Unsolved
This post is more than 5 years old
4 Posts
0
5753
February 1st, 2006 02:00
winfixer help
Please help me rid my computer of the Winfixer virus(?). I have scanned, deleted, used Norton, and nothing seems to help. Anyone out there that can help me?
Carol
No Events found!
jaja514
2 Posts
0
February 1st, 2006 04:00
hi,
I am having a similar problem. I keep getting the Winfixer 2006 pop-up, but whenever it goes to start to download, my internet explorer browser pops up (i use an AOL browser) and then the info bar says it has stopped the download. Does this mean I haven't been infected? Or that I have? What should I do about it?
The site winfixerremover.org has a free download of Xoft Spy which they reccommend...should I use it?
Sorry, I really know very little about computers...
Message Edited by jaja514 on 02-01-2006 12:28 AM
ky331
5 Journeyman
•
15.6K Posts
•
45K Points
0
February 1st, 2006 11:00
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
* Save it to your Desktop
* Close all running programs (including your Internet Browser)
* Double-click VirtumundoBeGone.exe on the desktop
* Follow the directions as indicated
please be advised that this program will generate a "BLUE SCREEN OF DEATH"... this is an expected/necessary part of the process, so don't be surprised when it happens.
just reboot if your system "jams"*********************
If this stops the WinFixer popups (and warning messages about trojan vundo/virtumundo), then we've succeeded, and you can STOP here.
[but if you still get WinFixer popups/notifications after running VBG and rebooting, then the next thing to try is HiJack This.... ]
jaja514
2 Posts
0
February 1st, 2006 16:00
Here is my log...
[02/01/2006, 12:26:56] - Detected System Information:
[02/01/2006, 12:26:56] - Windows Version: 5.1.2600, Service Pack 2
[02/01/2006, 12:26:56] - Current Username: CS (Admin)
[02/01/2006, 12:26:56] - Windows is in NORMAL mode.
[02/01/2006, 12:26:56] - Searching for Browser Helper Objects:
[02/01/2006, 12:26:56] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/01/2006, 12:26:56] - BHO 2: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} ()
[02/01/2006, 12:26:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/01/2006, 12:26:56] - Checking for HKLM\...\Winlogon\Notify\deSrcAs
[02/01/2006, 12:26:56] - Key not found: HKLM\...\Winlogon\Notify\deSrcAs, continuing.
[02/01/2006, 12:26:56] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[02/01/2006, 12:26:56] - BHO 4: {93C6313C-9DB4-4694-8BD0-E378C573A9AD} (ATLDistrib Object)
[02/01/2006, 12:26:56] - ALERT: Found ATLDistrib Object!
[02/01/2006, 12:26:56] - BHO 5: {9ECB9560-04F9-4bbc-943D-298DDF1699E1} (CNisExtBho Class)
[02/01/2006, 12:26:56] - BHO 6: {BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class)
[02/01/2006, 12:26:56] - Finished Searching Browser Helper Objects
[02/01/2006, 12:26:56] - *** Detected ATLDistrib Object
[02/01/2006, 12:26:56] - Trying to remove ATLDistrib Object...
[02/01/2006, 12:26:57] - Terminating Process: IEXPLORE.EXE
[02/01/2006, 12:26:57] - Terminating Process: RUNDLL32.EXE
[02/01/2006, 12:26:57] - Disabling Automatic Shell Restart
[02/01/2006, 12:26:57] - Terminating Process: EXPLORER.EXE
[02/01/2006, 12:26:57] - Suspending the NT Session Manager System Service
[02/01/2006, 12:26:58] - Terminating Windows NT Logon/Logoff Manager
[02/01/2006, 12:26:58] - Re-enabling Automatic Shell Restart
[02/01/2006, 12:26:58] - File to disable: C:\WINDOWS\system32\oppmk.dll
[02/01/2006, 12:26:58] - Renaming C:\WINDOWS\system32\oppmk.dll -> C:\WINDOWS\system32\oppmk.dll.vir
[02/01/2006, 12:26:58] - File successfully renamed!
[02/01/2006, 12:26:58] - Removing HKLM\...\Browser Helper Objects\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[02/01/2006, 12:26:58] - Removing HKCR\CLSID\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[02/01/2006, 12:26:58] - Adding Kill Bit for ActiveX for GUID: {93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[02/01/2006, 12:26:58] - Deleting ATLEvents/MSEvents Registry entries
[02/01/2006, 12:26:58] - Removing HKLM\...\Winlogon\Notify\oppmk
[02/01/2006, 12:26:58] - Searching for Browser Helper Objects:
[02/01/2006, 12:26:58] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/01/2006, 12:26:58] - BHO 2: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} ()
[02/01/2006, 12:26:58] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/01/2006, 12:26:58] - Checking for HKLM\...\Winlogon\Notify\deSrcAs
[02/01/2006, 12:26:58] - Key not found: HKLM\...\Winlogon\Notify\deSrcAs, continuing.
[02/01/2006, 12:26:58] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[02/01/2006, 12:26:58] - BHO 4: {9ECB9560-04F9-4bbc-943D-298DDF1699E1} (CNisExtBho Class)
[02/01/2006, 12:26:58] - BHO 5: {BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class)
[02/01/2006, 12:26:58] - Finished Searching Browser Helper Objects
[02/01/2006, 12:26:58] - Finishing up...
[02/01/2006, 12:26:58] - A restart is needed.
[02/01/2006, 12:26:58] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[02/01/2006, 12:27:08] - Attempting to Restart via STOP error (Blue Screen!)
Message Edited by jaja514 on 02-01-2006 12:34 PM
ky331
5 Journeyman
•
15.6K Posts
•
45K Points
0
February 1st, 2006 17:00
caroltn
4 Posts
0
February 2nd, 2006 02:00
So far so good. I hope the virus is gone. Thank you for you help. I am new to this thread and really appreciate the help.
Carol
heath9179
5 Posts
0
February 3rd, 2006 00:00
Hello
I had the same problem and I followed the suggestion that was given. Here is my VBG-Report, is my problem removed or is there something else I need to do.
Thanks,
Heather
[02/02/2006, 21:34:54] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Heather Okun\Local Settings\Temporary Internet Files\Content.IE5\0HMBK5E3\VirtumundoBeGone[1].exe" )
[02/02/2006, 21:35:06] - Detected System Information:
[02/02/2006, 21:35:06] - Windows Version: 5.1.2600, Service Pack 2
[02/02/2006, 21:35:06] - Current Username: Heather Okun (Admin)
[02/02/2006, 21:35:06] - Windows is in NORMAL mode.
[02/02/2006, 21:35:07] - Searching for Browser Helper Objects:
[02/02/2006, 21:35:07] - BHO 1: {02478D38-C3F9-4efb-9B51-7695ECA05670} (Yahoo! Companion BHO)
[02/02/2006, 21:35:07] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/02/2006, 21:35:07] - BHO 3: {549B5CA7-4A86-11D7-A4DF-000874180BB3} ()
[02/02/2006, 21:35:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/02/2006, 21:35:07] - No filename found. Continuing.
[02/02/2006, 21:35:07] - BHO 4: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[02/02/2006, 21:35:07] - BHO 5: {83A5F7B7-DC75-44CE-9195-264F41709FA9} (ATLDistrib Object)
[02/02/2006, 21:35:07] - ALERT: Found ATLDistrib Object!
[02/02/2006, 21:35:07] - BHO 6: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} ()
[02/02/2006, 21:35:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/02/2006, 21:35:07] - No filename found. Continuing.
[02/02/2006, 21:35:07] - Finished Searching Browser Helper Objects
[02/02/2006, 21:35:07] - *** Detected ATLDistrib Object
[02/02/2006, 21:35:07] - Trying to remove ATLDistrib Object...
[02/02/2006, 21:35:08] - Terminating Process: IEXPLORE.EXE
[02/02/2006, 21:35:09] - Terminating Process: RUNDLL32.EXE
[02/02/2006, 21:35:10] - Disabling Automatic Shell Restart
[02/02/2006, 21:35:10] - Terminating Process: EXPLORER.EXE
[02/02/2006, 21:35:12] - Suspending the NT Session Manager System Service
[02/02/2006, 21:35:12] - Terminating Windows NT Logon/Logoff Manager
[02/02/2006, 21:35:15] - Re-enabling Automatic Shell Restart
[02/02/2006, 21:35:16] - File to disable: C:\WINDOWS\system32\tuvvv.dll
[02/02/2006, 21:35:16] - Renaming C:\WINDOWS\system32\tuvvv.dll -> C:\WINDOWS\system32\tuvvv.dll.vir
[02/02/2006, 21:35:21] - File successfully renamed!
[02/02/2006, 21:35:21] - Removing HKLM\...\Browser Helper Objects\{83A5F7B7-DC75-44CE-9195-264F41709FA9}
[02/02/2006, 21:35:22] - Removing HKCR\CLSID\{83A5F7B7-DC75-44CE-9195-264F41709FA9}
[02/02/2006, 21:35:22] - Adding Kill Bit for ActiveX for GUID: {83A5F7B7-DC75-44CE-9195-264F41709FA9}
[02/02/2006, 21:35:22] - Deleting ATLEvents/MSEvents Registry entries
[02/02/2006, 21:35:22] - Removing HKLM\...\Winlogon\Notify\tuvvv
[02/02/2006, 21:35:23] - Searching for Browser Helper Objects:
[02/02/2006, 21:35:23] - BHO 1: {02478D38-C3F9-4efb-9B51-7695ECA05670} (Yahoo! Companion BHO)
[02/02/2006, 21:35:23] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/02/2006, 21:35:23] - BHO 3: {549B5CA7-4A86-11D7-A4DF-000874180BB3} ()
[02/02/2006, 21:35:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/02/2006, 21:35:23] - No filename found. Continuing.
[02/02/2006, 21:35:23] - BHO 4: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[02/02/2006, 21:35:23] - BHO 5: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} ()
[02/02/2006, 21:35:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/02/2006, 21:35:23] - No filename found. Continuing.
[02/02/2006, 21:35:23] - Finished Searching Browser Helper Objects
[02/02/2006, 21:35:23] - Finishing up...
[02/02/2006, 21:35:23] - A restart is needed.
[02/02/2006, 21:35:23] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[02/02/2006, 21:35:42] - Attempting to Restart via STOP error (Blue Screen!)
ky331
5 Journeyman
•
15.6K Posts
•
45K Points
0
February 3rd, 2006 12:00
heath9179
5 Posts
0
February 4th, 2006 01:00
Hi I ran the HiJack program and this is the log:
Logfile of HijackThis v1.99.1
Scan saved at 10:40:41 PM, on 2/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\AOL\1108870581\ee\AOLHostManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\Common Files\AOL\1108870581\ee\AOLServiceHost.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\America Online 9.0\waol.exe
c:\program files\common files\aol\1108870581\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1108870581\ee\AOLServiceHost.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\America Online 9.0\shellmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.halflemon.com/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: A9 &Toolbar - {200488FD-C76C-47cd-BDE5-FC2571261B63} - C:\Program Files\A9\A9Toolbar1.dll
O3 - Toolbar: A9 &Diary - {5FE96BC0-E89F-409d-9B68-6D3693E1BA83} - C:\Program Files\A9\A9Toolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1108870581\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [WinFixer 2006] C:\Program Files\WinFixer_2006\uwfx6.exe /scan
O4 - HKCU\..\Run: [WinFixer2006] "C:\Program Files\WinFixer_2006\uwfx6.exe" /min
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search the web with &A9.com - res://C:\Program Files\A9\A9Toolbar1.dll/SCONTEXT.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138918747444
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0883D152-9BE2-4FB0-9CC0-D1E3DC2A2EB8}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{0883D152-9BE2-4FB0-9CC0-D1E3DC2A2EB8}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
My computer is taking a very long time to load up. Is there something infecting it?
Thanks,
Heather
ky331
5 Journeyman
•
15.6K Posts
•
45K Points
0
February 4th, 2006 11:00