Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

infected with trojan tooso.f. how bad is that?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

infected with trojan tooso.f. how bad is that?

Unread postby ren » April 18th, 2005, 7:05 pm

I've been registered here for awhile but I've never posted before. I admire what you're doing. I did a system recovery a week ago, and my Norton antivirus notified me today that I have tooso.f in system 32. I don't have hijack this anymore, but do I still need it? What should I do?
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am
Advertisement
Register to Remove

Unread postby 'KotaGuy » April 18th, 2005, 7:51 pm

Hi ren!

Download HijackThis from here. Extract(unzip) it to its own folder(eg: C:\Program Files\HJT\HijackThis.exe) so it can create the backups it needs to. Run the program. Press the "Do a System Scan and save a Log File" button. Copy/Paste the complete contents of the log into a reply in this thread.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

repy to kotaguy

Unread postby ren » April 18th, 2005, 10:49 pm

Hey Kota! A Canadian eh? I'm from BC! Here's my log file.

Logfile of HijackThis v1.99.1
Scan saved at 7:44:48 PM, on 18/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AOL 7.0\aoltray.exe
C:\WINDOWS\MDG\MDGnotify.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\Ren\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Shortcut to MDGnotify.lnk = C:\WINDOWS\MDG\MDGnotify.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.mdg.ca
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3341523234
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

download problems

Unread postby ren » April 18th, 2005, 11:43 pm

I forgot to mention my other problem. Since doing the system recovery, I don't have winzip (that's what it's called, right?) Hijackthis had a self unzipping download, but I'm not sure whether I will have difficulty downloading the rest. Can I just run my Windows disk to overlap/restore that program without wiping myself out again? I never actually used Windows in my system recovery. I just used the manufacturer's disk which uses the system drivers backup on D drive. Any advice before I do something I could regret?
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

Unread postby 'KotaGuy » April 18th, 2005, 11:47 pm

Thanks for posting the log.

You might want to print this out for reference during the fix.

Download and install CleanUp!. Don't run it yet.

Please make sure no files are hidden. To do this:

1. Click Start.
2. Open My Computer.
3. Select the Tools menu and click Folder Options.
4. Select the View Tab.
5. Under the Hidden files and folders heading select Show hidden files and folders.
6. Uncheck the Hide protected operating system files (recommended) option.
7. Click Yes to confirm.
8. Click OK.

I'm going to get you to turn off Microsoft Real Time Protection while you do the fix as it may interfere with what you need to do. To do this:

1. Open Microsoft AntiSpyware.
2. Click on Tools, Settings.
3. In the left pane, click on Real-time Protection.
4. Under Startup Options uncheck Enable the Microsoft AntiSpyware Security Agents on startup (recommended).
5. Under Real-time spyware threat protection uncheck Enable real-time spyware threat protection (recommended).
6. After you uncheck these, click on the Save button and close Microsoft AntiSpyware.
7. Right click on the Microsoft AntiSpyware icon on the taskbar and select Shutdown Microsoft AntiSpyware.

I also need you to turn off SpySweeper. To do this:

1. Open SpySweeper. Click Options, then Program Options, Uncheck "load at windows startup".
2. Over to the left click "shields" and uncheck all there.
3. Uncheck "home page shield".
4. Uncheck 'automaticly restore default without notifiction".

Run and scan with HijackThis. With all other browsers and windows closed, place a check beside the following and Fix:

O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\Ren\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S
O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe


Boot into Safe Mode. To do this:

1. Reboot your computer.
2. Tap the F8 button as your computer is booting to bring you to the Advanced Options Menu.
3. Select Safe Mode and press Enter.

Search for and delete these files:

C:\DOCUME~1\Ren\LOCALS~1\Temp\UIUCU.EXE
C:\WINDOWS\system32\winshost.exe

Browse to your C:\WINDOWS\Prefetch folder. Delete all files in the folder, do not delete the folder itself. Run Cleanup! Make sure to have it clean all Temp files and Internet Temp files for all Users. Empty your Recycle Bin.

Reboot Windows normally and post a new HijackThis log please.


Edit: About the .zips... WinXP has a built in Unzipper... you shouldn't need WinZip for .zip files.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

I feel like I've got lice

Unread postby ren » April 19th, 2005, 11:39 am

I stayed up all night nitpicking every single folder. You'd never be able to recognize this trojan by file name. Each one is different. It was only by luck that I was browsing the web while waiting for your reply, and I happened to read about identifying trojan files by the time they were created/modified on your computer. Sure enough, tooso was busy all day in system 32, (and elsewhere) and I got to learn quite a lot about his habbits. There were files all over. Luckily I'd downloaded a trojan remover just before going into safe mode on a whim, because there were several main files hidden in four cookies folders that wouldn't delete without it. I think this was the same thing that was hijacking my system before and caused me to have to restore the system. But then I started finding a lot of creepy things last night, like it's not just a program, but a person in my computer. What do you think of this?

-------------------------------------------
Tuesday, April 12, 2005 7:26:29 PM
----Configuration engine was initialized successfully.----

----Reading Configuration Template info...
Event audit settings are turned off.


----Configure Registry Keys...
Configure machine\system\currentcontrolset\services\eventlog\security\security.

Configuration of Registry Keys was completed successfully.


----Configure File Security...

File Security configuration was completed successfully.


----Configure General Service Settings...

General Service configuration was completed successfully.


----Configure available attachment engines...

Configuration of attachment engines was completed successfully.
Event audit settings are restored.


----Un-initialize configuration engine...
-------------------------------------------
Tuesday, April 12, 2005 7:37:25 PM
----Configuration engine was initialized successfully.----

----Reading Configuration Template info...
Event audit settings are turned off.


----Configure Registry Keys...
Configure machine\software\microsoft\devicemanager.
Configure machine\system\currentcontrolset\control\network.
Configure machine\system\currentcontrolset\services\dhcp\parameters.
Configure machine\system\currentcontrolset\services\dnscache.
Configure machine\system\currentcontrolset\services\eventlog\security\security.
Configure machine\system\currentcontrolset\services\netbt.
Configure machine\system\currentcontrolset\services\netbt\parameters.
Configure machine\system\currentcontrolset\services\remoteaccess.
Configure machine\system\currentcontrolset\services\remoteaccess\accounting.
Configure machine\system\currentcontrolset\services\remoteaccess\authentication.
Configure machine\system\currentcontrolset\services\remoteaccess\demanddialmanager.
Configure machine\system\currentcontrolset\services\remoteaccess\enum.
Warning 2: The system cannot find the file specified.
Error enumerating info for machine\system\currentcontrolset\services\remoteaccess\enum.
Configure machine\system\currentcontrolset\services\remoteaccess\interfaces.
Configure machine\system\currentcontrolset\services\remoteaccess\parameters.
Configure machine\system\currentcontrolset\services\remoteaccess\performance.
Configure machine\system\currentcontrolset\services\remoteaccess\policy.
Configure machine\system\currentcontrolset\services\remoteaccess\routermanagers.
Configure machine\system\currentcontrolset\services\remoteaccess\routingtablemanager.
Warning 2: The system cannot find the file specified.
Error enumerating info for machine\system\currentcontrolset\services\remoteaccess\routingtablemanager.
Configure machine\system\currentcontrolset\services\remoteaccess\security.
Configure machine\system\currentcontrolset\services\tcpip.
Configure machine\system\currentcontrolset\services\tcpip\linkage.
Configure machine\system\currentcontrolset\services\tcpip\parameters.
Configure machine\system\currentcontrolset\services\tcpip\parameters\winsock.

Configuration of Registry Keys was completed successfully.


----Configure File Security...
Configure c:\windows\system32\setup.

File Security configuration was completed successfully.


----Configure General Service Settings...

General Service configuration was completed successfully.


----Configure available attachment engines...

Configuration of attachment engines was completed successfully.
Event audit settings are restored.


----Un-initialize configuration engine...


I found it in a folder called security, in a subfolder called logs. It was written for somebody by somebody else on the night I did system restore. It wasn't written for me. They seem interested in the configuration of my security. There was also a whole file of (I think they were rejected emails) warning that there was a failure or bad connection. There were rerouted security updates littered all over the place which never got delivered. I could type for hours. Basically the security system wasn't working, or rather, it was working against itself. It was programmed to protect itself from security updates, and downloads and things. Anyway, I saved several of the notepad logs they made. Do Symantec or Microsoft collect data like that for analysis? One more important question before I go. What are the chances that this is going to come back on me? What if it doesn't matter that it's cleaned out? What if it just needs to know something to get back in? I have to turn off my computer until I hear back from you because I'm terrified that big brother is watching! Here's my logfile.

Logfile of HijackThis v1.99.1
Scan saved at 7:49:43 AM, on 19/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton AntiVirus\CfgWiz.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 7.0\aoltray.exe
C:\WINDOWS\MDG\MDGnotify.exe
C:\Program Files\Norton AntiVirus\NAVW32.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Shortcut to MDGnotify.lnk = C:\WINDOWS\MDG\MDGnotify.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.mdg.ca
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3341523234
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe :cry:
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

Unread postby 'KotaGuy » April 19th, 2005, 12:55 pm

Yeah... these things can be nasty. But it looks like the main infection is gone.

You've done some good work, ren! Your log is CLEAN!

I didn't see any Hosts entries in your log, but just in case, download and run Hoster. This will reset your Hosts file to default.

Now, its possible that there may be remnants of it leftover that we weren't able to get with HijackThis. I recommend doing a couple online scans at Panda ActiveScan
, TrendMicro HouseCall, or eTrust AntiVirus WebScanner. Also do an online Trojan scan from Windows Security.

Let them fix anything they find, rebooting your computer between each scan. Let me know about anything the scans find and cannot fix. Full pathname of the entries if possible please.

Next, download and install Ad-Aware
and Spybot S&D. Visit this page for proper configuration. Run and scan with both, letting them fix whatever they find. Remember to reboot between each scan.

After you have done the online virus scans and the scans with Ad-Aware and Spybot, you should reset your System Restore point. This will ensure a nice clean backup to fall upon if you ever need it. To do this:

1. Right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Check the "Turn off System Restore" or "Turn off System Restore on all drives"

Reboot your computer, follow the steps above, this time unchecking the "Turn off System Restore" and reboot.

If you haven't done this recently, update Windows and it's components.

You might also want to look into installing SpywareBlaster, SpywareGuard, and IE-SPYAD. You can grab them from the links in my sig. The programs are free and can be updated, so please remember to do so. Installing these will go a long way in preventing reinfection.

Though you have Norton's Firewall installed, I'm sure you've heard of ZoneAlarm
, might want to think about using it instead of the Norton Firewall as ZoneAlarm is a more robust solution.

Check out the links in my sig named How'd I get Infected and Understanding Spyware as well, some good information for you :)

Other than that, remember to update Windows frequently, update your protection programs, scan often and...

Surf Safe!
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

WAIT ! COME BACK !

Unread postby ren » April 20th, 2005, 12:01 am

No! It's still in there! Something occurred to me today and I called the manufacturer number. The guy explained that the only way to access the system drive backups in the D drive is through the system recovery disk, and this backed up my hunch that that's what the log meant by configuration. Then when I checked the D drive, the system drives had in fact been modified last Sunday night when I did the recovery.

Also, you should know that when I was in there last night, I would scan the files with Norton antivirus, if I was suspicious. The first one I did, it recognized as tooso.f and quarantined it. The second one was one you confirmed for me already, yet it didn't recognize it. Neither did the trojan tool. In fact, after that first check, Norton did not recognize a single one, and neither did the trojan remover. Not one. I had to find them and zap them all manually. I knew I was right when they wouldn't delete on their own. Mostly I couldn't go by file name, but by dates and times and similar characteristics, and odd hiding places. Man, it was like being in the twilight zone! I probably deleted a bunch of legitimate files, but I don't even care anymore. Whatever the consequences are, it can't be worse than cohabitating with this.

This afternoon the first thing I did was reinstall Norton antivirus and update it. Then I went into system 32 again and saw that more files had been set up last night even while I'd been busy submitting my logfile here, and there were a bunch of new update logs from today as well. I read one that said it had found a way to redirect its actions by installing something called wininet.dll. and channeling it all there instead. I don't even know what that is, or what it's trying to do, but I think it at least has partly to do with security updates. (Incidentally, did hjt say we had a Norton firewall? We don't, we have the Windows XP one.) This is because I keep going to the Microsoft update site, which keeps telling me my updates are current, but from what I saw last night, I think they're downloaded from the site, then not installed. Also, everything to do with security always says it's fine and running, but I get the feeling it's turned off or something, and last night I found something that said my firewall was turned off, when other things were saying it was on.

So here's the thing. I could give you a hjt logfile but I'm telling you you won't see anything. Even when I redownloaded and updated Norton, and put its nose on a tooso.f file (yes, I'm positive! It was replicated this morning, and I think it was called something like TRJN.tbn or something along those lines) it just said, "Nope! This one's clean!" You'd never be able to pick it out from a logfile if Norton and a Trojan scanner can't see it.I noticed that many of them take on a file name that's almost identical to the legitimate one that's right next to them.

So I'll send you a logfile, but if it looks clean, and you tell me not to worry, I think I will scream, because my cursor is still showing working in the background, and I know I'm not just being paranoid. Should I just reinstall Windows and wipe out my D drive? And do you think I'm actually being hacked? If so, how do I change my IP address if my cable guy won't? He says I have a floating IP which changes every few mo. and what I'm saying is impossible with a firewall. I have a router too. He says that makes it even more impossible. I'm confused, and feeling like a bit of a pawn. :(


Logfile of HijackThis v1.99.1
Scan saved at 8:58:45 PM, on 19/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\AOL 7.0\aoltray.exe
C:\WINDOWS\MDG\MDGnotify.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Shortcut to MDGnotify.lnk = C:\WINDOWS\MDG\MDGnotify.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.mdg.ca
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3341523234
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

Unread postby 'KotaGuy » April 20th, 2005, 1:06 am

Hi ren.

Could you do the Online scans like I asked, because I don't see any evidence in your log that you did.

I also don't see any evidence that you installed Spybot or Ad-Aware like I asked.

Please do the online scans, along with the scans by Ad-Aware and Spybot.

The reason I said you are running the Norton firewall is because it is active in your log:

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe


Also, the Windows Firewall can't be active on your computer because the proper service(s) aren't active for it. Namely, the Application Layer Gateway service. So the Windows firewall will not be running.

Please do the Online scans(remember to configure them for auto fixing), and the scans with Ad-Aware and Spybot. Remember to visit the link I provided for proper configuration of the programs. Or you can click the link in my sig named Instructions for Ad-Aware and Spybot.

Could you also please copy/paste the contents of these logs you are looking at that have you suspicious, along with a new HijackThis log.

Thanks.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby ren » April 20th, 2005, 2:36 am

Just ran the house-call one and it picked up nothing. I can't access Panda. Weird things keep happening. Before I reboot between scans, I wanted to find one of the logs I saw earlier which said something about hiding a file upon restartup. I've been paranoid to turn this thing off now. I came across this one instead. Thought you might find it interesting. Remeber what I said about dates? System 32 has created 26 new files today. That's just in System 32. There are 17 text files, 1 BAK, 2 Application files, 3 Application extentions, 1 PTN, 1 config. setting, and 2 files called 586 files that are each 14,416 KB. (I'm in waaay over my head here aren't I?)



Initialize setup: OCMSN.DLL 07/16/04 12:29:40
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_WIZARD_CREATED] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CALC_DISK_SPACE] - complete
[msnexplr - OC_QUEUE_FILE_OPS] - complete
[msnexplr - OC_QUEUE_FILE_OPS]
[OnQueueFileOps] Queuing up the [msnexplr] section for install. - complete
[msnexplr - OC_QUERY_STEP_COUNT] - complete
[msnexplr - OC_QUERY_STEP_COUNT] - complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - complete
[msnexplr - OC_COMPLETE_INSTALLATION] - complete
[msnexplr - OC_COMPLETE_INSTALLATION]
[OnCompleteInstallation] Queuing up [msnexplr] section for install.
[OnCompleteInstallation] Setting CoreFiles folder as HIDDEN.
[AddSettings] Add hardcoded WinXP settings
[InfRunSetupCommand] RunSetupCommand returned 0x0. - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:52:08
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:52:18
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:52:28
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:52:36
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:53:07
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:53:28
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:53:51
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:54:15
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:54:34
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:55:10
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:55:40
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:56:13
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:56:54
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:57:30
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:58:01
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:58:32
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 07/16/04 13:59:05
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:39:42
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:39:50
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:02
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:11
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:19
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:28
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:39
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:47
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:40:54
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:41:05
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:41:30
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:41:56
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:42:08
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:42:26
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:43:47
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete


Initialize setup: OCMSN.DLL 04/12/05 14:44:17
[msnexplr - OC_PREINITIALIZE] - complete
[msnexplr - OC_INIT_COMPONENT] - complete
[msnexplr - OC_QUERY_STATE] - complete
[msnexplr - OC_CLEANUP] - complete

*********** OCMSN - Initialize
Date: 4/12/2005 (mm/dd/yyyy) Time: 19:37:23 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/12/2005 (mm/dd/yyyy) Time: 19:44:27 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/12/2005 (mm/dd/yyyy) Time: 20:34:43 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/12/2005 (mm/dd/yyyy) Time: 20:35:51 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/12/2005 (mm/dd/yyyy) Time: 20:47:41 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/12/2005 (mm/dd/yyyy) Time: 20:48:52 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/12/2005 (mm/dd/yyyy) Time: 20:48:58 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/12/2005 (mm/dd/yyyy) Time: 20:50:51 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/12/2005 (mm/dd/yyyy) Time: 21:40:12 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/12/2005 (mm/dd/yyyy) Time: 21:43:57 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:10:12 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:10:14 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:10:28 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:10:29 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:10:54 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:10:55 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11: 2 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11: 3 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11: 9 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11:10 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11:15 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11:16 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11:24 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/15/2005 (mm/dd/yyyy) Time: 8:11:25 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/18/2005 (mm/dd/yyyy) Time: 14:55:19 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/18/2005 (mm/dd/yyyy) Time: 14:55:49 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/18/2005 (mm/dd/yyyy) Time: 14:56:12 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/18/2005 (mm/dd/yyyy) Time: 14:56:49 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/18/2005 (mm/dd/yyyy) Time: 15: 0:25 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/18/2005 (mm/dd/yyyy) Time: 15: 0:55 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:31:33 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:32: 3 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:32: 7 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:32:40 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:32:44 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:32:59 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:33: 1 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:33:31 (hh:mm:ss)

********** OCMSN - Complete

*********** OCMSN - Initialize
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:33:35 (hh:mm:ss)
[msnexplr - OC_PREINITIALIZE] - Complete
[msnexplr - OC_INIT_COMPONENT] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_WIZARD_CREATED] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CALC_DISK_SPACE] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUEUE_FILE_OPS] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_QUERY_STEP_COUNT] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_ABOUT_TO_COMMIT_QUEUE] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_COMPLETE_INSTALLATION] - Complete
[msnexplr - OC_QUERY_STATE] - Complete
[msnexplr - OC_CLEANUP] - Complete
Date: 4/19/2005 (mm/dd/yyyy) Time: 21:33:45 (hh:mm:ss)

********** OCMSN - Complete
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

Unread postby 'KotaGuy » April 20th, 2005, 2:52 am

Did you try the eTrust Scan? How about the Windows Security Trojan scan? Spybot? Ad-Aware? Where is the new HijackThis log?

I can't properly help if you don't follow my instructions, ren. Please do the above scans and post a new HijackThis log.

The log you did post seems to be an MSN Explorer log of sort. Whether or not it is bad, I don't know. I will have to get another to take a look at that and as soon as I find something out about it I will let you know.

In the meantime... could you please follow my instructions.

Thanks. :)
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby ren » April 20th, 2005, 4:07 am

Yah, just posting as I was waiting, but the bad news is, I can't access anything. The eTrust one said finished, no virus, as soon as I pressed start. Once it did this while the info bar was telling me it hadn't even downloaded the definitions. It didn't want me to download those either, but finally it let me. Even then it still ran a half-second scan, though.



The Microsoft one wouldn't respond and shut down IE. Panda gave me a tiny garbled box where the enlarge button was disabled, and the next button wouldn't turn into a link like it should have. When I right clicked it gave me a bunch of encoded options. The only one that worked was House Call, but it came up with nothing.

I don't know what to do. I'll keep trying if you say so, but it was like this before too. The more I tried to get rid of this thing the more it fought back. From everything I've seen it do, and especially from looking at all these logs today, I'm fairly certain that this isn't just a bug, but something, or somebody that has a purpose in using our computer for something, and it's set things up for itself with the intention of staying there for good.

So here's what I propose. I can't go any further till you answer my next question. While I'm waiting I'll post questionable logs, because I think they might be important. I think they give info about what this guy's been doing, and how. If we knew that, maybe we could undo it. As soon as you post back and tell me what to do, I'll get right back on your program, I swear!

And the only reason I never followed through on your initial advice was that I became reinfected before I could finish. I was saving some of your download resources until I knew I was clean. (I still am)

QUESTION:
Is it important to run the online scans before downloading ad-aware or spy-bot, or will they get corrupted too? Basically, failing the scans, what do I do now, and in what order?
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

SNEAKY STUFF

Unread postby ren » April 20th, 2005, 4:45 am

I'll try to do them in different colours so they don't get mixed up.


First, I think it has my IE, because in task manager, iexplore.exe Ren uses 20, 76 K in Mem Usage, explorer.exe Ren uses 11,772 K. Everything else uses way less. This change over happened right before I did the sys. restore. Before that the memory glutton was my SpySweeper program plus 2 explorer.exe programs. Long story. I removed SpySweeper, and an explorer.exe was automatically removed as well. Then everything was transferred to explorer.exe Ren. After system restore it stayed that way. Now, when I go to program access and default, it shows I have a custom configuration, with a custom browser, not IE, and leaving out all other options which are also set, it's not letting me change it, or allowing me options.

Also, I saw a log that might have been from symantec from their automatic update. It would have been from this morning when I reinstalled from disk. It said it recognized our system as a windows 2000, and I thought I'd seen other references to NT. We have an XP that's telling me I've updated to SP2.

Other things I've noticed since doing the recovery - When you go deeper and deeper into My Computer, you get to know what it looks like, right? It looks kind of different. Not just because there are fewer files. It seems set up differently. Also, it's not as easy to navigate. I can't find system explorers, or access them anyway. Admin tools are NOT helpful. I wasn't the administrator before, but it looks like you have to be a real techie! When you pull up something like My Documents, then go forward, in a file, in another file, you can't go back. You have to exit and start over. There's no back button, or up one folder button. Nothing.

[color=red] Service Pack 2 4 18 2005 23:22:51.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver PCIIde.sys
Loaded driver \WINDOWS\System32\Drivers\PCIIDEX.SYS
Loaded driver intelide.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver IdeBusDr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver IdeChnDr.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver Mup.sys
Did not load driver ACPI Uniprocessor PC
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Loaded driver \SystemRoot\System32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbehci.sys
Did not load driver Intel(R) PRO/100 VE Network Connection
Loaded driver \SystemRoot\System32\DRIVERS\fdc.sys
Did not load driver Communications Port
Did not load driver Printer Port
Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\System32\DRIVERS\InCDPass.sys
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\update.sys
Loaded driver \SystemRoot\System32\DRIVERS\mssmbios.sys
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Loaded driver \SystemRoot\System32\DRIVERS\flpydisk.sys
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Did not load driver mnmdd.SYS
Did not load driver RDPCDD.SYS
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Did not load driver RasAcd.SYS
Did not load driver IPSec.SYS
Did not load driver Tcpip.SYS
Did not load driver SYMTDI.SYS
Did not load driver NetBT.SYS
Did not load driver AFD.SYS
Did not load driver NetBIOS.SYS
Did not load driver Serial.SYS
Did not load driver Processor.SYS
Did not load driver intelppm.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver {6080A529-897E-4629-A488-ABA0C29B635E}.SYS
Did not load driver SPBBCDrv.SYS
Did not load driver SAVRTPEL.SYS
Did not load driver Rdbss.SYS
Did not load driver MRxSmb.SYS
Did not load driver Fips.SYS
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Loaded driver \SystemRoot\System32\DRIVERS\usbprint.sys
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Lexmark Z600 Series
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Lexmark Z600 Series
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Did not load driver AFD.SYS
Service Pack 2 4 19 2005 16:16:30.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver PCIIde.sys
Loaded driver \WINDOWS\System32\Drivers\PCIIDEX.SYS
Loaded driver intelide.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver IdeBusDr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver IdeChnDr.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver Mup.sys
Did not load driver ACPI Uniprocessor PC
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Realtek AC'97 Audio
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver WAN Miniport (ATW)
Did not load driver Intel Processor
Did not load driver Intel(R) 82845G Graphics Controller
Did not load driver Intel(R) PRO/100 VE Network Connection
Did not load driver Communications Port
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

Unread postby ren » April 20th, 2005, 6:25 am

Forget my question. I can't download spy-bot or ad-aware. Ad-aware sends me in perpetual circles, and spy-bot lets me get to the point where I'm setting up through the installation wizard and it's giving me options of what features I want installed (languages, skins, options for blind users) the only option that's greyed out is the main files. I tried downloading from a whole bunch of different sources, but they're all the same.

Also, last time while I was posting, the screen lifted itself like someone was peeking, and it showed part of the last page (what I would have seen if I'd pressed back) It felt like someone lifting my skirt. This has me really freaked out, because things keep becoming more bold and deliberate.

After it did that, it messed up the number I was typing, you can still see it. I tried backspacing, but the backspace button turned into the back-a-page button and the screen started flipping around. This only happened for a second. On that post, I included two weird logs. The second one was the symantec log that said our system was Windows 2000. After that I posted and checked to make sure you hadn't replied, like I'd promised. Then I came back, posted two more weirdlogs, and got a message that said this site wouldn't allow me to post again so soon after my last post. So my last reply wasn't accepted. When I checked to see my last post, I also realized that my last post was cut off, and the symantec log wasn't included.

I did try telling myself that maybe it was a blip, and maybe that's normal protocol for this site. Then I went to see if I could find the symantec file again to repost it. I couldn't find it. I looked and looked, and found it the next minute right where I'd just looked. It had been amended. Now it said the system was Windows XP, but I think more than that must have been changed because I just remember how the other one looked, and it was written on a different line. Also, there was more written after it I think. That's not something a program can do. Someone's watching me right? Now what do I do?
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am

Unread postby ren » April 20th, 2005, 7:54 am

Almost forgot. Maybe we should be asking what hijackthis is telling you - I guess I shouldn't have been just taking this stuff for granted. Well at least it's something, anyway. I half expected to find the folder gone.

Basic info: we're supposed to have a Windows XP SP2 2002 version. It has 256 MB of RAM, and a Celeron 2.6 GHz processor. We have no fax and no fancy hardware at all, just a printer, speakers, and diskdrive. (And maybe a camera if it's hooked up, but I don't think so.)

MDG is the manufacturer. Internet is connected through cable, not wireless, and we have a router. We shouldn't be connected to any outside network.

We technically have 3 users (unless admin counts as a fourth) Ren, Jeff, and Allthekids. However, the third one is not used, it's like our family D drive.

We should have 2 email accounts. One is a hotmail.com, one is a shaw.ca, but I think shaw.ca's been jinxed, not sure. It's not running.

We're supposed to be using EI. I don't know. It looks like EI. It smells like EI. It doesn't always act like EI. Could be an evil twin. Some parts of my computer says it is, some say it isn't. The same was true of my google homepage, and everytime I pull up EI I get an error in the left corner of google page. Anyway!

Security. Did I ever have to pull teeth just to get this computer to the point where I could see an actual security center icon in control panel, and when I finally saw that Windows Firewall icon, I thought I'd die of joy, I must have chased those downloads around for hours. Please show me how to turn it on again.

Also we have Norton Antivirus, and SpySweeper. We have a registered disk for both of these, but it didn't seem to make any difference. Our system is already configured to know just what to do with them, it even hijacked our SpySweeper, using it, I think, to redistribute a whole bunch of virtual memory to different files. You could kind of see it happening in task manager. SpySweeper was working really hard, while other files were getting really fat, and I kept getting low on virtual memory notices, even after I doubled the default. Anyway, it was awfully good of my hijacker to supply me with a Norton firewall, don't you think? Otherwise I'd be a sitting duck.

We don't use this computer for games, or business, just very, very basic stuff. My husband downloads music, and I enjoy reading ebooks, I run web searches for personal research purposes, but we don't make purchases. We use Word. I download pictures, but none recently. Anything out of the ordinary probably isn't ours.

So here's the logfile.

Logfile of HijackThis v1.99.1
Scan saved at 3:34:09 AM, on 20/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\AOL 7.0\aoltray.exe
C:\WINDOWS\MDG\MDGnotify.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Shortcut to MDGnotify.lnk = C:\WINDOWS\MDG\MDGnotify.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.mdg.ca
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3341523234
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe





I decided to do another incase anything was altered as I typed. My cursor was blinking very strangely, and you can hardly blame me for being paranoid at this point.




Logfile of HijackThis v1.99.1
Scan saved at 4:50:43 AM, on 20/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\AOL 7.0\aoltray.exe
C:\WINDOWS\MDG\MDGnotify.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Shortcut to MDGnotify.lnk = C:\WINDOWS\MDG\MDGnotify.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.mdg.ca
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3341523234
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
ren
Active Member
 
Posts: 12
Joined: March 21st, 2005, 3:10 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 347 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware