• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
dburkhead

"Out of memory" errors and software crashes

6 posts in this topic

I was chugging along nicely yesterday, working on some software in VB 6.0 (the programming environment we use here) when suddenly my computer started acting "flaky." I had email running in the background (OE--what I have at work, I use Thunderbird at home), and I had checked email from time to time and cleaned out the "spam folder" a short time before.

 

Series of symptoms:

 

The computer is a Windows 2000 system, P4 Celeron type, with 2.5 GB of memory. The security is supposed to be McAfee, provided by ATT (our DSL provider).

 

- "Out of Memory" error when trying to copy a couple of short lines of code in a VB6.0 project. This was my initial indicator of a problem.

- Internet Explorer (I do not use it for browsing--I use Firefox) trying to open but crashing and generating a dialog to send an error report.

(At this point thought maybe just had corrupted settings so restart the computer.)

- On reboot a Hex editor (For files) program that we have opens with the contents of a file called "net.net" (Immediately begin thinking virus/worm/trojan.)

- Note that the McAfee icon is missing from the system tray.

- Try to start McAfee from the Start menu. Doesn't start.

(Getting big "uh oh" here. Go to another computer and do a search on McAfee's website for "net.net" (it's popping up in the hex editor without

any prompting from me made it a suspicious file.) It comes up as a potential trojan, so I try to use McAfee from this other computer to scan the file on the one having the problems.

- Comes up as infected with the "Adclicker.c" trojan, which matches what I found on McAfee's site for that.

McAfee had quarantined the file, so try rebooting the troublesome computer again.

- The hex editor does not come up, but....

- IE still tries to start and still crashes.

- McAfee is not in the system tray and does not start from the start menu.

- OE (which starts automatically on boot) _does_ start OK and gets messages.

Okay, so I figure to try an online virus scan from McAfee or Symantec (possibly run quicker than the remote scan from the other computer and I'm uncertain whether the remote scan will get the MBR). Attempt to use FireFox to go to the McAfee website.

- Firefox crashes when I attempt to start it.

- When I attempt to write a message in OE, I get a "not enough memory" error.

- And, IE keeps trying to start and keeps crashing.

Attempted to use McAfee on the other computer to scan the C drive on the faulty computer. That was slow so I let it run overnight.

- Only about half done when I came in. Had found 5 items and quarantined 3.

 

Other things I have found:

- "Search" doesn't work on the faulty computer.

- "Add/Remove Programs" won't fully open. Get the window but nothing in it.

- In some cases when IE is trying to open (on its own), instead of the

"ordinary" crash, I get a "memory could not be read" error.

- In the task manager, I see some McAfee processes running even though I cannot open the security center.

 

HiJack This log:

Logfile of HijackThis v1.99.1

Scan saved at 9:44:13 AM, on 7/7/2009

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\csrss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\Program Files\CMS Products\BounceBack Express\BBWatcherService.exe

C:\PROGRA~1\Iomega\System32\AppServices.exe

c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe

c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\Program Files\McAfee\VirusScan\McShield.exe

C:\WINNT\system32\mgabg.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\sopidkc.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\Explorer.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe

C:\WINNT\system32\rundll32.exe

C:\WINNT\system32\DrvMon.exe

C:\WINNT\system32\internat.exe

C:\DOCUME~1\user\LOCALS~1\Temp\b.exe

C:\Program Files\Sony Handheld\Hotsync.exe

D:\Program Files\Keyboard Express 3\keyexp.exe

C:\Program Files\POPFile\wperl.exe

C:\Program Files\Microsoft Office\Office\1033\msoffice.exe

C:\Program Files\CMS Products\BounceBack Express\BBLauncher.exe

C:\downloads\Security\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asmicro.com/Corporate/personal_notes.htm

O1 - Hosts: 66.220.2.7 cs # quick shortcut to cold servings

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Implements Jammer - {09F0F280-FB9A-481B-B69A-CB00DC44D027} - C:\PROGRA~1\ADVANC~1\POPUPJ~1.DLL

O2 - BHO: Watch for Browser Events - {42A7CE31-CEE7-4CCE-A060-A44A7E52E062} - D:\PROGRA~1\KEYBOA~1\kie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [igfxTray] C:\WINNT\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe

O4 - HKLM\..\Run: [Matrox PowerDesk SE] "c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"

O4 - HKLM\..\Run: [autochk] rundll32.exe C:\WINNT\system32\autochk.dll,_IWMPEvents@16

O4 - HKCU\..\Run: [DrvMon.exe] C:\WINNT\system32\DrvMon.exe

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\user\LOCALS~1\Temp\b.exe

O4 - HKCU\..\Run: [autochk] rundll32.exe C:\DOCUME~1\DEFAUL~1\protect.dll,_IWMPEvents@16

O4 - Startup: BounceBack Launcher.lnk = C:\Program Files\CMS Products\BounceBack Express\BBStartup.exe

O4 - Startup: ChkDisk.dll

O4 - Startup: ChkDisk.lnk = C:\WINNT\system32\rundll32.exe

O4 - Startup: Outlook Express.lnk = C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\Hotsync.exe

O4 - Global Startup: Keyboard Express 3.lnk = D:\Program Files\Keyboard Express 3\keyexp.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Run POPFile in background.lnk = C:\Program Files\POPFile\wperl.exe

O4 - Global Startup: Shortcut to announce.lnk = C:\docs\announce.txt

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://i.a.cnn.net/cnn/resources/cult3d/cult.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/2124d99c683354...ip/RdxIE601.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124723857703

O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://gateway.cf1live.com/eSupport/static...h/weblaunch.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://liveca06.custhelp.com/6011-b355h/rnl/java/RntX.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...805/mcfscan.cab

O20 - AppInit_DLLs: ,C:\DOCUME~1\user\LOCALS~1\Temp\611041703640mxx.dll

O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll

O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: BBWatcherService - CMS Products™, Inc. - C:\Program Files\CMS Products\BounceBack Express\BBWatcherService.exe

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINNT\system32\drivers\CDAC11BA.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe

O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe

O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe

O23 - Service: Matrox.Pdesk.ServicesHost - Matrox Graphics Inc - c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINNT\system32\mgabg.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: sopidkc Service (sopidkc) - NewYork DVD LT - C:\WINNT\system32\sopidkc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Share this post


Link to post
Share on other sites

On a suggestion I got from another venue, I'm taking the hard drive out of the computer and putting it into another as a secondary (non-boot) drive so I can run various anti-virus and anti-malware software on it. The original suggestion was to use a USB enclosure to connect it but I don't have a USB enclosure to hand but I do have a test-bed computer I can work on, one with a fresh complete drive image so I can always get back to my starting configuration.

Share this post


Link to post
Share on other sites

Hi,

I'm nasdaq and will be helping you.

 

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

 

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

 

O4 - HKLM\..\Run: [autochk] rundll32.exe C:\WINNT\system32\autochk.dll,_IWMPEvents@16

O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\user\LOCALS~1\Temp\b.exe

O4 - HKCU\..\Run: [autochk] rundll32.exe C:\DOCUME~1\DEFAUL~1\protect.dll,_IWMPEvents@16

O4 - Startup: ChkDisk.dll

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/2124d99c683354...ip/RdxIE601.cab

O20 - AppInit_DLLs: ,C:\DOCUME~1\user\LOCALS~1\Temp\611041703640mxx.dll

O23 - Service: sopidkc Service (sopidkc) - NewYork DVD LT - C:\WINNT\system32\sopidkc.exe

 

Click on Fix Checked when finished and exit HijackThis.

 

Delete these files in bold.

 

C:\WINNT\system32\autochk.dll

C:\WINNT\system32\ChkDisk.dll

C:\DOCUME~1\user\LOCALS~1\Temp\b.exe

C:\DOCUME~1\DEFAUL~1\protect.dll

C:\DOCUME~1\user\LOCALS~1\Temp\611041703640mxx.dll

C:\WINNT\system32\sopidkc.exe

 

Please run Notepad and copy the following text into a new file:

 

sc config sopidkc start= disabled

sc stop sopidkc

sc delete sopidkc

 

Save the file to the desktop as remove.bat and make sure the "Save as type" field says "All files". Locate remove.bat on the Desktop and double-click on it to run it. A DOS box will open and close, that is normal.

If any errors errors encountered please post.

When done you can delete the remove.bat file.

 

Restart the computer normally.

 

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

Link 1

Link 2

Link 3

 

 

**Note: It is important that it is saved directly to your desktop**

 

--------------------------------------------------------------------

 

1. Close any open browsers.

 

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

 

3. Do not install any other programs until this if fixed.

--------------------------------------------------------------------

 

Double click on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new HijackThis log for further review.

Note:

Do not mouseclick combofix's window while it's running. That may cause it to stall

 

p.s. before you submit the logs please download and install the latest version of HijackThis v2.0.2:

 

CLICK HERE to download the HijackThis Installer:

  1. Save HJTInstall.exe to your desktop.
  2. Double-click on HJTInstall.exe to run the program.
  3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
  4. Accept the license agreement by clicking the "I Accept" button.
  5. Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
  6. Click "Save log" to save the log file and then the log will open in Notepad.
  7. Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
  8. Come back here to this thread and paste the log in your next reply.
  9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

Delete the older version once you have successfully downloaded and installed the latest version.

 

Submit the logs.

 

Let me know what problem persists.

Share this post


Link to post
Share on other sites

Thanks,

 

Since this is a mission critical computer, I've been following a somewhat different path.

 

Here's what I've done:

 

Put a new (actually factory refubished) HD into a test-bed computer and "restored" a disk image to it from this past February (recent enough as far as software is concerned--data has been backed up as soon as we started having trouble, using remote access from another computer since file copy-move in Windows Explorer was one of the things broken. The the new drive into the computer and restarted.

 

When the computer started up, everything ran fine, then I closed up the case and it died shortly after startup (locked solid). Opened up the case again and it ran fine.

 

Looks like heat at this point.

 

If that's not sufficient to explain my original problems I can put the old drive into the test bed as a secondary drive and run whatever tests are appropriate on it.

 

At the moment, my HJT log for the "fixed" system is:

 

Logfile of HijackThis v1.99.1

Scan saved at 5:51:44 PM, on 7/9/2009

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\csrss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Intel\ASF Agent\ASFAgent.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\PROGRA~1\Iomega\System32\AppServices.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\Program Files\McAfee\VirusScan\McShield.exe

C:\WINNT\system32\mgabg.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINNT\system32\stisvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\svchost.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINNT\system32\PDesk\PDesk.exe

C:\WINNT\system32\DrvMon.exe

C:\WINNT\system32\internat.exe

C:\Program Files\CMS Peripherals\BounceBack Express\BBLauncher.exe

C:\Program Files\Sony Handheld\Hotsync.exe

D:\Program Files\Keyboard Express 3\keyexp.exe

C:\Program Files\POPFile\wperl.exe

C:\Program Files\Microsoft Office\Office\1033\msoffice.exe

c:\PROGRA~1\mcafee\msc\mcuimgr.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\wuauclt.exe

C:\Znobackup\David\randomSIG.exe

C:\Program Files\Dell\OpenManage\Client\Iap.exe

C:\WINNT\system32\dllhost.exe

C:\WINNT\system32\msdtc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\downloads\Security\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asmicro.com/Corporate/personal_notes.htm

O1 - Hosts: 66.220.2.7 cs # quick shortcut to cold servings

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Implements Jammer - {09F0F280-FB9A-481B-B69A-CB00DC44D027} - C:\PROGRA~1\ADVANC~1\POPUPJ~1.DLL

O2 - BHO: Watch for Browser Events - {42A7CE31-CEE7-4CCE-A060-A44A7E52E062} - D:\PROGRA~1\KEYBOA~1\kie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINNT\system32\PDesk\PDesk.exe /Autolaunch

O4 - HKCU\..\Run: [DrvMon.exe] C:\WINNT\system32\DrvMon.exe

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - Startup: Outlook Express.lnk = C:\Program Files\Outlook Express\msimn.exe

O4 - Startup: palmOne Registration.lnk = C:\Program Files\Sony Handheld\register.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BounceBack Launcher.lnk = C:\Program Files\CMS Peripherals\BounceBack Express\BBLauncher.exe

O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\Hotsync.exe

O4 - Global Startup: Keyboard Express 3.lnk = D:\Program Files\Keyboard Express 3\keyexp.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Run POPFile in background.lnk = C:\Program Files\POPFile\wperl.exe

O4 - Global Startup: Shortcut to announce.lnk = C:\docs\announce.txt

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://i.a.cnn.net/cnn/resources/cult3d/cult.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/2124d99c683354...ip/RdxIE601.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124723857703

O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://gateway.cf1live.com/eSupport/static...h/weblaunch.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://liveca06.custhelp.com/6011-b355h/rnl/java/RntX.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...805/mcfscan.cab

O23 - Service: McAfee Application Installer Cleanup (0205481247156910) (0205481247156910mcinstcleanup) - McAfee, Inc. - C:\WINNT\TEMP\020548~1.EXE

O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINNT\system32\drivers\CDAC11BA.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe

O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe

O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe

O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINNT\system32\mgabg.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Share this post


Link to post
Share on other sites

The log is clean.

 

Please consider updating your Windows 2000 to SP4.

 

http://support.microsoft.com/kb/260910

 

===

For your information.

Microsoft Support Lifecycle

http://support.microsoft.com/lifecycle/?p1=3071

===

 

Your computer may be at risk with an old version of Java. Check it out.

 

Updating Java

  • Download the latest version of Java Runtime Environment (JRE) 6u14.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 14".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    • Java 2 Runtime Environment, SE v1.4.2
    • J2SE Runtime Environment 5.0
    • J2SE Runtime Environment 5.0 Update 6
    • J2SE Runtime Environment 6.0 Update 6

    [*]Click the Remove or Change/Remove button.

    [*]Repeat as many times as necessary to remove each Java versions.

    [*]Reboot your computer once all Java components are removed.

    [*]Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version.

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0