Date: 07/09/05 (Computer Help)    Keywords: php, software, java, virus, antivirus, web, yahoo, microsoft

I finally got around to re-installing Norton Anti-Virus, after over a year without it. Of course, it was too late. I did a scan, and a lot of viruses weren't able to be deleted. Also, I keep getting a virus alert for W32.Desktophijack and Trojan.Desktophijack.B it says Unable to repair this file and Access to the file was denied. So how do I go about getting rid of those? And also, here's a list of the things that failed to delete from the scan:
-1.exe
msbb321.dll
msiaih.dll
msnimk.gif
P2P-p2p-10460.exe
quykw.dat
redit.cpl
supdate.dll
tool4_b2seach.exe

And just incase...

Logfile of HijackThis v1.99.1
Scan saved at 2:00:42 PM, on 7/9/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\rzapuv.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\olepro32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.e4me.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [StartAOL] "C:\Program Files\America Online 6.0\AOL.EXE"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [C2K] C:\WINDOWS\Cyb2k.exe
O4 - HKLM\..\Run: [hscraps] C:\WINDOWS\System32\hscraps.exe
O4 - HKLM\..\Run: [netppi] C:\WINDOWS\System32\netppi.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [2YfUx5R] C:\windows\2YfUx5R.exe
O4 - HKLM\..\Run: [regsync] C:\WINDOWS\System32\regsync.exe
O4 - HKLM\..\Run: [C:\WINDOWS\VCMnet11.exe] C:\WINDOWS\VCMnet11.exe
O4 - HKLM\..\Run: [PSof1] C:\WINDOWS\System32\PSof1.exe
O4 - HKLM\..\Run: [us4O3mg] ksupxl32.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteoke32.exe
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\System32\rzapuv.exe reg_run
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [laltin] C:\WINDOWS\System32\L90112201.Stub.exe
O4 - HKLM\..\Run: [vidctrl] C:\WINDOWS\System32\vidctrl\vidctrl.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [olepro32] C:\WINDOWS\System32\olepro32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [fBvERgMFg] kdcepl40.exe
O4 - HKCU\..\Run: [180ClientStubInstall] "C:\temp\stubinstaller6480.exe"
O4 - Global Startup: Media Card Companion Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - WWW. Prefix: http://
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} - http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1104454191546
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBECDEA9-F6A1-422D-A959-5F60C2AD65A0}: NameServer = 192.168.0.1,4.2.2.2
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

How do I get rid of these? Thanks in advance.

Source: http://www.livejournal.com/community/computer_help/441102.html

Date: 07/10/05 (Computer Help)    Keywords: virus, spyware

I took it upon myself to take on the task of cleaning out my nephews computer of all the viruses/spyware/adware out of his pc but Aurora.exe and Nail.exe always seem to elude me. Ive had this same problem with my own pc and I finally got rid of it on my own with the help of Avast but now when I try to do the same for my nephews pc, it wont work, it completely misses them and tells me that it didnt find anything when I do a boot scan for em. What I want to know is, if anyone here has any tips or links that would help me solve the problem of these bad boys. I do remember someone posting a link that had info on Aurora.exe but I cant seem to find it in the memories. If anyone knows what Im talking about do repost the link or anything concerning this problem. My nephews pc runs on windows xp - home edition, which is probably the reason its confusing me since I have a different version of xp. Again, any help or info is greatly appreciated. Thanks for the help in advance.

Source: http://www.livejournal.com/community/computer_help/441776.html

Date: 07/12/05 (Security)    Keywords: virus, antivirus, spyware

"Zombie" attacks quadrupled in recent months, reports antivirus company McAfee. Spyware and adware are on the rise too.

Source: http://news.zdnet.com/Report%3A+Computer+hijacking+on+the+rise/2100-1009_22-5783646.html?part=rss&tag=feed&subj=zdnn

Date: 07/27/05 (Security)    Keywords: software, database, security, virus, antivirus

Security industry event to focus on exploiting holes in antivirus, database and device driver software to break into computers.

Source: http://news.zdnet.com/Antivirus+insecurity+at+Black+Hat+confab/2100-1009_22-5805750.html?part=rss&tag=feed&subj=zdnn

Date: 07/28/05 (Computer Help)    Keywords: virus

I have another AIM problem >_o


Yesterday, I clicked on a link that a friend IMed to me saying this, "LOL LOOK http://home.comcast.net/~Ddaannaaee/pictures.pif". Being the retarded person I am (by the way, don't click that), I clicked it and it messed with my whole buddy list, sending the same message to everyone. Now, the link keeps automatically popping up as an away message for me. Can anyone help? I'm sure this is a virus but I'm not 100% sure how to take it out. Please help, I'd appreciate it soooo very much.

Source: http://www.livejournal.com/community/computer_help/452136.html

Date: 07/30/05 (Computer Help)    Keywords: virus

I had posted something in computersupport but no one could really help me. This x-posted to computerhelp. This happened about a week ago and I just cut and pasted the following from the old entry.

"OS is Windows XP.

Turned on my computer moments ago to discover that everything (i.e. music files, the entire "my pictures" folder, avatars, IE and Mozilla bookmarks, documents, other folders in my user account...thingy) is GONE. Only my user account was affected (other people use this computer). Did a few searches, looked in the recycling bin in the hopes something would turn up. Nothing. I'm running Norton right now, hoping it'll catch something. Sound like a virus anyone's heard of?

Yesterday afternoon all my IE bookmarks disappeared, and I thought it was something stupid on my part. Mozilla ones were still intact. Possibly related to this problem.

The only thing I can think of was I caught something while downloading something, and I'm hoping that (a) I'm wrong and (b) this is reversable. Is it even possible to attach a virus/other nasty to an .mp3/other audio files without changing the type of file it is?

Oh, and it should be added, incase it's help to anyone and somehow involved in this, that in the place of all my bookmarks in IE is something I did not have there before calling itself "VDM22.tmp". How it got there, I haven't the foggiest."

A friend of mine said he didn't know of anything that could entirely erase these folders off the compy and that perhaps they are hidden somewhere. I did a search for some of the stuff, nothing. Under another name? Gone forever? Anyone else seen anything like this before?

Source: http://www.livejournal.com/community/computer_help/453577.html

Date: 08/02/05 (Computer Help)    Keywords: virus

I work at my boyfriend's dad's company, doing sales tracking and such on Excel. Everything worked fine on Friday when I shut it down, but then today I can't access any of my excel documents- the hourglass stays up forever and the bottom of the screen says "requesting virus scan...". When I restart, and try to reopen my documents, a pop up warns me that "last time I opened this document, serious errors occured." I've got a lot of stuff on these documents that I need to get to ;/ I did a Virus Scan with Norton but nothing came up. Help! I don't want my boyfriend's dad to kill me!

xposted

Source: http://www.livejournal.com/community/computer_help/455709.html

Date: 08/05/05 (Security)    Keywords: virus

New command-line shell that may be part of the new Windows OS is already being probed by a virus writer.

Source: http://news.zdnet.com/First+potential+virus+risk+for+Windows+Vista+found/2100-1009_22-5819428.html?part=rss&tag=feed&subj=zdnn

Date: 08/05/05 (Security)    Keywords: virus, microsoft

New shell targeted by a virus writer won't be part of the next client Windows, Microsoft says, after reports that the OS is under threat.

Source: http://news.zdnet.com/Microsoft%3A+Virus+target+won%27t+be+in+Vista/2100-1009_22-5820706.html?part=rss&tag=feed&subj=zdnn

Date: 08/13/05 (Microsoft Windows)    Keywords: virus

Awhile back my computer started to act really weird. It froze whenever I went to shut it down and then all of a sudden, wouldn't let me open most of my programs (IE, AOL, Windows Explorer). I updated Norton and ran it and it found a virus. So I figured, took care of that.

Then a few weeks later, all of a sudden, I can't open certain programs again. I realized that there was something in common both times that this happened.

Windows was automatically downloading updates. A year or so ago, my computer suddenly started automatically downloading windows updates, whereas before it would ask me before starting, so I could choose when it did this. The problem I think I'm having is that I have a dial-up (slow as hell) modem which causes issues downloading these updates. What I wanted to know is if it's possible for me to turn off automatic updates and then be able to turn it back on when I have a better (faster) connection when I go back to school?






I'd appreciate any help/advice!
:)

x-posted

ETA: Problem Solved!
;)

Source: http://www.livejournal.com/community/ms_windows/41798.html

Date: 08/14/05 (Java Web)    Keywords: virus

A cheap drug, enfurvitide, has shown promise in stamping out hidden pockets of HIV in three people who have long been infected with the virus. The result is described by the US scientists as merely a “proof of concept”, but has inevitably sparked talk of a cure for AIDS. HIV can already be kept in check by [...]

Source: http://blog.taragana.com/index.php/archive/hiv-breakthrough-study-in-us-raises-hopes-for-a-cure-finally/

Date: 08/16/05 (Java Web)    Keywords: virus

Scientists discovered that acupunture gives relief to Human Immuno Virus patients from bloating, cramping, and appetite lose, symptoms which are often caused by side effects of popular anti-HIV drugs. Highly-active antiretroviral therapy (HAART) drugs for HIV prolongs life. However it also causes serious digestive problems for which patients are likely to avoid their medications. According to [...]

Source: http://blog.taragana.com/index.php/archive/acupuncture-relieves-side-effects-of-anti-hiv-drugs/

Date: 08/17/05 (Computer Help)    Keywords: virus, spyware

I just bought a Compaq desktop this past Sunday and already have problems with it.

My last computer ran Win95 when I first got it, and it ran faster than the computer I've got now. I've had a few issues with the new computer freezing up for a few minutes at a time, and it usually starts working if I sit long enough and wait, but sometimes it doesn't. I'd heard from many people that if you've got Norton, it's constantly running doing something, and it slows the computer down. I don't really have a problem with it since it just popped up to let me know that it found a threat, where the other programs don't pull it up.

Overall, the computer runs really really slow compared to my old one, and I was wondering what actions I could take to keep it from stalling or freezing or just to keep it running faster.

So my questions are:
- Are there programs that help protect me from viruses and spyware, that are better than Norton? If so, what are they?
- How can I get into my settings to change the programs that start as soon as I log on? A friend of mine showed me how a few years ago, but I hadn't needed to use it, so I don't remember the command.
- What can make my computer run faster and stop freezing up?

Source: http://www.livejournal.com/community/computer_help/467597.html

Date: 08/16/05 (Computer Help)    Keywords: rss, software, browser, html, technology, java, virus, web, spyware, yahoo, microsoft, google

Hey guys, this time I have a question not about my computer but my brothers.

Lately, it has been randomly shutting down. When it does, the entire screen goes black and the tower...sings? It plays 4 deep notes...Do sol Do Sol if anyone has studied Solfage.

He had a host of Adware and 4 trojans, all of which have been removed but the problem persists.

Not that I have any idea what it means, but here is the logfile from Hijack This!.

Logfile of HijackThis v1.99.1
Scan saved at 2:47:37 PM, on 8/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
D:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
D:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Master\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.
*
* If you make changes to this file while the browser is running,
* the changes will be overwritten when the browser exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see http://www.mozilla.org/unix/customizing.html#prefs
*/

user_pref("aim.session.firsttime", false);
user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.download.dir", "C:\\Documents and Settings\\Master\\Desktop\\pastel pics");
user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src");
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.startup.homepage_override.mstone", "rv:1.7.2");
user_pref("browser.tabs.forceHide", true);
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "windows-1252, UTF-8,
N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.
*
* If you make changes to this file while the browser is running,
* the changes will be overwritten when the browser exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see http://www.mozilla.org/unix/customizing.html#prefs
*/

user_pref("aim.session.firsttime", false);
user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.download.dir", "C:\\Documents and Settings\\Master\\Desktop\\pastel pics");
user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src");
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.startup.homepage_override.mstone", "rv:1.7.2");
user_pref("browser.tabs.forceHide", true);
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "windows-1252, UTF-8,
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] d:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] d:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKCU\..\Run: [AIM] D:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems Gatorlink VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {60AABB26-4D2E-48AD-9334-FB8803A7C671} (WebCamRecv3X Control) - http://www.dynamiciplink.com/ActiveX/WebViewer.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

Sean

Source: http://www.livejournal.com/community/computer_help/466361.html

Date: 08/17/05 (IT Professionals)    Keywords: security, virus, microsoft

Worm strikes down Windows 2000 systems
Problems reported in three continents




WASHINGTON (CNN) -- A fast-moving computer worm Tuesday
attackedcomputer systems using Microsoft operating systems, shutting down
computers in the United States, Germany and Asia.

Among those hit were offices on Capitol Hill, which is in the midst of
August recess, and media organizations, including CNN, ABC and The New York
Times. The Caterpillar Co. in Peoria, Illinois, reportedly also had
problems.

A small number of computers in an administrative office at San
Francisco International Airport also crashed, but they were not essential to
the airport's operation, spokesman Mike McCarron said.

The FBI said the computer problems did not appear to be part of any
widespread attack.

While the worm affects primarily Windows 2000, it also can affect some
early versions of Microsoft XP, said Johannes Ullrich, director of the Sans
Institute, a network security firm based in Jacksonville, Florida.

Symptoms include the repeated shutdown and rebooting of a computer.

Microsoft has a downloadable patch on its security homepage,
Microsoft.com/security, a company spokesperson said. The spokesperson told
CNN that Microsoft would not estimate how many users have been affected and
described the problem as low-impact.

Lysa Myers, a virus researcher for the computer security firm McAfee,
Inc., said the worm exploits a vulnerability in Microsoft's plug-and-play
service. "How it's spreading is it's looking for machines that are unpatched
and running itself," she said.

What was causing the damage was unclear, although experts pointed to a
new worm called worm-rbot.cbq.

David Perry of Trend Micro, an Internet monitoring firm, said the
latest worm may have been derived from the Zotob worm, which was first
reported over the weekend.

Ullrich, of the Sans Institute, said Zotob "will connect to a control
server to ask for instructions. It scans network neighborhoods and tries to
infect them, as well."

Typically, the worm enters a system via a laptop connected to
unsecured networks, Ullrich said. "This laptop will infect your systems from
the inside."

Several versions of the worm have been released, some as late as
Tuesday, he said.

Around 5 p.m. problems began at CNN facilities in New York and Atlanta
before being cleared up about 90 minutes later.

The New York Times also was able to bring its systems back up, and
"newspaper production will not be affected," spokeswoman Kathy Park said.

The White House said it did not have reports of computer problems.

At any given time there are thousands of computer worms and viruses in
existence.

So far, the impact has not been as great as the 2003 Blaster virus
attack, said Jeff Havrila, a technical analyst with the U.S. Computer
Emergency Readiness Team, a coalition of public and private groups that
combats computer attacks.

He noted that improved firewalls and faster patches may have limited
the worm's spread.

He also said it is unclear how long the worm may take to run its
course, noting that many people are away on summer vacation and may be
affected only when they return.

Source: http://www.livejournal.com/community/itprofessionals/17559.html

Date: 08/18/05 (Security)    Keywords: software, virus

Though most corporate users say virus writers are most at fault for the Zotob outbreak, many point the finger at the software maker.

Source: http://news.zdnet.com/Survey%3A+Microsoft+bears+some+blame+for+worms/2100-1009_22-5838512.html?part=rss&tag=feed&subj=zdnn

Date: 08/20/05 (Computer Geeks)    Keywords: virus, antivirus

Hi all,

Recently I formatted my computer and re-installed Windows 2000 Professional off the cd. I went on the internet and downloaded SP2 & SP4 immediately. However, after about 2 minutes of being on the internet, I started getting a series of Windows Messages like these:

---
Message from SYSTEM to ALERT on 7/24/2005 12:45:21PM

STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION.

Windows has found 47 CRITICAL SYSTEM ERROR!

To fix the errors please do the following:
1. Download Registry Repair from: h t t p : / / w w w . m s - f i x . c o m (don't think it's a good idea to go there)
2. Install Registry Repair
3. Run Registry Repair
4. Reboot your computer
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION!
---
One option on the dialog box: OK.

There are 7 various messages coming up. Here are the other addresses given with different messages.

w w w . p c r e p a i r t o o l . c o m
w w w . c l e a n t h i s p c . c o m
w w w . w i n d o w s r e g . c o m
w w w . m y r e g f i x . c o m
w w w . m s - f i x . c o m
w w w . w i n r e g e d i t . c o m

They keep popping up every 5 minutes or so.

Scanning with AVG didn't much, except a "Virus Detected" warning:
"While opening file: F:\WINNT\system32\jwrxdqg.exe Trojan horse BackDoor.Small.31.AE"

When I click on Info/Heal/Delete File/Move To Vault options on the AVG window, I get "Requested action not available for this object" error. I scanned with Norton AntiVirus, CCleaner, HijackThis, Ad Aware SE, and just about every other tool that claims they can get rid of this to no avail.

Anyone had this happen and/or know the solution?

Thanks heaps in advance,
Cath

Source: http://www.livejournal.com/community/computergeeks/752507.html

Date: 08/20/05 (IT Professionals)    Keywords: technology, security, virus

I just got my associate's in science for computer network technology. I'm working on my A+ certification. I would like to finish up with a bachelor's for network security. I would love to do cyber crimes to hunt down pedophiles and hackers that put out viruses. I've been looking into many schools that offers that online. But I'm not sure how seriously employers would take a degree from an online school. Has anyone gotten a degree in network security on here? and if so, which school did you get it from? or if you know of any good schools that are well respected. Let me know. Thanks!

Source: http://www.livejournal.com/community/itprofessionals/18443.html

Date: 08/25/05 (Computer Geeks)    Keywords: software, database, virus, spyware, microsoft

Hello, and bare with me. Computerwise I'm a semi-illiterate seeking an answer to a pre-researched, fairly thought-out question (as advised by the mods in userinfo). The problem is I'm getting conflicting answers depending on where I look, and if you computergeeks can't resolve it, I give up. Hopefully you all are not too disappointed that my question won't involve highly technical jargon or tons of acronyms...

By way of background: I'm a graduate student in the social science, and for the first time ever I have the opportunity of purchasing a new laptop. I will be storing important research on my computer, as well as doing a great deal of internet research. At some point I will need to install some sort of academic research software (a database that can cross reference scads of quotes, sources, etc.)

I'm leaning toward a basic mac because I'm hearing that the mac infrastructure is more stable than PCs, and that it is less prone to viruses and spyware. This is important, as viruses ate my last hard drive. On the downside, mac laptops seem to be a bit pricier than comparable PCs. I have never owned a mac before anyway, and have concers about learning a new interface. Additionally, I've been warned by many PC-using faculty and students that e-mailing Word docs (and other Microsoft program stuff) from Mac to PC can be sketchy and that a lot of software is only useable on PC. This can't be true in this day and age, can it?

If I don't go with a mac, I'll need a good reccommendation for a reliable PC. I've used Dell and Gateway, and had problems with both. I've heard fujitsu is good, but more expensive. I didn't feel I could take this inquiry to the Mac communities, because of their obvious bias. ;)

Any advice offered will be met with my profound gratitude. Thanks for the patience.

Source: http://www.livejournal.com/community/computergeeks/756744.html

Date: 08/25/05 (Computer Geeks)    Keywords: software, virus, antivirus

Hey everyone,

I am doing a bit of research on centralized antivirus solutions for ~10 unit networks with active directory servers.

I am finding it real difficult to find any kind of reviews on the various products out there and was hoping my fellow LJ's could share their opinions and experiences.

I've been testing AVG's network based packages, but I am finding their licensing confusing as well as their install processess.

So I went to look into the granddaddy Symantec and started reading up on their small office AntiVirus 10 groupware packages.

According to the marketing material, it seems ideal for these kind of networks, central installation, licenses based on # of users, client software comes with main package, etc.

But thats all marketing info. Has anyone used this software before? Symantec doesn't provide trials of it.

Source: http://www.livejournal.com/community/computergeeks/757815.html