Inactive [InActive] IEXPLORE.EXE ERRORS-Suspect Virus

JoeB · 2008/11/21

I think I have a virus

Please help
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:07 PM, on 11/21/08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\SafeBoot\SBMGRNT.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Symantec\SPA\smc.exe
C:\Program Files\Symantec\SPA\snac.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AT&TGL~1\NetCfgSv.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Seagate\Sync\SeaSyncServices.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\SPA\SmcGui.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\V0400Mon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Comodo\CBOClean\BOC427.EXE
C:\Program Files\Symantec AntiVirus\vpc32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.drudgereport.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://oasis/
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe "
O4 - HKLM\..\Run: [SBMGRNT.EXE] C:\PROGRA~1\SafeBoot\SBMGRNT.EXE -WinLogon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AGNCF] "C:\Program Files\AT&T Global Network Client\MigrateFW.exe" -initonly /default=on /startup
O4 - HKLM\..\Run: [V0400Mon.exe] C:\WINDOWS\V0400Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [StxTrayMenu] "C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [BOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ceedo AutoDetect] C:\DOCUME~1\iujmheb\LOCALS~1\Temp\AutoDetect.exe /active
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://oasis
O15 - Trusted Zone: *.aaxchange.com
O15 - Trusted Zone: *.alldatapro.com
O15 - Trusted Zone: *.dealertrack.com
O15 - Trusted Zone: *.dealerups.com
O15 - Trusted Zone: http://*.drfintranet
O15 - Trusted Zone: http://*.drfsappp25
O15 - Trusted Zone: http://*.drfsiisp04
O15 - Trusted Zone: *.fiserv.com
O15 - Trusted Zone: http://deckard.geekstogo.com
O15 - Trusted Zone: http://*.jaxintranet
O15 - Trusted Zone: http://*.jaxsiisp3
O15 - Trusted Zone: http://*.jaxsiisp5
O15 - Trusted Zone: dealer.jmagroup.com
O15 - Trusted Zone: www.jmagroup.com
O15 - Trusted Zone: *.corp.jmfamily.com
O15 - Trusted Zone: cookiepro.jmfamily.com
O15 - Trusted Zone: http://patches.jmfamily.com
O15 - Trusted Zone: *.jmfamily.com
O15 - Trusted Zone: http://*.jmfemail.com
O15 - Trusted Zone: *.jmmenu.com
O15 - Trusted Zone: http://*.jmsc
O15 - Trusted Zone: *.jmsreporting.com
O15 - Trusted Zone: *.lexus.com
O15 - Trusted Zone: http://www.manheim.com
O15 - Trusted Zone: *.mmsa.com
O15 - Trusted Zone: http://*.mobintranet
O15 - Trusted Zone: http://www2.motorplace.com
O15 - Trusted Zone: http://*.oasis
O15 - Trusted Zone: http://*.oncall
O15 - Trusted Zone: *.onebridge.com
O15 - Trusted Zone: *.reyrey.com
O15 - Trusted Zone: http://www.setdealerdaily.com
O15 - Trusted Zone: *.setdealerdaily.com
O15 - Trusted Zone: http://jmfe.skillport.com
O15 - Trusted Zone: *.skillport.com
O15 - Trusted Zone: http://*.stlintranet
O15 - Trusted Zone: *.toyota.com
O15 - Trusted Zone: http://www.trendsecure.com
O15 - Trusted Zone: *.ups.com
O15 - Trusted Zone: *.vmsnet.com
O15 - Trusted Zone: *.worldtravel.net
O15 - Trusted Zone: *.aaxchange.com (HKLM)
O15 - Trusted Zone: *.alldatapro.com (HKLM)
O15 - Trusted Zone: *.dealertrack.com (HKLM)
O15 - Trusted Zone: *.dealerups.com (HKLM)
O15 - Trusted Zone: http://*.drfintranet (HKLM)
O15 - Trusted Zone: http://*.drfsappp25 (HKLM)
O15 - Trusted Zone: http://*.drfsiisp04 (HKLM)
O15 - Trusted Zone: *.fiserv.com (HKLM)
O15 - Trusted Zone: http://*.jaxintranet (HKLM)
O15 - Trusted Zone: http://*.jaxsiisp3 (HKLM)
O15 - Trusted Zone: http://*.jaxsiisp5 (HKLM)
O15 - Trusted Zone: *.corp.jmfamily.com (HKLM)
O15 - Trusted Zone: *.jmfamily.com (HKLM)
O15 - Trusted Zone: *.jmmenu.com (HKLM)
O15 - Trusted Zone: http://*.jmsc (HKLM)
O15 - Trusted Zone: *.lexus.com (HKLM)
O15 - Trusted Zone: http://www.manheim.com (HKLM)
O15 - Trusted Zone: *.mmsa.com (HKLM)
O15 - Trusted Zone: http://*.mobintranet (HKLM)
O15 - Trusted Zone: http://www2.motorplace.com (HKLM)
O15 - Trusted Zone: http://*.oasis (HKLM)
O15 - Trusted Zone: http://*.oncall (HKLM)
O15 - Trusted Zone: *.onebridge.com (HKLM)
O15 - Trusted Zone: *.reyrey.com (HKLM)
O15 - Trusted Zone: http://www.setdealerdaily.com (HKLM)
O15 - Trusted Zone: *.setdealerdaily.com (HKLM)
O15 - Trusted Zone: http://jmfe.skillport.com (HKLM)
O15 - Trusted Zone: *.skillport.com (HKLM)
O15 - Trusted Zone: http://*.stlintranet (HKLM)
O15 - Trusted Zone: *.toyota.com (HKLM)
O15 - Trusted Zone: *.ups.com (HKLM)
O15 - Trusted Zone: *.vmsnet.com (HKLM)
O15 - Trusted Zone: *.worldtravel.net (HKLM)
O15 - Trusted IP range: http://192.168.52.154
O15 - Trusted IP range: http://166.73.134.51
O15 - Trusted IP range: http://166.73.134.62
O15 - Trusted IP range: http://192.168.52.154 (HKLM)
O15 - Trusted IP range: http://166.73.134.51 (HKLM)
O15 - Trusted IP range: http://166.73.134.62 (HKLM)
O16 - DPF: Launcher - http://dealer.jmagroup.com/jmfsdpweb/content/cabs/launcher.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/latest/PlaxoInstall.cab
O16 - DPF: {41E6DDD6-FBD6-4718-80F7-9B160533C2F5} (Infragistics UltraToolbars Control 5.0) - https://dks.jmfamily.com/cabs/IGToolbars50.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {CB6742B9-7282-4002-A024-455466F42A18} (Intravision.Raven.AltaPlaybackClient) - https://portal.intravisiontech.com/jimray/utility/MediaClient.CAB
O16 - DPF: {EA6F44F0-AA12-406F-81D3-44078757220B} - http://oasisapplauncher/AppLauncherToolBar.CAB
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15102/CTPID.cab
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - http://www.plaxo.com/activex/plx_upldr-2k-xp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = corp.jmfamily.com
O17 - HKLM\Software\..\Telephony: DomainName = corp.jmfamily.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = corp.jmfamily.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = corp.jmfamily.com
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\PROGRA~1\AT&TGL~1\NetCfgSv.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SafeBoot Configuration Manager (SafeBootConfigurationManager) - Control Break International - C:\Program Files\SafeBoot\SBMGRNT.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: Symantec Protection Agent 5.1 (SmcService) - Symantec Corporation - C:\Program Files\Symantec\SPA\smc.exe
O23 - Service: Symantec NAC Service (SNAC) - Symantec Corporation - C:\Program Files\Symantec\SPA\snac.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

--
End of file - 14667 bytes

noahdfear · 2008/11/24

Hi Joe! Sorry for the late reply.

Scan again with HijackThis and place a check next to the following entry.

O4 - HKCU\..\Run: [Ceedo AutoDetect] C:\DOCUME~1\iujmheb\LOCALS~1\Temp\AutoDetect.exe /active

Now click Fix Checked and exit HijackThis when it's done fixing.

Download ATF Cleaner by Atribune and save it to your Desktop.

Double click ATF-Cleaner.exe to run the program.

Check the boxes to the left of:

Windows Temp

Current User Temp

All Users Temp

Temporary Internet Files

Prefetch

Java Cache

Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".

Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK then exit.

Reboot

Now, please download DDS and save it to your desktop.

Disable any script blocking protection

Double click dds.scr to run the tool.

When done, DDS.txt will open.

Click Yes at the next prompt for Optional Scan.

Save both reports to your desktop.

---------------------------------------------------

Please include the contents of the following in your next reply:

DDS.txt

I may ask for the Attach.txt log later, so keep it handy.

JoeB · 2008/12/01

DDS (Version 1.0) - NTFSx86
Run by iujmheb at 22:59:10.23 on 12/01/08
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.133 [GMT -6:00]

============== Running Processes ===============

C:\Program Files\SafeBoot\SBMGRNT.EXE
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Symantec\SPA\smc.exe
svchost.exe
C:\Program Files\Symantec\SPA\snac.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AT&TGL~1\NetCfgSv.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Symantec\SPA\SmcGui.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\V0400Mon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\iujmheb\LOCALS~1\Temp\AutoDetect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\iujmheb\Desktop\dds.scr
C:\Documents and Settings\iujmheb\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.drudgereport.com/
uInternet Connection Wizard,ShellNext = hxxp://oasis/
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\search settings\kb127\SearchSettings.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\search settings\kb127\SearchSettings.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Ceedo AutoDetect] c:\docume~1\iujmheb\locals~1\temp\AutoDetect.exe /active
uRunOnce: [Ceedo Repair] c:\docume~1\iujmheb\locals~1\temp\AutoDetect.exe /repair /drive=
mRun: [ISBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe "
mRun: [SBMGRNT.EXE] c:\progra~1\safeboot\SBMGRNT.EXE -WinLogon
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe "
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [AGNCF] "c:\program files\at&t global network client\MigrateFW.exe" -initonly /default=on /startup
mRun: [V0400Mon.exe] c:\windows\V0400Mon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [<NO NAME>]
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [StxTrayMenu] "c:\program files\seagate\systemtray\StxMenuMgr.exe "
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [BOC-427] c:\progra~1\comodo\cboclean\BOC427.exe
uPolicies-system: NoDispScrSavPage = 0 (0x0)
dPolicies-system: NoDispScrSavPage = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: bmnet.dll
Trusted Zone: *.aaxchange.com
Trusted Zone: *.alldatapro.com
Trusted Zone: *.dealertrack.com
Trusted Zone: *.dealerups.com
Trusted Zone: *.fiserv.com
Trusted Zone: dealer.jmagroup.com
Trusted Zone: www.jmagroup.com
Trusted Zone: *.jmfamily.com
Trusted Zone: *.corp.jmfamily.com
Trusted Zone: cookiepro.jmfamily.com
Trusted Zone: *.jmmenu.com
Trusted Zone: *.jmsreporting.com
Trusted Zone: *.lexus.com
Trusted Zone: *.mmsa.com
Trusted Zone: *.onebridge.com
Trusted Zone: *.reyrey.com
Trusted Zone: *.setdealerdaily.com
Trusted Zone: *.skillport.com
Trusted Zone: *.toyota.com
Trusted Zone: *.ups.com
Trusted Zone: *.vmsnet.com
Trusted Zone: *.worldtravel.net
Trusted Zone: *.aaxchange.com
Trusted Zone: *.alldatapro.com
Trusted Zone: *.dealertrack.com
Trusted Zone: *.dealerups.com
Trusted Zone: *.fiserv.com
Trusted Zone: *.jmfamily.com
Trusted Zone: *.corp.jmfamily.com
Trusted Zone: *.jmmenu.com
Trusted Zone: *.lexus.com
Trusted Zone: *.mmsa.com
Trusted Zone: *.onebridge.com
Trusted Zone: *.reyrey.com
Trusted Zone: *.setdealerdaily.com
Trusted Zone: *.skillport.com
Trusted Zone: *.toyota.com
Trusted Zone: *.ups.com
Trusted Zone: *.vmsnet.com
Trusted Zone: *.worldtravel.net
Notify: igfxcui - igfxsrvc.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [2007-2-12 30267]
R0 SBAlg;SBAlg;c:\windows\system32\drivers\SBAlg.sys [2007-2-12 44848]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\RsvLock.sys [2007-2-12 4752]
R1 SAVRT;SAVRT;\??\c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;\??\c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R1 SBFlop;SBFlop;c:\windows\system32\drivers\SBFlop.sys [2007-2-12 6096]
R1 SbPrcCtl;SbPrcCtl;c:\windows\system32\drivers\SbPrcCtl.sys [2007-2-12 14864]
R1 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys [2008-7-28 271112]
R2 agnwifi;AT&T Wi-Fi Support Driver;c:\windows\system32\drivers\agnwifi.sys [2005-4-7 19328]
R2 BOCore;BOCore;c:\program files\comodo\cboclean\BOCORE.exe [2008-11-21 73464]
R2 ccEvtMgr;Symantec Event Manager; "c:\program files\common files\symantec shared\ccEvtMgr.exe" [2006-7-19 192160]
R2 ccSetMgr;Symantec Settings Manager; "c:\program files\common files\symantec shared\ccSetMgr.exe" [2006-7-19 169632]
R2 SafeBootConfigurationManager;SafeBoot Configuration Manager;c:\program files\safeboot\SBMGRNT.EXE [2007-2-12 49212]
R2 SavRoam;SAVRoam; "c:\program files\symantec antivirus\SavRoam.exe" [2006-9-27 116464]
R2 Seagate Sync Service;Seagate Sync Service; "c:\program files\seagate\sync\SeaSyncServices.exe" [2007-1-18 24120]
R2 Symantec AntiVirus;Symantec AntiVirus; "c:\program files\symantec antivirus\Rtvscan.exe" [2006-9-27 1813232]
R2 WGX;Extend WG Protocol Driver;c:\windows\system32\drivers\WGX.sys [2007-5-21 26192]
R3 ABVPN2K;AGN VPN Client Miniport Interface;c:\windows\system32\drivers\abvpn2k.sys [2005-4-7 165248]
R3 avpnnic;AGN Virtual Network Adapter;c:\windows\system32\drivers\avpnnic.sys [2003-4-4 13952]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-9-8 99376]
R3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20081201.006\naveng.sys [2008-12-1 89104]
R3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\virusd~1\20081201.006\navex15.sys [2008-12-1 876112]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2006-5-10 71961]
S2 HIDKbFlt;HIDKbFlt.SvcDesc%;c:\windows\system32\drivers\HIDKbFlt.sys []
S2 vdo_3949-48e3;vdo_3949-48e3;\??\c:\windows\system32\vdo_3949-48e3.sys []
S3 ATTRcAppSvc;AT&T RcAppSvc; "c:\program files\at&t\communication manager\RcAppSvc.exe" /n "ATTRcAppSvc" [2008-5-23 106496]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2007-4-19 99200]
S3 NWVNDIS;Novatel Wireless Virtual Network Adapter;c:\windows\system32\drivers\NWVNdis.sys [2007-4-19 225280]
S3 pwi_bus;Curitel PC Card Composite Device driver (WDM);c:\windows\system32\drivers\pwi_bus.sys [2006-7-26 55344]
S3 pwi_mdfl;Curitel PC Card Filter;c:\windows\system32\drivers\pwi_mdfl.sys [2006-7-26 9200]
S3 pwi_mdm;Curitel PC Card Drivers;c:\windows\system32\drivers\pwi_mdm.sys [2006-7-26 89936]
S3 pwi_oflt;Curitel PC Card OHCI Filter;c:\windows\system32\drivers\pwi_oflt.sys [2006-7-26 9472]
S3 pwi_serd;Curitel PC Card Diagnostic Serial Port (WDM);c:\windows\system32\drivers\pwi_serd.sys [2006-7-26 69632]
S3 RapFile;RapFile;\??\c:\windows\system32\drivers\RapFile.sys [2005-4-8 36676]
S3 RapNet;RapNet;\??\c:\windows\system32\drivers\RapNet.sys [2005-4-8 24344]
S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);c:\windows\system32\drivers\swnc8u80.sys [2008-1-10 165248]
S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);c:\windows\system32\drivers\swumx80.sys [2008-1-10 142976]
S3 VF0400Afx;VF0400 Audio FX;c:\windows\system32\drivers\V0400Afx.sys [2008-7-7 142656]
S3 VF0400Vfx;VF0400 Video FX;c:\windows\system32\drivers\V0400VFx.sys [2008-7-7 7424]
S3 VF0400Vid;Live! Cam Notebook Pro (VF0400);c:\windows\system32\drivers\V0400Vid.sys [2008-7-7 166720]
S3 XIRLINK;Veo Mobile/Advanced Web Camera;c:\windows\system32\drivers\ucdnt.sys [2004-1-26 728083]
S4 black;black;c:\windows\system32\drivers\BlackDrv.sys []
S4 IVTClientUpdate;Intravision Client Update Service;c:\program files\intravision technologies\nvar 2.0 media client\clientupdateservice.exe [2006-6-9 32768]
S4 SysGuard;SysGuard;c:\windows\system32\drivers\Sysguard.sys [2006-12-12 44544]

=============== Created Last 30 ================

2008-11-24 22:48 410,976 a------- c:\windows\system32\deploytk.dll
2008-11-21 23:09 22,528 a------- c:\windows\system32\wsock32.dlb
2008-11-21 23:09 205,560 a------- c:\windows\UNBOC.EXE
2008-11-21 23:09 212,728 a------- c:\windows\CMDLIC.DLL
2008-11-21 23:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BOC427
2008-11-21 23:09 15,267 a------- c:\windows\BOC427.INI
2008-11-21 23:08 <DIR> --d----- c:\program files\Comodo
2008-11-11 19:08 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-11-11 19:06 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-11-10 20:22 48,988,672 a------- C:\JM&A Cash Bash 2003.mtv
2008-11-10 19:56 <DIR> --d----- c:\program files\MP3 Player Utilities 3.06
2008-11-10 19:55 7,207 a------- c:\windows\Disktool.INI
2008-11-10 19:55 6,399 a------- c:\windows\fwupgrade.ini
2008-11-10 19:55 3,677 a------- c:\windows\SoundCon.INI
2008-11-09 20:05 <DIR> --d----- c:\program files\WMA-MP3.com
2008-11-09 19:42 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Search Settings
2008-11-09 19:31 <DIR> --d----- c:\program files\Search Settings
2008-11-09 19:29 <DIR> --d----- c:\program files\Free Audio Pack
2008-11-06 13:06 <DIR> --d----- c:\program files\AutomotiveNewsDesktopAlerts
2008-11-04 16:53 <DIR> --d----- C:\ConverterOutput
2008-11-04 16:53 <DIR> --d----- c:\program files\Cucusoft
2008-11-04 16:53 <DIR> --d----- c:\program files\common files\Download Manager
2008-11-03 19:51 <DIR> --d----- c:\docume~1\iujmheb\applic~1\InstantFileFind Data
2008-11-03 19:51 <DIR> --d----- c:\program files\Instant File Find
2008-11-03 01:35 107,368 a------- c:\windows\system32\GEARAspi.dll
2008-11-03 01:35 15,464 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2008-11-03 01:35 <DIR> --d----- c:\program files\iTunes
2008-11-03 01:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-03 01:34 <DIR> --d----- c:\program files\Bonjour

==================== Find3M ====================

2008-12-01 22:58 <DIR> --d----- c:\program files\Symantec AntiVirus
2008-11-26 21:45 <DIR> --d----- c:\program files\AT&T Global Network Client
2008-11-25 20:49 <DIR> --d----- c:\program files\SafeBoot
2008-11-09 20:01 <DIR> --d----- c:\program files\IrfanView
2008-11-03 01:35 <DIR> --d----- c:\program files\iPod
2008-11-01 20:33 <DIR> --d----- c:\docume~1\iujmheb\applic~1\FrostWire
2008-11-01 20:29 <DIR> --d----- c:\program files\FrostWire
2008-10-16 22:47 <DIR> --d----- c:\docume~1\iujmheb\applic~1\AT&T
2008-10-16 22:40 <DIR> --d----- c:\docume~1\iujmheb\applic~1\DBUpdater
2008-10-16 22:32 <DIR> --d----- c:\program files\common files\Research in Motion
2008-10-16 22:32 <DIR> --d----- c:\program files\AT&T
2008-10-16 22:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AT&T
2008-10-16 22:31 <DIR> --d----- c:\program files\common files\Motorola Shared
2008-10-16 22:30 <DIR> --d----- c:\program files\Option
2008-10-16 22:29 <DIR> --d----- c:\program files\Sierra Wireless Inc
2008-10-16 22:29 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Sierra Wireless
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-24 20:33 484,352 a------- c:\windows\system32\lame_enc.dll
2008-09-24 10:20 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Malwarebytes
2008-09-24 10:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-09-15 06:12 1,846,400 a------- c:\windows\system32\win32k.sys
2008-09-09 19:14 1,307,648 -------- c:\windows\system32\msxml6.dll
2008-09-04 11:15 1,106,944 a------- c:\windows\system32\msxml3.dll
2008-09-03 16:19 92,250 a------- c:\windows\system32\HKCU_GNU.reg
2008-08-28 18:08 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Smith Micro
2008-07-11 11:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MumboJumbo
2008-07-11 11:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trymedia
2008-07-11 11:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NeoEdge Networks
2008-07-07 11:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Creative
2008-06-29 20:50 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Ceedo
2008-04-04 21:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\RightFax
2007-12-17 17:41 <DIR> --d----- c:\docume~1\iujmheb\applic~1\OfficeUpdate12
2007-09-27 14:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2007-08-30 13:32 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Viewpoint
2007-08-17 16:36 <DIR> --d----- c:\docume~1\iujmheb\applic~1\LimeWire
2007-05-29 18:58 <DIR> --d----- c:\docume~1\iujmheb\applic~1\ipodder
2007-04-18 13:40 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Sony Corporation
2007-04-18 13:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Intel
2007-04-18 12:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2007-01-28 14:17 <DIR> --d-h--- c:\docume~1\iujmheb\applic~1\Move Networks
2006-11-03 23:45 <DIR> --d----- c:\docume~1\iujmheb\applic~1\MySpace
2006-07-25 07:45 <DIR> --d----- c:\docume~1\iujmheb\applic~1\ACD Systems
2006-07-25 07:45 <DIR> --d----- c:\docume~1\iujmheb\applic~1\ICAClient
2006-07-25 07:44 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Lycos
2006-07-25 07:44 <DIR> --d----- c:\docume~1\iujmheb\applic~1\Kontiki
2006-05-10 09:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sony Corporation
NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 07/24/06 04:10:33 PM
System Uptime: 12/01/08 10:44:07 PM (0 hours ago)
Processor: Intel(R) Pentium(R) M processor 1.60GHz | N/A | 797/133mhz
BIOS: Ver 1.00PARTTBLL | Sony - 20050523 | R0092V0 | 05/22/05 07:00:00 PM

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 18.632 GiB free.
D: is Removable
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP42: 11/03/08 07:55:50 PM - Removed ERALink32
RP43: 11/03/08 07:57:59 PM - Removed Google Photos Screensaver
RP44: 11/04/08 09:28:35 PM - System Checkpoint
RP45: 11/05/08 11:27:08 PM - System Checkpoint
RP46: 11/07/08 04:07:43 PM - System Checkpoint
RP47: 11/08/08 04:36:37 PM - System Checkpoint
RP48: 11/09/08 06:48:35 PM - System Checkpoint
RP49: 11/09/08 11:21:06 PM - Removed Dealio Toolbar 3.4.
RP50: 11/09/08 11:32:35 PM - Installed WinZip 12.0
RP51: 11/10/08 07:56:33 PM - Installed MP3 Player Utilities 3.06
RP52: 11/11/08 08:59:05 PM - System Checkpoint
RP53: 11/11/08 09:45:45 PM - Software Distribution Service 3.0
RP54: 11/17/08 10:52:25 PM - System Checkpoint
RP55: 11/22/08 01:00:09 AM - System Checkpoint
RP56: 11/24/08 10:47:07 PM - Installed Java(TM) 6 Update 10
RP57: 11/25/08 11:51:19 PM - System Checkpoint
RP58: 11/26/08 11:53:10 PM - System Checkpoint

==== Installed Programs ======================

6300
6300_Help
6300Trb
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.7
Advanced Audio FX Engine
Advanced Video FX Engine
AiO_Scan_CDA
AiOSoftwareNPI
AOL Pictures Tools (version 10.4.0.4)
Apple Mobile Device Support
Apple Software Update
AT&T Communication Manager
AT&T Global Network Client
Automotive News Desktop Alerts v1.61
AutoUpdate
BOClean
Bonjour
BufferChm
CameraDrivers
CameraUserGuides
CCleaner (remove only)
CD LabelMaker
CD LabelMaker Easy
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_dwShrek2Albums1
cp_dwShrek2Cards1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
Creative Live! Cam Center
Creative Live! Cam Doodling
Creative Live! Cam FX Creator
Creative Live! Cam Manager
Creative Live! Cam Notebook Pro Driver (1.02.02.00)
Creative Live! Cam User's Guide
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
CreativeProjects
CreativeProjectsTemplates
Cucusoft DVD to iPod + iPod Video Converter Suite 7.18.7.11
CueTour
Curitel PC Card Software
CustomerResearchQFolder
Destinations
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
Driver Installer
Easy CD & DVD Creator 6
Fax_CDA
Free Hide Folder
Free Mp3 Wma Converter V 1.8.0
FreeAgent Go Tools
FrostWire 4.13.5
FullDPAppQFolder
GdiplusUpgrade
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB952287)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Memories Disc
HP Photosmart Cameras 6.0
HP Photosmart Essential
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Detection
HP Solution Center 7.0
HP Update
hpiCamDrvQFolder
HPPhotoSmartExpress
HPProductAssistant
HPSystemDiagnostics
Instant File Find 1.4.2.4460
InstantShare
InstantShareDevices
InstantShareDevicesMFC
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD for VAIO
iPod for Windows 2006-06-28
IrfanView (remove only)
iTunes
Java(TM) 6 Update 10
Java(TM) 6 Update 7
Juice 2.2
LiveUpdate 3.1 (Symantec Corporation)
luxor 2
luxor 2 (remove only)
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
MarketResearch
mCore
mDriver
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliType Pro 5.3
Microsoft Office 2003 Web Components
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
mMHouse
Mobile Broadband Drivers
MobileMe Control Panel
Motorola Driver Installation
Move Networks Player for Internet Explorer
Mozilla Firefox (2.0.0.6)
MP3 Converter Simple
MP3 Player Utilities 3.06
mPfMgr
mProSafe
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
mWlsSafe
mXML
MySpaceIM
NewCopy_CDA
Nokia Connectivity Adapter Cable DKU-5
Northpoint Menu System Little Rock Nissan
NVAR 2.0 Media Client
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
PanoStandAlone
PhotoGallery
Plaxo Toolbar for Windows
ProductContextNPI
Protected Music Converter 1.0.0.15
QFolder
QuickLink Mobile
QuickTime
RandMap
Realtek High Definition Audio Driver
Rhapsody Player Engine
RightFax Product Suite
Safari
Scan
ScannerCopy
Search Settings 1.2
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Setting Utility Series
SightSpeed (remove only)
SkinsHP1
SlideShow
SolutionCenter
Sonic_PrimoSDK
SonicStage 4.3
Sony Utilities DLL
Sony Video Shared Library
Status
Symantec AntiVirus
Symantec Protection Agent 5.1
Toolbox
TrayApp
Unload
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
VAIO Control Center
VAIO Entertainment Platform
VAIO Event Service
Veo Advanced Connect
Veo Digital Studio
VZAccess Manager
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB894476
Windows XP Service Pack 3
WinZip 12.0

==== Event Viewer Messages ===================

11/25/08 08:50:10 PM, error: Service Control Manager [7000] - The vdo_3949-48e3 service failed to start due to the following error: The system cannot find the file specified.
11/25/08 08:50:10 PM, error: Service Control Manager [7000] - The HIDKbFlt.SvcDesc% service failed to start due to the following error: The system cannot find the file specified.
11/25/08 08:49:07 PM, error: NETLOGON [5719] - No Domain Controller is available for domain JMFAMILY due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
11/25/08 09:37:48 PM, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: Only one usage of each socket address (protocol/network address/port) is normally permitted.

==== End Of File ===========================
I didn't check mark ceedo because it is my external hardrive I use from time to time

noahdfear · 2008/12/01

My reason for suggesting it be fixed is due to it running from a temp folder, suggesting the software may not be properly installed. Any idea why it's running from temp?

I see little needing addressed. What makes you think you have a virus?

JoeB · 2008/12/01

I thought i had a virus when I started getting EXPLRE.EXE ERRORS. I am not getting these messages anymore. Do you think I may have over reacted? Does evrything look ok?

noahdfear · 2008/12/02

Looks fine to me. Event logs show a couple of services not starting due to missing files, so lets nuke the service. Copy each bolded command below, one at a time, and paste in into the Start>Run dialog then hit Enter.

sc delete HIDKbFlt
sc delete vdo_3949-48e3

Other than that, only the ceedo app running from temps would be of any concern.

JoeB · 2008/12/02

Thanks!

noahdfear · 2008/12/06

Since a few days have passed, does everything still seem to be OK? If so, I will mark this topic resolved.

Log in or Sign up

Inactive [InActive] IEXPLORE.EXE ERRORS-Suspect Virus

JoeB Inactive Thread Starter

noahdfear Inactive

JoeB Inactive Thread Starter

noahdfear Inactive

JoeB Inactive Thread Starter

noahdfear Inactive

JoeB Inactive Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

Inactive [InActive] IEXPLORE.EXE ERRORS-Suspect Virus

JoeB Inactive Thread Starter

noahdfear Inactive

JoeB Inactive Thread Starter

noahdfear Inactive

JoeB Inactive Thread Starter

noahdfear Inactive

JoeB Inactive Thread Starter

noahdfear Inactive

Share This Page

Useful Searches