Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: AVG Results

  1. #1
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default AVG Results

    Sorry, to be a bother, but could someone tell explain what this is about:

    C:\WINDOWS\system32\shell32.dll
    Result: Change
    Status: Changed

    I appear to have 2 copies of the above file, one with a change/changed result & one with ok/Quick Checked
    Thanks for your assistance

  2. #2
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default Any Sus' results? Hijack This

    I have a feeling that i might have virus, spy,mal, etc. As some of my icons on desktop are blackened out & i get error messages when login on.

    One says something about 16bit something
    The other is talking about bitWare

    Additionally, with my Bigpond Toolbar i keep geting asked to enter login details & password, it saying its incorrect (which it isnt)

    Also have an overheating problem

    This is my HijackThis log.


    Logfile of HijackThis v1.99.1
    Scan saved at 1:08:20 PM, on 10/06/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton Internet Security\NISUM.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Norton Internet Security\ccPxySvc.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\lvhidsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\Fast.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\DllHost.exe
    C:\BITWARE\NT\bwprnmon.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    C:\WINDOWS\System32\taskswitch.exe
    C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Telstra\Toolbar\bpumTray.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\ET4.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\ANTIVIRUS PROGRAMS\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uws.edu.au/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BigPond Dial-Up Residential Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R3 - Default URLSearchHook is missing
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O2 - BHO: ActivateBand Class - {4C7B6DE1-99A4-4CF1-8B44-68889900E1D0} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O3 - Toolbar: BigPond Toolbar - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
    O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
    O4 - HKLM\..\Run: [RecSche] "C:\Program Files\LifeView TVR\RecSche.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [bwprnmon.exe] C:\BITWARE\NT\bwprnmon.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
    O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\System32\fast.exe
    O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [BigPond Toolbar] "C:\Program Files\Telstra\Toolbar\bpumTray.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ecc] C:\Program Files\Telstra\BigPond Assist\assist.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/
    O15 - Trusted Zone: http://elearning.uws.edu.au
    O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
    O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) -
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase7617.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141368339765
    O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) -
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
    O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - http://activex.microsoft.com/control...b/ikcntrls.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A8B88106-373D-46FE-A41C-B3C224012B6B}: Domain = nsw.bigpond.net.au
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Remote HID Service (LvHidSvc) - Philips - C:\WINDOWS\System32\lvhidsvc.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    Last edited by tashi; 2006-06-10 at 07:05. Reason: Merged two topics
    Thanks for your assistance

  3. #3
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default

    Quote Originally Posted by Musikmn
    I have a feeling that i might have virus, spy,mal, etc. As some of my icons on desktop are blackened out & i get error messages when login on.

    One says something about 16bit something
    The other is talking about bitWare
    This is what is being displayed (just a Q, why is jpg not supported for upload? Is it unstable or likely to hold virus?)

    Its in jpg in zip folder.
    Thanks for your assistance

  4. #4
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Hi

    In windows control panel addremove program uninstall one of those antivirus programs, i suggest canning norton, its to common.
    Restart the PC afterwards

    For that startup error go here and use the appropriet fix for your system
    http://www.tech-forums.net/computer/topic/29806.html

    Sorry, to be a bother, but could someone tell explain what this is about:

    C:\WINDOWS\system32\shell32.dll
    Result: Change
    Status: Changed

    I appear to have 2 copies of the above file, one with a change/changed result & one with ok/Quick Checked
    Not sure, if you suspect a file you can always get several opinions here
    Submit a file--VirusTotal: http://www.virustotal.com/flash/index_en.html

    Post another Hijackthis log

  5. #5
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default

    In addition when im turning my PC off, it occassionally comes up with the End program screens:

    Hammer of Thor (& other variations on Thor)
    MCI command handling window
    MSASCui.exe
    itype.exe
    Thanks for your assistance

  6. #6
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default

    In addition when im turning my PC off, it occassionally comes up with the End program screens:

    Hammer of Thor (& other variations on Thor)
    MCI command handling window
    MSASCui.exe
    itype.exe

    Also I have had several messages saying, something like: attempting to run a dll as a exe (?im not sure, but definatetly is dll & then sends long report to Microsoft.)
    Thanks for your assistance

  7. #7
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default

    Also I dont know if this is error in new spybot update, or symptom of a virus:

    3/06/2006 4:20:49 PM Allowed value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") deleted in Browser Helper Object!
    3/06/2006 4:21:01 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    3/06/2006 4:24:44 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    4/06/2006 11:55:25 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    5/06/2006 12:58:57 AM Allowed value "{86227D9C-0EFE-4f8a-AA55-30386A3F5686}" (new data: "") deleted in Global browser toolbar!
    5/06/2006 12:29:33 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    6/06/2006 8:10:13 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    6/06/2006 8:10:40 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    6/06/2006 11:30:52 PM Denied value "DataLayer" (new data: "") deleted in System Startup global entry!
    6/06/2006 11:31:00 PM Denied value "LtMoh" (new data: "") deleted in System Startup global entry!
    6/06/2006 11:31:03 PM Denied value "AGRSMMSG" (new data: "") deleted in System Startup global entry!
    7/06/2006 7:42:03 PM Allowed value "nwiz" (new data: "") deleted in System Startup global entry!
    7/06/2006 7:48:32 PM Allowed value "NvCplDaemon" (new data: "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup") added in System Startup global entry!
    7/06/2006 7:48:35 PM Allowed value "NvCplDaemon" (new data: "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup") added in System Startup global entry!
    7/06/2006 7:48:37 PM Allowed value "nwiz" (new data: "nwiz.exe /install") added in System Startup global entry!
    7/06/2006 7:48:39 PM Allowed value "NvMediaCenter" (new data: "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit") added in System Startup global entry!
    7/06/2006 7:48:39 PM Allowed value "NvRegisterMCTrayNview" (new data: "RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvMCRegisterApp C:\WINDOWS\system32\nView.dll") added in System Startup global entry!
    7/06/2006 7:48:40 PM Allowed value "NvCplDaemon" (new data: "") deleted in System Startup global entry!
    7/06/2006 7:48:43 PM Allowed value "NvRegisterMCTrayNview" (new data: "") deleted in System Startup global entry!
    7/06/2006 7:55:14 PM Allowed value "NvCplDaemon" (new data: "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup") added in System Startup global entry!
    7/06/2006 7:55:22 PM Allowed value "NvCplDaemon" (new data: "") deleted in System Startup global entry!
    8/06/2006 4:49:28 PM Allowed value "ecc" (new data: "C:\Program Files\Telstra\BigPond Assist\assist.exe") added in System Startup global entry!
    9/06/2006 5:52:00 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    9/06/2006 5:52:12 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    9/06/2006 5:53:02 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    9/06/2006 5:55:48 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    11/06/2006 12:08:06 AM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!
    12/06/2006 1:42:43 AM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") added in Browser Helper Object!


    & the attachment
    Thanks for your assistance

  8. #8
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default

    Quote Originally Posted by LonnyRJones
    Hi
    Not sure, if you suspect a file you can always get several opinions here
    Submit a file--VirusTotal: http://www.virustotal.com/flash/index_en.html
    What exactly does this site do with the information submited to them? Isnt the file I would need to upload from my registry? From everything ive ever heard it is a bad idea to share registry and system folder files and access. So how do I know I can trust this site?

    dont mean to sound offensive, in anyway.
    Thanks for your assistance

  9. #9
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    I dont understand why you denied all those
    basicly you should allow them if in doubt then go do some research to be sure.
    Do not use the remember desicion option in tea timer.

    Turn off Tea Timer (right-click its icon in the tray area near the windows clock and choose exit)
    If it is not in the tray area open SpyBot > mode > Advanced > tools >
    resident page and uncheck Tea Timer
    Close SpyBot if open.
    Download ResetTeaTimer.bat
    http://downloads.subratam.org/ResetTeaTimer.bat
    To your desktop, run ResetTeaTimer.bat.
    Since it will not be needed again delete ResetTeaTimer.bat.
    Turn Tea timer back on again via SpyBots tools resident page.

    I trust virustotal, does that help ?

    Those errors, I see them once and awhile to, not exactly the same ones.
    they are somewhat normal, unless you are seeing them all the times i suggest ignoring.

  10. #10
    Member
    Join Date
    Jun 2006
    Location
    Australia
    Posts
    33

    Default

    Quote Originally Posted by LonnyRJones
    I dont understand why you denied all those
    basicly you should allow them if in doubt then go do some research to be sure.
    Do not use the remember desicion option in tea timer.

    Turn off Tea Timer (right-click its icon in the tray area near the windows clock and choose exit)
    If it is not in the tray area open SpyBot > mode > Advanced > tools >
    resident page and uncheck Tea Timer
    Close SpyBot if open.
    Download ResetTeaTimer.bat
    http://downloads.subratam.org/ResetTeaTimer.bat
    To your desktop, run ResetTeaTimer.bat.
    Since it will not be needed again delete ResetTeaTimer.bat.
    Turn Tea timer back on again via SpyBots tools resident page.

    I trust virustotal, does that help ?

    Those errors, I see them once and awhile to, not exactly the same ones.
    they are somewhat normal, unless you are seeing them all the times i suggest ignoring.

    I dont understand, denied what?? Im just using basic spybot, and I used the immunise function.

    I also had probs with hpqtra08.exe. Is that just a hewett packard app or some virus (or whatnot) disguised as HP?

    Do you happen to know what those closing functions were?

    I Think that:
    itype: is MS keyboard software
    Thanks for your assistance

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •