Report, edit, etc...Posted by Kingra on 2005-07-23 at 18:54:59
I was searching for some porn (yes I admit it) and after a while I went to my desktop and saw my desktop screen is all blue and says "Your System is Infected! System has been stopped due to a serious malfunction. Spyware activity has been detected. It is recommeded to use spyware removal tool to prevent data loss. Do not use computer before all spyware removed."
I underlined what seemed to be a spelling error that was in the message. Is this some kind of joke virus? I need help, I have never encountered a virus before. As of now, I am doing a lot of spyware search just in case, and saving all my data.
I'm freaking out, please help...
Oh, and I cannot change my desktop picture, either...
Another thing I noticed, I have a new toolbar labeled TNS on IE.
I underlined what seemed to be a spelling error that was in the message. Is this some kind of joke virus? I need help, I have never encountered a virus before. As of now, I am doing a lot of spyware search just in case, and saving all my data.
I'm freaking out, please help...
Oh, and I cannot change my desktop picture, either...
Another thing I noticed, I have a new toolbar labeled TNS on IE.
Report, edit, etc...Posted by glytchur on 2005-07-23 at 18:59:24
o_O
good luck with that...
good luck with that...
Report, edit, etc...Posted by pekkel_the_duck on 2005-07-23 at 19:01:41
http://forums.majorgeeks.com/showthread.php?t=35407
Follow those steps to remove trojans, spyware, adware, and viruses. And when I read your shoutbox post I thought a real virus that you could die from.
Follow those steps to remove trojans, spyware, adware, and viruses. And when I read your shoutbox post I thought a real virus that you could die from.
Report, edit, etc...Posted by Kingra on 2005-07-23 at 19:04:58
I just deleted two programs I have never downloaded. OIN and The Best Browser Ever!.
Thanks for the forum.
Thanks for the forum.
Report, edit, etc...Posted by ShadowBrood on 2005-07-23 at 19:07:14
Pssh. What you get for using Infranet Exploder. Now matter how cool you are dude, I think it serves you right for using Micro$oft software.
Use Opera or Firefox. The only thing I can recommend is downloading Ad-Aware and Spybot Search and Destroy and AVG Free. Scan with all of those and make sure they're updated. If that doesn't work. FORMAT LIKE A MOFO!! That's my solution to everything
Use Opera or Firefox. The only thing I can recommend is downloading Ad-Aware and Spybot Search and Destroy and AVG Free. Scan with all of those and make sure they're updated. If that doesn't work. FORMAT LIKE A MOFO!! That's my solution to everything
Report, edit, etc...Posted by Staredit.Net Essence on 2005-07-23 at 19:07:35
QUOTE(pekkel_the_duck @ Jul 24 2005, 09:01 AM)
when I read your shoutbox post I thought a real virus that you could die from.
[right][snapback]268612[/snapback][/right]
[right][snapback]268612[/snapback][/right]
same here.
use any antiviral/spyware program you can find.
Report, edit, etc...Posted by Kingra on 2005-07-23 at 19:30:51
QUOTE(ShadowBrood @ Jul 23 2005, 06:07 PM)
Pssh. What you get for using Infranet Exploder. Now matter how cool you are dude, I think it serves you right for using Micro$oft software.
Use Opera or Firefox. The only thing I can recommend is downloading Ad-Aware and Spybot Search and Destroy and AVG Free. Scan with all of those and make sure they're updated. If that doesn't work. FORMAT LIKE A MOFO!! That's my solution to everything
[right][snapback]268619[/snapback][/right]
Use Opera or Firefox. The only thing I can recommend is downloading Ad-Aware and Spybot Search and Destroy and AVG Free. Scan with all of those and make sure they're updated. If that doesn't work. FORMAT LIKE A MOFO!! That's my solution to everything
[right][snapback]268619[/snapback][/right]
I was using Firefox, idiot. I was checking IE to see if anything changed. It seems Firefox isn't as good as it seems. :\
Report, edit, etc...Posted by n2o-SiMpSoNs on 2005-07-23 at 22:14:11
haha this is what happend to me... its called spy sheriff... and your :censored:ed... does it underline random words on the internet and upload stuff on your desktop and play an annoying sound and wont let you change ur backround.. also does it make your comp really slow?? if so then it spy sheriff... and i dont know how i got rid of it the 2 times i got it cuz my father mostly did it...
ADDITION:
oh yeah and limewire > internet for pron =/
ADDITION:
i also reccomend downoading hijack this and posting your log on this site? maybe someone here can help u and i will try also..
ADDITION:
oh yeah and limewire > internet for pron =/
ADDITION:
i also reccomend downoading hijack this and posting your log on this site? maybe someone here can help u and i will try also..
Report, edit, etc...Posted by KrAzY on 2005-07-23 at 23:25:14
That's probably your first virus... -.-
- This was causes viruses:
- Porn
- Popups
- Advertisements
- Limewire
- Hacked
- Random Hacker Nerds
- etc
Report, edit, etc...Posted by Kingra on 2005-07-24 at 10:56:56
QUOTE(n2o-PiMpSoNs @ Jul 23 2005, 09:14 PM)
haha this is what happend to me... its called spy sheriff... and your :censored:ed... does it underline random words on the internet and upload stuff on your desktop and play an annoying sound and wont let you change ur backround.. also does it make your comp really slow?? if so then it spy sheriff... and i dont know how i got rid of it the 2 times i got it cuz my father mostly did it...
ADDITION:
oh yeah and limewire > internet for pron =/
ADDITION:
i also reccomend downoading hijack this and posting your log on this site? maybe someone here can help u and i will try also..
[right][snapback]268771[/snapback][/right]
ADDITION:
oh yeah and limewire > internet for pron =/
ADDITION:
i also reccomend downoading hijack this and posting your log on this site? maybe someone here can help u and i will try also..
[right][snapback]268771[/snapback][/right]
Yep. That's what I got, I never had any annoying sounds or random underlined words, but SpySheriff, OIN (Wtf?), and another program called Best Browser Ever!! were some random things that was uploaded onto my desktop. And my internet is going a little slow. My dad says he can fix it, but for now I can still use the computer like I regularly do.
Wait, what's Hijack This? Link, please...
QUOTE(krazydrunkking @ Jul 23 2005, 10:25 PM)
That's probably your first virus... -.-
[right][snapback]268846[/snapback][/right]
- This was causes viruses:
- Porn
- Popups
- Advertisements
- Limewire
- Hacked
- Random Hacker Nerds
- etc
[right][snapback]268846[/snapback][/right]
I know what causes them, just not how to fight them.
Report, edit, etc...Posted by Snipe on 2005-07-24 at 11:15:14
QUOTE(Kingra @ Jul 23 2005, 04:54 PM)
I was searching for some porn (yes I admit it) and after a while I went to my desktop and saw my desktop screen is all blue and says "Your System is Infected! System has been stopped due to a serious malfunction. Spyware activity has been detected. It is recommeded to use spyware removal tool to prevent data loss. Do not use computer before all spyware removed."
I underlined what seemed to be a spelling error that was in the message. Is this some kind of joke virus? I need help, I have never encountered a virus before. As of now, I am doing a lot of spyware search just in case, and saving all my data.
I'm freaking out, please help...
Oh, and I cannot change my desktop picture, either...
Another thing I noticed, I have a new toolbar labeled TNS on IE.
[right][snapback]268606[/snapback][/right]
I underlined what seemed to be a spelling error that was in the message. Is this some kind of joke virus? I need help, I have never encountered a virus before. As of now, I am doing a lot of spyware search just in case, and saving all my data.
I'm freaking out, please help...
Oh, and I cannot change my desktop picture, either...
Another thing I noticed, I have a new toolbar labeled TNS on IE.
[right][snapback]268606[/snapback][/right]
Yea thats got to blow.. I have a shietload of Firewalls and Anti Viruses its funny.
Report, edit, etc...Posted by PCFredZ on 2005-07-24 at 11:22:58
QUOTE(Kingra @ Jul 23 2005, 07:30 PM)
I was using Firefox, idiot. I was checking IE to see if anything changed. It seems Firefox isn't as good as it seems. :\
[right][snapback]268640[/snapback][/right]
[right][snapback]268640[/snapback][/right]
Firefox gives you a secure and powerful browser. What you do with it is your own problem. It'd be your own fault if you pressed Download...
Report, edit, etc...Posted by KrAzY on 2005-07-24 at 11:29:29
Kingra, if you found a way to block a hacker, they always find another way to hack you back. If you reboot your computer, a couple weeks later and will come back. And some viruses cannot be cleaned or deleted. Also virus-cleaners/scanners CAN be the virus if you installed it in the first place.
Report, edit, etc...Posted by Kingra on 2005-07-24 at 11:30:49
QUOTE(PCFredZ @ Jul 24 2005, 10:22 AM)
Firefox gives you a secure and powerful browser. What you do with it is your own problem. It'd be your own fault if you pressed Download...
[right][snapback]269131[/snapback][/right]
[right][snapback]269131[/snapback][/right]
Exactly, see my point? Yes, it's my fault, but what I'm saying is it doesn't make sure your download is as secure as it's supposed to be.
Report, edit, etc...Posted by KrAzY on 2005-07-24 at 11:31:36
Oh yeah, try a mac computer. I heard they never get viruses like windows does.
Report, edit, etc...Posted by Staredit.Net Essence on 2005-07-24 at 11:33:50
Use MSantispyware with an antivirus program and you will be good as new.
Report, edit, etc...Posted by Kingra on 2005-07-24 at 11:36:24
Actually, I'm not sure what I did gave me the virus. I was going to install a torrentloader, but before that I was at a porn site I have never been to before.
And if I'm correct, n2o got rid of it two times.
ADDITION:
Really? If you can give me a site or something, it might help...
And if I'm correct, n2o got rid of it two times.
ADDITION:
QUOTE
Use MSantispyware with an antivirus program and you will be good as new.
Really? If you can give me a site or something, it might help...
Report, edit, etc...Posted by Oo.ZeALoT.oO on 2005-07-24 at 11:39:27
QUOTE
Oh yeah, try a mac computer. I heard they never get viruses like windows does
Thats probly true, cuz not as many people use macs so the people who make all that virus :poo: probly make em for pc's so they can affect more people.......
Kingra i would go save all the stuff u care about on a disk
Report, edit, etc...Posted by Staredit.Net Essence on 2005-07-24 at 11:39:43
Report, edit, etc...Posted by Voyager7456(MM) on 2005-07-24 at 11:43:01
HijackThis: http://www.majorgeeks.com/download3155.html
Post your logfile either here or at www.spywareinfo.com
Post your logfile either here or at www.spywareinfo.com
Report, edit, etc...Posted by Gigins on 2005-07-24 at 12:05:34
QUOTE(Kingra @ Jul 24 2005, 01:54 AM)
I was searching for some porn (yes I admit it)[right][snapback]268606[/snapback][/right]
Yea my PC died for the same reason! The viruses even killed my norton. But now I have fond a way better way to get porn and all stuff I need. I use DC++ sharing system. You can download anything and everything using DC++! You can even download games for free
.Report, edit, etc...Posted by Kingra on 2005-07-24 at 12:15:35
Heh, I found the source of the annoying screen, deleted it, and now my desktop screen is back to it's regular green. But my desktop photo still cannot be changed.
I'm gonna get HijackThis, too, I guess...
Oh btw Gradius that Virus Scan really helped. Thanks.
I'm gonna get HijackThis, too, I guess...
Oh btw Gradius that Virus Scan really helped. Thanks.
Report, edit, etc...Posted by KrAzY on 2005-07-24 at 12:16:27
It will come back for sure, no offense.
Report, edit, etc...Posted by Kingra on 2005-07-24 at 12:20:57
So what? As long as I don't have to see that ugly screen, I'm fine with it...
ADDITION:
Here's my log.
Logfile of HijackThis v1.99.1
Scan saved at 11:19:31 AM, on 7/24/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINNT\System32\_pnd_Vnk5t.exe
C:\Program Files\AIM\aim.exe
C:\winstall.exe
C:\winstall.exe
C:\WINNT\twain_32\ScanWiz5\SDII.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\unzipped\hijackthis\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [_pnd_Panda Antivirus] C:\WINNT\System32\_pnd_k1zNa.exe -svc
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SNInstall] C:\winstall.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microtek Scanner Finder.lnk = C:\WINNT\twain_32\ScanWiz5\SDII.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {35B7E48B-9D81-4C6C-9578-5FD4F620D886} (InstallShield Setup Player 2K2) - http://host1.tcnet.tv/tcinstall/setup.exe
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com/cp/install/AxCtp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FCF289D4-0AC8-4ED8-BE31-E8AF09606AB5} (download_35mb_com.applet) - http://static.35mb.com/applet/applet_o.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O21 - SSODL: Adobe Acrobat 5.0 - {678BD0D5-39B5-47CF-27E6-7ABCADBB1F84} - c:\program files\adobe\acrobat 5.0\reader\winvsmwd32.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: svchost.exe (moto) - Unknown owner - C:\WINNT\svchost.exe
ADDITION:
Here's my log.
Logfile of HijackThis v1.99.1
Scan saved at 11:19:31 AM, on 7/24/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINNT\System32\_pnd_Vnk5t.exe
C:\Program Files\AIM\aim.exe
C:\winstall.exe
C:\winstall.exe
C:\WINNT\twain_32\ScanWiz5\SDII.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\unzipped\hijackthis\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [_pnd_Panda Antivirus] C:\WINNT\System32\_pnd_k1zNa.exe -svc
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SNInstall] C:\winstall.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microtek Scanner Finder.lnk = C:\WINNT\twain_32\ScanWiz5\SDII.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {35B7E48B-9D81-4C6C-9578-5FD4F620D886} (InstallShield Setup Player 2K2) - http://host1.tcnet.tv/tcinstall/setup.exe
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com/cp/install/AxCtp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FCF289D4-0AC8-4ED8-BE31-E8AF09606AB5} (download_35mb_com.applet) - http://static.35mb.com/applet/applet_o.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O21 - SSODL: Adobe Acrobat 5.0 - {678BD0D5-39B5-47CF-27E6-7ABCADBB1F84} - c:\program files\adobe\acrobat 5.0\reader\winvsmwd32.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: svchost.exe (moto) - Unknown owner - C:\WINNT\svchost.exe
Report, edit, etc...Posted by Merrell on 2005-07-24 at 12:57:27
[Reserving this post for results, Editing now]
"*" Means Not required at start up, with greatly increase startup if you check these.
Things to check off: (used my tutorial)
O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing)
*O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
*O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
*O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
*O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
*O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
These 2 Look suspicious: [So check at own risk..]
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SNInstall] C:\winstall.exe
Ask someone about those 2..^
"*" Means Not required at start up, with greatly increase startup if you check these.
Things to check off: (used my tutorial)
O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing)
*O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
*O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
*O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
*O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
*O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
These 2 Look suspicious: [So check at own risk..]
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SNInstall] C:\winstall.exe
Ask someone about those 2..^