1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

How can I remove the spyfalcon system tray??

Discussion in 'Malware and Virus Removal Archive' started by Dreck, 2006/05/26.

  1. 2006/05/26
    Dreck

    Dreck Inactive Thread Starter

    Joined:
    2006/05/26
    Messages:
    5
    Likes Received:
    0
    How can I remove the system tray Icon?

    I have alredy removed the program spyfalcon, but the annoying system tray that looks liake a green weel chair and changes to a red sign. Can you help me??

    Here is my HJT log file:

    Logfile of HijackThis v1.99.1
    Scan saved at 13:19:59, on 26-05-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Nesta\Ambiente de trabalho\Programas\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programas\Ficheiros comuns\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programas\Ficheiros comuns\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe "
    O4 - HKLM\..\Run: [ATICCC] "C:\Programas\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [Name of App] C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programas\MessengerPlus! 3\MsgPlus.exe "
    O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe "
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programas\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Programas\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe "
    O4 - Startup: Adobe Gamma.lnk = C:\Programas\Ficheiros comuns\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Registration Prince of Persia T2T.LNK = C:\Programas\Ubisoft\Prince of Persia T2T\Support\Register\RegistrationReminder.exe
    O4 - Global Startup: Bandeja do sistema do ATI CATALYST.lnk = C:\Programas\ATI Technologies\ATI.ACE\CLI.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programas\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Programas\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programas\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Programas\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHEI~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Programas\TGTSoft\StyleXP\StyleXPService.exe
     
    Dreck,
    #1
  2. 2006/05/26
    Dreck

    Dreck Inactive Thread Starter

    Joined:
    2006/05/26
    Messages:
    5
    Likes Received:
    0
    I need help to remove the annoying system tray icon. Please help me!!!
     
    Dreck,
    #2


  3. to hide this advert.

  4. 2006/05/26
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Dreck - Welcome to the Board :)

    Please don't double post - I have merged your 2 posts to a single thread.

    Boot into Safe Mode, rescan with HJT and place a checkmark against this entry and click on Fix selected ....

    O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)

    Stay in safe mode and make a full system scan with Ewido, which I see you have installed, save the report.

    Reboot into normal mode and post the HJT and Ewido logs here.
     
    PeteC,
    #3
  5. 2006/05/26
    Dreck

    Dreck Inactive Thread Starter

    Joined:
    2006/05/26
    Messages:
    5
    Likes Received:
    0
    The icon is gonne! Isn't it??

    Sorry for the doble post :eek: .

    Here are the logs:


    + Criado em: 17:21:52, 26-05-2006
    + Relatório-Checksum: DD9A805D

    + Resultado da verificação:

    :mozilla.36:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Doubleclick : Limpo com backup
    :mozilla.42:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Atdmt : Limpo com backup
    :mozilla.49:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Sextracker : Limpo com backup
    :mozilla.50:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Sextracker : Limpo com backup
    :mozilla.51:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup
    :mozilla.53:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup
    :mozilla.54:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup
    :mozilla.55:C:\Documents and Settings\Nesta\Application Data\Mozilla\Firefox\Profiles\856s0kft.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup


    ::Fim do Relatório


    HJT:

    Logfile of HijackThis v1.99.1
    Scan saved at 16:42:52, on 26-05-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Nesta\Ambiente de trabalho\Programas\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programas\Ficheiros comuns\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programas\Ficheiros comuns\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe "
    O4 - HKLM\..\Run: [ATICCC] "C:\Programas\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [Name of App] C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programas\MessengerPlus! 3\MsgPlus.exe "
    O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe "
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programas\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Programas\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe "
    O4 - Startup: Adobe Gamma.lnk = C:\Programas\Ficheiros comuns\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Registration Prince of Persia T2T.LNK = C:\Programas\Ubisoft\Prince of Persia T2T\Support\Register\RegistrationReminder.exe
    O4 - Global Startup: Bandeja do sistema do ATI CATALYST.lnk = C:\Programas\ATI Technologies\ATI.ACE\CLI.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programas\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Programas\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programas\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Programas\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHEI~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Programas\TGTSoft\StyleXP\StyleXPService.exe

    Thank you!
     
    Dreck,
    #4
  6. 2006/05/26
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Ewido picked up nothing but a few tracking cookies.

    This entry has returned in your HJT log ....

    O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)

    Download Killbox to your desktop - do not attempt to run it yet.

    Boot into Safe Mode and run Killbox and select Delete on Reboot

    Copy this list of file locations to your clipboard ....

    C:\WINDOWS\SYSTEM32\winmqx32.dll

    Go to File > Paste from clipboard and Click All Files

    Press the button with a red circle with an X in it, then Yes when prompted to restart your computer.

    I am not sure whether or not that file exists, but the entry has returned.
    Then scan again with HJT and post the log.
     
    PeteC,
    #5
  7. 2006/05/26
    Dreck

    Dreck Inactive Thread Starter

    Joined:
    2006/05/26
    Messages:
    5
    Likes Received:
    0
    Here!

    Logfile of HijackThis v1.99.1
    Scan saved at 18:37:29, on 26-05-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programas\ATI Technologies\ATI.ACE\cli.exe
    C:\Programas\MessengerPlus! 3\MsgPlus.exe
    C:\Programas\HP\HP Software Update\HPWuSchd2.exe
    C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
    C:\Programas\D-Tools\daemon.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programas\Messenger\msmsgs.exe
    C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
    C:\Programas\ATI Technologies\ATI.ACE\CLI.exe
    C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccProxy.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
    C:\Programas\ewido anti-malware\ewidoctrl.exe
    C:\Programas\ewido anti-malware\ewidoguard.exe
    C:\Programas\Norton Internet Security\ISSVC.exe
    C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programas\ATI Technologies\ATI.ACE\cli.exe
    C:\Documents and Settings\Nesta\Ambiente de trabalho\Programas\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programas\Ficheiros comuns\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programas\Ficheiros comuns\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe "
    O4 - HKLM\..\Run: [ATICCC] "C:\Programas\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [Name of App] C:\Programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programas\MessengerPlus! 3\MsgPlus.exe "
    O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe "
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programas\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Programas\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe "
    O4 - Startup: Adobe Gamma.lnk = C:\Programas\Ficheiros comuns\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Registration Prince of Persia T2T.LNK = C:\Programas\Ubisoft\Prince of Persia T2T\Support\Register\RegistrationReminder.exe
    O4 - Global Startup: Bandeja do sistema do ATI CATALYST.lnk = C:\Programas\ATI Technologies\ATI.ACE\CLI.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programas\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Programas\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programas\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Programas\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHEI~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Programas\TGTSoft\StyleXP\StyleXPService.exe


    The HJT said that the file had been removed for external program.
     
    Dreck,
    #6
  8. 2006/05/26
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Your HJT log looks clean to me - Ewido picked up nothing apart from a few tracking cookies - is the icon still there ?
     
    PeteC,
    #7
  9. 2006/05/26
    Dreck

    Dreck Inactive Thread Starter

    Joined:
    2006/05/26
    Messages:
    5
    Likes Received:
    0
    Thank You!! :D

    No the icon is gone! :D
    thank you, that thing was driving me crasy.
     
    Dreck,
    #8
  10. 2006/05/26
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    You're welcome :)
     
    PeteC,
    #9

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...