MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: dra.exe error Please HELP
November 19, 2019, 09:11:02 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 19, 2019, 09:11:02 AM

Login with username, password and session length
 Featured Sites:
News
12th Anniversary Celebrating 12 Years! (1997 - 2009) 12th Anniversary
Thanks to ALL that make this site what it is!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: dra.exe error Please HELP  (Read 1802 times)
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« on: January 01, 2006, 09:41:44 PM »

Huh? I am baffled, this DOS error message comes up off and on when DRA.exe tries to load, I have run all spyware , virus scanners and the following files in the screenshot below are still there specially that DRA.EXE one.
This  program making me nuts. It disables the mouse and tries to go into DOS mode when the computer boots up. In addition to that programr there are a few other unknown files I suspect are either spyware or bad bad files:


I have a copy of my log file, bear with me I am
« Last Edit: January 01, 2006, 09:54:10 PM by GIA » Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: January 02, 2006, 04:14:46 AM »

Hi.You have a few bugs that need to be removed.DRA.exe is one of them.

Download VirtumundoBegone
« Last Edit: January 02, 2006, 04:23:25 AM by Pancake » Logged

An Australian Member of

EDDY
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #2 on: January 02, 2006, 01:15:27 PM »

Smiley HAPPY NEW YEAR (BTW)

I have SP1 already in this PC.

Now for the first part of your instructions, I ran VirtumundoBegone when I clicked on it to start it just had an hour glass made lots of noise , I brought up task bar it said not responding, none the less here is the log: ( Do I run it again?), I am not sure if I wait for a reply to do the second portion of your advice. Once again TY very much for your help. PS I had to break the log into TWO posts it was TOO long


[01/02/2006, 7:55:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Claudia\Desktop\VirtumundoBeGone.exe" )
[01/02/2006, 7:55:17] - Detected System Information:
[01/02/2006, 7:55:17] -
Logged
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #3 on: January 02, 2006, 01:23:38 PM »

2nd part of log :

[01/02/2006, 7:55:42] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:55:42] -
Logged
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #4 on: January 02, 2006, 01:25:52 PM »

PART 3 :

[01/02/2006, 7:55:48] - ! File rename was unsucessful.
[01/02/2006, 7:55:48] -
Logged
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #5 on: January 02, 2006, 01:27:29 PM »

almost last part of log( I apologize for such a bunch of posts)


[01/02/2006, 7:56:00] - ! File rename was unsucessful.
[01/02/2006, 7:56:00] -
Logged
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #6 on: January 02, 2006, 01:28:44 PM »

Roll Eyes hopefully this is IT!

[01/02/2006, 7:56:11] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:56:11] -
Logged
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #7 on: January 02, 2006, 01:29:10 PM »

[01/02/2006, 7:56:28] - ! File rename was unsucessful.
[01/02/2006, 7:56:28] -  Attempting to Deny Access to C:\WINDOWS\System32\qomml.dll
[01/02/2006, 7:56:28] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[01/02/2006, 7:56:28] -  processed file:  C:\WINDOWS\System32\qomml.dll

[01/02/2006, 7:56:28] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:56:28] -   Removing HKLM\...\Browser Helper Objects\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:28] -   Removing HKCR\CLSID\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:29] -   Adding Kill Bit for ActiveX for GUID: {93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:30] -   Deleting ATLEvents/MSEvents Registry entries
[01/02/2006, 7:56:30] -   Removing HKLM\...\Winlogon\Notify\qomml
[01/02/2006, 7:56:30] - Trying to remove MSEvents Object...
[01/02/2006, 7:56:31] -    Terminating Process: IEXPLORE.EXE
[01/02/2006, 7:56:31] -    Terminating Process: RUNDLL32.EXE
[01/02/2006, 7:56:31] -    Disabling Automatic Shell Restart
[01/02/2006, 7:56:32] -    Terminating Process: EXPLORER.EXE
[01/02/2006, 7:56:32] -    Suspending the NT Session Manager System Service
[01/02/2006, 7:56:32] -    Terminating Windows NT Logon/Logoff Manager
[01/02/2006, 7:56:32] -    Re-enabling Automatic Shell Restart
[01/02/2006, 7:56:32] -   File to disable: C:\WINDOWS\System32\efedd.dll
[01/02/2006, 7:56:32] -  Renaming C:\WINDOWS\System32\efedd.dll -> C:\WINDOWS\System32\efedd.dll.vir
[01/02/2006, 7:56:33] - ! File rename was unsucessful.
[01/02/2006, 7:56:33] -  Attempting to Deny Access to C:\WINDOWS\System32\efedd.dll
[01/02/2006, 7:56:33] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[01/02/2006, 7:56:33] -  processed file:  C:\WINDOWS\System32\efedd.dll

[01/02/2006, 7:56:33] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:56:33] -   Removing HKLM\...\Browser Helper Objects\{EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D}
[01/02/2006, 7:56:33] -   Removing HKCR\CLSID\{EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D}
[01/02/2006, 7:56:33] -   Adding Kill Bit for ActiveX for GUID: {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D}
[01/02/2006, 7:56:34] -   Deleting ATLEvents/MSEvents Registry entries
[01/02/2006, 7:56:34] -   Removing HKLM\...\Winlogon\Notify\efedd
[01/02/2006, 7:56:34] - Searching for Browser Helper Objects:
[01/02/2006, 7:56:34] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} ()
[01/02/2006, 7:56:34] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/02/2006, 7:56:34] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[01/02/2006, 7:56:34] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[01/02/2006, 7:56:34] -  BHO 2: {93C6313C-9DB4-4694-8BD0-E378C573A9AD} (ATLDistrib Object)
[01/02/2006, 7:56:34] - ALERT: Found ATLDistrib Object!
[01/02/2006, 7:56:35] -  BHO 3: {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} ()
[01/02/2006, 7:56:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/02/2006, 7:56:35] -  Checking for HKLM\...\Winlogon\Notify\efedd
[01/02/2006, 7:56:35] -  Key not found: HKLM\...\Winlogon\Notify\efedd, continuing.
[01/02/2006, 7:56:35] - Finished Searching Browser Helper Objects
[01/02/2006, 7:56:35] - *** Detected ATLDistrib Object
[01/02/2006, 7:56:35] - Trying to remove ATLDistrib Object...
[01/02/2006, 7:56:36] -    Terminating Process: IEXPLORE.EXE
[01/02/2006, 7:56:36] -    Terminating Process: RUNDLL32.EXE
[01/02/2006, 7:56:36] -    Disabling Automatic Shell Restart
[01/02/2006, 7:56:36] -    Terminating Process: EXPLORER.EXE
[01/02/2006, 7:56:36] -    Suspending the NT Session Manager System Service
[01/02/2006, 7:56:36] -    Terminating Windows NT Logon/Logoff Manager
[01/02/2006, 7:56:36] -    Re-enabling Automatic Shell Restart
[01/02/2006, 7:56:36] -   File to disable: C:\WINDOWS\System32\qomml.dll
[01/02/2006, 7:56:36] -  Renaming C:\WINDOWS\System32\qomml.dll -> C:\WINDOWS\System32\qomml.dll.vir
[01/02/2006, 7:56:36] - ! File rename was unsucessful.
[01/02/2006, 7:56:36] -  Attempting to Deny Access to C:\WINDOWS\System32\qomml.dll
[01/02/2006, 7:56:36] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[01/02/2006, 7:56:36] -  processed file:  C:\WINDOWS\System32\qomml.dll

[01/02/2006, 7:56:36] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:56:36] -   Removing HKLM\...\Browser Helper Objects\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:37] -   Removing HKCR\CLSID\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:38] -   Adding Kill Bit for ActiveX for GUID: {93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:38] -   Deleting ATLEvents/MSEvents Registry entries
[01/02/2006, 7:56:38] -   Removing HKLM\...\Winlogon\Notify\qomml
[01/02/2006, 7:56:38] - Searching for Browser Helper Objects:
[01/02/2006, 7:56:38] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} ()
[01/02/2006, 7:56:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/02/2006, 7:56:39] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[01/02/2006, 7:56:39] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[01/02/2006, 7:56:39] -  BHO 2: {93C6313C-9DB4-4694-8BD0-E378C573A9AD} (ATLDistrib Object)
[01/02/2006, 7:56:39] - ALERT: Found ATLDistrib Object!
[01/02/2006, 7:56:39] -  BHO 3: {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} ()
[01/02/2006, 7:56:39] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/02/2006, 7:56:39] -  Checking for HKLM\...\Winlogon\Notify\efedd
[01/02/2006, 7:56:39] -  Found: HKLM\...\Winlogon\Notify\efedd - This is probably Virtumundo.
[01/02/2006, 7:56:39] -  Assigning {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} MSEvents Object
[01/02/2006, 7:56:39] - BHO list has been changed! Starting over...
[01/02/2006, 7:56:39] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} ()
[01/02/2006, 7:56:39] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/02/2006, 7:56:39] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[01/02/2006, 7:56:39] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[01/02/2006, 7:56:39] -  BHO 2: {93C6313C-9DB4-4694-8BD0-E378C573A9AD} (ATLDistrib Object)
[01/02/2006, 7:56:39] - ALERT: Found ATLDistrib Object!
[01/02/2006, 7:56:40] -  BHO 3: {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} (MSEvents Object)
[01/02/2006, 7:56:40] - ALERT: Found MSEvents Object!
[01/02/2006, 7:56:40] - Finished Searching Browser Helper Objects
[01/02/2006, 7:56:40] - *** Detected ATLDistrib Object
[01/02/2006, 7:56:40] - *** Detected MSEvents Object
[01/02/2006, 7:56:40] - Trying to remove ATLDistrib Object...
[01/02/2006, 7:56:41] -    Terminating Process: IEXPLORE.EXE
[01/02/2006, 7:56:41] -    Terminating Process: RUNDLL32.EXE
[01/02/2006, 7:56:41] -    Disabling Automatic Shell Restart
[01/02/2006, 7:56:41] -    Terminating Process: EXPLORER.EXE
[01/02/2006, 7:56:41] -    Suspending the NT Session Manager System Service
[01/02/2006, 7:56:41] -    Terminating Windows NT Logon/Logoff Manager
[01/02/2006, 7:56:41] -    Re-enabling Automatic Shell Restart
[01/02/2006, 7:56:41] -   File to disable: C:\WINDOWS\System32\qomml.dll
[01/02/2006, 7:56:42] -  Renaming C:\WINDOWS\System32\qomml.dll -> C:\WINDOWS\System32\qomml.dll.vir
[01/02/2006, 7:56:42] - ! File rename was unsucessful.
[01/02/2006, 7:56:42] -  Attempting to Deny Access to C:\WINDOWS\System32\qomml.dll
[01/02/2006, 7:56:42] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[01/02/2006, 7:56:42] -  processed file:  C:\WINDOWS\System32\qomml.dll

[01/02/2006, 7:56:42] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:56:42] -   Removing HKLM\...\Browser Helper Objects\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:42] -   Removing HKCR\CLSID\{93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:43] -   Adding Kill Bit for ActiveX for GUID: {93C6313C-9DB4-4694-8BD0-E378C573A9AD}
[01/02/2006, 7:56:43] -   Deleting ATLEvents/MSEvents Registry entries
[01/02/2006, 7:56:43] -   Removing HKLM\...\Winlogon\Notify\qomml
[01/02/2006, 7:56:44] - Trying to remove MSEvents Object...
[01/02/2006, 7:56:45] -    Terminating Process: IEXPLORE.EXE
[01/02/2006, 7:56:45] -    Terminating Process: RUNDLL32.EXE
[01/02/2006, 7:56:45] -    Disabling Automatic Shell Restart
[01/02/2006, 7:56:46] -    Terminating Process: EXPLORER.EXE
[01/02/2006, 7:56:46] -    Suspending the NT Session Manager System Service
[01/02/2006, 7:56:46] -    Terminating Windows NT Logon/Logoff Manager
[01/02/2006, 7:56:46] -    Re-enabling Automatic Shell Restart
[01/02/2006, 7:56:46] -   File to disable: C:\WINDOWS\System32\efedd.dll
[01/02/2006, 7:56:46] -  Renaming C:\WINDOWS\System32\efedd.dll -> C:\WINDOWS\System32\efedd.dll.vir
[01/02/2006, 7:56:46] - ! File rename was unsucessful.
[01/02/2006, 7:56:46] -  Attempting to Deny Access to C:\WINDOWS\System32\efedd.dll
[01/02/2006, 7:56:46] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[01/02/2006, 7:56:46] -  processed file:  C:\WINDOWS\System32\efedd.dll

[01/02/2006, 7:56:46] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[01/02/2006, 7:56:46] -   Removing HKLM\...\Browser Helper Objects\{EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D}
[01/02/2006, 7:56:46] -   Removing HKCR\CLSID\{EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D}
[01/02/2006, 7:56:46] -   Adding Kill Bit for ActiveX for GUID: {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D}
[01/02/2006, 7:56:46] -   Deleting ATLEvents/MSEvents Registry entries
[01/02/2006, 7:56:46] -   Removing HKLM\...\Winlogon\Notify\efedd
[01/02/2006, 7:56:47] - Searching for Browser Helper Objects:
[01/02/2006, 7:56:47] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} ()
[01/02/2006, 7:56:47] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/02/2006, 7:56:48] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[01/02/2006, 7:56:48] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[01/02/2006, 7:56:48] -  BHO 2: {93C6313C-9DB4-4694-8BD0-E378C573A9AD} (ATLDistrib Object)
[01/02/2006, 7:56:48] - ALERT: Found ATLDistrib Object!
[01/02/2006, 7:56:48] - Finished Searching Browser Helper Objects
[01/02/2006, 7:56:48] - *** Detected ATLDistrib Object
[01/02/2006, 7:56:48] - Trying to remove ATLDistrib Object...
[01/02/2006, 7:56:49] -    Terminating Process: IEXPLORE.EXE
[01/02/2006, 7:56:49] -    Terminating Process: RUNDLL32.EXE
[01/02/2006, 7:56:49] -    Disabling Automatic Shell Restart
[01/02/2006, 7:56:49] -    Terminating Process: EXPLORER.EXE
[01/02/2006, 7:56:49] -    Suspending the NT Session Manager System Service
[01/02/2006, 7:56:49] -    Terminating Windows NT Logon/Logoff Manager
[01/02/2006, 7:56:50] -    Re-enabling Automatic Shell Restart
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #8 on: January 03, 2006, 12:19:58 AM »

Thats done a good kill on the bugs.
Can you now post a new HJT log please...SP1 was not showing in the log ?
Logged

An Australian Member of

EDDY
GIA
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #9 on: January 03, 2006, 02:33:37 PM »

Cry

Hello Pancake:

here is another HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 9:28:58 AM, on 1/3/2006
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\RioMSC.exe
C:\WINDOWS\smncs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Claudia\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: ATLDistrib Object - {93C6313C-9DB4-4694-8BD0-E378C573A9AD} - C:\WINDOWS\System32\qomml.dll
O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - C:\WINDOWS\System32\efedd.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [freestyle] lockx.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00000000-0000-0000-1234-012398761234} - http://www.riversoftware.net/x0ff.cab
O16 - DPF: {01234567-1234-1234-1234-012345678921} - http://images.neopets.com/glophone/neoblue5.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security1.norton.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
O16 - DPF: {43B70AAD-23F4-4FD8-ADD9-441D8592EEB8} (Snapfish Fix Photo Control) - http://www.snapfish.com/SnapfishImageEditor.cab
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://sef.mlxchange.com/Control/MultiSelectComboBox.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/038e4939b09516983f19/netzip/RdxIE6.cab
O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} (Pixami/Snapfish Upload UI Control) - http://www.snapfish.com/SnapfishUploader.cab
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,8/McUpdatePortal.cab
O16 - DPF: {5F3B3060-09E0-44C6-86F7-BC7B02B57BEE} - http://downloads.shopathomeselect.com/banemedia/grinstall_bm1002.cab
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} - http://install.wildtangent.com/bgn/partners/aolim/install.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.66.155.171.79.downloads.estara.com./as/OneCCDM.php?template=33635&sessionid=1264546460_66.155.171.79_33081&=&req=1123107714236OneCC.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://sef.mlxchange.com/Control/MLXClientUtils.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://sef.mlxchange.com/Control/IRCSharc.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {9184D21C-9835-42C5-A883-EA8BE7FC048D} (Downloader Class) - http://www.shop.intuit.com/commerce/account/downloads/executables/ie/IDA.cab
O16 - DPF: {9FEFFBDE-FE2F-4756-B4A7-90D976255F9B} - http://www.playminigolf.com/Stopzilla.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_1us.cab
O16 - DPF: {BDD2F926-8158-4F62-9E0D-B3B75FD1F07F} (McObjectFactory Class) - http://download.mcafee.com/molbin/shared/McMySec/en-us/1,0,0,2/mcmysec.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.33/ttinst.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.lochness.scotland.net/push.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security1.norton.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://photos.msn.com/r/neutral/controls/MsnPUpld.cab?5,0,1730,0
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://a840.g.akamai.net/7/840/5805/v1503/www.contentwatch.com/audit/includes/ContentAuditControl.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4664/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/yiebio5_1_4_0.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} (iPIX Media Send Class) - http://216.249.24.60/code/iPIX-ImageWell-ipix.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
O20 - Winlogon Notify: efedd - C:\WINDOWS\SYSTEM32\efedd.dll
O20 - Winlogon Notify: qomml - C:\WINDOWS\System32\qomml.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: Service 8 (Service Filter) - Unknown owner - C:\WINDOWS\smncs.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #10 on: January 03, 2006, 11:52:25 PM »

Still no SP1 showing ...?
Logged

An Australian Member of

EDDY
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page November 12, 2019, 10:52:31 PM