1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Problem with Windows viewer

Discussion in 'Windows XP' started by prairiecats, 2006/07/13.

  1. 2006/07/13
    prairiecats

    prairiecats Inactive Thread Starter

    Joined:
    2006/07/13
    Messages:
    4
    Likes Received:
    0
    :confused: Hi,
    I have a strange problem here. When I scan an image and send it as an attachment, a whole bunch of random images that apparently come from temp files are attached to it. You can scroll away and see all kinds of junk that make no sense. Pieces of web pages and the like. Any idea how these images are getting there? Thank you for any help you may offer. :confused:
     
    prairiecats,
    #1
  2. 2006/07/13
    Welshjim

    Welshjim Inactive

    Joined:
    2002/01/07
    Messages:
    5,643
    Likes Received:
    0
    prairiecats--If you have a lot of files in Temp, perhaps you should clean them out--even if this is not the source of the attachment problem.
    Try DiskCleanup (Start|Run|Accessories|System Tools). Let the scan run and then check boxes for the folders you want to clean out before proceeding.
    Are you talking about Outlook Express?
    If the above has not helped, you may want to Repair IE/OE (they are enmeshed programs)
    http://www.theeldergeek.com/repair_ie6.htm
    Is this happening only when you send scanned images as attachments? Or when you send any attachment? (Or only image attachments?)
    What file extension do the problem attachments have?
    What does your recipient see?
     
    Welshjim,
    #2


  3. to hide this advert.

  4. 2006/07/16
    prairiecats

    prairiecats Inactive Thread Starter

    Joined:
    2006/07/13
    Messages:
    4
    Likes Received:
    0
    Here's the latest scoop Pt.1

    Thank you Jim for responding. Here is the scoop. I deleted all temp files. Next, disk cleanup ran but nothing changed. I cannot run the repair on IE/OE repair because it claims it cannot find Service Pak 2 which I know is installed. When does this happen? It happens in all mail programs from outlook express to yahoo on any attachment (sent or received) that includes a picture which is opened with the windows viewer. The file extension on all the images is [1]. My adaware log file is below along with a hijack this log. Thank you again for responding.
    I had to continure the log in a second and third post.


    Ad-Aware SE Build 1.05
    Logfile Created on:Sunday, July 16, 2006 12:24:38 PM
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R114 08.07.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Tracking Cookie(TAC index:3):1 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects


    7-16-2006 12:24:38 PM - Scan started. (Full System Scan)

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 548
    ThreadCreationTime : 7-16-2006 5:17:17 PM
    BasePriority : Normal


    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 612
    ThreadCreationTime : 7-16-2006 5:17:20 PM
    BasePriority : Normal


    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 644
    ThreadCreationTime : 7-16-2006 5:17:22 PM
    BasePriority : High


    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 688
    ThreadCreationTime : 7-16-2006 5:17:22 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 700
    ThreadCreationTime : 7-16-2006 5:17:22 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 860
    ThreadCreationTime : 7-16-2006 5:17:23 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 928
    ThreadCreationTime : 7-16-2006 5:17:23 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1024
    ThreadCreationTime : 7-16-2006 5:17:24 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1080
    ThreadCreationTime : 7-16-2006 5:17:24 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1152
    ThreadCreationTime : 7-16-2006 5:17:24 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [ccsetmgr.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ProcessID : 1492
    ThreadCreationTime : 7-16-2006 5:17:25 PM
    BasePriority : Normal
    FileVersion : 104.0.8.3
    ProductVersion : 104.0.8.3
    ProductName : Client and Host Security Platform
    CompanyName : Symantec Corporation
    FileDescription : Symantec Settings Manager Service
    InternalName : ccSetMgr
    LegalCopyright : Copyright (c) 2000-2005 Symantec Corporation. All rights reserved.
    OriginalFilename : ccSetMgr.exe

    #:12 [ccevtmgr.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ProcessID : 1520
    ThreadCreationTime : 7-16-2006 5:17:25 PM
    BasePriority : Normal
    FileVersion : 104.0.8.3
    ProductVersion : 104.0.8.3
    ProductName : Client and Host Security Platform
    CompanyName : Symantec Corporation
    FileDescription : Symantec Event Manager Service
    InternalName : ccEvtMgr
    LegalCopyright : Copyright (c) 2000-2005 Symantec Corporation. All rights reserved.
    OriginalFilename : ccEvtMgr.exe

    #:13 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1672
    ThreadCreationTime : 7-16-2006 5:17:26 PM
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : EXPLORER.EXE

    #:14 [sndsrvc.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ProcessID : 1732
    ThreadCreationTime : 7-16-2006 5:17:26 PM
    BasePriority : Normal
    FileVersion : 6.0.3.303
    ProductVersion : 6.0
    ProductName : Symantec Security Drivers
    CompanyName : Symantec Corporation
    FileDescription : Network Driver Service
    InternalName : SndSrvc
    LegalCopyright : Copyright 2002 - 2006 Symantec Corporation
    OriginalFilename : SndSrvc.exe

    #:15 [spbbcsvc.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
    ProcessID : 1760
    ThreadCreationTime : 7-16-2006 5:17:26 PM
    BasePriority : Normal
    FileVersion : 2.1.0.4
    ProductVersion : 2.1.0.4
    ProductName : SPBBC
    CompanyName : Symantec Corporation
    FileDescription : SPBBC Service
    InternalName : SPBBCSvc
    LegalCopyright : Copyright (c) 2004, 2005 Symantec Corporation. All rights reserved.
    OriginalFilename : SPBBCSvc.exe

    #:16 [symlcsvc.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
    ProcessID : 1784
    ThreadCreationTime : 7-16-2006 5:17:27 PM
    BasePriority : Normal
    FileVersion : 1.9.1.826
    ProductVersion : 1.9.1.826
    ProductName : Symantec Core Component
    CompanyName : Symantec Corporation
    FileDescription : Symantec Core Component
    InternalName : symlcsvc
    LegalCopyright : Copyright (C) 2003
    OriginalFilename : symlcsvc.exe

    #:17 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 268
    ThreadCreationTime : 7-16-2006 5:17:29 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:18 [aluschedulersvc.exe]
    FilePath : C:\Program Files\Symantec\LiveUpdate\
    ProcessID : 476
    ThreadCreationTime : 7-16-2006 5:17:35 PM
    BasePriority : Normal
    FileVersion : 3.0.0.154
    ProductVersion : 3.0.0.154
    ProductName : LiveUpdate
    CompanyName : Symantec Corporation
    FileDescription : Automatic LiveUpdate Scheduler Service
    InternalName : Automatic LiveUpdate Scheduler Service
    LegalCopyright : Copyright © 1996-2005 Symantec Corporation
    OriginalFilename : ALUSchedulerSvc.exe

    #:19 [navapsvc.exe]
    FilePath : C:\Program Files\Norton AntiVirus\
    ProcessID : 520
    ThreadCreationTime : 7-16-2006 5:17:35 PM
    BasePriority : Normal
    FileVersion : 12.2.0.13
    ProductVersion : 12.2.0
    ProductName : Norton AntiVirus
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus Auto-Protect Service
    InternalName : NAVAPSVC
    LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
    OriginalFilename : NAVAPSVC.EXE

    #:20 [npfmntor.exe]
    FilePath : C:\Program Files\Norton AntiVirus\IWP\
    ProcessID : 588
    ThreadCreationTime : 7-16-2006 5:17:35 PM
    BasePriority : Normal
    FileVersion : 12.2.0.13
    ProductVersion : 12.2.0
    ProductName : Norton AntiVirus
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus Firewall Install Monitor
    InternalName : NPFMonitor
    LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
    OriginalFilename : NPFMonitor.EXE

    #:21 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1008
    ThreadCreationTime : 7-16-2006 5:17:38 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:22 [wdfmgr.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1112
    ThreadCreationTime : 7-16-2006 5:17:38 PM
    BasePriority : Normal
    FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
    ProductVersion : 5.2.3790.1230
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows User Mode Driver Manager
    InternalName : WdfMgr
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WdfMgr.exe

    #:23 [vttimer.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1616
    ThreadCreationTime : 7-16-2006 5:17:41 PM
    BasePriority : Normal
    FileVersion : 1.100.2004.0115
    ProductVersion : 1.100.2004.0115
    ProductName : S3 Graphics, Inc. Utilities
    CompanyName : S3 Graphics, Inc.
    InternalName : S3Timer
    LegalCopyright : Copyright (C) 2001-2004 S3 Graphics, Inc.
    LegalTrademarks : S3 is a registered trademark of S3 Incorporated

    #:24 [rundll32.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1592
    ThreadCreationTime : 7-16-2006 5:17:41 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Run a DLL as an App
    InternalName : rundll
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : RUNDLL.EXE

    #:25 [jusched.exe]
    FilePath : C:\Program Files\Java\jre1.5.0_06\bin\
    ProcessID : 1684
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal


    #:26 [itouch.exe]
    FilePath : C:\Program Files\Logitech\iTouch\
    ProcessID : 1744
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 2.22.289
    ProductVersion : 2.22.289
    ProductName : iTouch
    CompanyName : Logitech Inc.
    FileDescription : iTouch Application
    InternalName : iTouch
    LegalCopyright : (C) 1998-2003 Logitech. All rights reserved.
    LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
    OriginalFilename : iTouch.exe
    Comments : Created by the iTouch team

    #:27 [logi_mwx.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1844
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 9.79.024
    ProductVersion : 9.79.024
    ProductName : MouseWare
    CompanyName : Logitech Inc.
    FileDescription : Logitech Launcher Application
    InternalName : Logi_MWX
    LegalCopyright : (C) 1987-2003 Logitech. All rights reserved.
    LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
    OriginalFilename : Logi_MWX.exe
    Comments : Created by the MouseWare team

    #:28 [realsched.exe]
    FilePath : C:\Program Files\Common Files\Real\Update_OB\
    ProcessID : 1900
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 0.1.0.3249
    ProductVersion : 0.1.0.3249
    ProductName : RealPlayer (32-bit)
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
    LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
    OriginalFilename : realsched.exe

    #:29 [ituneshelper.exe]
    FilePath : C:\Program Files\iTunes\
    ProcessID : 1912
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 6.0.1.3
    ProductVersion : 6.0.1.3
    ProductName : iTunes
    CompanyName : Apple Computer, Inc.
    FileDescription : iTunesHelper Module
    InternalName : iTunesHelper
    LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
    OriginalFilename : iTunesHelper.exe
     
    Last edited: 2006/07/16
    prairiecats,
    #3
  5. 2006/07/16
    prairiecats

    prairiecats Inactive Thread Starter

    Joined:
    2006/07/13
    Messages:
    4
    Likes Received:
    0
    Latest scoop part.2

    #:30 [qttask.exe]
    FilePath : C:\Program Files\QuickTime\
    ProcessID : 1920
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 7.0.3
    ProductVersion : QuickTime 7.0.3
    ProductName : QuickTime
    CompanyName : Apple Computer, Inc.
    FileDescription : QuickTime Task
    InternalName : QuickTime Task
    LegalCopyright : Copyright Apple Computer, Inc. 1989-2005
    OriginalFilename : QTTask.exe

    #:31 [viewmgr.exe]
    FilePath : C:\Program Files\Viewpoint\Viewpoint Manager\
    ProcessID : 1932
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 2, 0, 0, 42
    ProductVersion : 2, 0, 0, 42
    ProductName : Viewpoint Manager
    CompanyName : Viewpoint Corporation
    FileDescription : ViewMgr
    InternalName : Viewpoint Manager
    LegalCopyright : Copyright © 2004
    OriginalFilename : ViewMgr.exe
    Comments : Viewpoint Manager

    #:32 [ccapp.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ProcessID : 1948
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 104.0.8.3
    ProductVersion : 104.0.8.3
    ProductName : Client and Host Security Platform
    CompanyName : Symantec Corporation
    FileDescription : Symantec User Session
    InternalName : ccApp
    LegalCopyright : Copyright (c) 2000-2005 Symantec Corporation. All rights reserved.
    OriginalFilename : ccApp.exe

    #:33 [hpgs2wnd.exe]
    FilePath : C:\Program Files\Hewlett-Packard\HP Share-to-Web\
    ProcessID : 2000
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 2,3,0,0\ 162
    ProductVersion : 2,3,0,0\ 162
    ProductName : Hewlett-Packard hpgs2wnd
    CompanyName : Hewlett-Packard
    FileDescription : hpgs2wnd
    InternalName : hpgs2wnd
    LegalCopyright : Copyright © 2001
    OriginalFilename : hpgs2wnd.exe

    #:34 [msmsgs.exe]
    FilePath : C:\Program Files\Messenger\
    ProcessID : 2012
    ThreadCreationTime : 7-16-2006 5:17:42 PM
    BasePriority : Normal
    FileVersion : 4.7.3001
    ProductVersion : Version 4.7.3001
    ProductName : Messenger
    CompanyName : Microsoft Corporation
    FileDescription : Windows Messenger
    InternalName : msmsgs
    LegalCopyright : Copyright (c) Microsoft Corporation 2004
    LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
    OriginalFilename : msmsgs.exe

    #:35 [ypager.exe]
    FilePath : C:\Program Files\Yahoo!\Messenger\
    ProcessID : 2020
    ThreadCreationTime : 7-16-2006 5:17:43 PM
    BasePriority : Normal


    #:36 [gwremind.exe]
    FilePath : C:\Program Files\Greetings Workshop\
    ProcessID : 116
    ThreadCreationTime : 7-16-2006 5:17:43 PM
    BasePriority : Normal
    FileVersion : 1, 0, 0, 2
    ProductVersion : 1, 0, 0, 2
    ProductName : Microsoft Greetings Workshop Reminder
    CompanyName : Microsoft Corporation
    FileDescription : gwremind
    InternalName : gwremind
    LegalCopyright : Copyright © 1996
    LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
    OriginalFilename : gwremind.exe
    Comments : Greetings Workshop Reminder 1.0 for Windows® 95

    #:37 [ipodservice.exe]
    FilePath : C:\Program Files\iPod\bin\
    ProcessID : 704
    ThreadCreationTime : 7-16-2006 5:17:44 PM
    BasePriority : Normal
    FileVersion : 6.0.1.3
    ProductVersion : 6.0.1.3
    ProductName : iTunes
    CompanyName : Apple Computer, Inc.
    FileDescription : iPodService Module
    InternalName : iPodService
    LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
    OriginalFilename : iPodService.exe

    #:38 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1896
    ThreadCreationTime : 7-16-2006 5:17:46 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:39 [hpgs2wnf.exe]
    FilePath : C:\Program Files\Hewlett-Packard\HP Share-to-Web\
    ProcessID : 2088
    ThreadCreationTime : 7-16-2006 5:17:46 PM
    BasePriority : Normal
    FileVersion : 2, 6, 0,*162
    ProductVersion : 2, 6, 0,*162
    ProductName : hpgs2wnf Module
    FileDescription : hpgs2wnf Module
    InternalName : hpgs2wnf
    LegalCopyright : Copyright 2001
    OriginalFilename : hpgs2wnf.EXE

    #:40 [nscsrvce.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\Security Console\
    ProcessID : 2468
    ThreadCreationTime : 7-16-2006 5:18:39 PM
    BasePriority : Normal
    FileVersion : 2006.1.5.17
    ProductVersion : 2006.1.5
    ProductName : Norton Security Console
    CompanyName : Symantec Corporation
    FileDescription : Norton Security Console Norton Protection Center Service
    InternalName : NSCService
    LegalCopyright : Norton Security Console 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
    OriginalFilename : NSCSrvce.exe

    #:41 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ProcessID : 3264
    ThreadCreationTime : 7-16-2006 5:18:48 PM
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : IEXPLORE.EXE

    #:42 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 3896
    ThreadCreationTime : 7-16-2006 5:21:53 PM
    BasePriority : Normal
    FileVersion : 6.2.0.206
    ProductVersion : VI.Second Edition
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0


    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0


    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0


    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : claudia@statcounter[1].txt
    Category : Data Miner
    Comment : Hits:1
    Value : Cookie:claudia@statcounter.com/
    Expires : 7-14-2011 1:23:54 PM
    LastSync : Hits:1
    UseCount : 0
    Hits : 1

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 1



    Deep scanning and examining files (C:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1


    Scanning Hosts file......
    Hosts file location: "C:\WINDOWS\system32\drivers\etc\hosts ".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Hosts file scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    1 entries scanned.
    New critical objects:0
    Objects found so far: 1




    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    12:38:48 PM Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:14:10.828
    Objects scanned:164295
    Objects identified:1
    Objects ignored:0
    New critical objects:1
     
    prairiecats,
    #4
  6. 2006/07/16
    prairiecats

    prairiecats Inactive Thread Starter

    Joined:
    2006/07/13
    Messages:
    4
    Likes Received:
    0
    scoop part 3 (hijack log)

    Logfile of HijackThis v1.99.0
    Scan saved at 2:18:32 PM, on 7/16/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\WINDOWS\Logi_MwX.Exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Yahoo!\Messenger\ypager.exe
    C:\Program Files\Greetings Workshop\GWREMIND.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Claudia\Desktop\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT "
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: www.lexis.com
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...hicles/2005/4runner/ext360.html?noreloadredir
    O16 - DPF: {09C6CAC0-936E-40A0-BC26-707480103DC3} (shizmoo Class) - http://uproar.com/applets/activex/shizmoo/flipside_web18.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/d.../mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124125844468
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqna/downloads/msxml4.cab
    O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/546...img/operations/symbizpr/xcontrol/SymDlBrg.cab
    O16 - DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} (Actimage Room Control) - http://actimage.dancik.com/ib/download/actimage40930.cab
    O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://66.242.36.104/app/view22RTE.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Symantec AVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
     
    prairiecats,
    #5

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...