• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
appollo

UcSearch

10 posts in this topic

Could somebody check my log please?

 

 

Logfile of HijackThis v1.97.7

Scan saved at 18:20:09, on 09.05.2004

Platform: Windows 2000 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

E:\Programme\Sygate Firewall\Smc.exe

E:\Programme\Anti-Virus\AVGUARD.EXE

E:\Programme\Anti-Virus\AVWUPSRV.EXE

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\locator.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\cisvc.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\Explorer.exe

C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

E:\Programme\Anti-Virus\AVGNT.EXE

C:\WINNT\System32\internat.exe

E:\Programme\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\WINNT\system32\cidaemon.exe

C:\Programme\Windows Media Player\mplayer2.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Microsoft Office\Office\WINWORD.EXE

E:\PROGRA~1\WINZIP\winzip32.exe

C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1.1\SDHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [MSConfig] C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\msconfig.exe /auto

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [smcService] E:\PROGRA~1\SYGATE~1\smc.exe -startgui

O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AVGCtrl] E:\Programme\Anti-Virus\AVGNT.EXE /min

O4 - HKCU\..\Run: [internat.exe] internat.exe

O9 - Extra 'Tools' menuitem: Sun Java Konsole (HKLM)

O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll

O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {103DFAE7-50CC-41FC-9D57-1A4BCA0DFD87} (Upload Control) - http://img.web.de/v/mail/mms/activex/mms_upload_1111.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab

O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...326/mcfscan.cab

 

Thanks

Share this post


Link to post
Share on other sites

Have Hijack This fix the following by placing a check in the appropriate box and hitting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/

Reboot after fixing.

 

Your log shows that MSConfig is running at startup. This indicates that you may be using "diagnostic startup" rather than "normal startup", to stop something running. While this is OK, when looking for malware, it is possible that you have disabled it, and it will not then show up in the Hijack this log. Before posting a fresh log, would you please open MSConfig, and choose the "normal startup" option. Then everything will be running, and if anything needs removal, we can give appropriate advice.

Share this post


Link to post
Share on other sites

OK, done...and here the new log on normal start-up

 

 

 

 

 

 

 

Logfile of HijackThis v1.97.7

Scan saved at 22:12:09, on 21.05.2004

Platform: Windows 2000 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

E:\Programme\Sygate Firewall\Smc.exe

C:\WINNT\system32\svchost.exe

C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe

C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\cisvc.exe

C:\WINNT\System32\svchost.exe

E:\Programme\Norton2\AdvTools\NPROTECT.EXE

C:\WINNT\System32\locator.exe

C:\WINNT\system32\MSTask.exe

C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\Explorer.exe

C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe

C:\WINNT\System32\internat.exe

E:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

E:\Programme\WinZip\WZQKPICK.EXE

E:\Programme\Norton2\navapsvc.exe

E:\Programme\Norton2\SAVScan.exe

E:\PROGRA~1\WINZIP\winzip32.exe

C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\HijackThis.exe

C:\WINNT\system32\cidaemon.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1.1\SDHelper.dll

O2 - BHO: (no name) - {78107754-8839-427A-B79B-AB378622E1BF} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Programme\Norton2\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Programme\Norton2\NavShExt.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [smcService] E:\PROGRA~1\SYGATE~1\smc.exe -startgui

O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AVGCtrl] E:\Programme\Anti-Virus\AVGNT.EXE /min

O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\Norton2\AdvTools\ADVCHK.EXE

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] E:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = E:\Programme\WinZip\WZQKPICK.EXE

O9 - Extra 'Tools' menuitem: Sun Java Konsole (HKLM)

O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll

O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {103DFAE7-50CC-41FC-9D57-1A4BCA0DFD87} (Upload Control) - http://img.web.de/v/mail/mms/activex/mms_upload_1111.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab

O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...326/mcfscan.cab

 

 

Could somebody please check this? I'm curious about entry "02 BHO No Name"

Thank You

Edited by appollo

Share this post


Link to post
Share on other sites

It probably got buried under the mountain of posts here.

 

Click here to download and install Registrar Lite. Install, run, copy and paste this line to reglite's address bar:

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

 

and hit the "go" tab. Find: "Appinit_Dlls" value on the right side panel, DoubleClick, copy and post here the information in the 'Value' field.

 

Download 'Dllfix.exe' from here. It is a self-extracting archive; double click on it. Open the DLLFIX folder and double click on Start.bat.

 

At the main menu, press '1' (Run Find-All by FreeAtLast) and enter. Let the program run. When finished, press 'E' to exit. Open the DLLFix folder. Post the contents of Output.txt in this thread.

Share this post


Link to post
Share on other sites

o.k first the „reg lite“...the „value“ field is empty.

Below the readout for „dll fix“

 

--==***@@@ FIND-ALL' VERSION MODIFIED -6/05 @@@***==--

--==***@@@ ORIGINAL BY FREEATLAST @@@***==--

 

Mo 07.06.2004

21:25

 

System Info:

 

Microsoft Windows 2000 [Version 5.00.2195]

E: " e" (8D94:E6E1) - FS:NTFS clusters:1k

Total: 1 052 803 072 [1.0G] - Free: 467 039 232 [445M]

 

 

*IE version and Service packs:

6.0.2800.1106 C:\Programme\Internet Explorer\Iexplore.exe

*Notepad version :

5.0.2140.1 C:\WINNT\system32\notepad.exe

5.0.2140.1 C:\WINNT\notepad.exe

*Media Player version :

9.0.0.2980 C:\Programme\Windows Media Player\wmplayer.exe

 

! REG.EXE VERSION 2.0

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings

MinorVersion REG_SZ ;SP1;

 

 

 

Locked or 'Suspect' file(s) found...

 

 

Scanning for main Hijacker:

 

 

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

"DeviceNotSelectedTimeout"="15"

"GDIProcessHandleQuota"=dword:00002710

"Spooler"="yes"

"swapdisk"=""

"TransmissionRetryTimeout"="90"

"USERProcessHandleQuota"=dword:00002710

 

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

@=""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ReadMe-BHODemon]

@="This BHO has been enabled by BHODemon."

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78107754-8839-427A-B79B-AB378622E1BF}]

 

REGEDIT4

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter]

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\Class Install Handler]

@="AP Class Install Handler filter"

"CLSID"="{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}"

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\deflate]

@="AP Deflate Encoding/Decoding Filter "

"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\gzip]

@="AP GZIP Encoding/Decoding Filter "

"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\lzdhtml]

@="AP lzdhtml encoding/decoding Filter"

"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\text/plain]

"CLSID"="{C4AA1FE8-33E3-4BD8-B73F-07CB93723597}"

 

[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\text/webviewhtml]

@="WebView MIME Filter"

"CLSID"="{733AC4CB-F1A4-11d0-B951-00A0C90312E1}"

 

 

! REG.EXE VERSION 2.0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

AppInit_Dlls REG_SZ

 

*Security settings for 'Windows' key:

 

 

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above

Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)

This program is Freeware, use it on your own risk!

 

Access Control List for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:

(NI) ALLOW Read VORDEFINIERT\Benutzer

(IO) ALLOW Read VORDEFINIERT\Benutzer

(NI) ALLOW Read VORDEFINIERT\Hauptbenutzer

(IO) ALLOW Read VORDEFINIERT\Hauptbenutzer

(NI) ALLOW Full access VORDEFINIERT\Administratoren

(IO) ALLOW Full access VORDEFINIERT\Administratoren

(NI) ALLOW Full access NT-AUTORITŽT\SYSTEM

(IO) ALLOW Full access NT-AUTORITŽT\SYSTEM

(NI) ALLOW Full access VORDEFINIERT\Administratoren

(IO) ALLOW Full access ERSTELLER-BESITZER

 

Effective permissions for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:

Read VORDEFINIERT\Benutzer

Read VORDEFINIERT\Hauptbenutzer

Full access VORDEFINIERT\Administratoren

Full access NT-AUTORITŽT\SYSTEM

 

 

 

Thanks for speedy reply, what now?

Share this post


Link to post
Share on other sites

I can't see any signs of a hidden hijacker. Click here to download CWShredder by Merijn Bellekom and run it, hit 'fix' as opposed to 'scan only'. Reboot when done.

 

Click here to download Ad-Aware and install. Before scanning click on "check for updates now" to make sure you have the latest reference file. Then click the gear wheel at the top and check these options:

 

General> activate these: "Automatically save log-file" and "Automatically quarantine objects prior to removal"

 

Scanning > activate these: "Scan within archives", "Scan active processes", "Scan registry", "Deep scan registry", "Scan my IE Favorites for banned sites" and "Scan my Hosts file"

 

Tweaks > Scanning Engine> activate this: "Unload recognized processes during scanning."

 

Tweaks > Cleaning Engine: activate these: "Automatically try to unregister objects prior to deletion" and "Let Windows remove files in use after reboot."

 

Click "Proceed" to save your settings, then click "Start", make sure "Activate in-depth scan" is ticked green then scan your system. When the scan is finished, the screen will tell you if anything has been found, click "Next". The bad files will be listed, right click the pane and click "Select all objects" - this will put a check mark in the box at the side, click "Next" again and click "OK" at the prompt "# objects will be removed. Continue?".

 

Reboot when done.

 

Create a new folder called C:\HijackThis, move the HijackThis.exe file into the new folder and run it from there. This is necessary to ensure you have backups should anything go wrong.

 

Make sure that you have no browser windows open as this could prevent the fix from working properly. Open HijackThis, scan and when complete, remove the following entries by checking the box to the left and clicking 'fixed checked':

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\mrhop.dll/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O2 - BHO: (no name) - {78107754-8839-427A-B79B-AB378622E1BF} - (no file)

 

Reboot when done, rescan with HJT and post a new log here for a final check over.

Share this post


Link to post
Share on other sites

o.k., CW Shredder found & removed six infected I.E. Reg values.

Next, old AVGaurd out, Ad-Aware in, six new objects found and removed, good ol’ Ad-Aware!

And finally, below, the new Hijack this scan.

 

Logfile of HijackThis v1.97.7

Scan saved at 00:34:33, on 09.06.2004

Platform: Windows 2000 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

E:\Programme\Sygate Firewall\Smc.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\locator.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\Explorer.exe

C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

E:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\WINNT\System32\internat.exe

E:\Programme\WinZip\WZQKPICK.EXE

E:\PROGRA~1\WINZIP\winzip32.exe

C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1.1\SDHelper.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [smcService] E:\PROGRA~1\SYGATE~1\smc.exe -startgui

O4 - HKLM\..\Run: [AVGCtrl] E:\Programme\Anti-Virus\AVGNT.EXE /min

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] E:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = E:\Programme\WinZip\WZQKPICK.EXE

O9 - Extra 'Tools' menuitem: Sun Java Konsole (HKLM)

O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll

O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {103DFAE7-50CC-41FC-9D57-1A4BCA0DFD87} (Upload Control) - http://img.web.de/v/mail/mms/activex/mms_upload_1111.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab

O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.johannrain-softwareentwicklung....bitdefender.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...326/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3C06107C-89F6-4D4D-8FAC-EC6B85BC68FE}: NameServer = 192.168.0.1

 

In attempting to remove old MS Java (instructions from http://www.winnetmag.com/Article/ArticleID/38206/38206.html ), I had some problems...perhaps you could help me with later, or re-direct me elsewhere. Tanx again.

Share this post


Link to post
Share on other sites

Not really a problem, but I’ve got a question on MS Java.......

I tried to deinstall it but it won’t go away so I’ve changed the Internet security setting on Java VM from“ high“ security to „deactivate“. Am I compromising security in doing this? Sorry to be such a nuisance but I’m a „newbie“ to a lot of this .

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0