[triadtechtalk] Re: Hijackthis

• From: "Juanita Kimble" <jkimble@xxxxxxxxxx>
• To: <triadtechtalk@xxxxxxxxxxxxx>
• Date: Sun, 25 Feb 2007 20:05:49 -0600

The reason I ran hijackthis. I keep getting a popup from zone alarm 
iexplore.exe wants to moniter my computer and could also know every keystroke 
and mouse move. I think it might be genuine advantage from Microsoft update. It 
did say optional I installed it anyway. Should I go back and restore. Leave 
that off and see if I still get it?

Kind of liked your joke. Must be a real mean old horse!

Juanita
  ----- Original Message ----- 
  From: Armando Barreiro 
  To: Triad techtalk 
  Sent: Sunday, February 25, 2007 3:15 PM
  Subject: [triadtechtalk] Re: Hijackthis


  All seems O.K. but for 
  " 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess -"
  when put through the grinder at
  <http://www.hijackthis.de/>

  Google has this to say about it when researched:
  http://www.neuber.com/taskmanager/process/acroiehelper.dll.html

  In conclusion, all is well, Juanita.

  Armando
  An Old Indian was asked what his wife's name was.
  "Three Horse," he replied.                 
  "That's an unusual name, Three Horse.  What does it mean?"
  "It's an old Indian name, means... Nag, Nag, Nag."

    -----Original Message----- 
    From: Juanita Kimble 
    Sent: Feb 24, 2007 8:27 PM 
    To: triadtechtalk@xxxxxxxxxxxxx 
    Subject: [triadtechtalk] Hijackthis 


    Hi
    Can someone read this and tell me if all are OK. What is the one with 
Groups international on it?




    Logfile of HijackThis v1.99.1
    Scan saved at 7:11:09 PM, on 2/24/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\system32\netdde.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    C:\WINDOWS\system32\dlcccoms.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\ZoneLabs\isafe.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Juanita\My Documents\Small 
Programs\hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
http://www.telepak.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 
7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - 
C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - 
C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [jv16PT - Privacy Protector] C:\Program Files\jv16 
PowerTools 2005\jv16PT.exe -ExecTask "C:\Program Files\jv16 PowerTools 
2005\Tasks\_PrivacyProtector\Task.jvb"
    O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event 
Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [DLCCCATS] rundll32 
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 
924\dlccmon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" 
-atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program 
Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone 
Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 
7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program 
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 
C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program 
Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - 
%windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - 
{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network 
Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine 
Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - 
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139184716843
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - 
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144004393109
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. 
- C:\WINDOWS\system32\ZoneLabs\isafe.exe
    O23 - Service: dlcc_device - Unknown owner - 
C:\WINDOWS\system32\dlcccoms.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - 
C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -

________________________________________
PeoplePC Online
A better way to Internet
http://www.peoplepc.comVIEW ARCHIVES @ //www.freelists.org UNSUBSCRIBE by 
sending email to triadtechtalk-request@xxxxxxxxxxxxx with unsubscribe in the 
Subject field. To VIEW/CHANGE your subscription status go to 
//www.freelists.org/webpage/triadtechtalk Contact List Owner - 
dbcfour@xxxxxxx

• Follow-Ups:
  • [triadtechtalk] Re: Hijackthis
    • From: ROBERT BURGER

• References:
  • [triadtechtalk] Re: Hijackthis
    • From: Armando Barreiro

Other related posts:

• » [triadtechtalk] Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis
• » [triadtechtalk] Re: Hijackthis

1. Home
2. triadtechtalk
3. Archive
4. 02-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---