| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 91065 | 2008-06-25 03:35:00 | JET* file in Windows Temp directory | Venning (13895) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 682219 | 2008-06-25 03:35:00 | Apologies first if I do this wrong, but site gave a clear answer to an earlier problem so I risk public embarrassment. Running XP I have a non-deletable file entitled "JET(followed by different numbers each time I check) in my WINDOWS\TEMP folder. It won't delete because it says file is in use. Is there anyone familiar with this type of file? Thanks. |
Venning (13895) | ||
| 682220 | 2008-06-25 03:38:00 | Post a hijackthis log, we'll see whats on your system. Its in my sig below | Speedy Gonzales (78) | ||
| 682221 | 2008-06-25 04:29:00 | Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 11:43:08 PM, on 6/24/2008 Platform: Windows XP SP2 (WinNT 5 . 01 . 2600) MSIE: Internet Explorer v6 . 00 SP2 (6 . 00 . 2900 . 2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss . exe C:\WINDOWS\system32\winlogon . exe C:\WINDOWS\system32\services . exe C:\WINDOWS\system32\lsass . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\System32\svchost . exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst . exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice . exe C:\WINDOWS\Explorer . EXE C:\WINDOWS\ehome\ehtray . exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched . exe C:\Program Files\Java\jre1 . 6 . 0_05\bin\jusched . exe C:\WINDOWS\stsystra . exe C:\Program Files\Creative\Mixer\CTSVolFE . exe C:\Program Files\Dell\Media Experience\DMXLauncher . exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst . exe C:\Program Files\SPAMfighter\SFAgent . exe C:\WINDOWS\system32\ICO . EXE C:\Program Files\Messenger\msmsgs . exe C:\WINDOWS\system32\Pelmiced . exe C:\WINDOWS\system32\ctfmon . exe C:\WINDOWS\system32\spoolsv . exe C:\Program Files\Adobe\Acrobat 6 . 0\Distillr\acrotray . exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc . exe C:\WINDOWS\eHome\ehRecvr . exe C:\WINDOWS\eHome\ehSched . exe C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT . EXE C:\WINDOWS\system32\nvsvc32 . exe C:\Program Files\SPAMfighter\sfus . exe C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB . EXE C:\Program Files\Webroot\Washer\WasherSvc . exe C:\WINDOWS\system32\msiexec . exe C:\WINDOWS\eHome\ehmsas . exe C:\WINDOWS\system32\dllhost . exe C:\WINDOWS\system32\wuauclt . exe C:\aa dls\HiJackThis . exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6 . 0\Acrobat\ActiveX\AcroIEHelper . dll O2 - BHO: NCO 2 . 0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2 . 0\coIEPlg . dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO . dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1 . 6 . 0_05\bin\ssv . dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6 . 0\Acrobat\AcroIEFavClient . dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6 . 0\Acrobat\AcroIEFavClient . dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2 . 0\CoIEPlg . dll O4 - HKLM\ . . \Run: [ehTray] C:\WINDOWS\ehome\ehtray . exe O4 - HKLM\ . . \Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM . exe -startup O4 - HKLM\ . . \Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch . exe" -start O4 - HKLM\ . . \Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched . exe" O4 - HKLM\ . . \Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1 . 6 . 0_05\bin\jusched . exe" O4 - HKLM\ . . \Run: [NvCplDaemon] RUNDLL32 . EXE C:\WINDOWS\system32\NvCpl . dll,NvStartup O4 - HKLM\ . . \Run: [SigmatelSysTrayApp] stsystra . exe O4 - HKLM\ . . \Run: [CTSVolFE] "C:\Program Files\Creative\Mixer\CTSVolFE . exe" /r O4 - HKLM\ . . \Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher . exe O4 - HKLM\ . . \Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp . exe" O4 - HKLM\ . . \Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck . exe" O4 - HKLM\ . . \Run: [NSWosCheck] "C:\Program Files\Norton SystemWorks Basic Edition\osCheck . exe" O4 - HKLM\ . . \Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask . exe" -atboottime O4 - HKLM\ . . \Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent . exe" update delay 60 O4 - HKLM\ . . \Run: [Mouse Suite 98 Daemon] ICO . EXE O4 - HKCU\ . . \Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs . exe" /background O4 - HKCU\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe O4 - Global Startup: Acrobat Assistant . lnk = C:\Program Files\Adobe\Acrobat 6 . 0\Distillr\acrotray . exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL . EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1 . 6 . 0_05\bin\ssv . dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1 . 6 . 0_05\bin\ssv . dll O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick . lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick . lnk O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR . DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - . symantec . com/activex/symdlmgr . cab" target="_blank">webdl . symantec . com O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice . exe O23 - Service: ASP . NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft . NET\Framework\v2 . 0 . 50727\aspn et_state . exe (file missing) O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc . exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst . exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst . exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst . exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost . exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing . exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4 . EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst . exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc . exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT . EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32 . exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus . exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB . EXE O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc . exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc . - C:\Program Files\Webroot\Washer\WasherSvc . exe -- End of file - 7521 bytes |
Venning (13895) | ||
| 682222 | 2008-06-25 04:42:00 | Doesnt look too bad too me, but tick these then tick fix checked Close browsers O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime Get ccleaner (www.ccleaner.com) install it (untick the toolbar option you dont need it). Run it then click on run cleaner (close browsers first). It may remove it Uninstall all versions of Sun Java, yours is out of date. Link is in my sig below |
Speedy Gonzales (78) | ||
| 1 | |||||