Sign in to follow this  
nthisit

Lexplore+who Knows What Else Problems. Help Please!

Recommended Posts

leplore keeps coming up on my running programs plus other entries that I do not recognize. I ran adaware and HiJack This! I will post both logs. They did not capture what I found in my add remove program list but this piece of software did. It is CC Cleaner. I am sure you will recognize what does not belong. I have tried everything to delete them with no success. They are hidden now as they no longer show up on my main Add Remove program list. l explore is hidden somewhere too. My pc will start itsel and I have to battle it not to dial up my Internet connection. Internet 1 shows up on my Internet settings which I remove immediately. My RealPlayer even disappeared and I had to install it again. My Ad-Watch detected 23 events in a few minutes time. I have some processes blocked but I know that they are probably up and running again. I know enough about pcs that I can usually handle these types of invasions. Not this time! If you can help, it would be greatly appreciated. Thank you

 

 

CCCleaner

 

 

56K PCI Voice Modem SF-1156IV R9A

Ad-aware 6 Professional

Adobe Acrobat 4.0

Adobe Flash Player 9 ActiveX

Adobe Shockwave Player

AI RoboForm

America Online (Choose which version to remove)

AOL Uninstaller (Choose which Products to Remove)

CCleaner (remove only)

Creative Launcher

Creative PlayCenter

Creative Recorder

ESSCT

ESSEMAIL

ESSgui

ESShelp

ESSini

ESSPCD

ESSSONIC

ESSTOOLS

essvatgt

essvcpt

ESSvpaht

ESSvpot

Gateway Multi-function Keyboard

HijackThis 1.99.1

HLPIndex

HLPSFO

HP DeskJet 840C Series (Remove only)

J2SE Runtime Environment 5.0 Update 11

Kodak EasyShare software

KSU

Microsoft Home Publishing 2000

Microsoft Internet Explorer 6 SP1 and Internet Tools

Microsoft NetMeeting 2.11

Microsoft Picture It! Express 2000

Microsoft Web Publishing Wizard 1.6

Microsoft Word 2000

Microsoft Works 2000 Setup Launcher

Microsoft Works 2000

MWSnap 3

Notifier

NVIDIA Windows 95/98 Display Drivers

Ocean Express

OfotoXMI

OTtBPSDK

OTtBP

Panda ActiveScan

PC Pitstop Optimize 1.5

PhotoMAX SE

QBeez 2

QuickTime

RealPlayer Basic

SFR

SHASTA

SKIN0001

SKINXSDK

Sound Blaster Live! Value

Spybot - Search & Destroy 1.4

Ultimate Paint 2.88 Freeware Edition

Viewpoint Media Player

VPRINTOL

Water Bugs

WIRELESS

Word in Works Suite add-in

Yahoo! Install Manager

Yahoo! Toolbar

 

 

 

Adaware

 

 

 

Lavasoft Ad-aware Professional Build 6.181

Logfile created on :Sunday, March 25, 2007 4:07:57 PM

Using reference-file :01R217 08.09.2003

Computer name:W6G7U9

User name:(Unknown)

______________________________________________________

 

Reffile status:

=========================

Reference file loaded:

Reference Number : 01R217 08.09.2003

Internal build : 107

File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref

Total size : 574398 Bytes

Signature data size : 563299 Bytes

Reference data size : 11035 Bytes

Signatures total : 12937

Target categories : 10

Target families : 267

3-25-2007 4:07:41 PM Error retrieving update

 

 

Memory + processor status:

==========================

Number of processors : 1

Processor architecture : Intel Pentium III

Memory available:37 %

Total physical memory:261388 kb

Available physical memory:2240 kb

Total page file size:1835760 kb

Available on page file:1722908 kb

Total virtual memory:2093056 kb

Available virtual memory:2049024 kb

OS:Windows (ME)

 

Ad-aware Settings

=========================

Set : Activate in-depth scan (Recommended)

Set : Move deleted files to recycle bin

Set : Safe mode (always request confirmation)

Set : Skip non executable files

Set : Scan active processes

Set : Scan registry

Set : Deep scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan within archives

Set : Scan my Hosts file

 

Extended Ad-aware Settings

=========================

Set : Unload recognized processes during scanning

Set : Target objects on the Ad-watch filter list

Set : Reanalyze result after scanning, before displaying result list

Set : Run scan as background process (Low CPU usage)

Set : Include info about ignored objects in logfile, if detected in scan

Set : Include basic Ad-aware settings in logfile

Set : Include additional Ad-aware settings in logfile

Set : Include used command line parameters in logfile

Set : Include Computer and user name in logfile

Set : Automatically mark all objects in result list

Set : Let windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Completely reanalyze processes on change

Set : Block ActiveX installations

Set : Block IE save operations

Set : Block Popups and banned sites

Set : Automatically pop up event log if event occours

Set : Automatically save event log on close

Set : Log Ad-aware events

Set : Show splash screen

Set : Remember window positions

Set : Snap windows to desktop border

Set : Automatically look for updated reference files upon start

Set : Always back up reference file, before updating

Set : Create and save WebUpdate logfile

Set : Play sound if scan produced a result

 

 

3-25-2007 4:07:57 PM - Scan started. (Smart mode)

 

Listing running processes

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

#:1 [kernel32.dll]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4291784163

Threads : 4

Priority : High

FileSize : 524 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1991-2000

CompanyName : Microsoft Corporation

FileDescription : Win32 Kernel core component

InternalName : KERNEL32

OriginalFilename : KERNEL32.DLL

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:25:26 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:2 [msgsrv32.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294944899

Threads : 1

Priority : Normal

FileSize : 11 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1992-1998

CompanyName : Microsoft Corporation

FileDescription : Windows 32-bit VxD Message Server

InternalName : MSGSRV32

OriginalFilename : MSGSRV32.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:20 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:3 [mmtask.tsk]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294838415

Threads : 1

Priority : Normal

FileSize : 1 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright

CompanyName : Microsoft Corporation

FileDescription : Multimedia background task support module

InternalName : mmtask.tsk

OriginalFilename : mmtask.tsk

ProductName : Microsoft Windows

Created on : 1/20/2007 7:24:02 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:4 [mprexe.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294857927

Threads : 1

Priority : Normal

FileSize : 28 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1993-2000

CompanyName : Microsoft Corporation

FileDescription : WIN32 Network Interface Service Process

InternalName : MPREXE

OriginalFilename : MPREXE.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:20 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:5 [aolacsd.exe]

FilePath : C:\PROGRAM FILES\COMMON FILES\AOL\ACS\

ProcessID : 4294861955

Threads : 13

Priority : Normal

FileSize : 45 KB

FileVersion : 4.6.1.2

ProductVersion : 4.6.1.2

Copyright : Copyright

CompanyName : AOL LLC

FileDescription : AOL Connectivity Service

InternalName : AOLacsd

OriginalFilename : AOLacsd.exe

ProductName : AOL Connectivity Service

Created on : 10/23/2006 12:50:35 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 10/23/2006 12:50:36 PM

 

#:6 [explorer.exe]

FilePath : C:\WINDOWS\

ProcessID : 4294889767

Threads : 12

Priority : Normal

FileSize : 220 KB

FileVersion : 5.50.4134.100

ProductVersion : 5.50.4134.100

Copyright : Copyright © Microsoft Corp. 1981-2000

CompanyName : Microsoft Corporation

FileDescription : Windows Explorer

InternalName : explorer

OriginalFilename : EXPLORER.EXE

ProductName : Microsoft® Windows ® 2000 Operating System

Created on : 1/20/2007 7:22:13 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:7 [systray.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294812939

Threads : 2

Priority : Normal

FileSize : 36 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1993-2000

CompanyName : Microsoft Corporation

FileDescription : System Tray Applet

InternalName : SYSTRAY

OriginalFilename : SYSTRAY.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:24 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:8 [wmiexe.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294813503

Threads : 3

Priority : Normal

FileSize : 16 KB

FileVersion : 4.90.2452.1

ProductVersion : 4.90.2452.1

Copyright : Copyright © Microsoft Corp. 1981-1999

CompanyName : Microsoft Corporation

FileDescription : WMI service exe housing

InternalName : wmiexe

OriginalFilename : wmiexe.exe

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:27 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:9 [rnaapp.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294644983

Threads : 3

Priority : Normal

FileSize : 56 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1992-1996

CompanyName : Microsoft Corporation

FileDescription : Dial-Up Networking Application

InternalName : RNAAPP

OriginalFilename : RNAAPP.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:22 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:10 [tapisrv.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294651839

Threads : 6

Priority : Normal

FileSize : 120 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1994-1998

CompanyName : Microsoft Corporation

FileDescription : Microsoft

InternalName : Telephony Service

OriginalFilename : TAPISRV.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:25 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:11 [spool32.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294515591

Threads : 2

Priority : Normal

FileSize : 44 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1994 - 1998

CompanyName : Microsoft Corporation

FileDescription : Spooler Sub System Process

InternalName : spool32

OriginalFilename : spool32.exe

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:23 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:12 [ddhelp.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294499239

Threads : 6

Priority : Realtime

FileSize : 32 KB

FileVersion : 4.09.00.0900

ProductVersion : 4.09.00.0900

Copyright : Copyright

CompanyName : Microsoft Corporation

FileDescription : Microsoft DirectX Helper

InternalName : DDHelp.exe

OriginalFilename : DDHelp.exe

ProductName : Microsoft

Created on : 1/31/2007 6:19:10 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 12/12/2002 5:14:32 AM

 

#:13 [waol.exe]

FilePath : C:\PROGRAM FILES\AMERICA ONLINE 9.0\

ProcessID : 4294740751

Threads : 18

Priority : Normal

FileSize : 253 KB

FileVersion : 9.00.001

ProductVersion : 9.00.001

Copyright : Copyright © America Online, Inc. 1999 - 2004

CompanyName : America Online, Inc.

FileDescription : AOL

InternalName : WAOL

OriginalFilename : WAOL

ProductName : America Online

Created on : 3/12/2007 11:53:48 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 5/7/2004 9:54:36 PM

 

#:14 [shellmon.exe]

FilePath : C:\PROGRAM FILES\AMERICA ONLINE 9.0\

ProcessID : 4294679811

Threads : 1

Priority : Normal

FileSize : 37 KB

FileVersion : 9.00.001

ProductVersion : 9.00.001

Copyright : Copyright © America Online, Inc. 1999 - 2004

CompanyName : America Online, Inc.

FileDescription : setupdb

InternalName : setupdb

OriginalFilename : setupdb

ProductName : America Online

Created on : 3/12/2007 11:53:48 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 5/7/2004 9:54:30 PM

 

#:15 [aoltpspd.exe]

FilePath : C:\PROGRAM FILES\COMMON FILES\AOL\

ProcessID : 4294532899

Threads : 3

Priority : Normal

FileSize : 481 KB

FileVersion : 1, 1, 0, 0

ProductVersion : [v1.1-4] On Tue 03/16/2004 21:24:09.18

Copyright : Copyright

CompanyName : America Online Inc

FileDescription : AOL TopSpeed

InternalName : AOL TopSpeed

OriginalFilename : aoltpspd.exe

ProductName : AOL TopSpeed

Created on : 1/19/2007 10:09:19 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 5/7/2004 9:53:52 PM

 

#:16 [ad-watch.exe]

FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\

ProcessID : 4294444143

Threads : 3

Priority : Normal

FileSize : 383 KB

FileVersion : 3.1.2.17

ProductVersion : 3.0

Copyright : 2001-2003 Team Lavasoft

CompanyName : Lavasoft Sweden

FileDescription : Ad-watch Monitor

InternalName : Ad-watch.exe

OriginalFilename : Ad-watch.exe

ProductName : Ad-aware 6

Created on : 1/20/2007 9:51:49 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 2/13/2003 3:04:42 AM

 

#:17 [stimon.exe]

FilePath : C:\WINDOWS\SYSTEM\

ProcessID : 4294325447

Threads : 5

Priority : Normal

FileSize : 27 KB

FileVersion : 4.90.3000.1

ProductVersion : 4.90.3000.1

Copyright : Copyright © Microsoft Corp. 1981-2000

CompanyName : Microsoft Corporation

FileDescription : Still Image Devices Monitor

InternalName : STIMON

OriginalFilename : STIMON.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:24 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:18 [notepad.exe]

FilePath : C:\WINDOWS\

ProcessID : 4294586411

Threads : 3

Priority : Normal

FileSize : 52 KB

FileVersion : 4.90.3000

ProductVersion : 4.90.3000

Copyright : Copyright © Microsoft Corp. 1991-1998

CompanyName : Microsoft Corporation

FileDescription : Notepad

InternalName : Notepad

OriginalFilename : NOTEPAD.EXE

ProductName : Microsoft® Windows® Millennium Operating System

Created on : 1/20/2007 7:26:21 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 6/8/2000 10:00:00 PM

 

#:19 [ad-aware.exe]

FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\

ProcessID : 4294748491

Threads : 2

Priority : Idle

FileSize : 724 KB

FileVersion : 6.0.1.183

ProductVersion : 6.0.0.0

Copyright : Copyright

CompanyName : Lavasoft Sweden

FileDescription : Ad-aware 6 core application

InternalName : Ad-aware.exe

OriginalFilename : Ad-aware.exe

ProductName : Lavasoft Ad-aware Plus

Created on : 1/20/2007 9:51:50 PM

Last accessed : 3/25/2007 5:00:00 AM

Last modified : 7/13/2003 3:01:58 AM

 

Memory scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

Started registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

Started deep registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Deep registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

 

Deep scanning and examining files (C:)

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

4:09:08 PM Scan complete

 

Summary of this scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Total scanning time :00:01:10:250

Objects scanned :32266

Objects identified :0

Objects ignored :0

New objects :0

 

 

 

HiJack This!

 

Logfile of HijackThis v1.99.1

Scan saved at 4:05:43 PM, on 3/25/2007

Platform: Windows ME (Win9x 4.90.3000)

MSIE: Unable to get Internet Explorer version!

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\RNAAPP.EXE

C:\WINDOWS\SYSTEM\TAPISRV.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\AMERICA ONLINE 9.0\WAOL.EXE

C:\PROGRAM FILES\AMERICA ONLINE 9.0\SHELLMON.EXE

C:\PROGRAM FILES\COMMON FILES\AOL\AOLTPSPD.EXE

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\AD-WATCH.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"

O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe

O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: RoboForm Options - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html

O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Set Fields - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html

O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

Share this post


Link to post
Share on other sites

I don't see any malware in either of your logs.

 

CCleaner must be downloaded by the user...it is not a 'drive-by' application and it isn't malware:

http://www.ccleaner.com/

 

I don't see an active firewall or anti-virus program running. This is dangerous even if you're on dial-up. Please take a look at these free programs and download one of them to help keep your computer safe:

 

AVG makes an

excellent free antivirus client, as do

AntiVir

avast!.

 

Please make sure to run your antivirus software regularly, and

to keep it up-to-date.

 

Some good free firewalls are

ZoneAlarm,

Kerio, or

Outpost

A tutorial on understanding and using firewalls may be found

here.

Share this post


Link to post
Share on other sites
I don't see any malware in either of your logs.

 

CCleaner must be downloaded by the user...it is not a 'drive-by' application and it isn't malware:

http://www.ccleaner.com/

 

I don't see an active firewall or anti-virus program running. This is dangerous even if you're on dial-up. Please take a look at these free programs and download one of them to help keep your computer safe:

 

AVG makes an

excellent free antivirus client, as do

AntiVir

avast!.

 

Please make sure to run your antivirus software regularly, and

to keep it up-to-date.

 

Some good free firewalls are

ZoneAlarm,

Kerio, or

Outpost

A tutorial on understanding and using firewalls may be found

here.

Share this post


Link to post
Share on other sites

I'm sorry, I am not making myself clear. I downloaded CCCleaner, it is what the software found that isn't showing up anywhere else that I wanted you to look at. The following items are impossible for me to delete.

 

ESSCT

ESSEMAIL

ESSgui

ESShelp

ESSini

ESSPCD

ESSSONIC

ESSTOOLS

essvatgt

essvcpt

ESSvpaht

ESSvpot

OTtBPSDK

OTtBP

SHASTA

WIRELESS

 

 

These were all in my add remove programs area. I tried to uninstall them and it said that I did, but they keep coming up. lexplore is still coming up also. I had to disconnect and reconnect 3 times to even make this reply. AdWatch has noted 26 events since I posted my first post. Most of them are about dialers trying to dial. My pc is up there in age. With anti-virus program on it it becomes very slow which is no excuse but the reason for not having that or a firewall on.

 

Do you know what any of the above processes are? They are hidden as they are not showing up on anything but CCCleaner and CCCleaner cannot remove them. I keep getting message that MSI Installer cannot be deleted. Sorry for all the trouble. Thanks for the reply

Share this post


Link to post
Share on other sites

okay, these all belong to programs that you either have or had on your computer. Every one of these are legit.

 

Kodak EasyShare

ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}

ESSEMAIL --> MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}

ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}

ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}

ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}

ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}

ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}

ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}

essvcpt --> MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}

ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}

ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}

 

OFoto

OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}

OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}

 

Sonic (I think)

SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}

SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}

SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}

 

WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}

 

msiexec.exe belongs to the Windows Installer Component and is used to install new programs that use Windows Installer package files (MSI).

msiexec.exe should not be disabled. It required for essential applications to work properly.

This program is important for the stable and secure running of your computer and should not be terminated

Share this post


Link to post
Share on other sites

About Internet Explorer:

 

Currently, almost all Internet users use either Microsoft's Internet Explorer (MSIE) browser or Netscape (now part of AOL), and many users use both. Although Netscape was initially the predominant product in terms of usability and number of users, Microsoft's browser is generally considered superior by many users (although many other users see them as roughly equivalent) and has taken a significant lead in usage. Netscape's browser, called "Navigator," was developed in 1995.

Share this post


Link to post
Share on other sites
Sign in to follow this