Blogs about Macrovision Corporation

2007-11-05 20:56  Por favor revisen mi log no puedo entrar a una pag de internet
Bueno mi problema es q no quiere entrar a una sola pag de internet pero probe en otra pc y entra lo mas bien... aqui dejo el log a ver si me pueden dar una mano.. grax Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:45:15 p.m., on 05/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass. …
Read more on “Foro de Spyware”

Tags:

ADA NameServer, ActiveScan Installer Class, Adobe Systems, Ahead Lib NeroCheck, Apple Computer Inc, Archivo, Bonjour, Bonjour Service, CKAVWebScan Object, Consola, Control, EDFD DCD NameServer, Eset, Extra, Extra Tools, IntelAudioStudio, Internet Explorer, Java, LClock, LClock LClock, LinkId, Logfile, MSN Messenger, MSN PUpld, Macrovision Corporation, Macrovision Europe Ltd, Messenger, MessengerStat, MessengerStatsClient Class, Microsoft Excel, MineSweeper, NVIDIA Corporation, NameServer, Nero AG, NeroFilterCheck, Normal Running, NvCpl, NvCplDaemon RUNDLL, NvMcTray, NvMediaCenter RUNDLL, NvStartup, NvTaskbarInit, Referencia, Service Boonty Games, Service Id String, Service NBService, Settings ProxyOverride, SigmatelSysTrayApp, Sun Java, SunJavaUpdateSched, Trend Micro HijackThis, UnoCtrl Class, User Default, User SERVICIO LOCAL, User SYSTEM, User Servicio, WINDOWS Explorer, WINDOWS System, WUWebControl Class, Winamp, Windows Messenger, ..

2007-11-05 20:44  tengo algun problema en windows
hola a todos quisiera saber si tengo algún problema en mi windows o en alguna parte del ordenador de mi pc, bueno este es lo que me da el HijackThis -------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:38:44, on 05/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\sys …
Read more on “Foro de Spyware”

Tags:

ARCHIV Grisoft AVG, ARCHIV SPYBOT SDHelper, AVG Run, AcroRd, Adobe PDF Reader, Adobe Reader, Archivo, Are, Ares Development Group, AresChatServer, AudioDeck, BHO Aplicación, BHO SSVHelper Class, Bueno, CACE Technologies, Consola, Control, Descargar, Enviar, Extra, Extra Tools, Flas, FlashGet, FlashGet FlashGet, HP Digital Imaging, HPZipm, Hewlett-Packard Company, HijackThis, Internet Explorer, Java, LightScribe LSSrvc, LinkId, Logfile, MSN Messenger, Macrovision Corporation, Messenger, MessengerStat, MessengerStatsClient Class, Microsoft Excel, Mozilla Firefox, NVIDIA Corporation, NameServer, Normal Running, NvCpl, NvCplDaemon RUNDLL, NvStartup, OneNote, PhotoUpload MsnPUpld, Protocol, Reader, Research, Service Ares Chatroom, Service STI Simulator, Sun Java, Trend Micro HijackThis, Unknown, UnoCtrl Class, User Default, User SERVICIO LOCAL, User SYSTEM, User Servicio, VIAudioi SBADeck ADeck, WINDOWS Explorer, WINDOWS Network Diagnostic, WINDOWS System, WINDOWS System PAStiSvc, WUWebControl Class, WinPcap, Windows Messenger, Yodm, ..

2007-11-05 20:11  maquina suuuuuper lenta
Hola chicos... les digo, que ya pase el AVG, El Adware SE, y el spybot, solo me queda esto.. aver si mejora... les dejo el log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:06:50, on 05/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WIN …
Read more on “Foro de Spyware”

Tags:

ACNotify, ACTray, ACWLIcon, ARCHIV Grisoft AVG, AVG Run, AcroIEHelper, Adobe Acrobat, Archivo, BHO AcroIEHlprObj Class, Consola, Corel Photo Downloader, Diskeeper Corporation, DiskeeperSystray, Extra, Extra Tools, HP Software Update, HPZipm, IBM Java, IBM ThinkVantage Rescue, ISUSPM Startup, ISUSScheduler, InstallShield UpdateService, InstallerSf Control, Internet Explorer, LPManager, Lenovo, Lenovo HOTKEY TPHKMGR, Lenovo HOTKEY TpWAudAp, Logfile, Macrovision Corporation, Messenger, Microsoft Excel, NeroCheck, NeroFilterCheck, Normal Running, Option, PMHandler, PMSveH, Picasa Media Detector, Picasa PicasaMediaDetector, PsaSrv, Recovery, Service Diskeeper, Service PMSveH, Service TVT Scheduler, SoundMan SOUNDMAN, SpyBro SpyBro, SpyBrowser, SynTPEnh, Synaptics SynTP SynTPEnh, ThinkPad ConnectUtilities ACTray, ThinkPad ConnectUtilities ACWLIcon, ThinkPad ConnectUtilities AcPrfMgrSvc, ThinkPad ConnectUtilities AcSvc, ThinkVantage AMSG Amsg, ThinkVantage SystemUpdate UCLauncher, ThinkVantage SystemUpdate UCLauncherServi, Trend Micro HijackThis, URLSearchHook Barra Yahoo, Unknown, User Default, User SERVICIO LOCAL, User SYSTEM, User Servicio, WINDOWS Explorer, WINDOWS SYSTEM PMHandler, WINDOWS System, Windows Messenger, Winlogon Notify ACNotify, ..

2007-10-26 21:46  mi controllate il file hijack this per il virus di msn
Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22.34.07, on 26/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symant …
Read more on “Forum per Webmaster”

Tags:

Adobe ESD AdobeDownloadManager, BHO NAV Helper, CMICtrlWnd, Cmaudio RunDll, Desktop Component, Document, Extra, Extra Tools, HPZipm, IMPOST Temp, Industries Ltd, JackThis, MSN Services, Macrovision Corporation, Messenger, MessengerStatsClient Class, MessengerStatsPAClient, Microsoft Excel, MicrosoftDriverService, MsnMsgr, NameServer, Normal Running, Norton AntiVirus, Organizzatore, Programmi File, Programmi Internet Explorer, Programmi MSN Messenger, Programmi Messenger, Programmi Norton AntiVirus, Programmi WinRAR WinRAR, Ricerche, RunDll, Scan, Service, Service SAVScan, Service Servizio Auto-Protect, Setting, SharedTaskScheduler Daemon, SharedTaskScheduler Precaricatore Browseui, Startup, Startup Puffete, Symantec Corporation, Symantec Shared, Symantec Shared CCPD-LC, Symantec Shared SNDSrvc, Toolbar Norton AntiVirus, Trend Micro HijackThis, Unknown, User Default, User SERVIZIO LOCALE, User SYSTEM, WINDOWS Explorer, WINDOWS System, Windows Live Search, Windows Messenger, ..

2007-10-23 06:39  Lentitud general sin motivo aparente...
Buenos días, el terminal de casa, ultimamente me va bastante lento en todo, y no veo ningún proceso que ocupe recursos... Podeis echarme una mano Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:24:53, on 20/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32 …
Read more on “Foro de Spyware”

Tags:

ATI Technologies Inc, AcroIEHelper, Adobe Reader, Alcmtr ALCMTR, BHO AcroIEHlprObj Class, BHO EpsonToolBandKicker Class, BHO Skype, BgMonitor, BitTorrent, Extra, Extra Tools, Global Startup Inicio, Internet Explorer, Kaspersky Lab, Logfile, MSN PUpld, Macrovision Corporation, Messenger, Microsoft Excel, MsnMsgr, NMBgMonitor, NeroFilterCheck, Normal Running, Program Files, Program Files BitTorrent, Program Files Messenger, Protocol, Referencia, RemoteControl, Service ATI Smart, Service Kaspersky Anti-Virus, SkyTel SkyTel, Skype, Toolbar EPSON Web-To-Page, Toolbar Google, Trend Micro HijackThis, Unknown, User Default, User SYSTEM, WINDOWS Explorer, WINDOWS System, WLSetupSvc, Web Anti-Virus, Windows Messenger, ..

2007-10-22 04:08  Sikartus-Mensaje de HistoriaLout-frvaldes
Hola de nuevo Sikartus, siguiendo tus instrucciones te anexo el registro de HijackThis que me salió al final de todas las eliminaciones y comprobaciones que hice. Si se requiere algo más por favor no dudes en solicitarlo. Gracias nuevamente: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:42:46 p.m., on 21/10/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32 …
Read more on “Foro de Spyware”

Tags:

A-A NameServer, BHO SSVHelper Class, BHO Yahoo, CPSHelpRunner, Conexant Systems Inc, Consola, Creative Labs, Default, DelayShred, Extra, Extra Tools, FaxCenterServer, Global Startup, Gopher Prefix, Helper, HijackThis, HistoriaLout-frvaldes, Host, HotKeysCmds, ISUSPM Startup, ISUSScheduler, IgfxTray, Install, Internet Explorer, LinkId, Logfile, Macrovision Corporation, McAfee Inc, MicroVision Development Inc, Microsoft Excel, Monitor, MskAgentexe, Normal Running, PCMService, PROGRA McAfee MPS, PROGRA McAfee MSC, PROGRA McAfee VIRUSS, Persistence, Program Files Java, Program Files Yahoo, QuickTime Task, Reader, Referencia, RoxMediaDB, RoxWatch, RoxWatchTray, RoxioDragToDisc, SUPERAntiSpyware, Service, Service McAfee Services, Service RoxMediaDB, Service XAudioService, Shockwave Flash Object, ShowWelcomeCenter, ShrCL, Sidebar, SigmaTel Inc, SigmatelSysTrayApp, Sikartus, Sonic Solutions, Startup, Sun Java, SunJavaUpdateSched, SynTPEnh, Toolbar Barra Yahoo, Trend Micro HijackThis, URLSearchHook Barra Yahoo, Unknown, User SERVICIO LOCAL, User Servicio, Window, Windows Explorer, Windows System, Windows TEMP, WindowsWelcomeCenter, Winlogon Notify, YInstStarter Class, ..

2007-10-20 18:16  Pop Ups de publicidad
Estimados amigos: Tengo problemas serios con las ventanas emergente al iniciar internet. Siempre me salen ventanas de publicidad muy diversa. Les anexo mi log para qe por favor me den una mano. Saludos: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:38, on 20/10/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Program Files (x86)\MSN Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolba …
Read more on “Foro de Spyware”

Tags:

Adobe PDF Reader, Adobe Reader, Ares Ares, BHO Aplicación, BHO SSVHelper Class, BHO Yahoo, BgMonitor, BrMfcWnd, Brother Brmfcmon BrMfcWnd, Brother ControlCenter, Consola, ControlCenter, DivXBrowserPlugin, DivXBrowserPlugin Object, Eset, Extra, Extra Tools, Google, Google GoogleToolbarNotifier, Gopher Prefix, Helper, Hewlett-Packard Company, Host, IndexSearch, Install, Internet Explorer, Java, KeyIso, LinkId, Locator, Logfile, MSN Messenger, MSN Messenger MsnMsgr, Macrovision Corporation, Microsoft Excel, MsnMsgr, NBKeyScan, Nero AG, Netlogon, Normal Running, Oki Data Corporation, PaperPort PTD, Program Files, ProtectedStorage, QuickTime QTTask, QuickTime Task, Reader, Referencia, RpcLocator, SLsvc, SSBkgdUpdate, SamS, ScanSoft PaperPort, ScanSoft PaperPort IndexSearch, Service, Service HASP Loader, Service NMIndexingService, Service SystemRoot, Service SystemRoot System, Service Systemroot, Sidebar, Speech Recognition, Spooler, Sun Java, SunJavaUpdateSched, Tengo, Toolbar Barra Yahoo, Toolbar Google, Trend Micro HijackThis, UI Detect, URLSearchHook Barra Yahoo, Unknown, User SERVICIO LOCAL, User Servicio, UserInit, WMPNetworkSvc, WinZip WZQKPICK, Window, Windows Live Favorites, Windows Live Search, Windows Live Toolbar, Windows Media Player, Windows Speech Common, Windows SysWOW, Windows System, WindowsWelcomeCenter, WmiApSrv, YInstStarter Class, Yahoo, ..

2007-10-18 20:13  Tengo el Pc Lento aqui mi log...
Buenas formatie mi pc hace 5 días, pero hace dos días anda muy lento y no se por que, aqui dejo mi log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:10:49 p.m., on 18/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost …
Read more on “Foro de Spyware”

Tags:

AcroIEHelper, Actualizador, AddAllLink, AddLink, AddVideo, Adobe Acrobat, Archivo, BHO BitComet ClickCapture, BHO SSVHelper Class, BitComet, BitComet BitComet, BitComet Search, BitCometBHO, Consola, Control, Eset, Extra, Extra Tools, FileZilla Project, FileZilla Server, Internet Explorer, Java, LaunchINFSectionEx, LinkId, Logfile, MSN PUpld, Macrovision Corporation, Microsoft Excel, NameServer, No-IP DUC, Nokia, Normal Running, PCSuiteTrayApplication, Pc Lento, Referencia, Service ServiceLayer, Sidebar, Startup No-IP DUC, Sun Java, Trend Micro HijackThis, User Default, User SERVICIO LOCAL, User SYSTEM, User Servicio, VistaStart, Vistadrv, Visual Tooltip VisualToolTip, VisualToolTip, WINDOWS Explorer, WINDOWS ISSO VIPhd, WINDOWS Network Diagnostic, WINDOWS System, Windows Live Messenger, Windows Sidebar, ..

2007-08-20 05:18  my computer acting slow lately...
it has been acting really slow lately, just want to see if i missed anything. i tried the kaspersky online scan and it failed before it even downloaded. then i tried the one you guys mention below it and it didn't work either. heres my hijack this log: Logfile of HijackThis v1.99.1 Scan saved at 9:15:23 PM, on 8/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WIN …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, AcRdB, AcroIEHelper, ActiveScan Installer Class, AdobeUpdateManager, Apple Inc, AppleMobileDeviceService, BHO SSVHelper Class, CKAVWebScan Object, Cpqset, Extra, Extra Tools, F-Secure Online Scanner, HGPlugin USA Class, HP Software Update, Hewlett-Packard Development Company, HijackThis, IMEName, INTERNATIONAL International, Internet Explorer, LinkId, Logfile, Macrovision Corporation, Messenger, Network Diagnostic, Option, PHIME ASync, PROGRA SPYBOT SDHelper, Program Files, Program Files Java, Program Files Messenger, Protocol, QuickTime Task, SSODL WPDShServiceObj, Service, Service Kaspersky Anti-Virus, Spoil RemAdvDef Migration, Start, Sun Java Console, SunJavaUpdateSched, SynTPEnh, SynTPLpr, Unknown, WINDOWS Explorer, WINDOWS SYSTEM WgaLogon, WINDOWS System, WPDShServiceObj, Web Anti-Virus, Windows Messenger, Winlogon Notify, Winlogon Notify WgaLogon, ..

2007-08-20 04:38  SpyWare problems
I have been infected today by a couple of spyware/trojans. Virtumonde, webbuyer, doubleclick, mediaplex, and winsoftware. I've read through the forums and tried to remove them on my own. Virtumonde and webbuyer seem to be gone now but I do hear clicking sounds as if I was browsing with internet explorer even when I'm not doing anything. I'm worried because I have very important stuff which I have to log into through the internet. Here are my HiJackThis and Combofix logs respectively. Logfile of …
Read more on “Safer Networking Forums”

Tags:

AIM Search, AOpenClient, ATI Technologies Inc, AbsolutePoker, AcRdB, AcroIEHelper, AdobeUpdateManager, Agent, Backward Links, Binn, Block, BluetoothAuthenticationAgent, Bodog Poker, Cached Snapshot, Combofix, Corporation, Creative Detector, DellSupport, Document, English, Extra, Extra Tools, Google Search, GoogleToolbar, HiJackThis, HijackThis, HotKeysCmds, HydraVisionDesktopManager, HydraVisionViewport, INTERNATIONAL International, IgfxTray, Install, Intel, Internet Explorer, LinkId, MCAgentExe, MCUpdateExe, Macrovision Corporation, McAfee Inc, McShield McShield, McUpdate, Messenger, NameServer, NeroCheck, NeroFilterCheck, Network Diagnostic, OASClnt, Open Client, Option, PROGRA McAfee, PROGRA SPYBOT SDHelper, Page, Program Files, Program Files AIM, Program Files DellSupport, Program Files Java, Program Files McAfee, Program Files Messenger, Program Files PostgreSQL, Program Files QuickTime, Program Files Spybot, Program Files Trillian, Program Files VentSrv, Program Files Winamp, Program Files Yahoo, Protocol, QuickTime Task, Real, Search Destroy SpybotSD, Send To Bluetooth, Service ATI Smart, Service Bluetooth Service, Service DSBrokerService, Service MEKZRF, Service McAfee, Service TabletService, Service Ventrilo, Shdocvw, Similar Pages, SoundMAXPnP, SunJavaUpdateSched, Tablet, TkBellExe, Toolbar Google, Toolbar McAfee VirusScan, Toolbar Yahoo, Translate English Word, Translate Page, URLSearchHook, URLSearchHook Yahoo, UltimateBet, UltimateBuddy, Unknown, VSOCheckTask, VirusScan Online, WINDOWS Explorer, WINDOWS SYSTEM WgaLogon, WINDOWS System, Wacom Technology Corp, WinampAgent, Windows Messenger, Winlogon Notify, Winlogon Notify WgaLogon, ..

2007-08-20 03:39  Problems with Virtumonde and CmdService
Last week, an unrequested download ran on my computer. I could not get rid of it. I turned to Spybot, which showed several issues. Earlier in the week, there were no issues. Now the system is slow and browser windows popp up every few minutes to advertisements. Spybot sidebar instructions for Virtumonde directed me to this forum for assistance. I have completed "Before you post" steps and hope they provide sufficient information to help get rid of these problems. Can someone please help Here is …
Read more on “Safer Networking Forums”

Tags:

ATIModeChange Ati, AdaptecDirectCD, Apoint, BascsTray, Before, Brio, Broadcom Corp, CARPService, CKAVWebScan Object, Cisco Systems Inc, ClamTray, ClamWin, CmdService, Computer, Corporation, DVDSentry, Dell QuickSet, Draco, EvMon, EventMonitor, Extra, Extra Tools, F-Secure AVP, F-Secure Blacklight, F-Secure Libra, F-Secure Online Scanner, F-Secure Orion, F-Secure Pegasus, FC MUWebControl Class, HP Software Update, Here, Intel, Intel Corporation, Internet Explorer, Juniper Networks, JuniperSetupSP Control, Kaspersky, LAPTOP Scanning, LinkId, Logfile, Macrovision Corporation, Messenger, Microsoft Excel, Ncao, NetMon, Next, Normal Running, Options Scanning, PRONoMgr, Program Files, Program Files ClamWin, Program Files Java, Program Files Messenger, Program Files QuickTime, Program Files WinPcap, QuickTime Task, Reader, Renamed Submitted, Renamed Submitted Trojan, Renamed Submitted Trojan-Downloader, Renamed Submitted Trojan-Proxy, Research, Result, Scan, Scanning, Service CVPND, Service OracleMTSRecoveryService, Service OracleOraHome ClientCache, Service RegSrvc, Service RoamMgr, Spybot, Submitted, Sun Java Console, SunJavaUpdateSched, Target, TkBellExe, Tracking Cookie, Trend Micro HijackThis, Unknown, Virtumonde, Vundo, VundoFix, WINDOWS Explorer, WINDOWS Network Diagnostic, WINDOWS System, WINDOWS System Ati, WINDOWS System DSentry, WINDOWS System HPZipm, WINDOWS System RegSrvc, WINDOWS System RoamMgr, WUWebControl Class, Windows Messenger, ZCfgSvc, ..

2007-08-20 02:55  Command Service
Help! I am getting warnings of trojans, worms, viruses, and thousands of pop-ups from savetheinformation, bestsellerantivirus, protectroom, onlinehelpmate, storageprotector and b2ad2.com. A Spybot scan comes up with Command Service, but I am not able to delete this even at the source. The HJT log is: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:51:12 PM, on 8/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Runni …
Read more on “Safer Networking Forums”

Tags:

ADA DwnldGroupMgr Class, ActiveX AcroIEHelper, AppInit DLLs, BHO AcroIEHlprObj Class, BHO DriveLetterAccess, BHO SSVHelper Class, BHO Yahoo, CDROM Access, CTsvcCDA, Command Service, Corporation, Creative Technology Ltd, DellSupport, EarthLink Installer, Extra, Extra Tools, FC MUWebControl Class, Google, Google Desktop Search, Helper, Icon, Install, Intel, IntelMeM, Internet Explorer, Lexmark International Inc, Logfile, Macrovision Corporation, McAfee, McAfee Inc, Messenger, Microsoft Excel, Musicnotes Viewer, Normal Running, Operating System Class, PCMService, PROGRA McAfee MPS, PROGRA McAfee MSC, PROGRA McAfee VIRUSS, PROGRA Yahoo, Program Files AIM, Program Files DellSupport, Program Files Java, Program Files Messenger, Program Files QuickTime, Program Files Spybot, Program Files Winamp, Program Files Yahoo, QuickTime Task, Real, Search, Search Destroy SDHelper, Search Destroy SpybotSD, Service, Service Creative Service, Service DSBrokerService, Service GoogleDesktopManager, Service MSCSPTISRV, Service McAfee Services, Service PACSPTISVR, Services Button, Shdocvw, Sony Corporation, SoundMAXPnP, Spybot, SpybotSnD, SsAAD, Startup Event Reminder, Sun Java Console, SunJavaUpdateSched, TkBellExe, Toolbar Google, Toolbar Security Toolbar, Toolbar Yahoo, Trend Micro HijackThis, Trusted Zone, URLSearchHook Yahoo, Unknown, UpdateManager, WINDOWS Explorer, WINDOWS System, WinampAgent, Windows Messenger, Winlogon Notify, YInstStarter Class, YPager, Yahoo, ZUxdm MMUS, ..

2007-08-10 10:51  zlob dns changer
Hello: Spybot seems unable to remove zlob from my computer after many attempts. Here is my Hijack This log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:43:21 AM, on 10/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, AVG Run, AcroIEHelper, Anonymizer, Anti Trojan Elite, BHO SSVHelper Class, BHO Spybot-S, BHO Yahoo, EAEB CFFF NameServer, Evidence Eliminator, Extra, Extra Tools, F-Secure Online Scanner, Google, Helper, Hijack This, IE Protection, ISUSPM Startup, ISUSScheduler, Internet Explorer, Lavasoft AB, LinkId, Logfile, Macrovision Corporation, Microsoft Excel, Normal Running, PROGRA Grisoft AVG, PROGRA SPYBOT SDHelper, Program Files Eazfix, Program Files Java, Program Files Messenger, Program Files Spybot, Research, SUPERAntiSpyware, Search Destroy Configuration, Search Destroy TeaTimer, Service Ad-Aware Service, Service MSCSPTISRV, Service PACSPTISVR, Service SHDSERV, Shockwave Flash Object, Sony Corporation, Spybot, SpybotSD TeaTimer, SsAAD, Toolbar Yahoo, Tracks Eraser Pro, Trend Micro HijackThis, Unknown, User Default, User SYSTEM, WINDOWS Explorer, WINDOWS Network Diagnostic, WINDOWS System, Winlogon Notify, Zone Labs LLC, ZoneAlarm Client, ZoneLabs, ..

2007-08-09 23:29  Still infected
Hi, I got infected with a few (or just one acting as a few) Trojans recently and was very happy to find so much advise on this website! I thought i had got rid of the trojan when i managed to stop the popup windows, asking me to download some "antivirus" software, but my norton firewall kept blocking attempts from several trojans to go online-yet the virus scan wouldn't find any of them. the attemps came from : Magicantispy, adware.purityscan, infostealer.ldpinch, download, trojan.nebuler and tr …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, Adobe Systems, AlertEng, BHO SSVHelper Class, Browser, CLTNetCnService, Downloads HiJackThis, Extra, Extra Tools, Hijackthis, Internet Explorer, Lavasoft AB, Logfile, Macrovision Corporation, Magicantispy, Messenger, Microsoft Excel, Normal Running, PIFSvc, PROGRA SPYBOT SDHelper, Program Files Java, Program Files Messenger, Rocket Division Software, Service ATI Smart, Service Ad-Aware Service, Service COM Host, Service LiveUpdate, Service StarWind, Service StarWindService, Startup Adobe Gamma, Sun Java Console, SunJavaUpdateSched, Symantec Corporation, Symantec PIF AlertEng, Toolbar, Toolbar PDFCreator Toolbar, Trend Micro HijackThis, Trojan, Unknown, User Default, User LOCAL SERVICE, User NETWORK SERVICE, User SYSTEM, WINDOWS Explorer, WINDOWS System, Well, Windows Messenger, ..

2007-08-09 22:35  Ultimate Cleaner Headache!
Hi all, Seems my PC is riddled with this Ultimate Cleaner. My desktop background has been changed to one big link "Protecting my Privacy", Theres so many popups and fake alerts its hard to get through a sentence without 10 more! :banghead: Im not so good with these types of things but having read through, heres the HJT report: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 11:21:50 PM, on 8/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\W …
Read more on “Safer Networking Forums”

Tags:

ALUAlert, AVG Run, AcRdB, AcroIEHelper, ActiveX Control, AdobeUpdateManager, AntiSpyWare Guard, Apple Inc, AppleMobileDeviceService, BHO MSVPS System, BHO SSVHelper Class, Backward Links, C-Media Mixer Mixer, Cached Snapshot, Cleaner Headache, Document, ESC Trusted Zone, English, Extra, Extra Tools, Global Startup DSLMON, Google Search, GoogleToolbar, Hewlett-Packard Company, InCD, KEMailKb, Logfile, Macrovision Corporation, Messenger, MsnMsgr, MsnPUpld, NVIDIA Corporation, Nero AG, NeroCheck, NeroFilterCheck, Nicosia, Normal Running, NvCpl, NvCplDaemon RUNDLL, NvMcTray, NvMediaCenter RUNDLL, NvStartup, NvTaskbarInit, PROGRA Grisoft AVG, PROGRA KEMailKb KEMailKb, Page, Plugin, PnkBstrA, PnkBstrB, Privacy Theres, Program Files, Program Files Java, Program Files Messenger, Program Files Spybot, Program Files Yahoo, Protecting, QuickTime Task, Scan, Search Destroy SDHelper, Seem, Service, Service MSCSPTISRV, Service Memeo BMUService, Service PACSPTISVR, Service PnkBstrA, Service PnkBstrB, SharedTaskScheduler Browseui, SharedTaskScheduler Component Categories, Similar Pages, Sony Corporation, SpySweeper, SpybotDeletingA, SpybotDeletingB, SpybotDeletingC, SpybotDeletingD, Startup Memeo Launcher, Sun Java Console, SunJavaUpdateSched, Symantec Corporation, SystemTray SysTray, System, Tanagra Inc, Thank, Toolbar, Toolbar Google, Translate English Word, Translate Page, Trend Micro HijackThis, Ultimate Cleaner, Unknown, User Default, User SYSTEM, VTTimer, VTTimer VTTimer, VTTrayp VTtrayp, WINDOWS Explorer, WINDOWS Mixer, WINDOWS System, Webroot Software Inc, Windows Messenger, Wireless Assistant, Yahoo, YahooMessenger, ..

2007-08-09 20:56  Yet another VirtuMonde
:banghead: I have the DLL that I can't get rid of... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:32:08 PM, on 8/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\C …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, AlertEng, America Online, America Online Inc, AudioDrvEmulator, BHO DriveLetterAccess, Browser, CDROM Access, CDownloadCtrl Object, CLTNetCnService, CTsvcCDA, Class, Creative SoundFont Synthesizer, Creative Technology Ltd, DC- MSN Games, DMXLauncher, DivXBrowserPlugin Object, Document, Extra, Extra Tools, FC MUWebControl Class, FE LSSupCtl Class, GSDACtl Class, GpcContainer Class, ICQ Lite, ISUSPM Startup, ISUSScheduler, Installer, Internet Explorer, LSSupCtl, LinkId, Macrovision Corporation, Messenger, MessengerStatsClient Class, Normal Running, PIFSvc, PROGRA SPYBOT SDHelper, Program Files Java, Program Files Messenger, Real, Research, Service COM Host, Service Creative Service, Service LiveUpdate, SetDefaultMIDI MIDIDEF, Shdocvw, Sun Java Console, SymAData, Symantec Corporation, Symantec PIF AlertEng, Trend Micro HijackThis, Unknown, UpdReg, User SYSTEM, VirtuMonde, VolPanel, WINDOWS Explorer, WINDOWS Network Diagnostic, WINDOWS System, WINDOWS UpdReg, Windows Messenger, Winlogon Notify, ZoneUpwords Object, ..

2007-08-07 16:59  CompTIA Announces Winners of Inaugural Software Innovation Awards
I was invited to attend CompTIA's Breakway conference. It's one of those events I really wish I could have been at, but scheduling just wouldn't permit. Here's some news about some award winners that were recognized at the event. What really strikes me here is that among these winners, all companies to watch, there's only one I'm famliar with. Jive Software in Portland, headed up by Dave Hersh is definitely right in a very sweet spot with an incredibly hot solution set that I believe is right on …
Read more on “”

Tags:

Accelerator, Announces Winners, AstoundSound, Austin Texas, Breakaway, Breakway, Business Model, Cambridge Mass, Clearspace, CompTIA, CompTIA In CompTIA, Company Achievement, Corporation, Dave Hersh, David Sommer, Decision Advisor, Englewood Colo, Entellium Inc, Innovation, Jive Software, Las Vegas Nev, Medium-Sized Infrastructure Software, Menlo Park Calif, Most Innovative Service, Most Innovative Small, Most Innovative Software, Norcross Ga, On-Demand, PDA Viewer, Page One, Parity, Portland, Portland Ore, Radar, Raleigh, Rave, Santa Clara Calif, Seattle, Smart Client, Software, Software Industry, SoftwareCEO, Tags CompTIA Breakway, Vancouver Canada, ..

2007-07-25 11:18  Vundo Trojan and other problems
I ran VundoFix to remove the Vundo trojan this computer had but I want to make sure it's gone! I also have been having lots of pop-ups and other issues with it. I have posted my HijackThis log so any help I could get would be greatly appreciated. Thanks so much in advance! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:08:55 AM, on 7/25/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System3 …
Read more on “Safer Networking Forums”

Tags:

AcRdB, AcroIEHelper, AdobeUpdateManager, Aida, AlertEng, America Online Inc, Apple Computer Inc, AxCtp, BHO DriveLetterAccess, BHO NAV Helper, DVDSentry, DadApp, Dell QuickSet, Document, DwlClient, ExploreUpdSched, Extra, Extra Tools, HPDJ Taskbar Utility, HPHmon, HijackThis, HotKeysCmds, Icon, IgfxTray, Internet Explorer, Lavasoft AB, LinkId, MMTray, Macrovision Corporation, Messenger, Microsoft Excel, MoneyAgent, NAV CfgWiz, Normal Running, PIFSvc, Phdg, Program Files, Program Files Messenger, Program Files QuickTime, Program Files WinPop, QuickTime Task, Real, Research, Salestart, Service, Service Ad-Aware Service, Service LiveUpdate, Service Net Agent, Service SPBBCSvc, SfKg, Share-to-Web Namespace Daemon, Sonic RecordNow, Startup TA Start, Startup Think-Adz, StorageGuard, Sun Java Console, Symantec Corporation, Symantec PIF AlertEng, SynTPEnh, SynTPLpr, TkBellExe, Toolbar Norton AntiVirus, Trend Micro HijackThis, Trojan, UniPatch, Unknown, User, Vundo, VundoFix, WINDOWS Network Diagnostic, WINDOWS System, WINDOWS System DSentry, WINDOWS System HPHipm, WINDOWS System Shdocvw, WebBuying, WinPop, WinTouch, Windows Messenger, Winlogon Notify, ..

2007-07-25 07:00  Virmonde.O
Hi, I have the same problem similar to other users with regards to Virtumonde.O I am getting constant pop ups when using the internet have read similar posts and need help to clean system. Hijack Log is as follows. Thanks guys. Logfile of HijackThis v1.99.1 Scan saved at 4:54:12 PM, on 25/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.e …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, BgMonitor, DGTx, Dldrv, Document, Domain, DownloadManager Control, DropDisc, EF EPUImageControl Class, Easy-WebPrint Preview, Easy-WebPrint Print, Extra, Extra Tools, FF QOLCheck Control, Hewlett-Packard Company, HijackThis, INTERNATIONAL International, IW Drop Icon, Internet Explorer, KernelFaultCheck, Lavasoft AB, LinkId, Macrovision Corporation, MemoryManager, Messenger, Microsoft Excel, Nero AG, NeroFilterCheck, Network Diagnostic, Option, PROGRA Grisoft AVG, Pinnacle System, Program Files Java, Program Files Messenger, Protocol, QOLCheck, RC AddToList, RC HSPrint, RC Preview, RC Print, Reader, Research, Rocket Division Software, SSODL WPDShServiceObj, Service ATI Smart, Service Ad-Aware Service, Service MSSQL PINNACLESYS, Service NBService, Service SQLAgent PINNACLESYS, Sun Java Console, SunJavaUpdateSched, Toolbar Easy-WebPrint, URLSearchHook Yahoo, Unknown, Virtumonde, WINDOWS Explorer, WINDOWS System, WPDShServiceObj, Windows Defender, Windows Messenger, ..

2007-07-25 05:41  Ultimate Cleaner, Ultimate Defender, Ultimate Fixer, Security Monitor
Hello, I noticed today that I have been infected with this. I have researched the forums and tried several things, hijack this, spyware doctor, and the online scan at http://www.kaspersky.com/downloads/kws/kavwebscan.htm. Below are my logs as I have not yet gotten rid of it. Any help is greatly appreciated. P.S. I will post the kaspersky log as soon as it is done. Hijack This Log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 1:29:42 AM, on 7/25/2007 Platform: Windows XP SP2 (Win …
Read more on “Safer Networking Forums”

Tags:

AVG Run, AcRdB, AcroIEHelper, Adobe Systems, AdobeUpdateManager, Apple Inc, BHO SSVHelper Class, CACE Technologies, CKAVWebScan Object, Desktop Component, Document, ED Support, EFFAEF NCWeb, EPSON Stylus Photo, Extra, Extra Tools, Hewlett-Packard Company, INCA Internet Co, InCD, Init, Installer, LinkID, MSWindowsUpdate, Macrovision Corporation, MemoryManager, Messenger, MetaStreamCtl Class, Microsoft Excel, MsPMSPSv, NVIDIA Corporation, Name, NameServer, Nero AG, NeroCheck, NeroFilterCheck, Normal Running, NvCpl, NvCplDaemon RUNDLL, NvMcTray, NvMediaCenter RUNDLL, NvStartup, NvTaskbarInit, PC Tools, PROGRA Grisoft AVG, Program, Program Files, Program Files AIM, Program Files Java, Program Files Messenger, Program Files QuickTime, Program Files USoft, Program Files WinPcap, QuickTime Task, Registration, RemoteControl, Rodolofo, SDTray, Scan, Serie, Service, Service MySQL, SharedTaskScheduler Browseui, SharedTaskScheduler Component Categories, Sothink SWF Catcher, SoundMan SOUNDMAN, SpyHunter, Startup Adobe Gamma, Startup Epson, Stylus Photo, Sun Java Console, SunJavaUpdateSched, This Log Logfile, Titles Ereg EPSONREG, Trend Micro HijackThis, Unknown, User Default, User SYSTEM, WINDOWS Explorer, WINDOWS System, WgaTray, Windows Messenger, Windows Update Host, WindowsFirewallSvc, Winlogon Notify, Zune Launcher, ..

2007-07-24 03:53  Hong Kong - Private companies
139 Holdings Ltd. Rm. 1603-1605 Harcourt House, 39 Gloucester Rd., Wanchai Hong Kong 3M Hong Kong Ltd. 5th Fl. Victoria Centre, 15 Watson Rd. Hong Kong 4M Systems Ltd. Unit A, 25th Fl., CDW Bldg., 388 Castle Peak Rd. Tsuen Wan A-Max Holdings Ltd. Units 11-12 32nd Fl. Cable TV Twr., 9 Hoi Shing Rd., Tsuen Wan New Territories A-Max Technology Ltd. 10/F., A-Max Technology Tower, 12-16 Fui Yiu Kok St. Tsuen Wan, New Territories A.M. Best Asia-Pacific Ltd. Unit 5707, 57/F Central Plz., 18 Wanchai ABB …
Read more on “Chinese China”

Tags:

ACNielsen China Ltd, AIA Twr, Acetylene Company Ltd, Admiralty Centre Twr, Aerospace Twr, Alexandra House, Allied Kajima Bldg, America Asia Ltd, America Twr, Aon China Bldg, Aptus Holdings Ltd, Argyle St, Asia Industrial Bldg, Asia Orient Twr, Asia Twr, Asia-Pacific Ltd, BNP Paribas Peregrine, Bank, Bank Bldg, Bay Bird, Bay Chevalier, Beautiful Group Twr, Biotechnology Biotechnology Ave, Bird Ste, Bldg, Block, Block Skyway House, Bnak, Bong Commercial Centre, Bonjour Twr, Box AIA Twr, Box ICBC Twr, Bun Rd, Business Centre, CITIC Twr, CNT Twr, COSCO Twr, CTS House, Cable TV Twr, Cafe, Camelpaint Bldg, Canton Rd, Castle Peak Rd, Causeway Bay Plz, Central Plz, Central Twr, Centre, Centre Canton Rd, Centre Gloucester Rd, Centre Harcourt Rd, Centre Nathan Rd, Centre Queen, Centre Watson Rd, Centre Whitfield Rd, Centrium Wyndham St, Centro Lam, Century Pl, Chater Rd, Chatham Rd, Chee Ave, Chemical Group Ltd, Cheong Bldg, Cheong St, Cheuk Nang, Cheung Kong Ctr, Cheung Rd, Cheung Tat Rd, China Asia Ltd, China Investments Ltd, China Merchants Twr, China Minmetals Twr, China Overseas Bldg, China Resources Bldg, China Tower Fl, China Twr, Chinachem Century Twr, Chinachem Exchange Sq, Chinachem Golden Plz, Chuan Yuan Bldg, Chuk Hang Rd, Chuk St, Chung, Chung House Queen, Chung New Territories, Chung St, Citibank Twr, Cityplaza, Clicquot Asia Ltd, Commercial Bank, Commercial Bldg, Commercial Buillding, Commercial Centre No, Company Ltd, Connaught Rd, Connaught Sheung Wan, Consortium Bldg, Consortium International Ltd, Container Port Rd, Convention Plz, Coral Holdings Ltd, Corp, Dai Fu St, Dai Hei St, Dai Shun St, Dai Wang St, Des Voeux Rd, Des Vouex Rd, Devon House King, Distribution HK Ltd, Dream Inworld Ltd, EandF, East, Edwick Industrial Centre, Eforce Holdings Ltd, Eight Commercial Twr, Electric, Electrical Products Ltd, Empress Plz, Entertainment Bldg, Entertainment Ltd, Esquel Enterprises Ltd, Estate Phase III, Eton Twr, Exchange Sq, Fat Hing St, Fat St, Favour Centre, Finance Ctr, First Commercial Bldg, Flat, Fong, Fong Rd, Fortress Twr, Fossil East Ltd, Founder Holdings Ltd, Fu Rd, Fu St, Fung Centre, Fung Hong Bldg, Fung Industrial Bldg, Fung Ltd, Fung Twr, Gain Plz, Galaxy Factory Bldg, Garden Rd, Gateway Canton Rd, Gateway Twr, Glory Twr, Gloucester Rd, Gloucester Twr, Godown Industrial Bldg, Gold Peak Bldg, Golden Resources Centre, Goldlion Hldgs Ctre, Goldlion Holding Centre, Grand Central Plz, Grand City Plz, Grande Holdings Ltd, Group Ltd, Guangdong Finance Bldg, Guangdong Investment Twr, HITEC Trademart Dr, HK Industrial Centre, Hang Lung Centre, Hang Lung House, Hang Sang Bldg, Hang Seng Bldg, Harbour Centre Twr, Harbour Rd, Harcourt Rd, Harmony Asset Ltd, Hei St, Hennessy Rd, Hensey Industrial Bldg, High Fashion Centre, Hillier Bldg, Hing Fong Rd, Hing Printing Centre, Hing Yip St, Hip Commercial Bldg, Ho Tin St, Hoi Rd, Hok Cheung St, Hok Yuen St, Holdings Ltd, Hong Kong, Hong Kong Blu, Hong Kong Chuang, Hong Kong City, Hong Kong Dr, Hong Kong Industrial, Hong Kong KPMG, Hong Kong Leed, Hong Kong Lin, Hong Kong Ltd, Honour Industrial Ctr, Hop Hing Bldg, Hopewell Centre Queen, House, House Connaught Rd, House Harcourt Rd, House King, House St, House Taikoo Pl, Hua Qin Int, Hung Kai Centre, Hung To Rd, II- Sunning Rd, III Enterprise Sq, ING Twr, Ice House St, Industrial Bldg, Industries Company Ltd, Information Services Rm, Inmark Industrial Ltd, Institute, International Holdings Ltd, International Industrial Bldg, International Trade, Investment Company Ltd, Investment Ltd, Investment Twr, Island Pl, Jardine House, Jardine Matheson Ltd, Johnston Plz, Joyce Bldg, KPI Company Ltd, Kader Bldg, Kai Cheung Rd, Kajima Bldg, Kee Shing Centre, Kei Twr, Kenning Industrial Bldg, Kimberley Rd, King, King Fook Bldg, King St, King Yip St, Kings Rd, Kok Wan, Kon Shan Rd, Kong, Kong Arcontech Corp, Kong Bank, Kong Centre, Kong Li, Kong Ltd, Kong Mexan Ltd, Kong Motor Corp, Kowloon, Kowloon Banc, Kowloon Epro Ltd, Kowloon Man Lin, Kung Yip St, Kwah, Kwai Cheong Rd, Kwai Fat Rd, Kwai Hei St, Kwan, Kwan Chart Twr, Kwun Tong Rd, Landmark Pedder St, Laws Commercial Plz, Lee St, Lei Muk Rd, Lek Yuen Shatin, Level Landmark, LiFung Twr, Lippo Sun Plz, Lippo Twr, Liven House, Lockhart Rd, Lok St, Lok Tsuen, Lok Tsuen Fanling, Long To Bldg, Lu Plz, Luk Hop St, Lung Sum Ave, MLC Millenia Plz, MLC Millennia Plz, Main Rd, Man Holding Ltd, Man Yee Bldg, Manulife Plz, Manulife Twr, MassMutual Twr, Matheson St, Matrix Holdings Ltd, Mei Ave, Melbourne Plz, Merchants Twr, Metro Twr, Metroplaza Twr, Metropole Sq, Millenium Plz, Millennium Plz, Ming An Plz, Ming Fty Bldg, Ming St, Miramar Twr, MultiFrame Computer Co, Museum Rd, Nanyang Plz, Nathan Rd, New Mandarin Plz, New World Twr, Office Twr, Old Bailey St, On Wah Bldg, One Exchange Sq, One Pacific Pl, Orient Twr, Pacific Pl, Pacific Plz, Paliburg Plz, Park, Paul, Peak Rd, Pearls Ltd, Peninsula Office Twr, Peterson St, Place- Lockhart Rd, Plaza Russell St, Plaza- Harbour Rd, Po Industrial Estate, Po Kong, Point IMerchants Ltd, Point Industrial Bldg, Pokphand Company Ltd, Port Rd, Prat Ave, Prince, Private, Prosperity Centre, Queen, Queens Rd, Quenn, RBS Tower-Times Sq, Railway Plz, Resources Bldg, Rural Commit Shatin, Rural Committee Rd, SE Industrial Bldg, Safety Godown Bldg, Sang Commerial Bldg, Sea, Seas Group Bldg, Sha Tsui, Sha Tsui Lee, Sha Tsui Rd, Sha Wan Rd, Sham Mong Rd, Shan Centre Queen, Shanghai St, Shatin Ind, Shell Twr, Sheug Wan, Sheung Heung Rd, Sheung Wan, Sheung Yuet Rd, Shing Rd, Shing Wan Rd, Shui On Centre, Shun Ho Twr, Silvercord Twr, Sing Pao Bldg, Sino Centre, Sino Plz, Sons HK Ltd, Stanhope House King, Strand, Sum St, Sun Commercial Centre, Sun Group Bldg, Sun Plz, Sunshine Plz, Systems Ltd, TV Twr, Tai Nan, Tai Yau St, Tak Centre, Tak Commercial Bldg, Tak Fung St, Tan Industrial Centre, Tat Commercial Bldg, Tat Ctr, Tech Ctr, Technologies Holdings Ltd, Technology Corporation Ltd, Technology Tower, Tesbury Centre, Tesbury Centre Queen, Texaco Rd, The Center Queen, The Centre Queen, The Ctr, The Grande Bldg, The Harbourfront, The Metropolis Twr, Three Pacific Pl, Thriving Industrial Ctr, Ting Rd, To Rd, Tong, Tong Rd, Tong St, Topsail Plz, Tower Rm, Towers II, Trade Centre, Tseung Kwan, Tsimshatsui Kowloon Cafe, Tsing Yi Rd, Two Exchange Sq, Two Pacific Pl, Unit, Universal Industrial Centre, Valiant Industrial Centre, Veristrong Industrial Centre, Vicwood Plz, Voeux Rd, Vouex Rd, Wai Yip St, Wan New Territories, Wan Rd, Wan St, Wang Chiu Rd, Watson Centre, Wing Hong St, Wing On Plz, Wing Rd, Wing Rm, Wing Yip St, Wo St, Wood Company Ltd, Wu Bldg, Wuhu St, Wyndham Pl, Wyndham St, Yale Industrial Centre, Yally Industrial Bldg, Yardley Commercial Bldg, Yat St, Yee Bldg, Yee Wo St, Yiko Industrial Bldg, Yip Rd, Yip St, Yiu St, Young, Yue Hing Bldg, Yue Xiu Bldg, Yuen Rd, Yuet Rd, Yui St, ..

2007-07-16 17:24  Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! :: RE: Help, possible Trojan Paypal compromised
Author: AlexW Posted: Mon Jul 16, 2007 5:24 pm (GMT 0) Hi Prince_Serendip, thanks for getting back to me. The Logitech Desktop Messenger has been removed. I also did away with DAP as it wasn't being used. I ran SuperAntiSpyware just after I posted the second HJT log, it found Rundl32.exe (not rundll32.exe) and removed it, however there's still an entry listed in 04 - HKLM.....[Windows Automatic Updater] rundl32.exe. Should that be there Updated log as requested Logfile of HijackThis v1.99.1 Scan …
Read more on “CastleCops Recent Posts”

Tags:

AE Symantec AntiVirus, AcRdB, AcroIEHelper, ActiveDataInfo Class, ActiveLauncher ActiveLauncher, Adobe Photo Downloader, AdobeUpdateManager, AlertEng, America Online Inc, AudioDrvEmulator, Automatic Updater, AvSniff, BHO SSVHelper Class, BHO Yahoo, BT Yahoo, Browser, CD DmiReader Class, CDROM Access, CLTNetCnService, CTHelper CTHELPER, CTSUEng, CTsvcCDA, CTxfiHlp CTXFIHLP, Class, CmdMapping BC-A, Control, Creative Detector, Creative Software AutoUpdate, Creative Technology Ltd, DAP Cleanup, DPF NTLSignup, Dell, Document, Express Cleanup, Extra, Extra Tools, FE LSSupCtl Class, FF MsnMessengerSetupDownloadControl Class, Help, HijackThis, IAAnotif, INTERNATIONAL International, Intel Corporation, Internet Explorer, LSSupCtl, LanguageShortcut, LinkId, Logfile, Logitech Desktop Messenger, Macrovision Corporation, Messenger, Microsoft, Microsoft Excel, MsPMSPSv, NTLSignup, NVRTCLK NVRTClk, NeroCheck, NeroFilterCheck, Netscape, Option, PC Tools, PCMService, PIFSvc, PROGRA Yahoo, PifEng, Program Files DAP, Program Files Java, Program Files Messenger, Program Files QuickTime, Program Files Yahoo, ProgramFiles WinPcap, Protocol, QuickTime Task, RCSystem, Real, Research, Rundl, SDTray, SSODL WPDShServiceObj, SUPERAntiSpyware, Service, Service COM Host, Service Creative Service, Service LiveUpdate, Service Speed Disk, Service YPCService, SharedContent, Shdocvw, Startup PowerReg Scheduler, Sun Java Console, SunJavaUpdateSched, SuperAntiSpyware, SymAData, Symantec Corporation, Symantec PIF AlertEng, SysPro, SysProWmi Class, Toolbar BT Yahoo, Trojan Paypal, Unknown, UpdReg, UpdateManager, Updated, VolPanel, WINDOWS Explorer, WINDOWS SYSTEM WgaLogon, WINDOWS System, WINDOWS UpdReg, WINDOWSabout, WPDShServiceObj, WildTangent Active Launcher, Windows Automatic Updater, Windows Messenger, Winlogon Notify, Winlogon Notify WgaLogon, YPager, Yahoo, ..

2007-07-15 21:50  think i got virtumonde
sorry i didnt do online scan i dont have internet explorer. the reason im requesting help is because when I ran spybot virtumonde showed up and when i read the discription it said that could be hard to remove so i just want to make sure it is gone. Anyway here is my hjt Logfile of HijackThis v1.99.1 Scan saved at 5:44:32 PM, on 7/15/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system3 …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, ActiveX AcroIEHelper, BHO AcroIEHlprObj Class, BHO SSVHelper Class, BHO Yahoo, Backward Links, Bonjour, CKAVWebScan Object, Cached Snapshot, Desktop HijackThis, Document, English, Extra, Extra Tools, Google Search, GoogleToolbar, Helper, Hewlett-Packard Company, Hewlett-Packard Development Company, HijackThis, ISUSPM Startup, ISUSScheduler, Install, Internet Explorer, Java Plug-in, Logfile, Macrovision Corporation, Messenger, PROGRA Grisoft AVGFRE, Page, Program Files, Program Files Java, Program Files Messenger, Program Files Spybot, Program Files Yahoo, RecGuard, SSODL WPDShServiceObj, Search Destroy SpybotSD, Search Destroy TeaTimer, Service, Services Button, Setting, Similar Pages, SpybotSD TeaTimer, Sun Java Console, SunJavaUpdateSched, SynTPEnh, SynTPLpr, Toolbar Yahoo, Translate English Word, Translate Page, URLSearchHook Yahoo, Unknown, WINDOWS Explorer, WINDOWS System, WPDShServiceObj, Windows Messenger, Windows SMINST RecGuard, Winsock LSP, YInstStarter Class, Yahoo, YahooMessenger, ..

2007-07-15 19:24  Virtuamonde / Angent.At
Two infections that won't go away, Virtuamonde + a 4 part other thingy. Symptoms include popups and an eerie feeling of being watched. Logfile of HijackThis v1.99.1 Scan saved at 3:18:27 PM, on 7/15/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svcho …
Read more on “Safer Networking Forums”

Tags:

ATI Technologies Inc, Angent, AppInit DLLs, AudioDeck, Avira GmbH, Extra, Extra Tools, GPLv, Gadwin PrintScreen, Google, HijackThis, Installation Support, Internet Explorer, LastFM, Macrovision Corporation, Messenger, PROGRA Grisoft AVGFRE, Program Files AIM, Program Files Java, Program Files Last, Program Files Messenger, Program Files Spybot, Program Files Yahoo, Programs Azureus Azureus, Programs PrintScreen PrintScreen, Reader, Search Destroy SpybotSD, Service ATI Smart, Service DomainService, Service GoogleDesktopManager, Sun Java Console, UltraMon, Unknown, Virtuamonde, WINDOWS System, Windows Messenger, Yinsthelper, ..

2007-07-15 18:59  Virtumonde infection not going away
Managed to recieve a trojan which w