cannot access google

Home » Windows & System Security » Virus / Spyware Problems and Security... » cannot access google

Rate Topic

Display Mode

Topic Options

Author

Message

naffed off

Posted 9/24/2003 3:05 PM

New Member

Group: Forum Members
Last Login: 11/7/2003 9:45 AM
Posts: 19, Visits: 1

I cannot access google and other search engines. I have downloaded and scanned with Hijack this and will try to post the results here for someone to hopefully help me out.I have Windows ME. Help!!!

my results are below.......Now what shall I do ?????????????? Run the scan again, check all the boxes (01) and cross my fingers or should I not do anything yet .......Desperate !!!

Post #3702

docrmz

Posted 9/24/2003 3:05 PM

New Member

Group: Forum Members
Last Login: 9/24/2003 5:32 PM
Posts: 2, Visits: 1

HI! I FIXED MY GOOGLE PROBLEM!!! Go to Start,programs,accessories,notepad. Then click on file, then open. In the new window change "Files of type" to "All files" instead of Text Documents".

For XP NT or 2000 --follow this path

My computer--Local Disc(C)--Windows--System32--Drivers--etc--hosts.

For 98 ME or Second Edition follow this path--

My computer--Local Disc(C)--Windows--Hosts.

Once this file opens, remove entirely any line that contains "google.com" or other google domains. Remove the text by highlighting it and hit delete or backspace. Then when you are done go to fileand click on Save. Then exit NOTEPAD.

docrmz

Post #44614

naffed off

Posted 9/24/2003 3:05 PM

New Member

Group: Forum Members
Last Login: 11/7/2003 9:45 AM
Posts: 19, Visits: 1

Logfile of HijackThis v1.97.2
Scan saved at 21:01:57, on 24/09/2003
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\TRAYMON.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgin.net/
O1 - Hosts: 127.127.127.127 elite
O1 - Hosts: 64.191.59.85 www.google.com
O1 - Hosts: 64.191.59.85 google.com
O1 - Hosts: 64.191.59.85 www.altavista.com
O1 - Hosts: 64.191.59.85 altavista.com
O1 - Hosts: 64.191.59.85 search.yahoo.com
O1 - Hosts: 64.191.59.85 uk.search.yahoo.com
O1 - Hosts: 64.191.59.85 ca.search.yahoo.com
O1 - Hosts: 64.191.59.85 jp.search.yahoo.com
O1 - Hosts: 64.191.59.85 au.search.yahoo.com
O1 - Hosts: 64.191.59.85 de.search.yahoo.com
O1 - Hosts: 64.191.59.85 search.yahoo.co.jp
O1 - Hosts: 64.191.59.85 www.lycos.de
O1 - Hosts: 64.191.59.85 www.lycos.ca
O1 - Hosts: 64.191.59.85 www.lycos.jp
O1 - Hosts: 64.191.59.85 www.lycos.co.jp
O1 - Hosts: 64.191.59.85 alltheweb.com
O1 - Hosts: 64.191.59.85 web.ask.com
O1 - Hosts: 64.191.59.85 ask.com
O1 - Hosts: 64.191.59.85 www.ask.com
O1 - Hosts: 64.191.59.85 www.teoma.com
O1 - Hosts: 64.191.59.85 search.aol.com
O1 - Hosts: 64.191.59.85 www.looksmart.com
O1 - Hosts: 64.191.59.85 ca.search.msn.com
O1 - Hosts: 64.191.59.85 fr.ca.search.msn.com
O1 - Hosts: 64.191.59.85 search.fr.msn.be
O1 - Hosts: 64.191.59.85 search.fr.msn.ch
O1 - Hosts: 64.191.59.85 search.latam.yupimsn.com
O1 - Hosts: 64.191.59.85 search.msn.at
O1 - Hosts: 64.191.59.85 search.msn.be
O1 - Hosts: 64.191.59.85 search.msn.ch
O1 - Hosts: 64.191.59.85 search.msn.co.in
O1 - Hosts: 64.191.59.85 search.msn.co.jp
O1 - Hosts: 64.191.59.85 search.msn.co.kr
O1 - Hosts: 64.191.59.85 search.msn.com.br
O1 - Hosts: 64.191.59.85 search.msn.com.hk
O1 - Hosts: 64.191.59.85 search.msn.com.my
O1 - Hosts: 64.191.59.85 search.msn.com.sg
O1 - Hosts: 64.191.59.85 search.msn.com.tw
O1 - Hosts: 64.191.59.85 search.msn.co.za
O1 - Hosts: 64.191.59.85 search.msn.de
O1 - Hosts: 64.191.59.85 search.msn.dk
O1 - Hosts: 64.191.59.85 search.msn.es
O1 - Hosts: 64.191.59.85 search.msn.fi
O1 - Hosts: 64.191.59.85 search.msn.fr
O1 - Hosts: 64.191.59.85 search.msn.it
O1 - Hosts: 64.191.59.85 search.msn.nl
O1 - Hosts: 64.191.59.85 search.msn.no
O1 - Hosts: 64.191.59.85 search.msn.se
O1 - Hosts: 64.191.59.85 search.ninemsn.com.au
O1 - Hosts: 64.191.59.85 search.t1msn.com.mx
O1 - Hosts: 64.191.59.85 search.xtramsn.co.nz
O1 - Hosts: 64.191.59.85 search.yupimsn.com
O1 - Hosts: 64.191.59.85 uk.search.msn.com
O1 - Hosts: 64.191.59.85 search.lycos.com
O1 - Hosts: 64.191.59.85 www.lycos.com
O1 - Hosts: 64.191.59.85 www.google.ca
O1 - Hosts: 64.191.59.85 google.ca
O1 - Hosts: 64.191.59.85 www.google.uk
O1 - Hosts: 64.191.59.85 www.google.co.uk
O1 - Hosts: 64.191.59.85 www.google.com.au
O1 - Hosts: 64.191.59.85 www.google.co.jp
O1 - Hosts: 64.191.59.85 www.google.jp
O1 - Hosts: 64.191.59.85 www.google.at
O1 - Hosts: 64.191.59.85 www.google.be
O1 - Hosts: 64.191.59.85 www.google.ch
O1 - Hosts: 64.191.59.85 www.google.de
O1 - Hosts: 64.191.59.85 www.google.dk
O1 - Hosts: 64.191.59.85 www.google.fi
O1 - Hosts: 64.191.59.85 www.google.fr
O1 - Hosts: 64.191.59.85 www.google.com.gr
O1 - Hosts: 64.191.59.85 www.google.com.hk
O1 - Hosts: 64.191.59.85 www.google.ie
O1 - Hosts: 64.191.59.85 www.google.co.il
O1 - Hosts: 64.191.59.85 www.google.it
O1 - Hosts: 64.191.59.85 www.google.co.kr
O1 - Hosts: 64.191.59.85 www.google.com.mx
O1 - Hosts: 64.191.59.85 www.google.nl
O1 - Hosts: 64.191.59.85 www.google.co.nz
O1 - Hosts: 64.191.59.85 www.google.pl
O1 - Hosts: 64.191.59.85 www.google.pt
O1 - Hosts: 64.191.59.85 www.google.com.ru
O1 - Hosts: 64.191.59.85 www.google.com.sg
O1 - Hosts: 64.191.59.85 www.google.co.th
O1 - Hosts: 64.191.59.85 www.google.com.tr
O1 - Hosts: 64.191.59.85 www.google.com.tw
O1 - Hosts: 64.191.59.85 google.at
O1 - Hosts: 64.191.59.85 google.be
O1 - Hosts: 64.191.59.85 google.de
O1 - Hosts: 64.191.59.85 google.dk
O1 - Hosts: 64.191.59.85 google.fi
O1 - Hosts: 64.191.59.85 google.fr
O1 - Hosts: 64.191.59.85 google.com.hk
O1 - Hosts: 64.191.59.85 google.ie
O1 - Hosts: 64.191.59.85 google.co.il
O1 - Hosts: 64.191.59.85 google.it
O1 - Hosts: 64.191.59.85 google.co.kr
O1 - Hosts: 64.191.59.85 google.com.mx
O1 - Hosts: 64.191.59.85 google.nl
O1 - Hosts: 64.191.59.85 google.co.nz
O1 - Hosts: 64.191.59.85 google.pl
O3 - Toolbar: &Kangaroo - {663C7429-E454-11D3-B9AE-0000B4C32B4D} - C:\IDC\WEBKA.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKCU\..\Run: [IntelProcNumUtility] "C:\Intel\Intel PSNCU\CpuNumber.exe" /nosplash
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O9 - Extra button: Kangaroo (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37881.9990393519
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe

Logfile of HijackThis v1.97.2
Scan saved at 21:01:57, on 24/09/2003
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Post #44615

naffed off

Posted 9/24/2003 3:05 PM

New Member

Group: Forum Members
Last Login: 11/7/2003 9:45 AM
Posts: 19, Visits: 1

StartupList report, 24/09/2003, 22:04:47
StartupList version: 1.52
Started from : C:\WINDOWS\TEMP\TD_0022.DIR\HIJACKTHIS.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v5.50 (5.50.4134.0100)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\TRAYMON.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\TEMP\TD_0022.DIR\HIJACKTHIS.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
PCHealth = C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
EM_EXEC = C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
MULTIMEDIA KEYBOARD = C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
Norton eMail Protect = C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
Norton Auto-Protect = C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
LoadQM = loadqm.exe
AVG_CC = C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
Hidserv = Hidserv.exe run

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:\WINDOWS\SYSTEM\ssdpsrv.exe
*StateMgr = C:\WINDOWS\System\Restore\StateMgr.exe
StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE
Avgserv9.exe = C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

IntelProcNumUtility = "C:\Intel\Intel PSNCU\CpuNumber.exe" /nosplash
MoneyAgent = "C:\Program Files\Microsoft Money\System\Money Express.exe"

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 24/9/2003, 16:6:30)

[Rename]
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\QREMOVE.COM
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\PVER32.DLL
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\PUTIL32.DLL
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\PSERV32.DLL
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\PREG32.DLL
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\PPROCS32.DLL
NUL=C:\WINDOWS\TEMP\WZSE0.TMP\PFILE32.DLL
NUL=C:\WINDOWS\TEMP\_iu14D2N.tmp

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

SET windir=C:\WINDOWS
SET winbootdir=C:\WINDOWS
SET COMSPEC=C:\WINDOWS\COMMAND.COM
SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND
SET PROMPT=$p$g
SET TEMP=C:\WINDOWS\TEMP
SET TMP=C:\WINDOWS\TEMP

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
PCHealth Scheduler for Data Collection.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT45.OCX
CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ASINST.DLL
CODEBASE = http://www.pandasoftware.com/activescan/as5/asinst.cab

[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL
CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

[Symantec AntiVirus scanner]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AVSNIFF.DLL
CODEBASE = http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab

[ActiveDataObj Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ACTIVEDATA.DLL
CODEBASE = https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab

[ActiveDataInfo Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\SYMADATA.DLL
CODEBASE = https://www-secure.symantec.com/techsupp/activedata/SymAData.dll

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37881.9990393519

[{556DDE35-E955-11D0-A707-000000521957}]
CODEBASE = http://www.xblock.com/download/xclean_micro.exe

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
UPnPMonitor: C:\WINDOWS\SYSTEM\UPNPUI.DLL
AUHook: C:\WINDOWS\SYSTEM\AUHOOK.DLL

--------------------------------------------------
End of report, 7,067 bytes
Report generated in 0.377 seconds

Command line options:
   /verbose - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x - to include Win9x-only startups even if running on WinNT
   /forcent - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history - to list version history only

Post #44616

« Prev Topic | Next Topic »

Reading This Topic

All times are GMT -6:00, Time now is 10:45pm