UCLA.UCLActl) - http://www.qa.gliconline.com/UCLA/Package/ucla.CAB
O16 - DPF: {4ADF558F-780B-49F1-9BE7-A89C247C59CE} (uclProducerDet.UCLProdDetails) - http://www.test.gliconline.com/UCLA/Pac ... etails.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {62BB1332-C8A5-11D5-B257-00B0D01AAF70} (UCLPASComm.UCLPasCommission) - http://www.test.gliconline.com/UCLA/Pac ... ission.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - https://as00.estara.com/UI/proxyhttps.p ... 5OneCC.cab
O16 - DPF: {6637B886-4B9A-4E19-9E50-75D5D252049B} (ExcelWrapper.uclExcelWrapper) - http://w3.gliconline.com/UCLA/package/u ... rapper.CAB
O16 - DPF: {68B65E11-58D0-11D4-8E62-00C04F6F3010} (CommonControls.UCLACommonControls) - http://www.qa.gliconline.com/UCLA/packa ... ntrols.Cab
O16 - DPF: {68CDB19A-6305-4589-8C35-41E3502CD451} (Siebel Option Pack for IE 7.5.3) - https://siebeluat.bro.glic.com/siebel/f ... onPack.cab
O16 - DPF: {6CA9CAA5-6C90-11D5-B16D-00C04F730535} (UCLCredentials.UCLMsg) - http://w3.gliconline.com/UCLA/Package/U ... ntials.cab
O16 - DPF: {6F1865A6-2747-4BDC-BC0E-326B9B256383} (UCLAMaintenance.uclMaintenance) - http://w3.gliconline.com/UCLA/package/u ... enance.CAB
O16 - DPF: {724F2014-3759-11D6-B172-00C04F6A0212} (UCLA.UCLNASD) - http://www.test.gliconline.com/UCLA/package/UCLNasd.CAB
O16 - DPF: {853C7186-3F92-4AFF-877F-230F26C0ADAC} (UCLASelection2.UCLSelection2) - https://www6.glic.com/gol/ucla/Package/ ... ction2.CAB
O16 - DPF: {856FB751-8859-4714-AFFA-6633D3CED421} (UCLAExistProd2.UCLExistProd2) - http://w3.gliconline.com/UCLA/Package/uclExistProd2.CAB
O16 - DPF: {9E4A8277-58D1-11D4-8E62-00C04F6F3010} (VbRuntime.RuntimeControls) - http://w3.gliconline.com/UCLA/package/VbRuntime.Cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.riteaid.com/control/Rite ... Online.cab
O16 - DPF: {B27FE8CF-0AE5-4D2D-B496-DBA3F0D813A7} (UCLAgencyFull.UCLAgency) - http://w3.gliconline.com/UCLA/Package/UCLAInqury.CAB
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://drm1.reelsurvey.com/ePlayer/V3_2 ... Player.cab
O16 - DPF: {C0E7829F-C1E5-4A74-9B0B-207BC5DE1356} (uclaSPList.uclSubProdList) - http://www.test.gliconline.com/UCLA/Pac ... odList.CAB
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {C6D25826-96AE-462F-A852-BB33B882B723} (SFImageUpload1_4.ImageUpload) - http://duanereade.storefront.com/images ... oad1_4.CAB
O16 - DPF: {CC6D7BF1-C76C-498E-AAA1-CFDC3C70BA93} (uclNasdBranch.uclNasdBranchDtl) - http://www.test.gliconline.com/UCLA/pac ... nchDtl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/f ... wflash.cab
O16 - DPF: {F32BC8F1-20CC-40F0-AA78-72CEB3791AFE} (UclNasdBrProd.UCLNasdBrProdDtl) - http://www.test.gliconline.com/UCLA/pac ... BrProd.CAB
O16 - DPF: {F65C3A5A-D2BE-4FA5-9425-4379B0D88979} (UCLHeaderControl.UCLHeader) - http://www.test.gliconline.com/UCLA/pac ... eader2.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ho.glic.com,nro.glic.com,mro.glic.com,wro.glic.com,bro.glic.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = ho.glic.com,nro.glic.com,mro.glic.com,wro.glic.com,bro.glic.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = ho.glic.com,nro.glic.com,mro.glic.com,wro.glic.com,bro.glic.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ho.glic.com,nro.glic.com,mro.glic.com,wro.glic.com,bro.glic.com
O20 - AppInit_DLLs: karna.dat
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - Unknown owner - C:\Program Files\SQLLIB\bin\db2jds.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\SQLLIB\bin\db2sec.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: VCS NT Service (VCS_Service) - Unknown owner - C:\Program Files\Serena Software\ChangeMan\DS\Client\vcs_nt_service.exe

--
End of file - 18888 bytes
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am

Re: Have a red dot with white X in the system tray

Unread postby Shaba » October 22nd, 2008, 9:50 am

Is this a personal computer?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby taklep » October 22nd, 2008, 2:29 pm

Yes.
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am

Re: Have a red dot with white X in the system tray

Unread postby Shaba » October 22nd, 2008, 2:38 pm

Thanks for information.

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

Image

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby taklep » October 23rd, 2008, 1:38 pm

2+2 v.2.1a
7-Zip 4.33 beta
ABC Kid Genius
AC3Filter (remove only)
Adding Machine 1.0
Adobe Flash Player ActiveX
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.0.9
Adobe Shockwave Player
Alphabet, Shapes and Colors
AlphabetFlashCards 1
Altova DiffDog 2008
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase
ArcSoft PhotoStudio 2000
AVIcodec (remove only)
Azureus
Baby2Computer
Before You Know It 3.6
Berlitz Before You Know It Flash Cards
Berlitz Learning System - Spanish
Bridge to Reading
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon ScanGear Toolbox 3.0
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCleaner (remove only)
Centra Client
ChangeMan DS-ALM-WCM
Check Point VPN-1 SecureClient NG_AI_R56
Comcast High-Speed Internet Install Wizard
Creative MediaSource
Creative WebCam Live! Driver (1.01.01.0730)
CueCard (remove only)
Daily Brain Training 1.01
dBpowerAMP Lame (Exe) Codec
Dell ResourceCD
Dell Support Center (Support Software)
DellSupport
DiscAPI (Studio 10)
DiscWizard for Windows
Disney Magic Artist featuring Ulead DVD PictureShow
DivX
DivX Converter
DivX Player
DivX Web Player
Dora the Explorer Screen Saver
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Easy Video Splitter 1.28
English4Today studyGuide 1
ExamDiff 1.7
Express Burn
EXTRA! for Windows 98/Windows NT
EyeRoller
ffdshow
FlashGet(JetCar)
FlipAlbum 6.0 Pro
FLV Player 1.3.3
GdiplusUpgrade
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Imaging Device Functions 6.0
HP Photosmart Cameras 6.0
HP Photosmart Premier Software 6.0
HP Software Update
HP Solution Center and Imaging Support Tools 6.0
IBM DB2
IBM ViaVoice Command and Control Runtime 5.3
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
IrfanView (remove only)
IsoBuster 2.0
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment Standard Edition v1.3.1_01
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6 Update 1
Kid's Abacus 2.0
Kids Colouring Book 2006
Klango
Learn2 Player (Uninstall Only)
Leeds Learning Color and Shapes
LiveUpdate 2.6 (Symantec Corporation)
Lotus Notes 6.5.4
Magic 3D Coloring Book Amazing Animals
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Office Visio Viewer 2003 (English)
Microsoft SQL Server Desktop Engine (PINNACLESYS)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mp3 Splitter
Mpeg2Decoder 1.3
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Munch A Word
NCH Toolbox
Nero Suite
Nouns A-L 1.0
OmniPage Pro 9.0
Owl and Mouse Asia Map Puzzle
Owl and Mouse Learn Letters
Owl and Mouse Letter Sounds
Owl and Mouse Letter Sounds 2
Owl and Mouse Letter Sounds 3
Owl and Mouse U.S. Map Puzzle
Paper Folding 3D
Pdf995
PdfEdit995
Photo2DVD Studio Build 4.9.8.0
Picasa 2
Pinnacle Hollywood FX 4.6
Pinnacle Instant DVD Recorder
Pinnacle MediaServer
PowerDVD 5.6
PowerISO
PowerPoint Slide Show Converter 3.1.2
Pre-Primer Words 1.0
Pure Networks Network Magic
QuickSFV (Remove only)
QuickTime
RAPID (Studio 10)
RAR Password Cracker 4.12
RAR Password Recovery v1.1 RC16 (remove only)
Reading Readiness
RealPlayer
Red Swoosh EDN Client (lol remove only)
RhymeTime1 1.0
RnR Spelling
Scan Manager 5.2
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Sight Words Buddy 1.0
Signature995
Skype 2.5
Slice Uninstall
SmartSound Quicktracks Plugin
SnagIt 8
SopCast 1.0.1
Sound Blaster Live! 24-bit
SoundTap Streaming Audio Recorder
Spanish Flashcards (Colors)
Spybot - Search & Destroy
SpywareBlaster 4.1
Sqirlz Morph
Studio 10
Studio 8
Studio Content CD
Study Kid 1.0
SUPERAntiSpyware Free Edition
Switch Sound File Converter
Symantec AntiVirus
Teach2000 8.15
TMPGEnc 3.0 XPress
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Verizon High Speed Internet
Verizon Online Help & Support
Verizon Servicepoint 1.5.12
Verizon Yahoo! Applications
VideoLAN VLC media player 0.8.4a
Viewpoint Media Player
VNC Free Edition 4.1.2
Vocaboly 2.1
Wasp Bar Code ActiveX & DLL
WavePad Sound Editor
WebCyberCoach 3.2 Dell
Winamp (remove only)
WinAVIVideoConverter
Windows Defender
Windows Genuine Advantage v1.3.0254.0
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinPatrol 2008
WinRAR archiver
WinUHA 2.0 RC1 (2005.02.27)
XviD 1.1 final uninstall
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am

Re: Have a red dot with white X in the system tray

Unread postby Shaba » October 23rd, 2008, 1:46 pm

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Azureus
Red Swoosh EDN Client (lol remove only)


I'd like you to read the MRU policy for P2P Programs.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new uninstall list scan when finished and post the log back here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby taklep » October 27th, 2008, 12:27 am

2+2 v.2.1a
7-Zip 4.33 beta
ABC Kid Genius
AC3Filter (remove only)
Adding Machine 1.0
Adobe Flash Player ActiveX
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.0.9
Adobe Shockwave Player
Alphabet, Shapes and Colors
AlphabetFlashCards 1
Altova DiffDog 2008
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase
ArcSoft PhotoStudio 2000
AVIcodec (remove only)
Baby2Computer
Before You Know It 3.6
Berlitz Before You Know It Flash Cards
Berlitz Learning System - Spanish
Bridge to Reading
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon ScanGear Toolbox 3.0
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCleaner (remove only)
Centra Client
ChangeMan DS-ALM-WCM
Check Point VPN-1 SecureClient NG_AI_R56
Comcast High-Speed Internet Install Wizard
Creative MediaSource
Creative WebCam Live! Driver (1.01.01.0730)
CueCard (remove only)
Daily Brain Training 1.01
dBpowerAMP Lame (Exe) Codec
Dell ResourceCD
Dell Support Center (Support Software)
DellSupport
DiscAPI (Studio 10)
DiscWizard for Windows
Disney Magic Artist featuring Ulead DVD PictureShow
DivX
DivX Converter
DivX Player
DivX Web Player
Dora the Explorer Screen Saver
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Easy Video Splitter 1.28
English4Today studyGuide 1
ExamDiff 1.7
Express Burn
EXTRA! for Windows 98/Windows NT
EyeRoller
ffdshow
FlashGet(JetCar)
FlipAlbum 6.0 Pro
FLV Player 1.3.3
GdiplusUpgrade
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Imaging Device Functions 6.0
HP Photosmart Cameras 6.0
HP Photosmart Premier Software 6.0
HP Software Update
HP Solution Center and Imaging Support Tools 6.0
IBM DB2
IBM ViaVoice Command and Control Runtime 5.3
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
IrfanView (remove only)
IsoBuster 2.0
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment Standard Edition v1.3.1_01
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6 Update 1
Kid's Abacus 2.0
Kids Colouring Book 2006
Klango
Learn2 Player (Uninstall Only)
Leeds Learning Color and Shapes
LiveUpdate 2.6 (Symantec Corporation)
Lotus Notes 6.5.4
Magic 3D Coloring Book Amazing Animals
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Office Visio Viewer 2003 (English)
Microsoft SQL Server Desktop Engine (PINNACLESYS)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mp3 Splitter
Mpeg2Decoder 1.3
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Munch A Word
NCH Toolbox
Nero Suite
Nouns A-L 1.0
OmniPage Pro 9.0
Owl and Mouse Asia Map Puzzle
Owl and Mouse Learn Letters
Owl and Mouse Letter Sounds
Owl and Mouse Letter Sounds 2
Owl and Mouse Letter Sounds 3
Owl and Mouse U.S. Map Puzzle
Paper Folding 3D
Pdf995
PdfEdit995
Photo2DVD Studio Build 4.9.8.0
Picasa 2
Pinnacle Hollywood FX 4.6
Pinnacle Instant DVD Recorder
Pinnacle MediaServer
PowerDVD 5.6
PowerISO
PowerPoint Slide Show Converter 3.1.2
Pre-Primer Words 1.0
Pure Networks Network Magic
QuickSFV (Remove only)
QuickTime
RAPID (Studio 10)
RAR Password Cracker 4.12
RAR Password Recovery v1.1 RC16 (remove only)
Reading Readiness
RealPlayer
RhymeTime1 1.0
RnR Spelling
Scan Manager 5.2
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB958644)
Sight Words Buddy 1.0
Signature995
Skype 2.5
Slice Uninstall
SmartSound Quicktracks Plugin
SnagIt 8
SopCast 1.0.1
Sound Blaster Live! 24-bit
SoundTap Streaming Audio Recorder
Spanish Flashcards (Colors)
Spybot - Search & Destroy
SpywareBlaster 4.1
Sqirlz Morph
Studio 10
Studio 8
Studio Content CD
Study Kid 1.0
SUPERAntiSpyware Free Edition
Switch Sound File Converter
Symantec AntiVirus
Teach2000 8.15
TMPGEnc 3.0 XPress
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Verizon High Speed Internet
Verizon Online Help & Support
Verizon Servicepoint 1.5.12
Verizon Yahoo! Applications
VideoLAN VLC media player 0.8.4a
Viewpoint Media Player
VNC Free Edition 4.1.2
Vocaboly 2.1
Wasp Bar Code ActiveX & DLL
WavePad Sound Editor
WebCyberCoach 3.2 Dell
Winamp (remove only)
WinAVIVideoConverter
Windows Defender
Windows Genuine Advantage v1.3.0254.0
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinPatrol 2008
WinRAR archiver
WinUHA 2.0 RC1 (2005.02.27)
XviD 1.1 final uninstall
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am

Re: Have a red dot with white X in the system tray

Unread postby Shaba » October 27th, 2008, 5:58 am

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a fresh HijackThis log.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby taklep » October 30th, 2008, 4:21 pm

I'm busy slightly. Will post the result soon. Pls don't close the thread.
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am

Re: Have a red dot with white X in the system tray

Unread postby Shaba » October 31st, 2008, 5:22 am

No worries, take your time :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby Shaba » November 6th, 2008, 5:39 am

How's it going taklep?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Have a red dot with white X in the system tray

Unread postby taklep » November 10th, 2008, 8:59 pm

Running combofix will upload the results as per your directions.
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am

Re: Have a red dot with white X in the system tray

Unread postby taklep » November 10th, 2008, 9:53 pm

Combofix result:

While running after reboot Watch def dog detected some change in etc/Host or something to which I replied reject change. Report is as follows:


ComboFix 08-11-09.04 - Owner 2008-11-10 19:59:43.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.102 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\BIPVuBeg.ini
c:\windows\system32\BIPVuBeg.ini2
c:\windows\system32\hgPsBJjl.ini
c:\windows\system32\hgPsBJjl.ini2
c:\windows\system32\MSVolume.dll
c:\windows\system32\QqYGOqru.ini
c:\windows\system32\QqYGOqru.ini2
c:\windows\system32\TDSSblat.dat
c:\windows\system32\TDSSdlpb.dll
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSStubu.log
H:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-10-11 to 2008-11-11 )))))))))))))))))))))))))))))))
.

2008-11-04 18:15 . 2008-11-04 18:15 <DIR> d-------- c:\program files\Common Files\xing shared
2008-10-23 17:17 . 2008-10-15 11:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-21 00:44 . 2008-10-21 00:44 <DIR> d-------- c:\documents and settings\Owner\Application Data\WinPatrol
2008-10-21 00:43 . 2008-10-21 00:43 <DIR> d-------- c:\program files\BillP Studios
2008-10-20 23:35 . 2008-10-20 23:35 <DIR> d-------- c:\program files\CCleaner
2008-10-20 23:26 . 2008-10-20 23:30 <DIR> d-------- c:\program files\SpywareBlaster
2008-10-20 22:30 . 2008-10-20 22:30 <DIR> d-------- c:\program files\Windows Defender
2008-10-20 10:09 . 2008-10-20 10:09 342 --a------ c:\windows\wininit.ini
2008-10-20 09:12 . 2008-10-20 22:26 <DIR> d--hs---- c:\windows\UGFyYWcgVGFrbGU
2008-10-18 19:30 . 2008-10-21 13:33 0 --a------ c:\windows\system32\drivers\TDSSrfdc.sys
2008-10-15 01:42 . 2008-09-08 05:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-10-15 01:41 . 2008-08-14 05:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 01:41 . 2008-08-14 05:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 01:41 . 2008-08-14 04:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-15 01:41 . 2008-08-14 04:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-15 01:41 . 2008-09-15 07:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-14 14:59 . 2008-10-14 14:59 <DIR> d-------- C:\cclass

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-11 01:13 --------- d-----w c:\program files\Symantec AntiVirus
2008-11-04 23:15 --------- d-----w c:\program files\Common Files\Real
2008-10-27 04:23 --------- d-----w c:\program files\RSSoft
2008-10-23 22:15 --------- d-----w c:\program files\pdf995
2008-10-22 20:31 --------- d-----w c:\program files\Mp3 My Mp3 2.0
2008-10-22 20:11 --------- d-----w c:\program files\NCH Swift Sound
2008-10-22 20:11 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2008-10-22 18:43 --------- d-----w c:\documents and settings\Owner\Application Data\Apple Computer
2008-10-21 05:16 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-21 04:34 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-10-20 14:09 --------- d-----w c:\program files\Common Files\zwwu
2008-10-13 02:53 --------- d-----w c:\documents and settings\Owner\Application Data\Canon
2008-10-10 22:45 --------- d-----w c:\program files\NCH Software
2008-10-10 22:36 --------- d-----w c:\documents and settings\Owner\Application Data\NCH Swift Sound
2008-10-10 22:27 27,136 ----a-w c:\windows\system32\drivers\nchssvad.sys
2008-10-10 22:16 --------- d-----w c:\program files\Mp3Splitter
2008-10-10 22:13 286,720 ------w c:\windows\Setup1.exe
2008-10-10 17:32 --------- d-----w c:\program files\Games
2008-10-09 09:06 --------- d-----w c:\program files\Google
2008-10-06 03:57 --------- d-----w c:\program files\FlashGet
2008-10-03 20:40 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-03 20:40 --------- d-----w c:\documents and settings\Owner\Application Data\DAEMON Tools
2008-10-03 20:15 --------- d-----w c:\program files\LaCasadeDora
2008-10-03 20:11 --------- d-----w c:\program files\Compress-split
2008-10-02 22:49 --------- d-----w c:\program files\SQLLIB
2008-10-02 09:33 --------- d-----w c:\program files\PowerISO
2008-09-25 22:20 --------- d-----w c:\program files\RealVNC
2008-09-23 00:26 --------- d--h--r c:\documents and settings\Owner\Application Data\yahoo!
2008-09-23 00:04 --------- d-----w c:\program files\Verizon
2008-09-23 00:04 --------- d-----w c:\documents and settings\All Users\Application Data\Verizon
2008-09-21 15:56 --------- d-----w c:\program files\Trend Micro
2008-09-21 13:48 --------- d-----w c:\program files\SUPERAntiSpyware
2008-09-21 13:48 --------- d-----w c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com
2008-09-21 13:48 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-21 13:47 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-09-21 04:56 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-09-21 04:12 102,664 ----a-w c:\windows\system32\drivers\tmcomm.sys
2008-09-20 19:09 --------- d-----w c:\program files\mypoints
2008-09-20 19:08 --------- d-----w c:\program files\Teaching
2008-09-20 18:39 --------- d-----w c:\program files\Yahoo!
2008-09-20 18:38 --------- d-----w c:\documents and settings\All Users\Application Data\YAHOO
2008-09-19 14:48 --------- d-----w c:\program files\Real
2008-09-16 14:05 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-09-16 13:24 165 ----a-w c:\documents and settings\Owner\xrt_log.dat
2008-09-15 02:21 --------- d-----w c:\documents and settings\All Users\Application Data\Bluetooth
2008-09-15 01:45 --------- d-----w c:\program files\Common Files\Download Manager
2008-09-14 22:04 --------- d-----w c:\documents and settings\Owner\Application Data\Malwarebytes
2008-09-14 22:04 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2007-02-13 17:05 0 ----a-w c:\program files\4inrow.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-09-12 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"CTSysVol"="c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-06-02 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-06-23 85696]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-09-24 49152]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Motive SmartBridge"="c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe" [2005-04-13 385024]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-04-28 53248]
"A Verizon App"="c:\progra~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE" [2005-05-23 50744]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2006-09-07 1029664]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-07-31 271672]
"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2007-05-11 2061816]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-10-09 333120]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-04 185872]
"P17Helper"="P17.dll" [2004-06-10 c:\windows\system32\P17.dll]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ckpNotify]
2004-07-13 22:14 24673 c:\windows\system32\ckpNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1"= pclepim1.dll
"VIDC.MJPG"= Pvmjpg30.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_GUI.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\Yserver.exe"= c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe
"c:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Games\\PuzzleOnline\\DigitOnline.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"67:UDP"= 67:UDP:DHCP Discovery Service
"2799:UDP"= 2799:UDP:Altova License Metering Port (UDP)
"2799:TCP"= 2799:TCP:Altova License Metering Port (TCP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 MSCamSvc;MSCamSvc;c:\program files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 Scap;SecureClient Application Policy Module;c:\windows\system32\DRIVERS\Scap.sys [2004-07-13 17456]
R2 VCS_Service;VCS NT Service;c:\program files\Serena Software\ChangeMan\DS\Client\vcs_nt_service.exe [2002-02-06 221184]
R2 VPN-1;VPN-1 Module;c:\windows\system32\drivers\vpn.sys [2004-07-13 670128]
R3 EraserUtilDrvI7;EraserUtilDrvI7;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys [2008-09-08 99376]
R3 FW1;SecuRemote Miniport;c:\windows\system32\DRIVERS\fw.sys [2004-07-13 2041904]
R3 VX1000;VX-1000;c:\windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 m4301a;Linksys Wireless-B USB Network Adapter v4.0 Driver;c:\windows\system32\DRIVERS\m4301A.sys [2003-08-05 83552]
S3 OMVA;VPN-1 SecureClient Adapter;c:\windows\system32\DRIVERS\OMVA.sys [2004-07-13 14924]
S3 P0630VID;Creative WebCam Live!;c:\windows\system32\DRIVERS\P0630Vid.sys [2004-07-29 91830]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{42C7256F-E027-4352-80F7-9261A11A0C19}]
c:\windows\system32\msiexec.exe /qn /fpu {42C7256F-E027-4352-80F7-9261A11A0C19}
.
Contents of the 'Scheduled Tasks' folder

2008-11-10 c:\windows\Tasks\A80B5B519118C939.job
- c:\docume~1\owner\applic~1\inside~1\Byte for active.exe []

2008-11-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]

2008-11-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2008-11-10 c:\windows\Tasks\User_Feed_Synchronization-{FD6F5DA3-FAEF-45FC-BE9D-24CFC499BCAF}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 11:58]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{A057A204-BACC-4D26-CEC4-75A487FD6484} - (no file)
HKLM-Run-NWEReboot - (no file)
SafeBoot-TDSSmqlt.sys
SafeBoot-TDSSrfdc.sys


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\eo9f4ake.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-10 20:23:46
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Windows Defender\MsMpEng.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\program files\Symantec AntiVirus\SavRoam.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\CheckPoint\SecuRemote\bin\SR_Service.exe
c:\program files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Pure Networks\Network Magic\nmsrvc.exe
c:\program files\CheckPoint\SecuRemote\bin\SR_SDS.exe
c:\program files\CheckPoint\SecuRemote\bin\SR_GUI.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Yahoo!\browser\ycommon.exe
c:\program files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
c:\program files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
c:\program files\Java\jre1.6.0_05\bin\jucheck.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-11-10 20:43:06 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-11 01:42:43

Pre-Run: 24,907,153,408 bytes free
Post-Run: 25,953,402,880 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

277 --- E O F --- 2008-11-08 03:24:21
taklep
Active Member
 
Posts: 10
Joined: September 21st, 2008, 11:48 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 91 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware