Malware found!!! [Archive] - Kicken Hardware Computer Help Forum

Dee369

03-14-2008, 09:52 PM

I just have a question. SAS updated today and it found malware on my computer. This is what it found.

Malware- installer- PKG/GEN (10) items.

Can anyone tell me what this is and how i might have gotten it because the only site i have gone to that was not my usual route was to Avira.com. I had some problems every time i went to the site where IE had to debug. This happened 3 times that i went to this site. :eek:

If someone can identify this for me i would appreciate it. :)
ALso i'm thinking about running SAS again because it looked like it had a hard time removing the Malware. it didnt qautomatically reboot when i hit yes to reboot. :eek:

allheart55

03-14-2008, 10:02 PM

Dee, They are trojans! :mad:

Dee369

03-14-2008, 10:04 PM

Dee, They are trojans! :mad:

They are vicious aren't they??? :mad2: I am rerunning SAS and then im going to use Malwarebytes on them! :D

allheart55

03-14-2008, 10:05 PM

Dee, Yes, I would run a full SAS as well as a Malwarebytes scan. It may be a good idea for you to post a HJT afterwords. :( Cindy

allheart55

03-14-2008, 10:06 PM

Dee, I know this isn't funny, but look at our posts and the time and content! :)

Dee369

03-14-2008, 10:07 PM

Dee, Yes, I would run a full SAS as well as a Malwarebytes scan. It may be a good idea for you to post a HJT afterwords. :( Cindy

Thanks Cindy i'm doing that right now. :(

Dee369

03-14-2008, 10:08 PM

Dee, I know this isn't funny, but look at our posts and the time and content! :)

:eek: wow :D

qldit

03-14-2008, 11:53 PM

Good Afternoon Ladies, gee you are real "minute girls" there!

Cheers, Lawrence.

Dee369

03-14-2008, 11:54 PM

Dee, Yes, I would run a full SAS as well as a Malwarebytes scan. It may be a good idea for you to post a HJT afterwords. :( Cindy

Malwarebytes came up with another trojan:

Trojan Downloader-folder-C:\windows\ system 32\x64

Will be running more scans in the morning. Here is the log.

Malwarebytes' Anti-Malware 1.08
Database version: 493

Scan type: Full Scan (C:\|)
Objects scanned: 147235
Time elapsed: 47 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\WINDOWS\system32\x64 (Trojan.Downloader) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)

Dee369

03-15-2008, 12:07 AM

Here's a HJT log. Would anyone like to read it and give me an opinion please? :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:09 AM, on 3/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\program files\aol\aim toolbar 5.0\AolTbServer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WebCamSuite2] "C:\Program Files\BestOn\WebCam Suite 2.0\WebCamSuite2.exe" -plugin "D:"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - Global Startup: ZyAIR USB Utility.lnk = C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11375 bytes

Dan18960

03-15-2008, 08:06 AM

Cindy,

Have at it!

BUT is it JUST ME - or did others see TOOLBARS GALORE ON THIS SYSTEM? ? ? ?

How many times, how many posts, how many quotes, how many times on Paltalk . . . . . . .

DO I SAY THAT TOOLBARS ARE THE EVIL THAT CORRUPTS COMPUTERS
? ? ? ? ? ? ?

Dee, you have AIM toolbar, Yahoo toolbar, and Windows Live toolbar! And I quit checking the HJT log at that point - so there may be Google toolbar in there too.

You have AVG Free AND AVG Antispyware (which also includes an antivirus engine). I THINK the Antispyware is only offerred as a 30 day free trial otherwise it has to be bought - I have to check that out before that is a "rule".

One thing that everyone should practice is IF your installing a program that already does what another program does that is on your computer - uninstall the installed program BEFORE installing the new one.
-------------------------------------
While the concept of a toolbar is to TRACK where your going on the internet and provide competitor's "ads" for searches you do - they are more likely to be snagged by trojan writers who have setup "dummy" sites that bring in their payload.

One of the BEST practices I have developed on my systems is:

(1) NO toolbars - when I install software, the second step is to go to Add / Remove Programs and scan for a toolbar, search assistant, or anything that was not there when I started AND is not related to the software I was installing.

(2) ADMUNCHER - this program is the BEST! Yes, it stops some video streaming and Flash sites that come in as embedded pop-up idenitities - BUT when I have those situations occur I KNOW that I am disabling Admuncher AND I know why.

(3) PAID version of Antivirus - I really don't have a preference (except NOT to use Symantec or McAfee) in the antivirus wars. But there is no way a free version is going to give you complete protection.

(4) NO DUPLICATE process software - If I am changing antivirus apps I uninstall the current one and install the new one and do an immediate scan of the hard drive. This goes for imaging software and cd burning software. I do CAUTIOUSLY install Office suites, PIM software (IBM Lotus Organizer and / or ACT!), and browsers (IE, FireFox, etc).

What has this process done for me - I have migrated from Windows 3.0 to Windows 95 to Windows 98 to Windows 2000 to Windows XP AND on a separate box Windows Vista and since I installed Admuncher in 2000 I have had NO trojans, no virsuses, malware, or spyware. YES, I do get the reports of Cookies every so often BUT as Mylanta has stated over and over that these cookie reports are almost always false returns because of storing username, password, and page layouts that reflect "intrusions".

Now I turn this over to Cindy :D

Dee369

03-15-2008, 09:25 AM

Cindy,

Have at it!

BUT is it JUST ME - or did others see TOOLBARS GALORE ON THIS SYSTEM? ? ? ?

How many times, how many posts, how many quotes, how many times on Paltalk . . . . . . .

DO I SAY THAT TOOLBARS ARE THE EVIL THAT CORRUPTS COMPUTERS
? ? ? ? ? ? ?

Dee, you have AIM toolbar, Yahoo toolbar, and Windows Live toolbar! And I quit checking the HJT log at that point - so there may be Google toolbar in there too.

Ok Dan. I removed the aim toolbar and the windows live toolbar but i couldnt find the yahoo toolbar in my add/remove. ANd NO Dan there is no google toolbar :D That i know of......:)

You have AVG Free AND AVG Antispyware (which also includes an antivirus engine). I THINK the Antispyware is only offerred as a 30 day free trial otherwise it has to be bought - I have to check that out before that is a "rule".

AVG Antispyware is a free program that i do not have to upgrade in 30 days. I have had it on here for a year. I use in conjunction with SAS and it has picked up things that SAS has not.

(2) ADMUNCHER - this program is the BEST! Yes, it stops some video streaming and Flash sites that come in as embedded pop-up idenitities - BUT when I have those situations occur I KNOW that I am disabling Admuncher AND I know why.

(3) PAID version of Antivirus - I really don't have a preference (except NOT to use Symantec or McAfee) in the antivirus wars. But there is no way a free version is going to give you complete protection.
Why are you mentioning admuncher when i dont use it? And i get everything that i need out of freeware. I know that at the end of the day my machine will be clean if i ever need to post on this site about it. It doesnt matter if i use freeware to clean it it WILL come out clean at the end of the day....at least i hope it will..... :)

Now I turn this over to Cindy :D

So Dan are you not going to help me because i had a couple of toolbars and im using freeware? :confused:

mz30

03-15-2008, 10:12 AM

http://www.bleepingcomputer.com/startups/Monitor-22122.html

That should answer what it is guys and gal's:)

Dee369

03-15-2008, 10:20 AM

http://www.bleepingcomputer.com/startups/Monitor-22122.html

That should answer what it is guys and gal's:)

Could that be the software for my digital camera? I just looked at the linky and thats is the only thing i can think of besides that i had other webcams and never removed the software i think. :eek:

mz30

03-15-2008, 10:29 AM

Yeah it looks like your digi-cam ,What make is it?

Dee369

03-15-2008, 10:34 AM

Yeah it looks like your digi-cam ,What make is it?

It's a Samsung thats all i know. Thank you for the link and the information. I really do appreciate it. :)

mylanta

03-15-2008, 11:57 AM

So Dan are you not going to help me because i had a couple of toolbars and im using freeware? :confused:

No probably because you don't espouse the allmighty ADMUNCHER!:)
Seriously Dee, I agree wholeheartedly with Dan here. The toolbars in themselves are not spyware but they help facilitiate it and they all must go on any system I work on as well.

Dee369

03-15-2008, 12:01 PM

No probably because you don't espouse the allmighty ADMUNCHER!:)
Seriously Dee, I agree wholeheartedly with Dan here. The toolbars in themselves are not spyware but they help facilitiate it and they all must go on any system I work on as well.

I agree with you i was just too lazy to uninstall them but i did that this morning. :) I wasnt able to find the yahoo toolbar so i dont know how to uninstall that. :(

Every scan i ran came up clean. i used avg,SAS,Bitdefender,malwarebytes,ewido AVG anti-spyware which i think might now be ewido. all i know is its free :D I was thinking about nod32 but i dont know the linky.:(

allheart55

03-15-2008, 12:25 PM

Dee, Before we do any cleanup, please download and run NOD32 (http://www.nod32.com.au/download/trial.html) Have it remove anything it finds. Let us know if/what it finds. Then open HJT and post the log. You don't need me to tell you how to do that! :D After that we will use HJT uninstall some items.

Seth

03-15-2008, 12:29 PM

allheart55

03-15-2008, 12:31 PM

Thanks Seth, I figured she might end up liking the 30 day trial and want to keep it.;)

Dee369

03-15-2008, 12:34 PM

allheart55

03-15-2008, 12:37 PM

Dee, Seth suggested using the online scanner. HERE (http://www.eset.com/onlinescan/)

Dee369

03-15-2008, 12:43 PM

Dee, Seth suggested using the online scanner. HERE (http://www.eset.com/onlinescan/)

I didnt know that ESET was NOD32. Thanks for clarifying the linky. Am running the scan now and will post that log when i'm done. Thank you Seth and Cindy :)

Seth

03-15-2008, 12:59 PM

Good point allheart.

Hi DeeDee.

Go to Add/Remove programs and remove anything that says "Viewpoint". Then go to www.java.com and download the latest version of Java.

DeeDee wrote: AVG Antispyware is a free program that i do not have to upgrade in 30 days. I have had it on here for a year. I use in conjunction with SAS and it has picked up things that SAS has not.

AVG AS is no where near SAS's caliber. Sas will find and remove all that the former does, plus a hell of a lot more. You're seeing harmless cookies and benign remnants.

About six months ago, Grisoft removed most of the Trojan Horse signatures from AVG AS. Problem is, TH's are the most common form of malware. This was a marketing maneuver to sell the AVG Internet Security Suite which included the AntiVirus as well as the AntiSpyware. My shop has stopped using AVG AS in favor of sas and mb.

BTW- There is no longer any relevant distinction between antivirus apps and decent antispyware apps.

Dee369

03-15-2008, 01:09 PM

Good point allheart.

Hi DeeDee.

Go to Add/Remove programs and remove anything that says "Viewpoint". Then go to www.java.com and download the latest version of Java.

DeeDee wrote:

AVG AS is no where near SAS's caliber. Sas will find and remove all that the former does, plus a hell of a lot more. You're seeing harmless cookies and benign remnants.

About six months ago, Grisoft removed most of the Trojan Horse signatures from AVG AS. Problem is, TH's are the most common form of malware. This was a marketing maneuver to sell the AVG Internet Security Suite which included the AntiVirus as well as the AntiSpyware. My shop has stopped using AVG AS in favor of sas and mb.
Thank you for the information Seth. I uninstalled viewpoint and AVG AS. :)

BTW- There is no longer any relevant distinction between antivirus apps and decent antispyware apps.

What do you mean by this? :confused:

Dee369

03-15-2008, 01:23 PM

Well NOD32 proved to be no better than Bitdefender because it didn't catch anything. :eek: Looks like were just going to have to remove the entries using HJT. here's my log. :D

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:23:13 PM, on 3/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WebCamSuite2] "C:\Program Files\BestOn\WebCam Suite 2.0\WebCamSuite2.exe" -plugin "D:"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - Global Startup: ZyAIR USB Utility.lnk = C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 10345 bytes

allheart55

03-15-2008, 01:31 PM

Dee, Give me a few minutes too look it over and I'll paste the lines you need to put a check in. (Providing nothing jumps out and bites me!):D Cindy

Dee369

03-15-2008, 01:35 PM

Dee, Give me a few minutes too look it over and I'll paste the lines you need to put a check in. (Providing nothing jumps out and bites me!):D Cindy

Just sitting here hanging out till we get that one issue i think i see. :D yeah watch out for those creepy critters. :eek:

allheart55

03-15-2008, 01:52 PM

Dee, A couple questions, are you using Verizon as your ISP? How many users on the machine? Does any user have a MySpace page?

Dee369

03-15-2008, 01:56 PM

Dee, A couple questions, are you using Verizon as your ISP? How many users on the machine? Does any user have a MySpace page?

Verizon is not my ISP. My ISP is Road Runner. I am the only user on this machine. it is my baby. :D And yes i do have a Myspace account. :D

How are we doing so far? I had a question about this line.

O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
What is that please? and there was another one i saw that i wasn't sure about. I think it was one of the 23's. But i'm not qualified to read a HJT log. :(
ANd EDIT*** I still dont know how to get rid of that yahoo toolbar which Dan suggested, I only have it on Fire Fox. It is not on IE. :confused:

allheart55

03-15-2008, 02:16 PM

Dee, Can you open HJT, click on (Misc. Tools) and select (Open Uninstall Manager) Look for anything Viewpoint and Yahoo. Let me know what you find but don't remove anything yet. You have two Citrix entries that are commonly used by ISP and Dell for remote connection. Do you allow your ISP to connect to your machine? I personally would remove them even if you do allow it, it can br reinstalled if you need them to help with something that requires a remote connect. Not a good idea to keep Citrix on there.

Dee369

03-15-2008, 02:23 PM

Scotty

03-15-2008, 02:36 PM

DeeDee

Please make a uninstall list using HijackThis
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.
5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in a reply.

Dee369

03-15-2008, 02:41 PM

Hi Scotty! Here it is for you. I think :)

Adobe Flash Player ActiveX
Adobe Reader 8.1.1
Advanced WindowsCare 2.30 Personal
AIM 6
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
AVG Free Edition
Conexant D850 56K V.9x DFVc Modem
Corel Snapfire Plus
Dell CinePlayer
Dell Driver Reset Tool
Dell Game Console
Dell Support 3.2.1
Digimax Master
Digital Content Portal
Digital Line Detect
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Documentation & Support Launcher
EarthLink Setup Files
ESET Online Scanner
ESPNMotion
FastStone Capture 5.2
Games, Music, & Photos Launcher
GemMaster Mystic
getPlus(R)_ocx
GoToAssist 8.0.0.480
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
ieSpell
Imikimi Plugin 0.3.0
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Internet Service Offers Launcher
J2SE Runtime Environment 5.0 Update 10
Java(TM) 6 Update 5
Learn2 Player (Uninstall Only)
Logitech Audio Echo Cancellation Component
Logitech Desktop Messenger
Logitech Legacy USB Camera Driver Package
Logitech QuickCam
Logitech QuickCam Driver Package
Logitech Video Enumerator
Malwarebytes' Anti-Malware
Mercora Player Plugin
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows Media Video 9 VCM
Microsoft Works
Modem Helper
Mozilla Firefox (2.0.0.12)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
MVision
MySpaceIM
NetWaiting
Otto
PaltalkScene
PhotoFiltre
QuickTime
RealPlayer Basic
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Samsung USB Driver
SearchAssist
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
SpywareBlaster v3.5.1
SUPERAntiSpyware Free Edition
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
WildTangent Web Driver
Windows Communication Foundation
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Yahoo! Messenger
ZyAIR USB Utility

allheart55

03-15-2008, 02:44 PM

Dee, Looks like Scotty will take it from here. Scotty please make sure the Logitech desktop messenger goes.

Dee369

03-15-2008, 02:45 PM

Dee, Looks like Scotty will take it from here. Scotty please make sure the Logitech desktop messenger goes.

Thank you for all your help Cindy :D

allheart55

03-15-2008, 02:49 PM

Dee, No problem. Add/Remove (GoToAssist 8.0.0.480)and (Logitech Desktop Messenger) back to you Scotty.

Dee369

03-15-2008, 02:53 PM

Dee, No problem. Add/Remove (GoToAssist 8.0.0.480)and (Logitech Desktop Messenger) back to you Scotty.

Ok got that done. Thank you again Cindy :D

Scotty

03-15-2008, 03:16 PM

Dee369

03-15-2008, 03:54 PM

Actually, I was just asking to help Cindy out. She has it covered anyway. Remove the HijackThis entries.
This maybe the Yahoo program.
Search Assist
http://help.yahoo.com/l/us/yahoo/search/basics/basics-27.html

Hi Scotty sorry for the delay. Had a situation here that i had to tend to. So in the uninstall manager remove the one entry for

search assist

Is that correct?

allheart55

03-15-2008, 04:05 PM

Dee, Sorry, I thought Scotty was finishing it up. You have a few things that can be checked off because they are (file missing) and you need a java update, You still have an entry that is spyware. If you open HJT and any of these are still in existence Then,
Please place a check in the box next to the following lines. (I know (4) is camera software, I removed it from my machine) It's considered spyware and you don't need the program itself.

O2 - BHO: (no name) - {7E853D72-626A-48 EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

Dee, Let HJT remove anything above, reboot and you need to go www.java.com (http://www.java.com/) and get the latest java.:D

allheart55

03-15-2008, 04:10 PM

allheart55

03-15-2008, 04:16 PM

Dee, One last thing, you have a lot of "bundled crap" that came preinstalled on your computer by the manufacturer. A lot of which you can easily uninstall. Wild Tangent isn't a great program to have on your computer. Unless you play the wild tangent games, you really should uninstall it. If you want to clean out your computer to free up the space or get rid of the junk that they preinstall before you receive it, let me know. I can tell you what to uninstall based on what you use. :D Cindy

Dee369

03-15-2008, 04:39 PM

Here is the last log for HJT. Does it look good? There were a couple of entries that seemed to disappear by themselves. :D Currently working on the other things you told me like the wild tangent removal. Expect a PM from me to get rid of the bundle crap that came with this PC. :eek: Thanks Cindy for all your help. :D

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:33:00 PM, on 3/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WebCamSuite2] "C:\Program Files\BestOn\WebCam Suite 2.0\WebCamSuite2.exe" -plugin "D:"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: ZyAIR USB Utility.lnk = C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jre/6u5-b15/jinstall-6u5-windows-i586-jc.cab?AuthParam=1205602038_acea461d20d5e520d36399 51cdbd21ad&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jre/6u5-b15/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 9839 bytes

Dee369

03-15-2008, 04:45 PM

Dee, It's also a good idea to run Secunia at least once a month. It will inspect your system and it tells you if you need to update java, flash or if you are missing any critical updates. It also notifies you of any unsafe software. You can find it here. http://secunia.com/software_inspector/

When i go to this site it says that my system doesn't appear to have Jun Java installed but i went to the site that Seth gave and it says its installed which it also installed a game that showed up on my desktop. I guess i have to figure out how to get rid of this game too. But what do i do about this? :confused:

allheart55

03-15-2008, 04:47 PM

Dee, No problem, I'm checking your log now. The entries that are gone are because they were removed/uninstalled or because NOD32 took care of them.:D

allheart55

03-15-2008, 04:51 PM

When i go to this site it says that my system doesn't appear to have Jun Java installed but i went to the site that Seth gave and it says its installed which it also installed a game that showed up on my desktop. I guess i have to figure out how to get rid of this game too. But what do i do about this? :confused:

Dee, Did you reboot after you installed java? What game did it install? :mad::mad:That should not have happened!!!

Dee369

03-15-2008, 04:51 PM

Dee, No problem, I'm checking your log now. The entries that are gone are because they were removed/uninstalled or because NOD32 took care of them.:D

I like that NOD32 is free. :D

Dee369

03-15-2008, 04:52 PM

Dee, Did you reboot after you installed java? What game did it install? :mad::mad:That should not have happened!!!

Yes i rebooted and it installed Puzzle Pirates lol.:mad:

Dee369

03-15-2008, 05:03 PM

Ok i went into add/remove and found that i have:

J2SE runtime environment 5.0 update 10

and

Java 6 update 5

What do you think about that?

allheart55

03-15-2008, 05:05 PM

allheart55

03-15-2008, 05:06 PM

Ok i went into add/remove and found that i have:

J2SE runtime environment 5.0 update 10

and

Java 6 update 5

What do you think about that?

Dee, You can remove this one. J2SE runtime environment 5.0 update 10

Dee369

03-15-2008, 05:11 PM

Dee, The last HJT is clean. I'm concerned about the java and the downloaded game. I have never heard of this happening. Let me try to investigate (GOOGLE) :D Meanwhile, :( perhaps you should go to your control panel, click on add/remove and look for that game so you can uninstall it.
Game has been removed. :D
Dee, You can remove this one. J2SE runtime environment 5.0 update 10

This has been removed as well. I'm going to try to test the Java. :) Im baffled about how that game got on here. :confused:

Dee369

03-15-2008, 05:19 PM

Here you go Cindy.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:19:01 PM, on 3/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WebCamSuite2] "C:\Program Files\BestOn\WebCam Suite 2.0\WebCamSuite2.exe" -plugin "D:"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: ZyAIR USB Utility.lnk = C:\Program Files\ZyAIR USB Utility\ZyAIR.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 9642 bytes

allheart55

03-15-2008, 05:32 PM

Dee, Did you check off this (23) file missing, the last time? Check these boxes, have HJT remove them, reboot and run another secunia, okay? I don't see any sign of an infection. Cindy

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

Dee369

03-15-2008, 05:48 PM

Dan18960

03-15-2008, 06:04 PM

Dee,

I wasn't abandoning you - I had other work to do and I trusted Cindy to follow through.

Plus too many hands in the kitchen spoils the broth and we had that happen just a week or two ago with Kathleen.

I wasn't judging you or your manner of maintaining your computer. I was stating that I use those 4 practices and maintain 7 computers, 3 servers, and service other client's computers in my dungeon and in 8 years since purchasing Admuncher for all my systems, I have not had one issue on a total of 14 personal computers and 5 servers in that time (I have maintained 7 systems since the late 90's at my home and in 2000 installed my first 2 servers).

And if you look at the list on Grisoft's site, you will see that the free version of AVG and the Professional (paid version) are quite different in their protection levels. Even the SAS free and paid version offer different levels of protection (and support).

There are some offerrings of free software that work quite well - but when it comes to protection - nothing beats the paid versions. Sun's Open Office is free - although they would like a contribution - and it is a very excellent package. In fact, we are now offerring it over MS Office. We do however, encourage our clients to make a "token" contribution of at least $100 to Sun for the package.

allheart55

03-15-2008, 06:06 PM

Terry Hanushek

03-15-2008, 06:06 PM

DeeDee

Okay got all of that but when i go to secunia it keeps saying that i dont have sun java installed and says you need sun java to run the scan. :smash:
You should see an entry for Sun Java in your Add / Remove Programs - it will be listed as J2SE Runtime Environment or just Java (TM) with the version.

You can also go to the Sun Java Site (http://www.java.com/en/)and click on Free Java Download. If it detects the latest version it will tell you.

I have noticed that installing the latest version of Sun Java does not uninstall the previous version(s). When I install a new version, I go to Add / Remove programs and remove the previous version.

Another thing that I have noticed about installing new versions of Java is that you are encouraged to download the Google Toolbar - as I recall, you must opt-out or it will be added to your system.

Terry

Dee369

03-15-2008, 06:19 PM

Dee, Uninstall your current java. Open the control panel and click on (add/remove) Reboot your PC after you uninstall Java and download the Java 6 update 5 from my link. In the Add/Remove look for this one, Java 6 update 5
and if this one still appears uninstall it. J2SE runtime environment 5.0 update 10.

Dee, Make sure that you are selecting the Windws OS and be sure you uncheck anything offered such as a game or a toolbar, okay?

http://www.java.com/en/download/manual.jsp

DeeDee

You should see an entry for Sun Java in your Add / Remove Programs - it will be listed as J2SE Runtime Environment or just Java (TM) with the version.

You can also go to the Sun Java Site (http://www.java.com/en/)and click on Free Java Download. If it detects the latest version it will tell you.

I have noticed that installing the latest version of Sun Java does not uninstall the previous version(s). When I install a new version, I go to Add / Remove programs and remove the previous version.

Another thing that I have noticed about installing new versions of Java is that you are encouraged to download the Google Toolbar - as I recall, you must opt-out or it will be added to your system.

Terry
...........................:D Someone owes someone a coke! :D......................

Heading to that site to see if it recognizes my Java. :)

Dee369

03-15-2008, 06:26 PM

Ok now im getting frustrated lol. :D Secunia keeps saying that my computer does not have java. :confused: I swear i uninstalled both of the Java's and i rebooted then i went to the java site that Terry gave and i installed Java 6 update 5 i think. I know i did it correctly but this site is just not recognizing it. it says that if i want to proceed anyway i can hit ok to proceed. Do you think i should try to go in? :confused:

allheart55

03-15-2008, 06:28 PM

allheart55

03-15-2008, 06:29 PM

Dee, Did you clicky on the green bar (Java Site) to verify java installed properly?

Dee369

03-15-2008, 06:35 PM

Dee,

I wasn't abandoning you - I had other work to do and I trusted Cindy to follow through.

Plus too many hands in the kitchen spoils the broth and we had that happen just a week or two ago with Kathleen.
Yes i will agree with you on that. :)

I wasn't judging you or your manner of maintaining your computer.
It seemed like it Dan when you blew everything up in big bold red letters about the toolbars. I will agree with you that toolbars are the portholes for trojans and viruses. I should have had those uninstalled but i didnt out of pure laziness. :frown: Just like i have a bunch of "bundle crap" on this pc that i never tended to and Chrissy and i are going to have a whack at it right Chrissy? :D

There are some offerrings of free software that work quite well - but when it comes to protection - nothing beats the paid versions. Sun's Open Office is free - although they would like a contribution - and it is a very excellent package. In fact, we are now offerring it over MS Office. We do however, encourage our clients to make a "token" contribution of at least $100 to Sun for the package.

WoW Dan that's a lot of money for a Free Program. :eek: Why so much?:confused:

Dee369

03-15-2008, 06:37 PM

Dee, Did you clicky on the green bar (Java Site) to verify java installed properly?

Yes i gave it a good clicky to verify that it was installed. :D Now im off to take that "spin" as you called it. :D

Dan18960

03-15-2008, 06:44 PM

WoW Dan that's a lot of money for a Free Program. :eek: Why so much?:confused:

Dee,

I don't service home users. I only do businesses and M$ Office starts at $249.00 for the Basic package and goes up from there. So $100.00 for an equivalent Office suite to M$ Office Professional is quite a deal.

Dee369

03-15-2008, 06:53 PM

Dee,

I don't service home users. I only do businesses and M$ Office starts at $249.00 for the Basic package and goes up from there. So $100.00 for an equivalent Office suite to M$ Office Professional is quite a deal.

ohhhh ok Dan i thought you were talking about home users. My bad. :redface:
In that case i can understand the price. :)

Cindy i'm in secunia right now and it seems to be doing something because theres a res like beamy thingy lol rotating on the page but at the bottom it says this:

Status / Currently Processing:

There might be problems loading the Java Applet in your browser.

I'm not sure if it's really doing anything and if i dont see any results in a few minutes i'm just going to bail out of that scan.:frown:

Dee369

03-15-2008, 07:05 PM

Nope secunia is a no go. :frown:

mylanta

03-15-2008, 07:19 PM

And if you look at the list on Grisoft's site, you will see that the free version of AVG and the Professional (paid version) are quite different in their protection levels. Even the SAS free and paid version offer different levels of protection (and support).

I think you mean the right thing here but the English is "iffy" for Sas. The Sas program free is absolutely no different than the piad, but the protection is different because it makes so much sense to run in the background keeping spyware out, rather than allowing it in and scanning to remove it weekly. Also the piad version allows auto updating and auto scanning as well.

allheart55

03-15-2008, 07:31 PM

allheart55

03-15-2008, 07:34 PM

Dee, Select all versions of Java if you see more than one entry, okay? :D Cindy

Scotty

03-15-2008, 07:36 PM

Java Runtime Environment (JRE) (http://java.sun.com/javase/downloads/index.jsp) (4th one down the list), which is JRE6u5

Direct link and select the Offline files.

allheart55

03-15-2008, 07:53 PM

Okay, Dee, Let's use the Windows Installer Cleanup Utility. Download it from HERE (http://support.microsoft.com/default.aspx?scid=kb;en-us;290301)

Removal instructions:

Download the Microsoft Installer Clean Up utility file and save it on your desktop
Double click on executable file. The installation process will start. Follow the instructions accordingly
Once installation process is over, go to Start -> All Programs -> Run Windows Install Clean Up utility
This will launch the Windows Installer Clean Up utility dialog box
Under the Installed products list, select the desired JRE version that you want to remove
Click Remove and ExitReboot and download Java again. Sun Java Site (http://www.java.com/en/)

Re: Malware found!!!
Java Runtime Environment (JRE) (http://java.sun.com/javase/downloads/index.jsp) (4th one down the list), which is JRE6u5

Direct link and select the Offline files.

Dee, It doesn't matter to me where you download the java, BUT please follow the instructions regarding the uninstaller first. Thanks, Cindy

Dee369

03-15-2008, 08:38 PM

Im so sorry. I posted and it got lost. :eek: I dont know what i did but i lost my post so here it is again. I used the uninstall utility and i rebooted and i went to the java link. Installed the offline for the sun java 6 update 5 and i verified it. So i would assume i have it. It sure shows up in my add/ remove programs.

I went to secunia and i got thats same pop up saying i dont have Sun Java.:rolleyes: :D I proceed into the scan any way and this is what it shows:

The Secunia Software Inspector will inspect your operating system and software for insecure versions and missing security updates. A default inspection normally lasts 5-40 seconds, while a thorough inspection may take several minutes. Note: If you have anti-virus software or similar enabled, an inspection may increase significantly in duration.
Detection Statistics:

0 Applications Detected in Total
0 Insecure Versions Detected
0 Secure Versions Detected

Running For:
0 minutes, 0 seconds

Errors Detected:
0 Errors Detected

Status / Currently Processing:

There might be problems loading the Java Applet in your browser.

Applications / Result Version Detected Status

------------------------------------------------------------------------

Now if you see what i have bolded i have tried to run a short scan which should last for minutes at most and ive been running this now for 12 minutes. Even though theres a res thingy flashing like its scanning i dont think it is lol :D I so am trying to keep my sense of humor about this. :D

Dee369

03-15-2008, 08:48 PM

I'm trying to post this thumbnail so you can see the red flashing light thingy. :D However i cant post a thumbnail no matter how hard i try. :frown:

It does load the applet but then the screen just looks like this and does absolutely nothing. :frown:

Seth

03-15-2008, 09:17 PM

Dee369

03-15-2008, 09:22 PM

www.java.com is not a bad link.

Sun has added in the game to their installer. The game IS NOT malware, and you can choose not to install it when you install Java.

This is similar to Sun and Macromedia adding in the Google toolbar in their installers.

Sure its similiar but it doesnt give you an opt out of the game like some things give you and opt out of the google toolbar. :eek: You have to uninstall it after you install the Java. :frown: Kinda sounds stupid to me but who am i? :(
Regardless secunia is not recognising Java.

Seth

03-15-2008, 09:23 PM

You missed this DeeDee:

...you can choose not to install it when you install Java.

Dee369

03-15-2008, 09:25 PM

You missed this DeeDee:

Seth, it did not give me a choice to not install it. :)

Seth

03-15-2008, 10:11 PM

Seth, it did not give me a choice to not install it. :)

It does, but they are kind of sneaky about it.

By default, you'll see a checkmark in the box that says something like "Install puzzle whatever'. You have to uncheck it if you don't want the game.

allheart55

03-17-2008, 02:55 PM

Dee, You still have infected System Restore points that should be deleted.

Dee369

03-17-2008, 05:00 PM

Dee, You still have infected System Restore points that should be deleted.

Thanks Cindy. I completely forgot about that. :eek: :)

Guest110

03-17-2008, 05:12 PM

This is a good time to clear your existing system restore points and establish a new clean restore point:

Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.

Dee369

03-17-2008, 05:33 PM

Thanks Donna. I got it. :)

Seth

03-19-2008, 08:12 PM

Not sure where you are on this, but if you ever have Java problems on a site and you have already reinstalled Java, then:

Upgrade to IE 7 if you havevn't already, open IE7 and go to Tools>Internet Options>Advanced. Click on Restore Advanced Settings and then click Reset. Now close IE and open it again. The site should be ok now.

AdvancedSetup

03-19-2008, 09:14 PM

Well since this is part of the other thread I thought I would post here as well.

Please give me some time to review both topics and I'll post back later on.

DVD player does not play... (http://www.kickenhardware.net/forum/showthread.php?t=12141)