1
   

MXTARGET & TWAINTEC WON'T LEAVE ME ALONE!

Forums: Computers
Email this Topic Print this Page
 
 
freakymom
 
Reply Tue 24 Aug, 2004 08:59 pm
Hello,

It's been awhile because your last help worked! I posted this new question in Forum Help rather than Computers. I am not a "frequent flyer" so I am a bit lost at times! The last fix was awesome and I haven't had any problems until recently. I go through all of the steps provided my last post, but the problem still occurs.

Every time I boot, spywareguard finds either MXTarget or Twaintec as a BHO object trying to load. I select remove and when I go to windows explorer and search the c drive, I find parts have been loaded anyway. I select, delete, and empty recycle bin, but when I re-boot after a shut-down, the same thing happens. The only time it didn't happen is when I disconnected my modem, shut down, and restarted.

I'm attaching a an Adaware log for your review. Please guide me with your expertise. I see there is some things that do not look good!

Thank you so much and here's the log:


Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Tuesday, August 24, 2004 2:58:43 AM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R338 19.08.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R338 19.08.2004
Internal build : 272
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 1329081 Bytes
Signature data size : 1307893 Bytes
Reference data size : 21124 Bytes
Signatures total : 28938
Target categories : 10
Target families : 531

Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:27 %
Total physical memory:195844 kb
Available physical memory:36368 kb
Total page file size:882944 kb
Available on page file:756900 kb
Total virtual memory:2093056 kb
Available virtual memory:2039424 kb
OS:Windows (98)

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating


8-24-04 2:58:43 AM - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4279232583
Threads : 5
Priority : High
FileSize : 460 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1991-1999
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 10/18/02 12:10:13 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294956403
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 10/18/02 12:11:07 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:3 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294943619
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 10/18/02 12:06:34 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:4 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294938915
Threads : 2
Priority : Normal
FileSize : 109 KB
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
Copyright : Copyright (C) Microsoft Corp. 2000
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 6/18/01 7:33:20 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 6/18/01 7:33:20 PM

#:5 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278204627
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 10/18/02 12:07:49 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:6 [msgloop.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278205455
Threads : 1
Priority : Normal
FileSize : 5 KB
FileVersion : 4.05.00.2112
ProductVersion : 4.05.00.2112
Copyright : Copyright (c) Rockwell Corporation 1996-1998.
CompanyName : Rockwell Corporation
FileDescription : Rockwell WaveStream Message Server
InternalName : MSGLOOP.EXE
OriginalFilename : MSGLOOP.EXE
ProductName : WaveStream\Endless Wave
Created on : 1/1/01
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/26/98 10:11:54 PM

#:7 [msg32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278197539
Threads : 2
Priority : Realtime
FileSize : 16 KB
FileVersion : 4.05.00.2112
ProductVersion : 4.05.00.2112
Copyright : Copyright
CompanyName : Rockwell Corporation
FileDescription : Rockwell WaveStream Message Server
InternalName : MSGLOOP.EXE
OriginalFilename : MSGLOOP.EXE
ProductName : WaveStream\Endless Wave
Created on : 1/1/01
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/26/98 10:12:16 PM

#:8 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4278235279
Threads : 26
Priority : Normal
FileSize : 176 KB
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
Copyright : Copyright (C) Microsoft Corp. 1981-1997
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 10/18/02 12:06:29 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:9 [aticwd32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278276963
Threads : 1
Priority : Normal
FileSize : 20 KB
FileVersion : 4.10.2339
ProductVersion : 4.10.2339
Copyright : Copyright
CompanyName : ATI Technologies Inc.
FileDescription : ATI Common Windows Display Driver Extension
InternalName : ATICWD32
OriginalFilename : ATICWD32.EXE
ProductName : ATI Technologies Inc.
Created on : 1/1/01
Last accessed : 8/24/04 7:00:00 AM
Last modified : 3/23/98 5:11:56 PM

#:10 [atitask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278257935
Threads : 1
Priority : Normal
FileSize : 184 KB
FileVersion : 4.10.2304
ProductVersion : 4.10.2304
Copyright : Copyright
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Application
InternalName : AtiTask
OriginalFilename : AtiTask
ProductName : ATI Technologies, Inc.
Created on : 1/1/01
Last accessed : 8/24/04 7:00:00 AM
Last modified : 6/4/98 1:22:58 AM

#:11 [hpsysdrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278315275
Threads : 1
Priority : Normal
FileSize : 51 KB
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : hpsysdrv
InternalName : hpsysdrv
OriginalFilename : hpsysdrv.exe
ProductName : hpsysdrv
Created on : 11/5/98 1:00:01 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 5/7/98 4:04:38 PM

#:12 [type32.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\
ProcessID : 4278314639
Threads : 4
Priority : Normal
FileSize : 92 KB
FileVersion : 2.20.447.0
ProductVersion : 2.2
Copyright : Copyright (C) Microsoft Corp. 1995-2001
CompanyName : Microsoft Corporation
FileDescription : Microsoft IntelliType Pro
InternalName : Type32
OriginalFilename : Type32.exe
ProductName : Microsoft IntelliType Pro
Created on : 3/22/02 4:41:56 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 3/22/02 4:41:56 AM

#:13 [pelmiced.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294942647
Threads : 1
Priority : Normal
FileSize : 84 KB
FileVersion : 1, 0, 7, 0
ProductVersion : 1.0.0.0
Copyright : Copyright (c) 1997, Primax Electronics Ltd.
CompanyName : Primax Electronics Ltd.
FileDescription : Mouse Suite 98 Daemon
InternalName : pelmiced.exe
ProductName : MouseSuite 98
Created on : 10/29/02 9:26:14 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 3/9/01 3:00:58 AM

#:14 [comsmd.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278334531
Threads : 1
Priority : Normal
FileSize : 22 KB
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 4
Copyright : Copyright
CompanyName : 3COM
FileDescription : Tray Icon
InternalName : COMSMD
OriginalFilename : COMSMD.exe
ProductName : COMSMD
Created on : 3/23/04 4:04:06 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 11/25/97 6:28:16 PM

#:15 [stimon.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278379435
Threads : 4
Priority : Normal
FileSize : 112 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1996-1998
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 10/18/02 12:11:13 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:16 [pxdjkcf.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278410507
Threads : 3
Priority : Normal
FileSize : 72 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : callinghome.biz
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
OriginalFilename : Caller.exe
ProductName : Calling Home
Created on : 8/2/04 6:19:27 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/2/04 6:19:28 AM
Warning! VX2 object found in memory(pxdjkcf.exe)

VX2 Object recognized!
Type : Process
Data : pxdjkcf.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\SYSTEM\
FileSize : 72 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : callinghome.biz
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
OriginalFilename : Caller.exe
ProductName : Calling Home
Created on : 8/2/04 6:19:27 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/2/04 6:19:28 AM


"pxdjkcf.exe"Process terminated successfully.

#:17 [sgmain.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4278470631
Threads : 1
Priority : Normal
FileSize : 352 KB
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
Copyright : Copyright (C) 2002-2003 Javacool Software LLC
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC
FileDescription : SpywareGuard
InternalName : sgmain
OriginalFilename : sgmain.exe
ProductName : SpywareGuard
Created on : 8/30/03 2:05:35 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/30/03 2:05:36 AM

#:18 [sgbhp.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4278342043
Threads : 2
Priority : Normal
FileSize : 228 KB
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
Copyright : Copyright (C) 2002-2003 Javacool Software LLC.
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC.
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
OriginalFilename : sgbhp.exe
ProductName : SG Browser Hijacking Protection
Created on : 8/29/03 6:14:56 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/29/03 6:14:58 PM

#:19 [spool32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278339259
Threads : 2
Priority : Normal
FileSize : 44 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1994 - 1998
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
OriginalFilename : spool32.exe
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 10/18/02 12:11:12 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:20 [ddhelp.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4278486435
Threads : 2
Priority : Realtime
FileSize : 32 KB
FileVersion : 4.09.00.0900
ProductVersion : 4.09.00.0900
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
OriginalFilename : DDHelp.exe
ProductName : Microsoft
Created on : 3/23/04 5:43:34 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 12/12/02 7:14:32 AM

#:21 [pstores.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4188596027
Threads : 3
Priority : Normal
FileSize : 79 KB
FileVersion : 5.00.1877.3
ProductVersion : 5.00.1877.3
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : Protected storage server
InternalName : Protected storage server
OriginalFilename : Protected storage server
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 3/30/04 7:55:08 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 4/24/99 5:22:00 AM

#:22 [msohelp.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\
ProcessID : 4278793015
Threads : 1
Priority : Normal
FileSize : 120 KB
FileVersion : 9.0.2601
ProductVersion : 9.0.2601
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Office 2000 component
InternalName : MsoHelp
OriginalFilename : MsoHelp.exe
ProductName : Microsoft Office 2000
Created on : 2/2/99 3:18:42 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 2/2/99 3:18:42 AM

#:23 [msohelp.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\
ProcessID : 4278348499
Threads : 1
Priority : Normal
FileSize : 120 KB
FileVersion : 9.0.2601
ProductVersion : 9.0.2601
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Office 2000 component
InternalName : MsoHelp
OriginalFilename : MsoHelp.exe
ProductName : Microsoft Office 2000
Created on : 2/2/99 3:18:42 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 2/2/99 3:18:42 AM

#:24 [msohelp.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\
ProcessID : 4278494399
Threads : 1
Priority : Normal
FileSize : 120 KB
FileVersion : 9.0.2601
ProductVersion : 9.0.2601
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Office 2000 component
InternalName : MsoHelp
OriginalFilename : MsoHelp.exe
ProductName : Microsoft Office 2000
Created on : 2/2/99 3:18:42 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 2/2/99 3:18:42 AM

#:25 [msohelp.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\
ProcessID : 4278782791
Threads : 1
Priority : Normal
FileSize : 120 KB
FileVersion : 9.0.2601
ProductVersion : 9.0.2601
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Office 2000 component
InternalName : MsoHelp
OriginalFilename : MsoHelp.exe
ProductName : Microsoft Office 2000
Created on : 2/2/99 3:18:42 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 2/2/99 3:18:42 AM

#:26 [msohelp.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\
ProcessID : 4279184915
Threads : 1
Priority : Normal
FileSize : 120 KB
FileVersion : 9.0.2601
ProductVersion : 9.0.2601
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Office 2000 component
InternalName : MsoHelp
OriginalFilename : MsoHelp.exe
ProductName : Microsoft Office 2000
Created on : 2/2/99 3:18:42 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 2/2/99 3:18:42 AM

#:27 [acrord32.exe]
FilePath : C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\READER\
ProcessID : 4278293027
Threads : 1
Priority : Normal
FileSize : 2279 KB
FileVersion : 4.05
ProductVersion : 4.05
Copyright : Copyright
CompanyName : Adobe Systems Incorporated
FileDescription : Portable Document Format
ProductName : Adobe Acrobat
Created on : 12/11/03 7:08:53 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 1/27/00 5:13:20 PM

#:28 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4278793439
Threads : 3
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 4/3/04 11:04:10 PM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 7/13/03 5:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

DSSAgent Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Broderbund Software\DSS


StopPop Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}


VX2 Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{0000607d-d204-42c7-8e46-216055bf9918}


VX2 Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mxtargetdll.mxtargetdllobj.1


VX2 Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}


VX2 Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : vx2.vx2obj


Windows Object recognized!
Type : RegData
Data :
Category : Vulnerability
Comment : Possible virus infection, REG file extension compromised
Rootkey : HKEY_CLASSES_ROOT
Object : regfile\shell\open\command
Value :
Data :


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 7
Objects found so far: 8


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 8


Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 8


Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

VX2 Object recognized!
Type : RegKey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : Software\MxTarget


VX2 Object recognized!
Type : File
Data : dummy.htm
Category : Data Miner
Comment :
Object : c:\windows\temp\

Created on : 8/22/04 12:56:52 AM
Last accessed : 8/24/04 7:00:00 AM
Last modified : 8/22/04 12:56:54 AM



Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 10


3:26:49 AM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:28:06:270
Objects scanned :80352
Objects identified :10
Objects ignored :0
New objects :10




Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First

Forum Index » Forum Help

Jump to: Select a forum Able2Know.com----------------AnnouncementsA2K Subscribers ForumForum HelpThe Debate RoomTesting Education & Reference----------------ReferenceScience & MathematicsEnglishOther LanguagesHistory Arts & Entertainment----------------ArtFilmMusic & LyricsVideo GamesTVPerforming Arts Your Original Art & Writing----------------Original WritingOriginal Art & Photography Literature----------------PoetryBooksQuotes Debate----------------Philosophy & DebateSpirituality & ReligionLegal News----------------General NewsPoliticsHuman Interest StoriesInternational NewsBusiness & Technology NewsSports & FitnessMedical News & Health Technology----------------ComputersInternetWeb Development & DesignConsumer ElectronicsAutos Home & Family----------------Food & DrinkPets & GardenParenting & ChildcareRelationships & MarriageHome ImprovementFinanceAging & Elder Care Travel & Culture----------------Travel & CultureAsiaAfricaEuropeNorth AmericaSouth AmericaAustraliaWilderness, Wildlife & Ecology Careers----------------Life at workTeachingBusiness & MarketingTechnology Careers Fun & Games----------------JokesRiddlesTrivia & Word GamesGeneralWaggery.com

Quick Reply:

Quote the last message
Attach signature (signatures can be changed in profile)


Turn off email updates
View next topic
View previous topic
You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum




The time now is Tue Aug 24, 2004 7:54 pm :: All times are GMT - 7 Hours

Premium Services :: Link to Us :: Free Toolbar :: A2K Gear :: Disclaimer - Terms of Use :: Privacy Policy :: Contact Us :: Help


Partners: Cool Math Algebra :: Nursing Jobs


© Able2Know.com Ask an Expert 3.0.0 :: Designed and Hosted by Able2Know.net :: FI Theme :: Powered by PHP, MySQL, & phpbb
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 1 • Views: 1,220 • Replies: 9
No top replies

 
Cyanure
 
  1  
Reply Wed 25 Aug, 2004 02:25 am
Turn off system restore then go and fix the problem with the same steps given earlier.

To turn off System Restore:
Right-click My Computer/Properties and click System Restore. Check Turn Off System Restore On All Drives then click Apply and OK.
Fix the problem as before.

Download a 5 days trial Spyware/Adware Remover 8.2.0.10 from here:
http://www.bulletproofsoft.com/download.html
I find this tool more eficient than ad-aware.
Install it and then open the folder BPS Spyware Remover. Then double click Spyware Remover (the orange icon) and then click Check for updates. Once updated, click Start Scanning. When finish click Next and delete everything it finds

Then turn on system restore again by unchecking Turn Off System Restore On All Drives
0 Replies
 
freakymom
 
  1  
Reply Thu 26 Aug, 2004 12:45 am
Please excuse my ignorance, but "My Computer" does not have System Restore in properties. The tabs are General, Device Mgr, Hardware Profiles, and Performance. I even tried Help and couldn't find anything with system restore. I found back up but didn't see any option to Turn Off System Restore on All Drives. Once I figure this out, when you say to fix the problems as before, do you mean to run through "timberlands" step by step yuckware removal? Thanks so much for your patience, understanding, and help.
0 Replies
 
Cyanure
 
  1  
Reply Thu 26 Aug, 2004 02:50 am
My fault.
I thought you have XP but I found out now that it's Win 98. Embarrassed
First let's try this step:
Download a 5 days trial Spyware/Adware Remover 8.2.0.10 from here:
http://www.bulletproofsoft.com/download.html
I find this tool more eficient than ad-aware.
Install it and then open the folder BPS Spyware Remover. Then double click Spyware Remover (the orange icon) and then click Check for updates. Once updated, click Start Scanning. When finish click Next and delete everything it finds

See if this step alone will solve the problem.
0 Replies
 
freakymom
 
  1  
Reply Mon 30 Aug, 2004 09:51 pm
Hi There,

Sorry it took so long to reply. I downloaded the 5 day trial and I think this is actually my last day. It appears to have rid the problem of Twain/MXTarget attempting to jump on in at bootup becasue SpywareGuard has not alerted me to this horrible critter since I ran the scan. I still have some issues that require removal every single time I scan with adaware and spybot. I scan every day and there is always stuff to remove. One thing that bugs me and I don't know if it is slowing down my computer or what "it" is, but while my system is booted, a blank box appears on my taskbar. You know where it shows what you have open like email, IE, Word, etc. When I click on the blank box, nothing happens so I right click and close and it goes away for awhile. Any ideas? Should I post another log of some sort for you to peruse for junk? Thank you so much for all of your help. Smile
0 Replies
 
Cyanure
 
  1  
Reply Tue 31 Aug, 2004 03:25 am
Yes every time you scan you'll find lot of bad cookies, it's normal.
I myself find at least 40 bad things to delete with each scan.

I don't know about the blank box, but try to post a hijack log to see if further problems are still present.

And please check your PM
0 Replies
 
freakymom
 
  1  
Reply Tue 31 Aug, 2004 12:42 pm
Hello,

What's my "PM"? Sorry, I don't know the lingo so well! Thanks, I'll do a HJT in a few and post.

Thanks again, U DA Bomb (I have a teenage daughter so I get some of the teen lingo!)
0 Replies
 
Cyanure
 
  1  
Reply Tue 31 Aug, 2004 01:23 pm
Quote:
What's my "PM"?

PM = Private Message http://www.salbeh.net/forum/images/smiles/icon_wink.gif
0 Replies
 
freakymom
 
  1  
Reply Wed 1 Sep, 2004 03:52 am
Hello There,

Here's my HJT log. Pleae let me know if there is anything to worry about, otherwise, I think you solved my problem and I thank you so very much.

Wink
0 Replies
 
freakymom
 
  1  
Reply Wed 1 Sep, 2004 03:53 am
Oops forgot the log!

Logfile of HijackThis v1.97.7
Scan saved at 2:49:39 AM, on 9/1/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE
C:\WINDOWS\SYSTEM\PELMICED.EXE
C:\WINDOWS\SYSTEM\COMSMD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\UNZIPPED\HIJACKTHIS1977[1]\HIJACKTHIS.EXE

R3 - Default URLSearchHook is missing
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [IntelliType] "c:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hpppta.exe /ICON
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [ScriptSentry] C:\PROGRAM FILES\SCRIPT SENTRY\SCRIPTSENTRY.exe /check
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /A "C:\WINDOWS\SYSTEM\E_S2366.TMP"
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk.disabled
O4 - Startup: Microsoft Office.lnk.disabled
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O9 - Extra button: AIM (HKLM)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38069.4062731481
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
0 Replies
 
 

Related Topics

Super cool computer tricks, for dopes like me. - Discussion by OCCOM BILL
Clone of Micosoft Office - Question by Advocate
Do You Turn Off Your Computer at Night? - Discussion by Phoenix32890
The "Death" of the Computer Mouse - Discussion by Phoenix32890
Windows 10... - Discussion by Region Philbis
Surface Pro 3: What do you think? - Question by neologist
Windows 8 tips thread - Discussion by Wilso
Mac help/can't install new printer, don't remember passwd - Discussion by ossobuco
GOOGLE CHROME - Question by Setanta
.Net and Firefox... - Discussion by gungasnake
Hacking a computer and remote access - Discussion by trying2learn
 
  1. Forums
  2. » MXTARGET & TWAINTEC WON'T LEAVE ME ALONE!
Copyright © 2025 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 12/24/2025 at 06:16:04