| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 72669 | 2006-09-21 13:14:00 | syschost *** is it | powertron (9655) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 486465 | 2006-09-21 13:14:00 | When I reboot my Pc I get this message when the Pc comes back on ' windows cannot find 'syschost.exe'. Make sure you typed the name correctly. To search for a file, click the start button, and then click search. '. Does anyone know what this, and how do I stop it, It's not affecting the Pc, just annoying me:) |
powertron (9655) | ||
| 486466 | 2006-09-21 23:05:00 | It looks to be a trojan of some sort that has been partially removed. www.sophos.com From the looks of it, the trojan creates a registry key to start itself on bootup. You'll need to remove the key to stop the message coming up. Start Run Type 'msconfig' & hit enter Go to Startup tab Find the link to syschost & uncheck it. Almost forgot, make sure your virus scanner & spyware removers are up to date & run scans of your hard drive to make sure it's gone. |
autechre (266) | ||
| 486467 | 2006-09-21 23:54:00 | I think the virus and the legimate file look similar in file names. (but i forget which is which) just make sure you are not deleting the legitimate MS file. | netchicken (4843) | ||
| 486468 | 2006-09-22 02:40:00 | 'syschost.exe' is a Trojan..... Download HijackThis (www.cyberanswers.org). It will create a directory folder for you in C\Program files. Run a scan and save the log file. Post the whole log file here. Do not fix anything since most of them listed there are harmless (some are system required). |
Pancake (6359) | ||
| 486469 | 2006-09-22 15:05:00 | Here is my Logfile for HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 14:43:45, on 22/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5346.0005) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\wwSecure.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.ex e C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\dennis\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = us.rd.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\pchealth\helpctr\System\panels\blank.ht m R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\ Yahoo! \Common\yiesrvc.dll O3 - Toolbar: Tronbar_Install Toolbar - {55cd7b3b-c80e-4640-bcb3-91fb0157fa95} - C:\Program Files\Tronbar_Install\tbTron.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ZoneAlarm Stub Program for ZAPro] C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe O4 - HKCU\..\Run: [ Yahoo! Pager] "C:\Program Files\ Yahoo! \Messenger\YahooMessenger.exe" -quiet O8 - Extra context menu item: & Yahoo! Search - file:///C:\Program Files\ Yahoo! \Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\ Yahoo! \Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\ Yahoo! \Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\ Yahoo! \Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\ Yahoo! \Common\yiesrvc.dll O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing) O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - support.microsoft.com O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - update.videoegg.com O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe Thank You. |
powertron (9655) | ||
| 486470 | 2006-09-23 01:10:00 | Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes . Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT . O3 - Toolbar: Tronbar_Install Toolbar - {55cd7b3b-c80e-4640-bcb3-91fb0157fa95} - C:\Program Files\Tronbar_Install\tbTron . dll O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) Delete the following red folder/s C:\Program Files\Tronbar_Install Download and scan with Ewido Anti-Spyware v4 . 0 ( . ewido . net/en/download/" target="_blank">www . ewido . net) 1 . After download, double click on the file to launch the install process . 2 . Choose a language, click "OK" and then click "Next" . 3 . Read the "License Agreement" and click "I Agree" . 4 . Accept default installation path: C:\Program Files\ewido anti-spyware 4 . 0, click "Next", then click "Install" . 5 . After setup completes, click "Finish" to start the program automatically or launch ewido by double-clicking its icon on your desktop or in the system tray . 6 . The main "Status" menu will appear . Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates' . 7 . Then right click on ewdio in the system tray and uncheck "Start with Windows" . 8 . Go to Start > Run and type: services . msc Press "OK" . Click the "Extended tab" and scroll down the list to find ewido anti-spyware 4 . 0 guard . When you find the guard service, double-click on it . In the Properties Window > General Tab that opens, click the "Stop" button . From the drop-down menu next to "Startup Type", click on "Manual" . Now click "Apply", then "OK" and close the Services window . 9 . Select the "Update" button and click "Start update" . If you are having problems with the updater, manually update with the Ewido Full database installer from here ( . ewido . net/ewido-signatures-full-current . exe" target="_blank">download . ewido . net) . Once the updates are installed do the following: 1 . Click on the "Scanner" button and choose the "Settings" tab . Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware . Under "How to Scan?" check all (default) . Under "Possibly unwanted software" check all (default) . Under "What to Scan?" make sure "Scan every file" is selected (default) . Under "Reports" select "Automatically generate report after every scan and UNcheck "Only if threats were found" . 2 . Click the "Scan" tab to return to scanning options . 3 . Click "Complete System Scan" to start . 4 . When the scan has finished you will be presented with a list of infected objects found . Click "Apply all actions" to place the files in Quarantine . IMPORTANT! Do not save the report before you have clicked the Apply all actions button . If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report . So be sure you save it only AFTER clicking the "Apply all actions" button? 5 . Click on "Save Report" to view all completed scans . Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816 . txt . Save to your desktop . A copy of each report will also be saved in C:\Program Files\ewido anti-spyware 4 . 0\Reports\ 6 . Exit Ewido when done and submit the log report in your next response . |
Pancake (6359) | ||
| 486471 | 2006-09-23 13:31:00 | --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 13:22:48 23/09/2006 + Scan result: C:\Documents and Settings\dennis\Desktop\cracks serials\Craagle . exe -> Adware . Craagle : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{016859C2-97B6-45FC-816B-A3B91BA10A0F} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{03713ADE-819C-43D9-B138-67828D4C0405} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{0BDF8F38-347C-4810-BDA6-2F85C1050B26} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{18A1A6BB-8AE3-47E3-B9D4-75ABFE0CAC03} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{2D1254A1-4A1A-4339-9DE5-D05CADD5C44C} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{2F34C08C-E0AF-4EB2-AFCF-3A13DC489FA6} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{49D486E8-1932-492D-B1BD-B4D638BEBD84} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{49E2EB9D-A5E6-450E-9708-251876BF3E7F} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{68C625EA-B8E3-4FC1-9F6E-8A1B50AA9C8C} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{6F821290-E277-4F87-B4BD-AE48564EF21D} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{9BA6B541-EB04-44C9-9156-9573DB5345A5} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{A8718256-70C8-4914-8F64-B8B9C1A64AAA} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{C3A42538-303B-4541-915D-C79AD9C75EB8} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{C48AE974-0D27-47D6-A3E9-881CF3301F72} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{DA02B168-8841-4248-BF22-67E2EC5958C3} -> Adware . Generic : Cleaned with backup (quarantined) . HKLM\SOFTWARE\Classes\Interface\{E505FB9B-6CB3-44C5-9F0E-B01121076CC9} -> Adware . Generic : Cleaned with backup (quarantined) . HKU\S-1-5-21-1935655697-630328440-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware . Generic : Cleaned with backup (quarantined) . HKU\S-1-5-21-1935655697-630328440-725345543-1004\Software\Hotbar -> Adware . HotBar : Cleaned with backup (quarantined) . HKU\S-1-5-21-1935655697-630328440-725345543-1004\Software\Hotbar\hotbar -> Adware . HotBar : Cleaned with backup (quarantined) . HKU\S-1-5-21-1935655697-630328440-725345543-1004\Software\Hotbar\hotbar\ImagesHistory -> Adware . HotBar : Cleaned with backup (quarantined) . C:\Documents and Settings\dennis\Desktop\Dens Files\yahoomessengerkiller\Yahoo Messenger Killer . exe -> Not-A-Virus . HackTool . Win32 . VB . iv : Cleaned with backup (quarantined) . C:\Documents and Settings\dennis\Cookies\dennis@adbrite[2] . txt -> TrackingCookie . Adbrite : Cleaned with backup (quarantined) . ::Report end |
powertron (9655) | ||
| 486472 | 2006-09-23 13:51:00 | I just rebooted and still got the same message 'windows cannot find 'syschost.exe'. Make sure you typed the name correctly. To search for a file, click the start button, and then click search'.:confused: I was wondering, could this be a Registry Key that needs deleting? and if so, how would I go about locating it? Thanks for all your help Pancake, I really do appreciate it:thumbs: |
powertron (9655) | ||
| 486473 | 2006-09-24 01:10:00 | Anti-trojan Please download, update and run the A2 (A squared) anti-trojan ( . emsisoft . com/en/software/free/" target="_blank">www . emsisoft . com) . Let it fix whatever it wants to . Anti-virus Also, run this pc through the . . . Panda Online virus scanner ( . pandasoftware . com/products/activescan . htm" target="_blank">www . pandasoftware . com) or Trend Micro Housecall Online virus scanner ( . trendmicro . com/hc_intro/default . asp" target="_blank">www . trendmicro . com) Let it delete whatever it finds . If it cannot delete it, then post the log and we will delete it manually . Also post a new HJT log . |
Pancake (6359) | ||
| 486474 | 2006-09-24 15:28:00 | This is what A-Squared picked up and deleted: *Trace.registry.buddyspy *Trace.registry.Hotbar *Trace.registry.KaZaA *Trace.registry.Spyware Nuker XT *Trace.File.NGC.ActiveSpy XP *Trace.File.Instant Access *Trace.registry.Instant Access *Heuristic.Dialer --------------------------------------------------------- I also did the Online scan with Panda, but it found nothing. --------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 15:08:19, on 24/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\wwSecure.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.ex e C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\dennis\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\ Yahoo! \Common\yiesrvc.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [ZoneAlarm Stub Program for ZAPro] C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "dennis" O8 - Extra context menu item: & Yahoo! Search - file:///C:\Program Files\ Yahoo! \Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\ Yahoo! \Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\ Yahoo! \Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\ Yahoo! \Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\ Yahoo! \Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing) O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing) O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - acs.pandasoftware.com O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - update.videoegg.com O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe ----------------------------------------------- I just did another system reboot and it's still the same, the message is still there. |
powertron (9655) | ||
| 1 2 | |||||