Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1] 2 3 ... 6  All   Go Down

Author Topic: Installing Spybot ( other programs without internet access? )  (Read 38743 times)

0 Members and 1 Guest are viewing this topic.

Kryptonite

    Topic Starter


    Intermediate

  • It's not hard to tell where MY head is at
    • Thanked: 2
    Installing Spybot ( other programs without internet access? )
    « on: August 04, 2008, 07:34:26 AM »
    Background:
    I purchased a used HP  desktop from a family at a garage sale last week. If it matters it is an HP a1616n with a Pentium D 820, 1 gig of Ram and a 224 Gig HD running XP. Of course the people assured me that it ran perfectly well and "The only reason we're selling it is because my company bought me a new laptop" There's some interesting things that I found when I got it back home; it was very dirty ( dust blocking the fan holes etc ) so i spent a lot of time cleaning it before cranking it up.

    They have Trend Micro on it and a spyware program called "HEAT" which found 224 threats; but the trial version had expired and it wanted me to buy the program before removing the threats. Instead of doing that I thought to install spybot from a jump drive. But when i tried to install the program it wants access to the internet which is something i don't have in the moment.

    Is there another spyware program that i can load and run without having internet access?

    i also know that some of you recommend running hijack this which i did and here's the results.
    Any suggestions?

    Thanks
    Krypto

    hijackthis results:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 9:02:44 AM, on 8/4/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ARPWRMSG.EXE
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\VirusHeat 4.4\VirusHeat 4.4.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ARPWRMSG.EXE
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    J:\HiJackThis_v2.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: 824223 helper - {34CF6660-9BD3-431A-BA32-6B511D4126DA} - C:\WINDOWS\system32\824223\824223.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Program Files\NetProject\sbmdl.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Internet Service - {51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Program Files\NetProject\wamdl.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
    O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.341.0\SeekmoSA.exe"
    O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
    O4 - HKLM\..\Run: [kdikh.exe] C:\WINDOWS\system32\kdikh.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [VirusHeat 4.4] "C:\Program Files\VirusHeat 4.4\VirusHeat 4.4.exe" /h
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-21-2615943932-2791223441-3479229919-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Faith')
    O4 - HKUS\S-1-5-21-2615943932-2791223441-3479229919-1008\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'Faith')
    O4 - HKUS\S-1-5-21-2615943932-2791223441-3479229919-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Faith')
    O4 - S-1-5-21-2615943932-2791223441-3479229919-1008 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Faith')
    O4 - S-1-5-21-2615943932-2791223441-3479229919-1008 User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Faith')
    O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
    O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.dwnldietool.com/redirect.php (file missing)
    O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.dwnldietool.com/redirect.php (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183160767453
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{35E39329-7823-4A4C-B025-8EE21AE56824}: NameServer = 85.255.115.61,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{885F0345-AE0C-4623-9660-8D23ADBEE7CF}: NameServer = 85.255.115.61,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{892900FC-9814-4488-99C0-81491C1EE93D}: NameServer = 85.255.115.61,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D74B1918-FB1E-4E3D-9D7E-91F8ADD8BF48}: NameServer = 85.255.115.61,85.255.112.113
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.61 85.255.112.113
    O17 - HKLM\System\CS1\Services\Tcpip\..\{35E39329-7823-4A4C-B025-8EE21AE56824}: NameServer = 85.255.115.61,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.61 85.255.112.113
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: delayingly - {e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} - C:\WINDOWS\system32\rtmipr.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
    O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

    --
    End of file - 12961 bytes
    Logged
    The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

    drmsucks



      Specialist

      Re: Installing Spybot ( other programs without internet access? )
      « Reply #1 on: August 04, 2008, 12:53:51 PM »
      Did you receive the Windows disk or HP Recovery disk with the computer?

      Is there a Recovery partition on the hard drive?

      I'm sure that a forum malware expert will opine on your HJT log, but, consider this: If you have either of the above, consider a recovery which will put the computer hard drive files back to the original, new condition. Do you really want to mess with the previous owner's problems? If you do a recovery, all you'll need to deal with regarding software is the 'crapware' that HP installed - easily gotten rid of.

      Best of luck.
      Logged
      If you don't have time to do it right
                      ...when will you have time to do it over?

      evilfantasy

      • Malware Removal Specialist
      • Moderator


        • Genius
      • Calm like a bomb
        • Thanked: 493
      • Experience: Experienced
      • OS: Windows 11
      Re: Installing Spybot ( other programs without internet access? )
      « Reply #2 on: August 04, 2008, 01:24:06 PM »
      Moved to the Computer viruses and spyware forum.

      VirusHeat is a rouge program. It has malware in it. http://www.bleepingcomputer.com/startups/VirusHeat_4.4-22857.html

      This PC is also severely infected with a variety of malware.

      When will you be able to have Internet access?

      Use a flash drive to transfer over these tools.

      SDFix

      DrWeb CureIt < Be sure to update this on a PC with Internet access before transferring it.

      Uninstall the version of HijackThis and install the new one.

      TrendMicro HijackThis.exe (HJT)

      I will need the logs.

      ----------


      When using this tool, you must use the Administrator's account or an account with Administrative rights
      • Double click SDFix.exe and it will extract the files to %systemdrive%
      • (this is the drive that contains the Windows Directory, typically C:\SDFix).
      • DO NOT use it just yet.
      Reboot your computer in Safe Mode using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

      Open the SDFix folder and double click RunThis.bat to start the script.
      • Type Y to begin the cleanup process.
      • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
      • Press any Key and it will restart the PC.
      • When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
      • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
      • Copy and paste the contents of the results file Report.txt in your next reply along with a new HijackThis log.
      .
      ----------

      Scan with DrWeb-CureIt as follows:
      • Double-click on drweb-cureit.exe and then click Start.
      • An Express Scan of your PC notice will appear.
      • Under Start the Express Scan Now Click OK to start.
        • This is a short scan that will scan the files currently running in memory.
        • If or when something is found, click the Yes button when it asks you if you want to cure it.
      • Once the short scan has finished, Click Options > Change settings
      • Choose the Scan tab and UNcheck Heuristic analysis and click OK
      • Back at the main window, select the Complete scan button.
      • Then click the Green Arrow Start Scanning button on the right and the scan will start.
        • Click Yes to all if it asks if you want to cure/move any file(s).
      • When the scan is done.
      • In the Dr.Web CureIt menu on top left, click File and choose Save report list.
      • Save the DrWeb.csv report to your Desktop.
      • Exit Dr.Web Cureit.
      • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
      [/COLOR]
      • After reboot, Right-click the Dr.Web log on the desktop and choose Open With > Notepad
      • Copy and paste that log in the next reply
      .
      ----------

      Now run a new HijackThis scan and post the log.

      Logged

      Kryptonite

        Topic Starter


        Intermediate

      • It's not hard to tell where MY head is at
        • Thanked: 2
        Re: Installing Spybot ( other programs without internet access? )
        « Reply #3 on: August 04, 2008, 02:25:18 PM »
        Quote from: drmsucks on August 04, 2008, 12:53:51 PM
        Did you receive the Windows disk or HP Recovery disk with the computer?

        Is there a Recovery partition on the hard drive?

        I'm sure that a forum malware expert will opine on your HJT log, but, consider this: If you have either of the above, consider a recovery which will put the computer hard drive files back to the original, new condition. Do you really want to mess with the previous owner's problems? If you do a recovery, all you'll need to deal with regarding software is the 'crapware' that HP installed - easily gotten rid of.

        Best of luck.

        I asked. No disks what so ever! If I can't clean this puppy up it may need to be put down!
        Logged
        The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

        evilfantasy

        • Malware Removal Specialist
        • Moderator


          • Genius
        • Calm like a bomb
          • Thanked: 493
        • Experience: Experienced
        • OS: Windows 11
        Re: Installing Spybot ( other programs without internet access? )
        « Reply #4 on: August 04, 2008, 02:27:47 PM »
        It can be cleaned. It will be a bit more involved for us without it having Internet access but it can be done.
        Logged

        Kryptonite

          Topic Starter


          Intermediate

        • It's not hard to tell where MY head is at
          • Thanked: 2
          Re: Installing Spybot ( other programs without internet access? )
          « Reply #5 on: August 04, 2008, 02:32:59 PM »
          Quote from: evilfantasy on August 04, 2008, 01:24:06 PM
          Moved to the Computer viruses and spyware forum.

          VirusHeat is a rouge program. It has malware in it. http://www.bleepingcomputer.com/startups/VirusHeat_4.4-22857.html

          This PC is also severely infected with a variety of malware.

          When will you be able to have Internet access?

          Use a flash drive to transfer over these tools.

          SDFix

          DrWeb CureIt < Be sure to update this on a PC with Internet access before transferring it.

          Uninstall the version of HijackThis and install the new one.

          TrendMicro HijackThis.exe (HJT)

          I will need the logs.

          ----------


          When using this tool, you must use the Administrator's account or an account with Administrative rights
          • Double click SDFix.exe and it will extract the files to %systemdrive%
          • (this is the drive that contains the Windows Directory, typically C:\SDFix).
          • DO NOT use it just yet.
          Reboot your computer in Safe Mode using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

          Open the SDFix folder and double click RunThis.bat to start the script.
          • Type Y to begin the cleanup process.
          • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
          • Press any Key and it will restart the PC.
          • When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
          • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
          • Copy and paste the contents of the results file Report.txt in your next reply along with a new HijackThis log.
          .
          ----------

          Scan with DrWeb-CureIt as follows:
          • Double-click on drweb-cureit.exe and then click Start.
          • An Express Scan of your PC notice will appear.
          • Under Start the Express Scan Now Click OK to start.
            • This is a short scan that will scan the files currently running in memory.
            • If or when something is found, click the Yes button when it asks you if you want to cure it.
          • Once the short scan has finished, Click Options > Change settings
          • Choose the Scan tab and UNcheck Heuristic analysis and click OK
          • Back at the main window, select the Complete scan button.
          • Then click the Green Arrow Start Scanning button on the right and the scan will start.
            • Click Yes to all if it asks if you want to cure/move any file(s).
          • When the scan is done.
          • In the Dr.Web CureIt menu on top left, click File and choose Save report list.
          • Save the DrWeb.csv report to your Desktop.
          • Exit Dr.Web Cureit.
          • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
          [/COLOR]
          • After reboot, Right-click the Dr.Web log on the desktop and choose Open With > Notepad
          • Copy and paste that log in the next reply
          .
          ----------

          Now run a new HijackThis scan and post the log.



          Programs now on jump drive. How do I update that one program on my internet access computer...will it update right on the jumpdrive?

          Gotta make a quick run to the post office and will be back soon to attempt a miracle.

          Thanks!

          Krypto
          Logged
          The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

          evilfantasy

          • Malware Removal Specialist
          • Moderator


            • Genius
          • Calm like a bomb
            • Thanked: 493
          • Experience: Experienced
          • OS: Windows 11
          Re: Installing Spybot ( other programs without internet access? )
          « Reply #6 on: August 04, 2008, 02:34:48 PM »
          It will update on the drive as long as there is Internet access I'm pretty sure (never tried it like that). If not just download/update it on the Desktop then cut and paste it to the flash drive.
          Logged

          Kryptonite

            Topic Starter


            Intermediate

          • It's not hard to tell where MY head is at
            • Thanked: 2
            Re: Installing Spybot ( other programs without internet access? )
            « Reply #7 on: August 04, 2008, 04:34:39 PM »
            Starting the process. Noticed that when i chose "safe mode" it asked if i want to boot in the "recovery mode" is there any reason to copy this drive to a DVD or other media?
            Logged
            The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

            evilfantasy

            • Malware Removal Specialist
            • Moderator


              • Genius
            • Calm like a bomb
              • Thanked: 493
            • Experience: Experienced
            • OS: Windows 11
            Re: Installing Spybot ( other programs without internet access? )
            « Reply #8 on: August 04, 2008, 04:39:35 PM »
            Do you mean the Recovery Console?

            If you copy the drive you will be copying infected files...
            Logged

            Kryptonite

              Topic Starter


              Intermediate

            • It's not hard to tell where MY head is at
              • Thanked: 2
              Re: Installing Spybot ( other programs without internet access? )
              « Reply #9 on: August 04, 2008, 04:51:40 PM »
              Quote from: evilfantasy on August 04, 2008, 02:34:48 PM
              It will update on the drive as long as there is Internet access I'm pretty sure (never tried it like that). If not just download/update it on the Desktop then cut and paste it to the flash drive.

              SDFix is presenting a lot of " An instable Virtual device driver failed dll choose close to terminate app
              Now i got a message that said this process may take up to 20 mins...

              There really is a lot of crap on this computer....wonder where Daddy was visiting...or was it mommy? ;D
              Logged
              The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

              evilfantasy

              • Malware Removal Specialist
              • Moderator


                • Genius
              • Calm like a bomb
                • Thanked: 493
              • Experience: Experienced
              • OS: Windows 11
              Re: Installing Spybot ( other programs without internet access? )
              « Reply #10 on: August 04, 2008, 05:02:34 PM »
              If SDFix gives too many problems skip it and run the Dr. Web instead then post a new HijackThis log.
              Logged

              Kryptonite

                Topic Starter


                Intermediate

              • It's not hard to tell where MY head is at
                • Thanked: 2
                Re: Installing Spybot ( other programs without internet access? )
                « Reply #11 on: August 04, 2008, 05:03:24 PM »


                ----------


                When using this tool, you must use the Administrator's account or an account with Administrative rights
                • Double click SDFix.exe and it will extract the files to %systemdrive%
                • (this is the drive that contains the Windows Directory, typically C:\SDFix).
                • DO NOT use it just yet.
                Reboot your computer in Safe Mode using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

                Open the SDFix folder and double click RunThis.bat to start the script.
                • Type Y to begin the cleanup process.
                • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
                • Press any Key and it will restart the PC.
                • When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
                • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
                • Copy and paste the contents of the results file Report.txt in your next reply along with a new HijackThis log.
                .
                ----------

                Might have hit a glitch since the sdfix screen disappeared but i was not prompted to reboot. The screen is black with SafeMode in each corner and a MS XP code is across the top....not sure what to do now?
                Logged
                The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

                evilfantasy

                • Malware Removal Specialist
                • Moderator


                  • Genius
                • Calm like a bomb
                  • Thanked: 493
                • Experience: Experienced
                • OS: Windows 11
                Re: Installing Spybot ( other programs without internet access? )
                « Reply #12 on: August 04, 2008, 05:07:08 PM »
                If it doesn't restart by itself then restart manually.

                Then look in C:\SDFix for the log if it does not pop up or save to the desktop on it's own.
                Logged

                Kryptonite

                  Topic Starter


                  Intermediate

                • It's not hard to tell where MY head is at
                  • Thanked: 2
                  Re: Installing Spybot ( other programs without internet access? )
                  « Reply #13 on: August 04, 2008, 06:51:42 PM »
                  Quote from: evilfantasy on August 04, 2008, 05:07:08 PM
                  If it doesn't restart by itself then restart manually.

                  Then look in C:\SDFix for the log if it does not pop up or save to the desktop on it's own.

                  Logfile of Trend Micro HijackThis v2.0.0 (BETA)
                  Scan saved at 7:40:00 PM, on 8/4/2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\system32\Ati2evxx.exe
                  C:\WINDOWS\system32\wscntfy.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\WINDOWS\ehome\ehtray.exe
                  C:\WINDOWS\eHome\ehmsas.exe
                  C:\WINDOWS\RTHDCPL.EXE
                  C:\WINDOWS\ARPWRMSG.EXE
                  C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
                  C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
                  C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
                  C:\Program Files\QuickTime\QTTask.exe
                  C:\Program Files\iTunes\iTunesHelper.exe
                  C:\Program Files\VirusHeat 4.4\VirusHeat 4.4.exe
                  C:\Program Files\Messenger\msmsgs.exe
                  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
                  C:\HP\KBD\KBD.EXE
                  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
                  c:\windows\system\hpsysdrv.exe
                  J:\HiJackThis_v2.exe

                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                  O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                  O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                  O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
                  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
                  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                  O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
                  O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
                  O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                  O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
                  O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
                  O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
                  O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
                  O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
                  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
                  O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.341.0\SeekmoSA.exe"
                  O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
                  O4 - HKLM\..\Run: [kdikh.exe] C:\WINDOWS\system32\kdikh.exe
                  O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
                  O4 - HKLM\..\Run: [VirusHeat 4.4] "C:\Program Files\VirusHeat 4.4\VirusHeat 4.4.exe" /h
                  O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second
                  O4 - HKLM\..\RunOnce: [SDFix] C:\SDFix\RunThis.bat /second
                  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                  O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
                  O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
                  O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
                  O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
                  O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
                  O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
                  O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe
                  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                  O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
                  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
                  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
                  O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
                  O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
                  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
                  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                  O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
                  O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
                  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183160767453
                  O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
                  O17 - HKLM\System\CCS\Services\Tcpip\..\{35E39329-7823-4A4C-B025-8EE21AE56824}: NameServer = 85.255.115.61,85.255.112.113
                  O17 - HKLM\System\CCS\Services\Tcpip\..\{885F0345-AE0C-4623-9660-8D23ADBEE7CF}: NameServer = 85.255.115.61,85.255.112.113
                  O17 - HKLM\System\CCS\Services\Tcpip\..\{892900FC-9814-4488-99C0-81491C1EE93D}: NameServer = 85.255.115.61,85.255.112.113
                  O17 - HKLM\System\CCS\Services\Tcpip\..\{D74B1918-FB1E-4E3D-9D7E-91F8ADD8BF48}: NameServer = 85.255.115.61,85.255.112.113
                  O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.61 85.255.112.113
                  O17 - HKLM\System\CS1\Services\Tcpip\..\{35E39329-7823-4A4C-B025-8EE21AE56824}: NameServer = 85.255.115.61,85.255.112.113
                  O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.61 85.255.112.113
                  O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
                  O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
                  O22 - SharedTaskScheduler: delayingly - {e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} - C:\WINDOWS\system32\rtmipr.dll
                  O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
                  O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
                  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
                  O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
                  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                  O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
                  O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
                  O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
                  O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

                  --
                  End of file - 10734 bytes
                  Logged
                  The best sayings that sum me up in a nut shell depends on the obvious which more often than not is obscured by the talk of the day which sounds a lot like  gnat-thing.

                  evilfantasy

                  • Malware Removal Specialist
                  • Moderator


                    • Genius
                  • Calm like a bomb
                    • Thanked: 493
                  • Experience: Experienced
                  • OS: Windows 11
                  Re: Installing Spybot ( other programs without internet access? )
                  « Reply #14 on: August 04, 2008, 07:18:43 PM »
                  What about Dr. Web?

                  Why can't you go onto the Internet with the computer?
                  Logged
                  Pages: [1] 2 3 ... 6  All   Go Up
                  « previous next »