Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help


  • Please log in to reply
3 replies to this topic

#1 specialagentiam2

specialagentiam2

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:33 PM

Posted 07 January 2007 - 12:34 PM

Logfile of HijackThis v1.99.1
Scan saved at 12:31:33 PM, on 1/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Michael Paul\My Documents\HijackThis\hijackthis2\HijackThis.exe

F2 - REG:system.ini: Shell=explorer.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Michael Paul\Application Data\Mozilla\Profiles\default\hn6exc5r.slt\prefs.js)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu31B\toolbaru.dll
O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\system32\ipv6mons.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu31B\toolbaru.dll
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust EZ Armor\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: winlogin.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1150040008593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150042344906
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

BC AdBot (Login to Remove)

 


#2 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:33 PM

Posted 07 January 2007 - 02:23 PM

You may want to print this or save it to notepad as we will go to safe mode.

Fix these with HiJackThis – mark them, close IE, click fix checked

O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\system32\ipv6mons.dll

O4 - Global Startup: winlogin.exe

DownLoad http://www.downloads.subratam.org/KillBox.zip or
http://www.thespykiller.co.uk/files/killbox.exe

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogin.exe
C:\WINDOWS\system32\ipv6mons.dll


Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Not all temp files will delete and that is normal
Empty the recycle bin
Boot


Download Superantispyware

http://www.superantispyware.com/superantis...efreevspro.html

Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me with a new HijackThis log.


Please give feedback on what worked/didn’t work and the current status of your system
===================

Looks like you tried to remove Norton but its still there

Remove Norton - http://service1.symantec.com/SUPPORT/nav.n...001092114452606
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#3 specialagentiam2

specialagentiam2
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:33 PM

Posted 08 January 2007 - 06:23 PM

As far as my computer's efficacy, I am not sure yet how well it is running.

I didn't think I was going to be able to fix the 04 Global winlogin thingy but after running the HijackThis one more time it did appear to get rid of it. But so far so good. Thanks for your help. I will let you know if my computer starts running faster.









SUPERAntiSpyware Scan Log
Generated 01/07/2007 at 10:57 PM

Application Version : 3.4.1000

Core Rules Database Version : 3160
Trace Rules Database Version: 1173

Scan type : Complete Scan
Total Scan Time : 01:25:00

Memory items scanned : 358
Memory threats detected : 0
Registry items scanned : 5275
Registry threats detected : 9
File items scanned : 73280
File threats detected : 66

Adware.Tracking Cookie
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@2o7[2].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@www.googleadservices[3].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@revsci[2].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@tacoda[2].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@www.googleadservices[1].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@enhance[2].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@nextag[2].txt
C:\Documents and Settings\Michael Paul\Cookies\michael_paul@tribalfusion[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@247realmedia[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@2o7[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ad.yieldmanager[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@adknowledge[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@adlegend[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@adrevolver[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ads.addynamix[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ads.cnn[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ads.monster[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ads.pointroll[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ads.realtechnetwork[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ads.revsci[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@adv.webmd[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@bizrate[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@bluestreak[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@bs.serving-sys[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@citi.bridgetrack[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@client.roiadtracker[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@cnn.122.2o7[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@data1.perf.overture[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@e-2dj6wjkoqodziap.stats.esomniture[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@e-2dj6wjl4ghdpglp.stats.esomniture[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@e-2dj6wjlygmcpwcp.stats.esomniture[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@edge.ru4[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@fastclick[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@harpo.122.2o7[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@icc.intellisrv[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@imrworldwide[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@indextools[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@keywordmax[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@media.adrevolver[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@media.fastclick[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@msninvite.112.2o7[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@msnportal.112.2o7[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@nextag[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@overture[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@perf.overture[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@pt.crossmediaservices[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@questionmarket[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@revenue[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@revsci[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@server.iad.liveperson[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@server.iad.liveperson[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@server.iad.liveperson[3].txt
C:\Documents and Settings\Catherine\Cookies\catherine@serving-sys[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@shoplocl.adbureau[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@sitestat.mayoclinic[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@tacoda[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@trafficmp[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@ulta.122.2o7[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@www.burstnet[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@www.clickmanage[2].txt
C:\Documents and Settings\Catherine\Cookies\catherine@www.googleadservices[1].txt
C:\Documents and Settings\Catherine\Cookies\catherine@zedo[2].txt
C:\Documents and Settings\Catherine\Local Settings\Temp\Cookies\catherine@ads.pointroll[2].txt
C:\Documents and Settings\Catherine\Local Settings\Temp\Cookies\catherine@adv.webmd[2].txt
C:\Documents and Settings\Catherine\Local Settings\Temp\Cookies\catherine@bluestreak[1].txt
C:\Documents and Settings\Catherine\Local Settings\Temp\Cookies\catherine@questionmarket[2].txt

Adware.MyWebSearch
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable






Logfile of HijackThis v1.99.1
Scan saved at 6:17:02 PM, on 1/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Michael Paul\My Documents\HijackThis\hijackthis2\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F2 - REG:system.ini: Shell=explorer.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Michael Paul\Application Data\Mozilla\Profiles\default\hn6exc5r.slt\prefs.js)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu31B\toolbaru.dll
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust EZ Armor\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1150040008593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150042344906
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

#4 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:33 PM

Posted 08 January 2007 - 06:38 PM

Log looks good

Turn off restore points, boot, turn them back on – here’s how

http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users