java console

search for more blogs here

Home - Take this blog!
Get A Free Author's Pass Here
Submit Your Blog Articles Here
Return to the Javas Blogs Here

"System gets very sluggish as well as others on LAN" posted by ~Ray
Posted on 2008-06-13 06:07:32

"System gets very sluggish as well as others on LAN" posted by ~Ray
Posted on 2008-06-13 06:07:31

"Infected with Puper Trojan" posted by ~Ray
Posted on 2008-03-12 23:05:23

The "Save My Login" feature allows you to automatically login to the Forum without re-typing your login information. However with this feature activated anyone else who uses your computer ordain be able to login as you. Therefore we recommend you decide this option only if you control find to your system. Clicking "Log Out" or deleting your cookies will alter this feature and force re-typing of your login information on your next visit. You must undergo your browser set to accept cookies for the "deliver My Login" feature to work. Running processes:C:\WINDOWS\System32\smss exeC:\WINDOWS\system32\winlogon exeC:\WINDOWS\system32\services exeC:\WINDOWS\system32\lsass exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\system32\svchost exeC:\WINDOWS\System32\svchost exeC:\WINDOWS\System32\WLTRYSVC. EXEC:\WINDOWS\System32\bcmwltry exeC:\WINDOWS\system32\spoolsv exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeC:\PROGRA~1\McAfee\MSC\mcmscsvc exec:\program files\common files\mcafee\mna\mcnasvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods exeC:\PROGRA~1\McAfee\MSC\mcpromgr exeC:\WINDOWS\system32\Ati2evxx exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeC:\WINDOWS\Explorer. EXEc:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeC:\Program Files\McAfee\MPF\MPFSrv exeC:\PROGRA~1\McAfee\MPS\mps exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC exeC:\schedule Files\Linksys\Wireless-N Network Monitor\NICServ exeC:\Program Files\Viewpoint\Common\ViewpointService exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper exeC:\schedule Files\Dell\QuickSet\quickset exeC:\WINDOWS\BCMSMMSG exeC:\WINDOWS\system32\WLTRAY exeC:\Program Files\ATI Technologies\ATI Control adorn\atiptaxx exeC:\WINDOWS\System32\DLA\DLACTRLW. EXEC:\Program Files\Apoint\Apoint exeC:\Program Files\Linksys\Wireless-N Network Monitor\WPC300N exeC:\schedule Files\Java\jre1.6.0_03\bin\jusched exeC:\Program Files\iTunes\iTunesHelper exeC:\Program Files\Webroot\Spy Sweeper\SpySweeperUI exeC:\Program Files\Messenger\MSMSGS. EXEC:\Program Files\DellSupport\DSAgnt exec:\PROGRA~1\mcafee com\agent\mcagent exeC:\WINDOWS\system32\ctfmon exeC:\schedule Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeC:\Program Files\BitTorrent\bittorrent exeC:\Program Files\AIM6\aim6 exeC:\Program Files\DAEMON Tools\daemon exeC:\Program Files\McAfee\MPS\mpsevh exeC:\Program Files\Logitech\SetPoint\SetPoint exeC:\Program Files\WinZip\WZQKPICK. EXEC:\Program Files\Common Files\AOL\Loader\aolload exeC:\Program Files\Apoint\HidFind exeC:\Program Files\Apoint\Apntex exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR. EXEC:\Program Files\Linksys\Wireless-N communicate observe\OdHost exeC:\Program Files\iPod\bin\iPodService exeC:\Program Files\AIM6\aolsoftware exeC:\Program Files\Internet Explorer\iexplore exeC:\Program Files\Webroot\Spy Sweeper\SSU. EXEC:\schedule Files\Internet Explorer\iexplore exeC:\schedule Files\HijackThis\HiJackThis_v2 exec:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld exeC:\WINDOWS\system32\cmd exeC:\WINDOWS\system32\cscript exeC:\WINDOWS\system32\cmd exeC:\WINDOWS\system32\cscript exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W. DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\schedule Files\Java\jre1.6.0_03\bin\ssv dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\schedule files\google\googletoolbar2 dllO2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\schedule files\explore\googletoolbar2 dllO4 - HKLM\..\Run: [Dell QuickSet] C:\schedule Files\Dell\QuickSet\quickset exeO4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG exeO4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAYO4 - HKLM\..\Run: [ATIPTA] "C:\schedule Files\ATI Technologies\ATI Control Panel\atiptaxx exe"O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW. EXEO4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint exe"O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY exeO4 - HKLM\..\Run: [Linksys Wireless-N Notebook Adapter] "C:\Program Files\Linksys\Wireless-N communicate Monitor\WPC300N exe"O4 - HKLM\..\Run: [Kernel and Hardware Abstraction forge] KHALMNPR. EXEO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\schedule Files\Java\jre1.6.0_03\bin\jusched exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper exe"O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -kO4 - HKLM\..\Run: [SpySweeper] "C:\schedule Files\Webroot\Spy Sweeper\SpySweeperUI exe" /startintrayO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS. EXE" /backgroundO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt exe" /startupO4 - HKCU\..\Run: [ctfmon exe] C:\WINDOWS\system32\ctfmon exeO4 - HKCU\..\Run: [swg] C:\schedule Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeO4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent exe" --force_start_minimizedO4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6 exe" /d locale=en-US ee://aol/imAppO4 - HKCU\..\Run: [DAEMON Tools] "C:\schedule Files\DAEMON Tools\daemon exe" -lang 1033O4 - Global Startup: Logitech SetPoint lnk = C:\schedule Files\Logitech\SetPoint\SetPoint exeO4 - Global Startup: WinZip Quick Pick lnk = C:\Program Files\WinZip\WZQKPICK. EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra add: (no label) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\communicate Diagnostic\xpnetdiag exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - O21 - SSODL: bindmod - {FA77C5C6-0542-4040-A6A4-E6AA14EAFFFE} - (no register)O21 - SSODL: hupsrv - {9A1E0D57-9CD0-4E62-95E3-17F0D9B69A3E} - C:\WINDOWS\hupsrv dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui dllO23 - Service: Apple Mobile Device - Apple. Inc. - C:\schedule Files\Common Files\Apple\Mobile Device give\bin\AppleMobileDeviceService exeO23 - function: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc exeO23 - function: McAfee E-mail Proxy (Emproxy) - McAfee. Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy exeO23 - Service: Google Updater Service (gusvc) - explore - C:\schedule Files\Google\Common\Google Updater\GoogleUpdaterService exeO23 - function: iPod Service - Apple Inc. - C:\schedule Files\iPod\bin\iPodService exeO23 - function: McAfee HackerWatch Service - McAfee. Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeO23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr exeO23 - function: McAfee Services (mcmscsvc) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee. Inc. - c:\program files\common files\mcafee\mna\mcnasvc exeO23 - function: McAfee Scanner (McODS) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods exeO23 - Service: McAfee Protection Manager (mcpromgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr exeO23 - Service: McAfee Proxy function (McProxy) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeO23 - function: McAfee Redirector function (McRedirector) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeO23 - Service: McAfee Real-time Scanner (McShield) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee. Inc. - C:\schedule Files\McAfee\MPF\MPFSrv exeO23 - Service: McAfee Privacy function (MPS9) - McAfee. Inc. - C:\PROGRA~1\McAfee\MPS\mps exeO23 - function: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC exeO23 - Service: NICSer_WPC300N - Unknown owner - C:\Program Files\Linksys\Wireless-N communicate Monitor\NICServ exeO23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\schedule Files\Viewpoint\Common\ViewpointService exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software. Inc. - C:\schedule Files\Webroot\Spy Sweeper\SpySweeper exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC. EXEO24 - Desktop Component 0: Privacy Protection - I am reviewing your log. In the meantime you can help me by doing the following:* If you undergo posted this log on another forum please give a cerebrate to the topic.* If you are using any cracked software please shift it. Definition of cracked software:* If you are using any P2P (file sharing) programs please shift them before we clean your computer. The nature of such software and the high incidence of malware in files downloaded with them are counter productive to restoring your PC to a healthy state.* If this computer belongs to someone else do you have authority to apply the fixes we will use?* Have you already fixed entries using HijackThis? If so gratify regenerate all the backups and then affix another log. Please do not do anything else until you get further instructions.* After we begin working please create or copy all instructions to Notepad in order to back up you when carrying out procedures. gratify go all instructions in sequence.* If your replies do not fit in one post while we are handling your air please reply to yourself until all text is submitted. It may take several posts.* Please disable realtime monitoring except for your anti-virus so it does not interfere while we are fixing your system. Refer to this summon for information on disabling any realtime monitoring before we start working on a fix for your problem. Please go to Add/Remove Programs and remove your BETA version of HijackThis. Please transfer HJT Installer for version 2.02 from to your desktop. If not available use this alternate link: Also change state HijackThis and move on the "Open the Misc Tools section" add. Click on the "Open Uninstall Manager" button. Click the "Save List" button. After you click the "Save enumerate" button you will be asked where to deliver the file. Select a place to save it. The list should open in notepad. Copy and paste that list here. AC3Filter (remove only)Adobe Flash Player ActiveXAdVantage (Powering DAEMON Tools)AIM 6ALPS Touch Pad DriverApple Mobile Device SupportApple Software UpdateATI - Software Uninstall UtilityATI Control PanelATI Display DriverBCM V.92 56K ModemBroadcom Advanced Control SuiteBroadcom Gigabit Integrated ControllerCDDRV_InstallerC-Major AudioCrash Analysis ToolDell Driver Reset ToolDell ResourceCDDell Wireless WLAN CardDellSupportDivX CodecDivX ConverterDivX PlayerGoogle Toolbar for Internet ExplorerGPL MPEG-1/2 DirectShow Decoder FilterHamachi 1.0.2.2HijackThis 2.0.2Hotfix for Windows Media change 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB906569)Hotfix for Windows XP (KB914440)Hotfix for Windows XP (KB915865)Hotfix for Windows XP (KB926239)iTunesJava(TM) 6 Update 2Java(TM) 6 Update 3KhalInstallWrapperLinksys Wireless-N Notebook AdapterLogitech RegistrationLogitech SetPointMcAfee SecurityCenterMicrosoft. NET Framework 2.0Microsoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft Kernel-Mode Driver Framework Feature Pack 1.5Microsoft National Language give Downlevel APIsMicrosoft User-Mode Driver Framework feature Pack 1.0Microsoft Visual C++ 2005 RedistributableOdyssey SDKQuickSetRoxio DLASecurity Update for Microsoft. NET Framework 2.0 (KB928365)Security modify for Windows Internet Explorer 7 (KB933566)Security Update for Windows Internet Explorer 7 (KB937143)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security modify for Windows Media Player (KB911564)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 6.4 (KB925398)Security modify for Windows Media Player 8 (KB917734)Security Update for Windows Media Player 9 (KB917734)Security Update for Windows XP (KB890046)Security Update for Windows XP (KB893756)Security modify for Windows XP (KB896358)Security Update for Windows XP (KB896423)Security Update for Windows XP (KB896424)Security Update for Windows XP (KB896428)Security Update for Windows XP (KB899587)Security modify for Windows XP (KB899589)Security modify for Windows XP (KB899591)Security modify for Windows XP (KB900725)Security Update for Windows XP (KB901017)Security modify for Windows XP (KB901190)Security Update for Windows XP (KB901214)Security modify for Windows XP (KB902400)Security Update for Windows XP (KB904706)Security Update for Windows XP (KB905414)Security modify for Windows XP (KB905749)Security Update for Windows XP (KB908519)Security modify for Windows XP (KB911562)Security modify for Windows XP (KB911927)Security Update for Windows XP (KB912919)Security Update for Windows XP (KB913580)Security modify for Windows XP (KB914388)Security Update for Windows XP (KB914389)Security modify for Windows XP (KB917344)Security modify for Windows XP (KB917422)Security modify for Windows XP (KB917953)Security modify for Windows XP (KB918118)Security Update for Windows XP (KB919007)Security Update for Windows XP (KB920213)Security modify for Windows XP (KB920670)Security modify for Windows XP (KB920683)Security Update for Windows XP (KB920685)Security Update for Windows XP (KB921398)Security modify for Windows XP (KB921503)Security Update for Windows XP (KB921883)Security modify for Windows XP (KB922616)Security Update for Windows XP (KB922819)Security modify for Windows XP (KB923191)Security modify for Windows XP (KB923414)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB923980)Security modify for Windows XP (KB924191)Security modify for Windows XP (KB924270)Security Update for Windows XP (KB924496)Security Update for Windows XP (KB924667)Security modify for Windows XP (KB925902)Security Update for Windows XP (KB926255)Security Update for Windows XP (KB926436)Security Update for Windows XP (KB927779)Security Update for Windows XP (KB927802)Security modify for Windows XP (KB928255)Security Update for Windows XP (KB928843)Security Update for Windows XP (KB929123)Security modify for Windows XP (KB930178)Security Update for Windows XP (KB931261)Security Update for Windows XP (KB931784)Security Update for Windows XP (KB932168)Security Update for Windows XP (KB933566)Security Update for Windows XP (KB933729)Security Update for Windows XP (KB935839)Security Update for Windows XP (KB935840)Security Update for Windows XP (KB936021)Security modify for Windows XP (KB938829)Security Update for Windows XP (KB941202)Security modify for Windows XP (KB943460)Spy SweeperStarcraftUpdate for Windows XP (KB898461)Update for Windows XP (KB900485)modify for Windows XP (KB904942)Update for Windows XP (KB908531)modify for Windows XP (KB910437)Update for Windows XP (KB911280)Update for Windows XP (KB916595)Update for Windows XP (KB920872)modify for Windows XP (KB922582)Update for Windows XP (KB927891)Update for Windows XP (KB930916)Update for Windows XP (KB931836)Update for Windows XP (KB933360)Update for Windows XP (KB936357)Update for Windows XP (KB938828)Ventrilo ClientViewpoint Media PlayerWindows Installer 3.1 (KB893803)Windows Internet Explorer 7Windows Media Format 11 runtimeWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player 11Windows XP Hotfix - KB873339Windows XP Hotfix - KB885835Windows XP Hotfix - KB885836Windows XP Hotfix - KB886185Windows XP Hotfix - KB887472Windows XP Hotfix - KB888302Windows XP Hotfix - KB890859Windows XP Hotfix - KB891781Windows XP function Pack 2WinRAR archiver C:\WINDOWS\System32\smss exeC:\WINDOWS\system32\winlogon exeC:\WINDOWS\system32\services exeC:\WINDOWS\system32\lsass exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\system32\svchost exeC:\WINDOWS\System32\svchost exeC:\WINDOWS\System32\WLTRYSVC. EXEC:\WINDOWS\System32\bcmwltry exeC:\WINDOWS\system32\spoolsv exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeC:\PROGRA~1\McAfee\MSC\mcmscsvc exec:\program files\common files\mcafee\mna\mcnasvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods exeC:\PROGRA~1\McAfee\MSC\mcpromgr exeC:\WINDOWS\system32\Ati2evxx exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeC:\WINDOWS\Explorer. EXEc:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exec:\PROGRA~1\mcafee com\agent\mcagent exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeC:\Program Files\McAfee\MPF\MPFSrv exeC:\PROGRA~1\McAfee\MPS\mps exeC:\schedule Files\Dell\QuickSet\NICCONFIGSVC exeC:\Program Files\Linksys\Wireless-N communicate Monitor\NICServ exeC:\Program Files\Viewpoint\Common\ViewpointService exeC:\schedule Files\Webroot\Spy Sweeper\SpySweeper exeC:\schedule Files\Dell\QuickSet\quickset exeC:\WINDOWS\BCMSMMSG exeC:\WINDOWS\system32\WLTRAY exeC:\schedule Files\ATI Technologies\ATI Control Panel\atiptaxx exeC:\WINDOWS\System32\DLA\DLACTRLW. EXEC:\schedule Files\Apoint\Apoint exeC:\schedule Files\Linksys\Wireless-N Network observe\WPC300N exeC:\Program Files\Java\jre1.6.0_03\bin\jusched exeC:\Program Files\iTunes\iTunesHelper exeC:\Program Files\Webroot\Spy Sweeper\SpySweeperUI exeC:\schedule Files\Messenger\MSMSGS. EXEC:\Program Files\DellSupport\DSAgnt exeC:\WINDOWS\system32\ctfmon exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeC:\Program Files\AIM6\aim6 exeC:\Program Files\DAEMON Tools\daemon exeC:\Program Files\Logitech\SetPoint\SetPoint exeC:\Program Files\WinZip\WZQKPICK. EXEC:\schedule Files\McAfee\MPS\mpsevh exeC:\schedule Files\Common Files\AOL\Loader\aolload exeC:\schedule Files\Linksys\Wireless-N communicate Monitor\OdHost exeC:\schedule Files\Apoint\HidFind exeC:\Program Files\Apoint\Apntex exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR. EXEC:\Program Files\AIM6\aolsoftware exeC:\Program Files\iPod\bin\iPodService exeC:\Program Files\Webroot\Spy Sweeper\SSU. EXEc:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld exeC:\Program Files\Internet Explorer\iexplore exeC:\WINDOWS\system32\cmd exe »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]"obtain"="""SubscribedURL"="""FriendlyName"="Privacy Protection" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]"Source"="About:Home""SubscribedURL"="About:domiciliate""FriendlyName"="My Current domiciliate summon" HKLM\SYSTEM\CCS\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 Once in Safe Mode double-click on SmitfraudFix exe again. Select option #2 - Clean by typing 2 and touch "Enter" to delete infected files. You will be prompted : "Registry cleaning - Do you be to clean the registry ?"; answer "Yes" by typing Y and touch "Enter" in order to remove the Desktop accent and alter registry keys associated with the infection. The drive will now analyse if wininet dll is infected. You may be prompted to regenerate the infected register (if open); answer "Yes" by typing Y and press "Enter". The drive may need to restart your computer to end the cleaning affect; if it doesn't gratify start anyway into normal Windows. A text file will be onscreen with results from the cleaning process; please copy/paste the content of that report along with all others into your next reply along with a new HijackThis log. The report can also be found at the root of the system drive usually at C:\rapport txt Next move Start click Control Panel and then double-click Display. move on the Desktop tab then click the Customize Desktop add. move on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there select that entry and move the remove add. Click Ok then Apply and Ok. Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop and then clicking Empty Recycle Bin______________________________In your next reply gratify include:1. The report from SmitfraudFix open here: C:\rapport txt2. A fresh HijackThis logYou may need several replies to affix the requested logs; otherwise they might get cut off. HKLM\SYSTEM\CCS\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 Running processes:C:\WINDOWS\System32\smss exeC:\WINDOWS\system32\winlogon exeC:\WINDOWS\system32\services exeC:\WINDOWS\system32\lsass exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\system32\svchost exeC:\WINDOWS\System32\svchost exeC:\WINDOWS\System32\WLTRYSVC. EXEC:\WINDOWS\System32\bcmwltry exeC:\WINDOWS\system32\spoolsv exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService exeC:\schedule Files\Common Files\McAfee\HackerWatch\HWAPI exeC:\PROGRA~1\McAfee\MSC\mcmscsvc exec:\program files\common files\mcafee\mna\mcnasvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\Explorer. EXEC:\PROGRA~1\McAfee\MSC\mcpromgr exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exec:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeC:\Program Files\McAfee\MPF\MPFSrv exeC:\PROGRA~1\McAfee\MPS\mps exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC exeC:\Program Files\Linksys\Wireless-N Network observe\NICServ exeC:\Program Files\Viewpoint\Common\ViewpointService exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper exeC:\schedule Files\McAfee\MPS\mpsevh exeC:\Program Files\Dell\QuickSet\quickset exeC:\WINDOWS\BCMSMMSG exeC:\WINDOWS\system32\WLTRAY exec:\PROGRA~1\mcafee com\agent\mcagent exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx exeC:\WINDOWS\System32\DLA\DLACTRLW. EXEC:\schedule Files\Apoint\Apoint exeC:\Program Files\Linksys\Wireless-N communicate observe\WPC300N exeC:\schedule Files\Java\jre1.6.0_03\bin\jusched exeC:\schedule Files\iTunes\iTunesHelper exeC:\schedule Files\Webroot\Spy Sweeper\SpySweeperUI exeC:\Program Files\Messenger\MSMSGS. EXEC:\schedule Files\DellSupport\DSAgnt exeC:\WINDOWS\system32\ctfmon exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeC:\schedule Files\BitTorrent\bittorrent exeC:\Program Files\AIM6\aim6 exeC:\Program Files\DAEMON Tools\daemon exeC:\schedule Files\Linksys\Wireless-N Network Monitor\OdHost exeC:\Program Files\Logitech\SetPoint\SetPoint exeC:\schedule Files\WinZip\WZQKPICK. EXEC:\Program Files\Common Files\AOL\Loader\aolload exeC:\schedule Files\Apoint\HidFind exeC:\Program Files\Apoint\Apntex exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR. EXEC:\Program Files\iPod\bin\iPodService exeC:\Program Files\AIM6\aolsoftware exeC:\Program Files\Internet Explorer\iexplore exeC:\schedule Files\Webroot\Spy Sweeper\SSU. EXEC:\Program Files\Internet Explorer\iexplore exeC:\Program Files\Trend Micro\HijackThis\HijackThis exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,fail_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,examine summon = O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W. DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\schedule files\google\googletoolbar2 dllO2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup dllO3 - Toolbar: &explore - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2 dllO4 - HKLM\..\Run: [Dell QuickSet] "C:\Program Files\Dell\QuickSet\quickset exe"O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG exeO4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAYO4 - HKLM\..\Run: [ATIPTA] "C:\schedule Files\ATI Technologies\ATI Control Panel\atiptaxx exe"O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW. EXEO4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint exe"O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY exeO4 - HKLM\..\Run: [Linksys Wireless-N Notebook Adapter] "C:\Program Files\Linksys\Wireless-N Network Monitor\WPC300N exe"O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR. EXEO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper exe"O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -kO4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI exe /startintrayO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS. EXE" /backgroundO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt exe" /startupO4 - HKCU\..\Run: [ctfmon exe] C:\WINDOWS\system32\ctfmon exeO4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exe"O4 - HKCU\..\Run: [BitTorrent] "C:\schedule Files\BitTorrent\bittorrent exe" --force_start_minimizedO4 - HKCU\..\Run: [Aim6] "C:\schedule Files\AIM6\aim6 exe" /d locale=en-US ee://aol/imAppO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon exe" -lang 1033O4 - Global Startup: Logitech SetPoint lnk = C:\Program Files\Logitech\SetPoint\SetPoint exeO4 - Global Startup: WinZip Quick choose lnk = C:\Program Files\WinZip\WZQKPICK. EXEO9 - Extra add: (no label) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra add: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag exeO9 - Extra 'Tools' menuitem: @xpsp3res dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - O23 - Service: Apple Mobile Device - Apple. Inc. - C:\Program Files\Common Files\Apple\Mobile Device give\bin\AppleMobileDeviceService exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx exeO23 - Service: DSBrokerService - Unknown owner - C:\schedule Files\DellSupport\brkrsvc exeO23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee. Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy exeO23 - Service: explore Updater function (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService exeO23 - function: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService exeO23 - Service: McAfee HackerWatch function - McAfee. Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeO23 - function: McAfee modify Manager (mcmispupdmgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr exeO23 - function: McAfee Services (mcmscsvc) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee. Inc. - c:\program files\common files\mcafee\mna\mcnasvc exeO23 - Service: McAfee Scanner (McODS) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods exeO23 - Service: McAfee Protection Manager (mcpromgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeO23 - Service: McAfee Redirector Service (McRedirector) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeO23 - Service: McAfee Real-time Scanner (McShield) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee. Inc. - C:\Program Files\McAfee\MPF\MPFSrv exeO23 - Service: McAfee Privacy Service (MPS9) - McAfee. Inc. - C:\PROGRA~1\McAfee\MPS\mps exeO23 - Service: NICCONFIGSVC - Dell Inc. - C:\schedule Files\Dell\QuickSet\NICCONFIGSVC exeO23 - function: NICSer_WPC300N - Unknown owner - C:\Program Files\Linksys\Wireless-N Network observe\NICServ exeO23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software. Inc. - C:\schedule Files\Webroot\Spy Sweeper\SpySweeper exeO23 - function: Dell Wireless WLAN Tray function (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC. EXE After something like this it is a good idea to purge the Restore Points and go away fresh. If everything is running come up.... To flush the XP System Restore Points:(Using XP you must be logged in as Administrator to do this.)Go to go away>Run and type msconfig touch register. When msconfig opens click the Launch System Restore Button. On the next page click the System Restore Settings Link on the left. analyse the box labeled Turn Off System Restore. Reboot. Here is my standard list of simple steps that you can take to reduce the come about of infection in the future. You may have already taken some of these steps and depending on your current security you may not need to apply all of these:1. Visit Windows Update:Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly patched OS. Windows Update: 2. alter your security settings for ActiveX:Go to Internet Options/Security/Internet press 'default level' then OK. Now press "Custom Level."In the ActiveX section set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt' and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.3. Consider installing the following free programs:a. SpywareBlaster: (Not recommended for Vista)Tutorial here: b. SpywareGuard:Tutorial here: Periodically analyse for updates in both programs.4. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date. Note: govern Alarm Firewall (by Checkpoint) has a remove version 5. You might consider installing Mozilla / Firefox.6. Do not use file sharing. change surface the safest P2P file sharing programs that do not contain bundled spyware still expose you to risks because of the very nature of the P2P register sharing affect. By default most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open find to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P communicate. However this practice can make you vulnerable to data and identity theft. change surface if you change those risky default settings to a safer configuration the act of downloading files from an anonymous obtain greatly increases your exposure to infection. That is because the files you are downloading may actually include a disguised threat. Many very malicious worms and trojans such as the act Worm target and spread across P2P files sharing networks because of their knownvulnerabilities.7. Before using or purchasing any Spyware/Malware protection/removal program always analyse the following Rogue/Suspect Spyware Lists.8. If you have not already done so you might be to lay CCleaner and run it in each user's profile: ** UNcheck the option to install the Yahoo toolbar that is checked by fail for the Standard version or download the toolbar-free versions (change state or Basic) when given the option for those.9. If you use Adobe Reader it may be to be updated to be sure that you have a more secure version. If you are using a version prior to v. 6.05 you should update to 6.05 preferably version 8.1.0 or higher. It would be best to remove prior versions before updating to a new version. If you need additional assistance the Adobe forums are here: 10. You can go here to download the latest version of. move drink to where it says "Java Runtime Environment (JRE) 6u3 allows end-users to run Java applications". Click the link to download the Windows (Offline Installation) package: Save it do not run it. When the transfer is end close the browser. shift all prior versions using Add/shift Programs and delete the Java folder in Program Files. resuscitate your computer once all Java components are removed. Then from your desktop double-click on jre-6u3-windows-i586-p exe to install the newest version if needed. Reboot.11. learn Safe Surfing with with by Trendmicro. TrendProtect is a browser plugin that assigns a safety rating to domains listed in your examine engine. TrendProtect also adds a new add to your browser's toolbar area. The icon and color of the add changes to tell whether the summon currently open is safe unsafe trusted or unrated or whether it contains unwanted content. The following color codes are used by TrendProtect to indicate the safety of each site. for Unknown12. Here are some helpful articles:"So how did I get infected in the first place?"by TonyKlein"I'm not pulling your leg honest"by Sandi Hardmeier13. This is an excellent resource for users of all levels. General computer maintenance as well as internet security is covered.(Paperback)by Larry Stevenson (compose). Nancy Altholz (Author)Let us experience if we have not resolved your problem. Otherwise you are good to go. Happy and Safe Surfing!Message Edited by Bugbatter on 11-15-2007 10:38 PM

Forex Groups - Tips on Trading

Related article:
http://www.dellcommunity.com/supportforums/board/message?board.id=si_hijack&message.id=72094#M72094

comments | Add comment | Report as Spam

"Infected with Puper Trojan" posted by ~Ray
Posted on 2008-03-12 23:05:23

The "deliver My Login" feature allows you to automatically login to the Forum without re-typing your login information. However with this feature activated anyone else who uses your computer will be able to login as you. Therefore we advise you decide this option only if you control access to your system. Clicking "Log Out" or deleting your cookies will disable this feature and force re-typing of your login information on your next visit. You must have your browser set to accept cookies for the "deliver My Login" feature to bring home the bacon. Running processes:C:\WINDOWS\System32\smss exeC:\WINDOWS\system32\winlogon exeC:\WINDOWS\system32\services exeC:\WINDOWS\system32\lsass exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\system32\svchost exeC:\WINDOWS\System32\svchost exeC:\WINDOWS\System32\WLTRYSVC. EXEC:\WINDOWS\System32\bcmwltry exeC:\WINDOWS\system32\spoolsv exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService exeC:\schedule Files\Common Files\McAfee\HackerWatch\HWAPI exeC:\PROGRA~1\McAfee\MSC\mcmscsvc exec:\program files\common files\mcafee\mna\mcnasvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods exeC:\PROGRA~1\McAfee\MSC\mcpromgr exeC:\WINDOWS\system32\Ati2evxx exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeC:\WINDOWS\Explorer. EXEc:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeC:\Program Files\McAfee\MPF\MPFSrv exeC:\PROGRA~1\McAfee\MPS\mps exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC exeC:\Program Files\Linksys\Wireless-N Network observe\NICServ exeC:\Program Files\Viewpoint\Common\ViewpointService exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper exeC:\Program Files\Dell\QuickSet\quickset exeC:\WINDOWS\BCMSMMSG exeC:\WINDOWS\system32\WLTRAY exeC:\schedule Files\ATI Technologies\ATI Control adorn\atiptaxx exeC:\WINDOWS\System32\DLA\DLACTRLW. EXEC:\schedule Files\Apoint\Apoint exeC:\schedule Files\Linksys\Wireless-N Network Monitor\WPC300N exeC:\schedule Files\Java\jre1.6.0_03\bin\jusched exeC:\Program Files\iTunes\iTunesHelper exeC:\schedule Files\Webroot\Spy Sweeper\SpySweeperUI exeC:\schedule Files\Messenger\MSMSGS. EXEC:\Program Files\DellSupport\DSAgnt exec:\PROGRA~1\mcafee com\agent\mcagent exeC:\WINDOWS\system32\ctfmon exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeC:\Program Files\BitTorrent\bittorrent exeC:\schedule Files\AIM6\aim6 exeC:\Program Files\DAEMON Tools\daemon exeC:\Program Files\McAfee\MPS\mpsevh exeC:\Program Files\Logitech\SetPoint\SetPoint exeC:\Program Files\WinZip\WZQKPICK. EXEC:\schedule Files\Common Files\AOL\Loader\aolload exeC:\Program Files\Apoint\HidFind exeC:\schedule Files\Apoint\Apntex exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR. EXEC:\Program Files\Linksys\Wireless-N communicate observe\OdHost exeC:\Program Files\iPod\bin\iPodService exeC:\Program Files\AIM6\aolsoftware exeC:\Program Files\Internet Explorer\iexplore exeC:\schedule Files\Webroot\Spy Sweeper\SSU. EXEC:\Program Files\Internet Explorer\iexplore exeC:\Program Files\HijackThis\HiJackThis_v2 exec:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld exeC:\WINDOWS\system32\cmd exeC:\WINDOWS\system32\cscript exeC:\WINDOWS\system32\cmd exeC:\WINDOWS\system32\cscript exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W. DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\schedule Files\Java\jre1.6.0_03\bin\ssv dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl dllO2 - BHO: explore Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\schedule files\explore\googletoolbar2 dllO2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\explore\googletoolbar2 dllO4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset exeO4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG exeO4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAYO4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx exe"O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW. EXEO4 - HKLM\..\Run: [Apoint] "C:\schedule Files\Apoint\Apoint exe"O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY exeO4 - HKLM\..\Run: [Linksys Wireless-N Notebook Adapter] "C:\schedule Files\Linksys\Wireless-N Network Monitor\WPC300N exe"O4 - HKLM\..\Run: [Kernel and Hardware Abstraction forge] KHALMNPR. EXEO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\schedule Files\Java\jre1.6.0_03\bin\jusched exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper exe"O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -kO4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI exe" /startintrayO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS. EXE" /backgroundO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt exe" /startupO4 - HKCU\..\Run: [ctfmon exe] C:\WINDOWS\system32\ctfmon exeO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeO4 - HKCU\..\Run: [BitTorrent] "C:\schedule Files\BitTorrent\bittorrent exe" --force_start_minimizedO4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6 exe" /d locale=en-US ee://aol/imAppO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon exe" -lang 1033O4 - Global Startup: Logitech SetPoint lnk = C:\Program Files\Logitech\SetPoint\SetPoint exeO4 - Global Startup: WinZip Quick choose lnk = C:\Program Files\WinZip\WZQKPICK. EXEO9 - Extra add: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\schedule Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra button: (no label) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\communicate Diagnostic\xpnetdiag exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl categorise) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl categorise) - O21 - SSODL: bindmod - {FA77C5C6-0542-4040-A6A4-E6AA14EAFFFE} - (no file)O21 - SSODL: hupsrv - {9A1E0D57-9CD0-4E62-95E3-17F0D9B69A3E} - C:\WINDOWS\hupsrv dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui dllO22 - SharedTaskScheduler: Component Categories lay aside daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui dllO23 - Service: Apple Mobile Device - Apple. Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService exeO23 - function: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc exeO23 - function: McAfee E-mail Proxy (Emproxy) - McAfee. Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy exeO23 - function: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\explore Updater\GoogleUpdaterService exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService exeO23 - function: McAfee HackerWatch Service - McAfee. Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeO23 - function: McAfee modify Manager (mcmispupdmgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr exeO23 - Service: McAfee Services (mcmscsvc) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee. Inc. - c:\program files\common files\mcafee\mna\mcnasvc exeO23 - Service: McAfee Scanner (McODS) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods exeO23 - Service: McAfee Protection Manager (mcpromgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeO23 - Service: McAfee Redirector Service (McRedirector) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeO23 - function: McAfee Real-time Scanner (McShield) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee. Inc. - C:\Program Files\McAfee\MPF\MPFSrv exeO23 - Service: McAfee Privacy Service (MPS9) - McAfee. Inc. - C:\PROGRA~1\McAfee\MPS\mps exeO23 - function: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC exeO23 - Service: NICSer_WPC300N - Unknown owner - C:\schedule Files\Linksys\Wireless-N Network observe\NICServ exeO23 - function: Viewpoint Manager Service - Viewpoint Corporation - C:\schedule Files\Viewpoint\Common\ViewpointService exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software. Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper exeO23 - function: Dell Wireless WLAN Tray function (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC. EXEO24 - Desktop Component 0: Privacy Protection - I am reviewing your log. In the meantime you can back up me by doing the following:* If you have posted this log on another forum please provide a link to the topic.* If you are using any cracked software gratify shift it. Definition of cracked software:* If you are using any P2P (file sharing) programs please remove them before we alter your computer. The nature of such software and the high incidence of malware in files downloaded with them are counter productive to restoring your PC to a healthy state.* If this computer belongs to someone else do you undergo authority to apply the fixes we will use?* Have you already fixed entries using HijackThis? If so please restore all the backups and then post another log. Please do not do anything else until you get further instructions.* After we begin working please print or copy all instructions to Notepad in order to assist you when carrying out procedures. gratify follow all instructions in sequence.* If your replies do not fit in one post while we are handling your issue please say to yourself until all text is submitted. It may take several posts.* Please disable realtime monitoring except for your anti-virus so it does not interfere while we are fixing your system. Refer to this summon for information on disabling any realtime monitoring before we start working on a fix for your problem. Please go to Add/shift Programs and remove your BETA version of HijackThis. Please download HJT Installer for version 2.02 from to your desktop. If not available use this alter cerebrate: Also change state HijackThis and click on the "Open the Misc Tools section" add. move on the "change state Uninstall Manager" add. Click the "Save List" add. After you move the "Save enumerate" button you will be asked where to save the file. Select a place to deliver it. The enumerate should open in notepad. Copy and paste that list here. AC3Filter (remove only)Adobe radiate Player ActiveXAdVantage (Powering DAEMON Tools)AIM 6ALPS Touch Pad DriverApple Mobile Device SupportApple Software UpdateATI - Software Uninstall UtilityATI Control PanelATI Display DriverBCM V.92 56K ModemBroadcom Advanced Control SuiteBroadcom Gigabit Integrated ControllerCDDRV_InstallerC-Major AudioCrash Analysis ToolDell Driver Reset ToolDell ResourceCDDell Wireless WLAN CardDellSupportDivX CodecDivX ConverterDivX PlayerGoogle Toolbar for Internet ExplorerGPL MPEG-1/2 DirectShow Decoder FilterHamachi 1.0.2.2HijackThis 2.0.2Hotfix for Windows Media change 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB906569)Hotfix for Windows XP (KB914440)Hotfix for Windows XP (KB915865)Hotfix for Windows XP (KB926239)iTunesJava(TM) 6 Update 2Java(TM) 6 modify 3KhalInstallWrapperLinksys Wireless-N Notebook AdapterLogitech RegistrationLogitech SetPointMcAfee SecurityCenterMicrosoft. NET Framework 2.0Microsoft Compression Client case 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft Kernel-Mode Driver Framework Feature Pack 1.5Microsoft National Language Support Downlevel APIsMicrosoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 RedistributableOdyssey SDKQuickSetRoxio DLASecurity Update for Microsoft. NET Framework 2.0 (KB928365)Security modify for Windows Internet Explorer 7 (KB933566)Security modify for Windows Internet Explorer 7 (KB937143)Security modify for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Media Player (KB911564)Security modify for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows Media Player 8 (KB917734)Security Update for Windows Media Player 9 (KB917734)Security Update for Windows XP (KB890046)Security Update for Windows XP (KB893756)Security Update for Windows XP (KB896358)Security Update for Windows XP (KB896423)Security Update for Windows XP (KB896424)Security modify for Windows XP (KB896428)Security Update for Windows XP (KB899587)Security modify for Windows XP (KB899589)Security Update for Windows XP (KB899591)Security modify for Windows XP (KB900725)Security Update for Windows XP (KB901017)Security Update for Windows XP (KB901190)Security Update for Windows XP (KB901214)Security modify for Windows XP (KB902400)Security modify for Windows XP (KB904706)Security modify for Windows XP (KB905414)Security Update for Windows XP (KB905749)Security modify for Windows XP (KB908519)Security Update for Windows XP (KB911562)Security Update for Windows XP (KB911927)Security Update for Windows XP (KB912919)Security Update for Windows XP (KB913580)Security modify for Windows XP (KB914388)Security Update for Windows XP (KB914389)Security Update for Windows XP (KB917344)Security Update for Windows XP (KB917422)Security modify for Windows XP (KB917953)Security Update for Windows XP (KB918118)Security Update for Windows XP (KB919007)Security modify for Windows XP (KB920213)Security Update for Windows XP (KB920670)Security Update for Windows XP (KB920683)Security Update for Windows XP (KB920685)Security Update for Windows XP (KB921398)Security modify for Windows XP (KB921503)Security modify for Windows XP (KB921883)Security Update for Windows XP (KB922616)Security Update for Windows XP (KB922819)Security Update for Windows XP (KB923191)Security modify for Windows XP (KB923414)Security modify for Windows XP (KB923689)Security modify for Windows XP (KB923789)Security Update for Windows XP (KB923980)Security Update for Windows XP (KB924191)Security Update for Windows XP (KB924270)Security Update for Windows XP (KB924496)Security Update for Windows XP (KB924667)Security Update for Windows XP (KB925902)Security Update for Windows XP (KB926255)Security modify for Windows XP (KB926436)Security Update for Windows XP (KB927779)Security Update for Windows XP (KB927802)Security Update for Windows XP (KB928255)Security modify for Windows XP (KB928843)Security Update for Windows XP (KB929123)Security Update for Windows XP (KB930178)Security modify for Windows XP (KB931261)Security Update for Windows XP (KB931784)Security modify for Windows XP (KB932168)Security Update for Windows XP (KB933566)Security Update for Windows XP (KB933729)Security modify for Windows XP (KB935839)Security Update for Windows XP (KB935840)Security Update for Windows XP (KB936021)Security Update for Windows XP (KB938829)Security Update for Windows XP (KB941202)Security Update for Windows XP (KB943460)Spy SweeperStarcraftUpdate for Windows XP (KB898461)Update for Windows XP (KB900485)modify for Windows XP (KB904942)Update for Windows XP (KB908531)Update for Windows XP (KB910437)Update for Windows XP (KB911280)modify for Windows XP (KB916595)Update for Windows XP (KB920872)modify for Windows XP (KB922582)Update for Windows XP (KB927891)Update for Windows XP (KB930916)Update for Windows XP (KB931836)modify for Windows XP (KB933360)Update for Windows XP (KB936357)Update for Windows XP (KB938828)Ventrilo ClientViewpoint Media PlayerWindows Installer 3.1 (KB893803)Windows Internet Explorer 7Windows Media Format 11 runtimeWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player 11Windows XP Hotfix - KB873339Windows XP Hotfix - KB885835Windows XP Hotfix - KB885836Windows XP Hotfix - KB886185Windows XP Hotfix - KB887472Windows XP Hotfix - KB888302Windows XP Hotfix - KB890859Windows XP Hotfix - KB891781Windows XP function Pack 2WinRAR archiver C:\WINDOWS\System32\smss exeC:\WINDOWS\system32\winlogon exeC:\WINDOWS\system32\services exeC:\WINDOWS\system32\lsass exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\system32\svchost exeC:\WINDOWS\System32\svchost exeC:\WINDOWS\System32\WLTRYSVC. EXEC:\WINDOWS\System32\bcmwltry exeC:\WINDOWS\system32\spoolsv exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeC:\PROGRA~1\McAfee\MSC\mcmscsvc exec:\schedule files\common files\mcafee\mna\mcnasvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods exeC:\PROGRA~1\McAfee\MSC\mcpromgr exeC:\WINDOWS\system32\Ati2evxx exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeC:\WINDOWS\Explorer. EXEc:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exec:\PROGRA~1\mcafee com\agent\mcagent exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeC:\schedule Files\McAfee\MPF\MPFSrv exeC:\PROGRA~1\McAfee\MPS\mps exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC exeC:\schedule Files\Linksys\Wireless-N Network observe\NICServ exeC:\schedule Files\Viewpoint\Common\ViewpointService exeC:\schedule Files\Webroot\Spy Sweeper\SpySweeper exeC:\schedule Files\Dell\QuickSet\quickset exeC:\WINDOWS\BCMSMMSG exeC:\WINDOWS\system32\WLTRAY exeC:\schedule Files\ATI Technologies\ATI Control Panel\atiptaxx exeC:\WINDOWS\System32\DLA\DLACTRLW. EXEC:\Program Files\Apoint\Apoint exeC:\schedule Files\Linksys\Wireless-N Network Monitor\WPC300N exeC:\Program Files\Java\jre1.6.0_03\bin\jusched exeC:\Program Files\iTunes\iTunesHelper exeC:\schedule Files\Webroot\Spy Sweeper\SpySweeperUI exeC:\Program Files\Messenger\MSMSGS. EXEC:\Program Files\DellSupport\DSAgnt exeC:\WINDOWS\system32\ctfmon exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeC:\Program Files\AIM6\aim6 exeC:\schedule Files\DAEMON Tools\daemon exeC:\Program Files\Logitech\SetPoint\SetPoint exeC:\schedule Files\WinZip\WZQKPICK. EXEC:\Program Files\McAfee\MPS\mpsevh exeC:\Program Files\Common Files\AOL\Loader\aolload exeC:\Program Files\Linksys\Wireless-N Network Monitor\OdHost exeC:\Program Files\Apoint\HidFind exeC:\Program Files\Apoint\Apntex exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR. EXEC:\Program Files\AIM6\aolsoftware exeC:\Program Files\iPod\bin\iPodService exeC:\schedule Files\Webroot\Spy Sweeper\SSU. EXEc:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld exeC:\Program Files\Internet Explorer\iexplore exeC:\WINDOWS\system32\cmd exe »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]"Source"="""SubscribedURL"="""FriendlyName"="Privacy Protection" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]"Source"="About:Home""SubscribedURL"="About:Home""FriendlyName"="My Current Home Page" HKLM\SYSTEM\CCS\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 Once in Safe Mode double-click on SmitfraudFix exe again. Select option #2 - Clean by typing 2 and press "Enter" to delete infected files. You ordain be prompted : "Registry cleaning - Do you be to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop accent and clean registry keys associated with the infection. The tool will now analyse if wininet dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter". The tool may need to restart your computer to finish the cleaning process; if it doesn't gratify restart anyway into normal Windows. A text file will appear onscreen with results from the cleaning affect; gratify copy/paste the content of that inform along with all others into your next say along with a new HijackThis log. The inform can also be found at the root of the system drive usually at C:\rapport txt Next Click Start click Control Panel and then double-click Display. Click on the Desktop tab then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there select that entry and click the Delete button. Click Ok then Apply and Ok. alter the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop and then clicking Empty Recycle Bin______________________________In your next say please include:1. The inform from SmitfraudFix open here: C:\rapport txt2. A fresh HijackThis logYou may be several replies to post the requested logs; otherwise they might get cut off. HKLM\SYSTEM\CCS\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\..\{8823F9D0-A0C8-4002-95A8-025BD072BEDC}: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 Running processes:C:\WINDOWS\System32\smss exeC:\WINDOWS\system32\winlogon exeC:\WINDOWS\system32\services exeC:\WINDOWS\system32\lsass exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\system32\svchost exeC:\WINDOWS\System32\svchost exeC:\WINDOWS\System32\WLTRYSVC. EXEC:\WINDOWS\System32\bcmwltry exeC:\WINDOWS\system32\spoolsv exeC:\Program Files\Common Files\Apple\Mobile Device give\bin\AppleMobileDeviceService exeC:\schedule Files\Common Files\McAfee\HackerWatch\HWAPI exeC:\PROGRA~1\McAfee\MSC\mcmscsvc exec:\schedule files\common files\mcafee\mna\mcnasvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods exeC:\WINDOWS\system32\Ati2evxx exeC:\WINDOWS\Explorer. EXEC:\PROGRA~1\McAfee\MSC\mcpromgr exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exec:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeC:\Program Files\McAfee\MPF\MPFSrv exeC:\PROGRA~1\McAfee\MPS\mps exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC exeC:\schedule Files\Linksys\Wireless-N Network observe\NICServ exeC:\Program Files\Viewpoint\Common\ViewpointService exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper exeC:\Program Files\McAfee\MPS\mpsevh exeC:\schedule Files\Dell\QuickSet\quickset exeC:\WINDOWS\BCMSMMSG exeC:\WINDOWS\system32\WLTRAY exec:\PROGRA~1\mcafee com\agent\mcagent exeC:\Program Files\ATI Technologies\ATI Control adorn\atiptaxx exeC:\WINDOWS\System32\DLA\DLACTRLW. EXEC:\Program Files\Apoint\Apoint exeC:\Program Files\Linksys\Wireless-N Network Monitor\WPC300N exeC:\Program Files\Java\jre1.6.0_03\bin\jusched exeC:\Program Files\iTunes\iTunesHelper exeC:\schedule Files\Webroot\Spy Sweeper\SpySweeperUI exeC:\Program Files\Messenger\MSMSGS. EXEC:\Program Files\DellSupport\DSAgnt exeC:\WINDOWS\system32\ctfmon exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exeC:\schedule Files\BitTorrent\bittorrent exeC:\Program Files\AIM6\aim6 exeC:\Program Files\DAEMON Tools\daemon exeC:\Program Files\Linksys\Wireless-N communicate Monitor\OdHost exeC:\Program Files\Logitech\SetPoint\SetPoint exeC:\Program Files\WinZip\WZQKPICK. EXEC:\schedule Files\Common Files\AOL\Loader\aolload exeC:\Program Files\Apoint\HidFind exeC:\schedule Files\Apoint\Apntex exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR. EXEC:\Program Files\iPod\bin\iPodService exeC:\Program Files\AIM6\aolsoftware exeC:\schedule Files\Internet Explorer\iexplore exeC:\Program Files\Webroot\Spy Sweeper\SSU. EXEC:\Program Files\Internet Explorer\iexplore exeC:\Program Files\turn Micro\HijackThis\HijackThis exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,fail_examine_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search summon = O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W. DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl dllO2 - BHO: explore Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2 dllO2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\schedule files\mcafee\mps\mcpopup dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2 dllO4 - HKLM\..\Run: [Dell QuickSet] "C:\schedule Files\Dell\QuickSet\quickset exe"O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG exeO4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAYO4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control adorn\atiptaxx exe"O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW. EXEO4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint exe"O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY exeO4 - HKLM\..\Run: [Linksys Wireless-N Notebook Adapter] "C:\Program Files\Linksys\Wireless-N communicate Monitor\WPC300N exe"O4 - HKLM\..\Run: [Kernel and Hardware Abstraction forge] KHALMNPR. EXEO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper exe"O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -kO4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI exe /startintrayO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS. EXE" /backgroundO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt exe" /startupO4 - HKCU\..\Run: [ctfmon exe] C:\WINDOWS\system32\ctfmon exeO4 - HKCU\..\Run: [swg] "C:\schedule Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier exe"O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent exe" --force_start_minimizedO4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6 exe" /d locale=en-US ee://aol/imAppO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon exe" -lang 1033O4 - Global Startup: Logitech SetPoint lnk = C:\Program Files\Logitech\SetPoint\SetPoint exeO4 - Global Startup: WinZip Quick Pick lnk = C:\Program Files\WinZip\WZQKPICK. EXEO9 - Extra add: (no label) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv dllO9 - Extra button: (no label) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag exeO9 - Extra 'Tools' menuitem: @xpsp3res dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\schedule Files\Messenger\msmsgs exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - O23 - Service: Apple Mobile Device - Apple. Inc. - C:\Program Files\Common Files\Apple\Mobile Device give\bin\AppleMobileDeviceService exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx exeO23 - Service: DSBrokerService - Unknown owner - C:\schedule Files\DellSupport\brkrsvc exeO23 - function: McAfee telecommunicate Proxy (Emproxy) - McAfee. Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy exeO23 - function: Google Updater Service (gusvc) - Google - C:\schedule Files\Google\Common\explore Updater\GoogleUpdaterService exeO23 - Service: iPod function - Apple Inc. - C:\schedule Files\iPod\bin\iPodService exeO23 - Service: McAfee HackerWatch Service - McAfee. Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI exeO23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr exeO23 - Service: McAfee Services (mcmscsvc) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc exeO23 - Service: McAfee communicate Agent (McNASvc) - McAfee. Inc. - c:\program files\common files\mcafee\mna\mcnasvc exeO23 - function: McAfee Scanner (McODS) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods exeO23 - Service: McAfee Protection Manager (mcpromgr) - McAfee. Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr exeO23 - function: McAfee Proxy Service (McProxy) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy exeO23 - Service: McAfee Redirector Service (McRedirector) - McAfee. Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc exeO23 - function: McAfee Real-time Scanner (McShield) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee. Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee. Inc. - C:\Program Files\McAfee\MPF\MPFSrv exeO23 - Service: McAfee Privacy Service (MPS9) - McAfee. Inc. - C:\PROGRA~1\McAfee\MPS\mps exeO23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC exeO23 - Service: NICSer_WPC300N - Unknown owner - C:\Program Files\Linksys\Wireless-N communicate Monitor\NICServ exeO23 - function: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService exeO23 - function: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software. Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC. EXE After something like this it is a good idea to oppress the Restore Points and start fresh. If everything is running well.... To flush the XP System Restore Points:(Using XP you must be logged in as Administrator to do this.)Go to Start>Run and type msconfig Press enter. When msconfig opens click the Launch System Restore add. On the next page click the System regenerate Settings Link on the left. Check the box labeled Turn Off System Restore. resuscitate. Here is my standard enumerate of simple steps that you can take to decrease the chance of infection in the future. You may undergo already taken some of these steps and depending on your current security you may not be to apply all of these:1. Visit Windows modify:Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly patched OS. Windows Update: 2. alter your security settings for ActiveX:Go to Internet Options/Security/Internet press 'fail level' then OK. Now press "Custom Level."In the ActiveX section set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt' and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.3. believe installing the following free programs:a. SpywareBlaster: (Not recommended for Vista)Tutorial here: b. SpywareGuard:Tutorial here: Periodically check for updates in both programs.4. gratify use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to go out. Note: govern Alarm Firewall (by Checkpoint) has a free version 5. You might believe installing Mozilla / Firefox.6. Do not use register sharing. Even the safest P2P file sharing programs that do not contain bundled spyware comfort expose you to risks because of the very nature of the P2P file sharing process. By default most P2P register sharing programs are configured to automatically open at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The cerebrate for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However this practice can make you vulnerable to data and identity theft. Even if you dress those risky fail settings to a safer configuration the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans such as the act move target and spread across P2P files sharing networks because of their knownvulnerabilities.7. Before using or purchasing any Spyware/Malware protection/removal program always check the following Rogue/guess Spyware Lists.8. If you have not already done so you might want to lay CCleaner and run it in each user's compose: ** UNcheck the option to install the Yahoo toolbar that is checked by fail for the Standard version or download the toolbar-free versions (change state or Basic) when given the option for those.9. If you use Adobe Reader it may need to be updated to be sure that you have a more secure version. If you are using a version prior to v. 6.05 you should update to 6.05 preferably version 8.1.0 or higher. It would be best to remove prior versions before updating to a new version. If you be additional assistance the Adobe forums are here: 10. You can go here to download the latest version of. Scroll down to where it says "Java Runtime Environment (JRE) 6u3 allows end-users to run Java applications". Click the link to download the Windows (Offline Installation) package: deliver it do not run it. When the download is complete close the browser. Remove all prior versions using Add/Remove Programs and delete the Java folder in Program Files. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u3-windows-i586-p exe to lay the newest version if needed. resuscitate.11. Practice Safe Surfing with with by Trendmicro. TrendProtect is a browser plugin that assigns a safety rating to domains listed in your examine engine. TrendProtect also adds a new add to your browser's toolbar area. The icon and color of the button changes to indicate whether the page currently open is safe unsafe trusted or unrated or whether it contains unwanted content. The following color codes are used by TrendProtect to indicate the safety of each site. for Unknown12. Here are some helpful articles:"So how did I get infected in the first displace?"by TonyKlein"I'm not pulling your leg honest"by Sandi Hardmeier13. This is an excellent resource for users of all levels. General computer maintenance as well as internet security is covered.(Paperback)by Larry Stevenson (Author). Nancy Altholz (compose)Let us experience if we have not resolved your problem. Otherwise you are good to go. Happy and Safe Surfing!Message Edited by Bugbatter on 11-15-2007 10:38 PM

Forex Groups - Tips on Trading

Related article:
http://www.dellcommunity.com/supportforums/board/message?board.id=si_hijack&message.id=72094#M72094

comments | Add comment | Report as Spam

"Please Someone Help Me/Computer Slowed" posted by ~Ray
Posted on 2008-01-01 21:11:14

"New Release of Sun Management Center" posted by ~Ray
Posted on 2007-12-15 14:59:09

Sun MC 4.0 software provides comprehensive monitoring and managing capabilities for Sun hardwareand software products in an enterprise. This release is focused around providing betteruser undergo an improved and simplified installation experience removing the dependency on proprietarydatabases a seamless experience on SPARC and x86 hardware and detailed hardware monitoring of x86/x64 flagship Sun hardware. This article explores some of these new features and enhancements available in theSun MC 4.0 release relating to administrative ease and flexibility. Sun MC 4.0 channel contains a new standards-oriented configuration reader for Sun x86/x64hardware. This feature provides monitoring and threshold support for a large be ofSun x86/x64 servers. The Config Reader is an independent Sun MC agent modulethat helps in monitoring power and chassis status and sensor information such astemperature voltage fan rpm and LED status. This module is dependent on the availability of the IPMI drive which musthave the alter interfaces implemented. In the absence of the required interfaces thex86 Config Reader add-on create provides the older version create that was releasedwith Sun MC 3.6.1. The enhanced installer installs the Sun MC server layer on x86 hardware aswell as the SPARC platform. It facilitates migration from Sun MC 3.6and Sun MC 3.6.1 to Sun MC 4.0 through a handsfree installation. Installation alsovalidates the database version. Sun Web Start console version and Java version. The x86 server layer is available on the Solaris 10 11/06 release. The Agentlayer is available beginning with the Solaris 8 channel. Sun MC 4.0 supports the service tags utility. Service tags give a commonnetwork-based discovery capability to their products. Sun MC server implements Service Tag Registrationinterfaces that enable Sun Connection to acquire the handle deployment information about theSun MC server and agents and displace it approve to Sun. These servicetags encapsulate information such as the types of agent add-ons deployed server instance,and the desire. The user interface for Sun MC 4.0 is integrated with the newSolaris Container Manager 4.0 through a common Sun web console user interface. As aresult the Container Manager user interface is not available as a separate webconsole. This functionality is available as the Manage Solaris Containers tab in theSun MC integrated web application. This integration enables smoother integration between the ContainerManager and the Sun MC software. The Solaris Container Manager 4.0 release delivers a entertain of new enhancements andfeatures in the areas of govern management and user interface. Solaris Container Manager4.0 extends the Solaris Container Manager 3.6.1 framework to support the new zonemanagement additions in the Solaris 10 OS. The new govern management enhancements for this releaseare: Solaris Container Manager 4.0 enables users to manage branded zones. A branded govern is a special zone that can entertain operating systems otherthan the Solaris OS. Currently. Solaris Container Manager 4.0 supportsLinux as its guest operating system. All brand management is performedthrough extensions to the current zones structure. Solaris Container Manager 4.0 enables you to contract the be ofCPUs to be dedicated to the zone. This option appears during zonecreation. Users can contract dedicated CPUs in terms of a specificrange. For example for a range of 1-3. 1 and 3 tell the minimumand maximum be of dedicated CPUs. If a dedicated CPU resource isconfigured for the zone once the govern boots the dominate enablespools if necessary and creates a temporary share dedicated for thezone's use. The specified number of CPUs are acquired dynamically whenthe zone is booted up and are relinquished when the zone is change state drink. Once the dedicated CPUs are specified the user is not allowed tospecify the CPU shares. Solaris Container Manager 4.0 enables the user to decide ascheduling class during zone creation on the Solaris 10 8/07 OS. If theCPU shares are specified the categorise is automatically set to FSS in thewizard. If dedicated CPUs have been specified the user is not allowedto specify the CPU shares. Using the Postgres database improves ask performance because the partitioning feature is inthe create of inherited tables. Because the Performance Reporting Manager requires the databaseto efficiently store and manage large tables. Postgres is an ideal option. Otherbenefits of using Postgres as a database are: The Postgres COPY command enables bulk uploads from a text or csvfile. Performance Reporting Manager requires this feature toefficiently insert multiple rows into a database. In earlier releases,PRO-C code was used to perform similar operations which was moredifficult to keep. The Postgres autovacuum feature enables automated clean-up of blocksbelonging to deleted data. This feature also analyzes the tables sothat the latest table and list statistics are available for thedatabase optimizer. This feature improves query performance.

Forex Groups - Tips on Trading

Related article:
http://blogs.sun.com/sunconnection/entry/new_release_of_sun_management

comments | Add comment | Report as Spam