MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: thnall1ac.exe/abetterinternet.com/buddy
June 05, 2020, 01:00:31 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
June 05, 2020, 01:00:31 AM

Login with username, password and session length
 Featured Sites:
News
New  Looking for cheap hardware and/or software?
Visit our new Online Store where you will be able to purchase from a reputable vendor by country.
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: thnall1ac.exe/abetterinternet.com/buddy  (Read 2384 times)
PLBNY
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 3


Bookmark and Share

View Profile
« on: April 24, 2005, 03:44:18 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version: Windows 2000
Problem Application Name & Version: thnall1ac.exe/abetterinternet.com/buddy
Problem Hardware Make & Model:  DELL C400
Error Messages:



ABETTERINTERNET.COM AND BUDDY KEEP TRYING TO INSTALL.

THANKS IN ADVANCE FOR ASSISTING IN GETTING RID OF THESE.

HIJACKTHIS REPORTS:

Logfile of HijackThis v1.99.1
Scan saved at 11:39:36 AM, on 04/24/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\program files\Network ICE\blackice\blackd.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\ncsvc.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\NavNT\vptray.exe
C:\WINNT\system32\MsgSys.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\tbar.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
c:\winnt\system32\ctkhyzm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINNT\Nail.exe
O1 - Hosts: 216.39.69.102 view.atdmt.com
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [fjgaabq] c:\winnt\system32\ctkhyzm.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Emergency.lnk = C:\tbar.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\aventail\connect\asdns.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://insidenbc.com
O16 - DPF: {00120000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (12.0)) - http://apimages.nbc.com/ltocx12n.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {4CC35DAD-40EA-4640-ACC2-A1A3B6FB3E06} (NeoterisSetup Control) - https://anywhere.nbcuni.com/dana-cached/setup/NeoterisSetup.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0328ab9c870d71f46e14/netzip/RdxIE601.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {9F77A997-F0F3-11d1-9195-00C04FC990DC} (JavaBeansBridge Object) -
O16 - DPF: {A4E84B61-1174-4309-87F0-E795A64158CC} (JNILoader Control) - http://nbcmeeting01.ge.com/sametime/stmeetingroomclient/STJNILoader.cab
O16 - DPF: {ff348b6e-fd21-11d4-a3f0-00c04fa32518} -
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\program files\Network ICE\blackice\blackd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Virtual Com Port Service (neoNcSvc) - Unknown owner - C:\WINNT\System32\ncsvc.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: OracleClientCache80 - Unknown owner - C:\ORANT\BIN\ONRSD80.EXE
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\program files\Network ICE\blackice\RapApp.exe
O23 - Service: System Startup Service  (SvcProc) - Unknown owner - C:\WINNT\svcproc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe




Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: April 25, 2005, 08:37:58 AM »

Hi...There is a bit here to clean up.

To remove the startup and delete the Nail.exe file, go to Start > Run and type: cmd
and hit Enter. When a command prompt opens, type:
nail.exe /FullRemove
and hit Enter and then reboot.

------------------------------------------------------

For the second half of the fix go to Start > Run and type services.msc and OK. Look for the below service:

O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

When you find it, stop it if it is running, doubleclick on it and change the startup type to disabled.

Next,  download SvcProc.reg to your Desktop. Doubleclick on it to merge it with your Registry and boot into Safe Mode (restart your PC and tap F8 as it restarts)and run Hijack This again. Check the below entry and click on Fix Checked.

O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

Still in Safe Mode, make sure that you can view hidden files and folders (and System Files)and run a search for svcproc.exe and delete it. Reboot and post a new HJT log.
« Last Edit: April 25, 2005, 08:40:14 AM by Pancake » Logged

An Australian Member of

EDDY
PLBNY
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 3


Bookmark and Share

View Profile
« Reply #2 on: April 28, 2005, 02:05:42 PM »

Thanks for your help.....
Running nail.exe /FullRemove does not appear to have done anything.
Also, after running SvcProc.reg, svcproc.exe did not show up in the hijackthis run in safe mode.
abetterinter.com is still trying to access the internet, but is being blocked by ZoneAlarm.

Here is the hijackthis log after rebooting:

Logfile of HijackThis v1.99.1
Scan saved at 9:48:08 AM, on 04/28/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\program files\Network ICE\blackice\blackd.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\ncsvc.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
c:\winnt\system32\uuwbbyc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\tbar.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINNT\system32\MsgSys.EXE
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\WINNT\System32\svchost.exe
C:\downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINNT\Nail.exe
O1 - Hosts: 216.39.69.102 view.atdmt.com
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [xftrpc] c:\winnt\system32\uuwbbyc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Emergency.lnk = C:\tbar.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\aventail\connect\asdns.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://insidenbc.com
O16 - DPF: {00120000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (12.0)) - http://apimages.nbc.com/ltocx12n.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {4CC35DAD-40EA-4640-ACC2-A1A3B6FB3E06} (NeoterisSetup Control) - https://anywhere.nbcuni.com/dana-cached/setup/NeoterisSetup.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0328ab9c870d71f46e14/netzip/RdxIE601.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {9F77A997-F0F3-11d1-9195-00C04FC990DC} (JavaBeansBridge Object) -
O16 - DPF: {A4E84B61-1174-4309-87F0-E795A64158CC} (JNILoader Control) - http://nbcmeeting01.ge.com/sametime/stmeetingroomclient/STJNILoader.cab
O16 - DPF: {ff348b6e-fd21-11d4-a3f0-00c04fa32518} -
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\program files\Network ICE\blackice\blackd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Virtual Com Port Service (neoNcSvc) - Unknown owner - C:\WINNT\System32\ncsvc.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: OracleClientCache80 - Unknown owner - C:\ORANT\BIN\ONRSD80.EXE
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\program files\Network ICE\blackice\RapApp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #3 on: April 29, 2005, 01:13:29 AM »

Hi and Welcome
It may help you if you print out or copy this page for easy reference.. Make sure to work through the fixes in the exact order its listed. Please Keep your browser and all open programs closed (except firewalls and antivirus) when you are carrying out the fixes



Download any of the required programs before attempting to start any of the fixes.



Turn off System Restore instructions (WinXP)
Rightclick My Computer | Properties | System Restore | check
« Last Edit: April 29, 2005, 01:16:54 AM by Pancake » Logged

An Australian Member of

EDDY
PLBNY
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 3


Bookmark and Share

View Profile
« Reply #4 on: May 07, 2005, 12:09:11 PM »

After executing your instructions, nail.exe and ameoorypg.exe still remained.  

From this point I used killbox.exe on reboot on these two files.  This resulted in an error message when rebooting that nail.exe was not found, I took this to be a good thing and used regedit to search and remove the key containing nail.exe.

So far everything appears to be gone the final Highjackthis log is below.  

Thanks again for your help!!

Logfile of HijackThis v1.99.1
Scan saved at 11:49:47 AM, on 05/01/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\program files\Network ICE\blackice\blackd.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\System32\ncsvc.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\NavNT\vptray.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINNT\system32\taskmgr.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINNT\system32\MsgSys.EXE
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\aventail\connect\asdns.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://insidenbc.com
O16 - DPF: {00120000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (12.0)) - http://apimages.nbc.com/ltocx12n.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {4CC35DAD-40EA-4640-ACC2-A1A3B6FB3E06} (NeoterisSetup Control) - https://anywhere.nbcuni.com/dana-cached/setup/NeoterisSetup.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0328ab9c870d71f46e14/netzip/RdxIE601.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {9F77A997-F0F3-11d1-9195-00C04FC990DC} (JavaBeansBridge Object) -
O16 - DPF: {A4E84B61-1174-4309-87F0-E795A64158CC} (JNILoader Control) - http://nbcmeeting01.ge.com/sametime/stmeetingroomclient/STJNILoader.cab
O16 - DPF: {ff348b6e-fd21-11d4-a3f0-00c04fa32518} -
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\program files\Network ICE\blackice\blackd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Virtual Com Port Service (neoNcSvc) - Unknown owner - C:\WINNT\System32\ncsvc.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: OracleClientCache80 - Unknown owner - C:\ORANT\BIN\ONRSD80.EXE
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\program files\Network ICE\blackice\RapApp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page October 20, 2017, 04:31:12 AM