Windows Vista help...

  • Thread starter Thread starter dyymanross
  • Start date Start date
D

dyymanross

Guest
Someone please help me. Whenever i access my documents or pictures a
message pops up saying -

system error!

Attention , Dylan! Some dangerous trogan horses detected in your
system. Windows Vista (TM) Home Premium files corrupted. This may lead
to the destruction of important files in C:\Windows. Download protection
software now!

Click OK to download the antispyware. (Recommended)

| Yes | | No |

-
i cant x-out of it and when i click yes or no it brings me to a
website, http://ie-antivirus.com/download.php ,
I think i have a trogen or virus. i ran a hijackthis scan and this is
what i got,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:17 PM, on 6/29/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\SYSTEM32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\Explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
'AOL.com - Welcome to AOL' (http://www.sony.com/vaiopeople)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= 'Live Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
'MSN.com' (http://go.microsoft.com/fwlink/?LinkId=69157)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
=
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: WinView plugin - {8AE578E0-6DF5-41E0-869F-F65A32D2F6BD} -
C:\Windows\system32\xmlview.dll
O2 - BHO: TransactionProtector BHO -
{C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend
Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
O3 - Toolbar: Transaction Protector -
{E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend
Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB
Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security
Center\VSC.exe" 1
O4 - HKLM\..\Run: [VAIOSurvey] "C:\Program Files\Sony" Corporation\VAIO
Survey\Vista VAIO Survey.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RAMDrive] "C:\Program
Files\FarStone\VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet
Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program
Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program
Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) -
http://esupport.sony.com/VaioInfo.CAB
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program
Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) -
Unknown owner - C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -
C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common
Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. -
C:\Program Files\Common
Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend
Micro Inc. - C:\Program Files\Trend Micro\Internet
Security\SfCtlCom.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation -
C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation -
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service
(TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend
Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc.
- C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. -
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony
Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment
Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program
Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server
(VAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner -
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (file
missing)
O23 - Service: VAIO Media Integrated Server (HTTP)
(VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation -
C:\Program Files\Sony\VAIO Media Integrated
Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP)
(VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation -
C:\Program Files\Sony\VAIO Media Integrated
Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server
(VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection
(VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP)
(VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP)
(VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony
Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation -
C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony
Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony
Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. -
C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10249 bytes

I am stuck. If anyone could advise me on a course of action that would
be great.
Thanks In Advanced


--
dyymanross
 
Re: help...

dyymanross wrote:
> Someone please help me. Whenever i access my documents or pictures a
> message pops up saying -
>
> system error!
>
> Attention , Dylan! Some dangerous trogan horses detected in your
> system. Windows Vista (TM) Home Premium files corrupted. This may lead
> to the destruction of important files in C:\Windows. Download protection
> software now!


This site looks like a complete scam to me, anything you hit on the home
page tries to install ieav.exe which of course does not work too well on
my machine - but could on most that visit these groups - I deleted the link.

Look here for details


http://www.xp-vista.com/spyware-removal/ieav-ieavexe-removal-instructions




> Click OK to download the antispyware. (Recommended)
>
> | Yes | | No |
>
> -
> i cant x-out of it and when i click yes or no it brings me to a
> website, <Deleted>
> I think i have a trogen or virus. i ran a hijackthis scan and this is
> what i got,
>
> Logfile of Trend Micro HijackThis v2.0.2
> Scan saved at 10:45:17 PM, on 6/29/2008
> Platform: Windows Vista SP1 (WinNT 6.00.1905)
> MSIE: Internet Explorer v7.00 (7.00.6001.18000)
> Boot mode: Normal
>
> Running processes:
> C:\WINDOWS\SYSTEM32\taskeng.exe
> C:\Windows\system32\Dwm.exe
> C:\Program Files\Apoint\Apoint.exe
> C:\Program Files\Java\jre1.6.0\bin\jusched.exe
> C:\Program Files\Sony\ISB Utility\ISBMgr.exe
> C:\WINDOWS\SYSTEM32\taskeng.exe
> C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
> C:\Program Files\iTunes\iTunesHelper.exe
> C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
> C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
> C:\Windows\System32\hkcmd.exe
> C:\Windows\System32\igfxpers.exe
> C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
> C:\Windows\ehome\ehtray.exe
> C:\Windows\ehome\ehmsas.exe
> C:\Program Files\Apoint\ApMsgFwd.exe
> C:\Program Files\Apoint\Apntex.exe
> C:\Program Files\iTunes\iTunes.exe
> C:\Program Files\Common Files\Apple\Mobile Device
> Support\bin\distnoted.exe
> C:\Program Files\Common Files\Apple\Mobile Device
> Support\bin\AppleMobileDeviceHelper.exe
> C:\Program Files\AIM6\aim6.exe
> C:\Program Files\AIM6\aolsoftware.exe
> C:\Program Files\Mozilla Firefox\firefox.exe
> C:\Windows\Explorer.exe
> C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
> Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> 'AOL.com - Welcome to AOL' (http://www.sony.com/vaiopeople)
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
> = 'Live Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
> Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> 'MSN.com' (http://go.microsoft.com/fwlink/?LinkId=69157)
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
>
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
>
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
> Settings,ProxyOverride = *.local
> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
> =
> O2 - BHO: Adobe PDF Reader Link Helper -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
> Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
> C:\Program Files\Java\jre1.6.0\bin\ssv.dll
> O2 - BHO: WinView plugin - {8AE578E0-6DF5-41E0-869F-F65A32D2F6BD} -
> C:\Windows\system32\xmlview.dll
> O2 - BHO: TransactionProtector BHO -
> {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend
> Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
> O3 - Toolbar: Transaction Protector -
> {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend
> Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
> O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
> Defender\MSASCui.exe" -hide
> O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
> O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
> O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
> Files\Java\jre1.6.0\bin\jusched.exe"
> O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB
> Utility\ISBMgr.exe"
> O4 - HKLM\..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security
> Center\VSC.exe" 1
> O4 - HKLM\..\Run: [VAIOSurvey] "C:\Program Files\Sony" Corporation\VAIO
> Survey\Vista VAIO Survey.exe
> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
> Files\QuickTime\QTTask.exe" -atboottime
> O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
> Files\iTunes\iTunesHelper.exe"
> O4 - HKLM\..\Run: [RAMDrive] "C:\Program
> Files\FarStone\VirtualDrive\VHD\RDTask.exe"
> O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
> O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
> O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
> O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
> Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
> O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet
> Security\UfSeAgnt.exe"
> O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
> O4 - HKCU\..\Run: [QuickTime Task] "C:\Program
> Files\QuickTime\QTTask.exe" -atboottime
> O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
> Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
> O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
> oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
> O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
> Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
> O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program
> Files\Microsoft Office\Office12\ONENOTEM.EXE
> O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program
> Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> O8 - Extra context menu item: E&xport to Microsoft Excel -
> res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
> C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
> O9 - Extra 'Tools' menuitem: Sun Java Console -
> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
> Files\Java\jre1.6.0\bin\npjpi160.dll
> O9 - Extra button: Send to OneNote -
> {2670000A-7350-4f3c-8081-5663EE0C6C49} -
> C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
> O9 - Extra 'Tools' menuitem: S&end to OneNote -
> {2670000A-7350-4f3c-8081-5663EE0C6C49} -
> C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
> O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) -
> http://esupport.sony.com/VaioInfo.CAB
> O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
> Files\Common Files\Apple\Mobile Device
> Support\bin\AppleMobileDeviceService.exe
> O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program
> Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
> O23 - Service: Bonjour Service - Apple Inc. - C:\Program
> Files\Bonjour\mDNSResponder.exe
> O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) -
> Unknown owner - C:\Program Files\Common Files\Symantec
> Shared\ccSvcHst.exe (file missing)
> O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -
> C:\Program Files\Common Files\Macrovision Shared\FLEXnet
> Publisher\FNPLicensingService.exe
> O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
> Corporation - C:\Program Files\Common
> Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
> O23 - Service: iPod Service - Apple Inc. - C:\Program
> Files\iPod\bin\iPodService.exe
> O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common
> Files\Sony Shared\AVLib\MSCSPTISRV.exe
> O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common
> Files\Sony Shared\AVLib\PACSPTISVR.exe
> O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. -
> C:\Program Files\Common
> Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
> O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend
> Micro Inc. - C:\Program Files\Trend Micro\Internet
> Security\SfCtlCom.exe
> O23 - Service: SonicStage Back-End Service - Sony Corporation -
> C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
> O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
> C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
> O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation -
> C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
> O23 - Service: Trend Micro Unauthorized Change Prevention Service
> (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend
> Micro\BM\TMBMSRV.exe
> O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc.
> - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
> O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. -
> C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
> O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment
> Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
> O23 - Service: VAIO Event Service - Sony Corporation - C:\Program
> Files\Sony\VAIO Event Service\VESMgr.exe
> O23 - Service: VAIO Media Integrated Server
> (VAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner -
> C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (file
> missing)
> O23 - Service: VAIO Media Integrated Server (HTTP)
> (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation -
> C:\Program Files\Sony\VAIO Media Integrated
> Server\Platform\SV_Httpd.exe
> O23 - Service: VAIO Media Integrated Server (UPnP)
> (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation -
> C:\Program Files\Sony\VAIO Media Integrated
> Server\Platform\UPnPFramework.exe
> O23 - Service: VAIO Media Gateway Server
> (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
> O23 - Service: VAIO Media Content Collection
> (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\UCLS.exe
> O23 - Service: VAIO Media Content Collection (HTTP)
> (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
> O23 - Service: VAIO Media Content Collection (UPnP)
> (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
> O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment Platform\VCSW\VCSW.exe
> O23 - Service: Viewpoint Manager Service - Viewpoint Corporation -
> C:\Program Files\Viewpoint\Common\ViewpointService.exe
> O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment Platform\VzCdb\VzCdbSvc.exe
> O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment Platform\VzCdb\VzFw.exe
> O23 - Service: XAudioService - Conexant Systems, Inc. -
> C:\Windows\system32\DRIVERS\xaudio.exe
>
> --
> End of file - 10249 bytes
>
> I am stuck. If anyone could advise me on a course of action that would
> be great.
> Thanks In Advanced
>
>
 
RE: help...

Run Spybot Search & Destroy(download and install) in Safe mode, as well as
your Anti-virus while you are there in SM

Info on what to do to remove garbage is below.

http://www.spybot.info/en/index.html

Spybot Search & Destroy 1.5.2 is a very good, FREE Anti-Spyware Program.
Download, install, update, and immunize your System with it.
Then SCAN with it.
Update it, and scan your System once a fortnight.



Important re: Safe Mode
If you happen to find a problem that you can’t uninstall / delete, reboot
the computer, and go into Safe Mode.
To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow
key to get to Safe Mode, then hit ENTER.
RESCAN your computer with your Anti-Virus and Spybot S & D while in Safe Mode.


--
Mick Murphy - Qld - Australia


"dyymanross" wrote:

>
> Someone please help me. Whenever i access my documents or pictures a
> message pops up saying -
>
> system error!
>
> Attention , Dylan! Some dangerous trogan horses detected in your
> system. Windows Vista (TM) Home Premium files corrupted. This may lead
> to the destruction of important files in C:\Windows. Download protection
> software now!
>
> Click OK to download the antispyware. (Recommended)
>
> | Yes | | No |
>
> -
> i cant x-out of it and when i click yes or no it brings me to a
> website, http://ie-antivirus.com/download.php ,
> I think i have a trogen or virus. i ran a hijackthis scan and this is
> what i got,
>
> Logfile of Trend Micro HijackThis v2.0.2
> Scan saved at 10:45:17 PM, on 6/29/2008
> Platform: Windows Vista SP1 (WinNT 6.00.1905)
> MSIE: Internet Explorer v7.00 (7.00.6001.18000)
> Boot mode: Normal
>
> Running processes:
> C:\WINDOWS\SYSTEM32\taskeng.exe
> C:\Windows\system32\Dwm.exe
> C:\Program Files\Apoint\Apoint.exe
> C:\Program Files\Java\jre1.6.0\bin\jusched.exe
> C:\Program Files\Sony\ISB Utility\ISBMgr.exe
> C:\WINDOWS\SYSTEM32\taskeng.exe
> C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
> C:\Program Files\iTunes\iTunesHelper.exe
> C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
> C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
> C:\Windows\System32\hkcmd.exe
> C:\Windows\System32\igfxpers.exe
> C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
> C:\Windows\ehome\ehtray.exe
> C:\Windows\ehome\ehmsas.exe
> C:\Program Files\Apoint\ApMsgFwd.exe
> C:\Program Files\Apoint\Apntex.exe
> C:\Program Files\iTunes\iTunes.exe
> C:\Program Files\Common Files\Apple\Mobile Device
> Support\bin\distnoted.exe
> C:\Program Files\Common Files\Apple\Mobile Device
> Support\bin\AppleMobileDeviceHelper.exe
> C:\Program Files\AIM6\aim6.exe
> C:\Program Files\AIM6\aolsoftware.exe
> C:\Program Files\Mozilla Firefox\firefox.exe
> C:\Windows\Explorer.exe
> C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
> Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> 'AOL.com - Welcome to AOL' (http://www.sony.com/vaiopeople)
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
> = 'Live Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
> Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> 'MSN.com' (http://go.microsoft.com/fwlink/?LinkId=69157)
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
>
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
>
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
> Settings,ProxyOverride = *.local
> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
> =
> O2 - BHO: Adobe PDF Reader Link Helper -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
> Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
> C:\Program Files\Java\jre1.6.0\bin\ssv.dll
> O2 - BHO: WinView plugin - {8AE578E0-6DF5-41E0-869F-F65A32D2F6BD} -
> C:\Windows\system32\xmlview.dll
> O2 - BHO: TransactionProtector BHO -
> {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend
> Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
> O3 - Toolbar: Transaction Protector -
> {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend
> Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
> O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
> Defender\MSASCui.exe" -hide
> O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
> O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
> O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
> Files\Java\jre1.6.0\bin\jusched.exe"
> O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB
> Utility\ISBMgr.exe"
> O4 - HKLM\..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security
> Center\VSC.exe" 1
> O4 - HKLM\..\Run: [VAIOSurvey] "C:\Program Files\Sony" Corporation\VAIO
> Survey\Vista VAIO Survey.exe
> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
> Files\QuickTime\QTTask.exe" -atboottime
> O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
> Files\iTunes\iTunesHelper.exe"
> O4 - HKLM\..\Run: [RAMDrive] "C:\Program
> Files\FarStone\VirtualDrive\VHD\RDTask.exe"
> O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
> O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
> O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
> O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
> Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
> O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet
> Security\UfSeAgnt.exe"
> O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
> O4 - HKCU\..\Run: [QuickTime Task] "C:\Program
> Files\QuickTime\QTTask.exe" -atboottime
> O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
> Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
> O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
> oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
> O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
> Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
> O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program
> Files\Microsoft Office\Office12\ONENOTEM.EXE
> O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program
> Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> O8 - Extra context menu item: E&xport to Microsoft Excel -
> res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
> C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
> O9 - Extra 'Tools' menuitem: Sun Java Console -
> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
> Files\Java\jre1.6.0\bin\npjpi160.dll
> O9 - Extra button: Send to OneNote -
> {2670000A-7350-4f3c-8081-5663EE0C6C49} -
> C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
> O9 - Extra 'Tools' menuitem: S&end to OneNote -
> {2670000A-7350-4f3c-8081-5663EE0C6C49} -
> C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
> O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) -
> http://esupport.sony.com/VaioInfo.CAB
> O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
> Files\Common Files\Apple\Mobile Device
> Support\bin\AppleMobileDeviceService.exe
> O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program
> Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
> O23 - Service: Bonjour Service - Apple Inc. - C:\Program
> Files\Bonjour\mDNSResponder.exe
> O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) -
> Unknown owner - C:\Program Files\Common Files\Symantec
> Shared\ccSvcHst.exe (file missing)
> O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -
> C:\Program Files\Common Files\Macrovision Shared\FLEXnet
> Publisher\FNPLicensingService.exe
> O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
> Corporation - C:\Program Files\Common
> Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
> O23 - Service: iPod Service - Apple Inc. - C:\Program
> Files\iPod\bin\iPodService.exe
> O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common
> Files\Sony Shared\AVLib\MSCSPTISRV.exe
> O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common
> Files\Sony Shared\AVLib\PACSPTISVR.exe
> O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. -
> C:\Program Files\Common
> Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
> O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend
> Micro Inc. - C:\Program Files\Trend Micro\Internet
> Security\SfCtlCom.exe
> O23 - Service: SonicStage Back-End Service - Sony Corporation -
> C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
> O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
> C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
> O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation -
> C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
> O23 - Service: Trend Micro Unauthorized Change Prevention Service
> (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend
> Micro\BM\TMBMSRV.exe
> O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc.
> - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
> O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. -
> C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
> O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment
> Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
> O23 - Service: VAIO Event Service - Sony Corporation - C:\Program
> Files\Sony\VAIO Event Service\VESMgr.exe
> O23 - Service: VAIO Media Integrated Server
> (VAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner -
> C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (file
> missing)
> O23 - Service: VAIO Media Integrated Server (HTTP)
> (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation -
> C:\Program Files\Sony\VAIO Media Integrated
> Server\Platform\SV_Httpd.exe
> O23 - Service: VAIO Media Integrated Server (UPnP)
> (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation -
> C:\Program Files\Sony\VAIO Media Integrated
> Server\Platform\UPnPFramework.exe
> O23 - Service: VAIO Media Gateway Server
> (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
> O23 - Service: VAIO Media Content Collection
> (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\UCLS.exe
> O23 - Service: VAIO Media Content Collection (HTTP)
> (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
> O23 - Service: VAIO Media Content Collection (UPnP)
> (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program
> Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
> O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment Platform\VCSW\VCSW.exe
> O23 - Service: Viewpoint Manager Service - Viewpoint Corporation -
> C:\Program Files\Viewpoint\Common\ViewpointService.exe
> O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment Platform\VzCdb\VzCdbSvc.exe
> O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony
> Corporation - C:\Program Files\Common Files\Sony Shared\VAIO
> Entertainment Platform\VzCdb\VzFw.exe
> O23 - Service: XAudioService - Conexant Systems, Inc. -
> C:\Windows\system32\DRIVERS\xaudio.exe
>
> --
> End of file - 10249 bytes
>
> I am stuck. If anyone could advise me on a course of action that would
> be great.
> Thanks In Advanced
>
>
> --
> dyymanross
>
 
Re: help...

"dyymanross" <guest@unknown-email.com> wrote:

> Whenever i access my documents or pictures a
> message pops up saying -
>
> system error!
>
> Attention , Dylan! Some dangerous trogan horses detected in your
> system. Windows Vista (TM) Home Premium files corrupted. This may
> lead to the destruction of important files in C:\Windows. Download
> protection software now!
>
> Click OK to download the antispyware. (Recommended)
<snip>
> i cant x-out of it and when i click yes or no it brings me to a
> website, http:// i e - a n t i v i r u s . c o m / d o w n l o a d . p h p
> I think i have a trogen or virus.

Your machine is infected with malware. Do not download "IE Antivirus" as it
is rougue software that will compromise your computer even further.

Follow Malke's removal steps outlined in her post in this thread:

http://www.microsoft.com/communitie...a91a6c9fbb45&lang=en&cr=us&sloc=en-us&m=1&p=1

> i ran a hijackthis scan and this is what i got,
<snip>

Post HiJackThis logs in special HiJackThis forums, here is a list to choose
from:

http://www.elephantboycomputers.com/page2.html#HJT-links

Charlie42
 
Re: help...


thank you all for the help... problem fixed.(unfortunatly i ended up
restoring my entire computer anyway.) Luckily i made backups.


--
dyymanross
 

Similar threads

S
Windows 7 I am unable to install windows 7 SP1, and windows7 activation failed
Replies
0
Views
195
Sjvr
S
W
Windows 10 windows 10. Please help. I soon i start the game. the system reboots automaticly .The system has rebooted without cleanly shutting down first. This er
Replies
0
Views
161
wildmaxx
W
U
Windows 10 Need help making bat file to configure Userinit
Replies
0
Views
167
Unsated3
U
J
Windows 10 Any idea how to solve this issue AppHangB1?
Replies
0
Views
128
Johnny Poh
J
J
Information about SAntivirus (aka Segurazo Antivirus) virus
Replies
0
Views
119
Joe13 B-) 2.0
J
Back
Top