Java: BYTEVER.A + .A-1, Troj: STILEN.A

I've got some pests that are eating up my memory and who knows what else!

I think it's really that you guys are willing to help out those of us who are \strike{computer dumbasses} technically challenged !

Thank you!

This is a Belarc Advisor audit of my system:




--------------------------------------------------------------------------------

The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple PCs in a corporate, educational, military or government installation is prohibited. See the license agreement for details. The information on this page was created locally on your PC by the Belarc Advisor. Your computer profile was not sent to a web server. Click here for more info.

--------------------------------------------------------------------------------


About Belarc

PC Management Products

Your Privacy



In page Links:

Installed Hotfixes

Software Licenses

Software Versions



Computer Profile Summary
Computer Name: Na-lfcwddk1htv9 (in WORKGROUP)
Profile Date: Wednesday, June 16, 2004 10:26:52 PM
Advisor Version: 6.1
Windows Logon: na


Click here for Belarc's PC Management products, for large and small companies.

Operating System System Model
Windows 2000 Professional Service Pack 4 (build 2195) Intel Corporation Whitney System CR Board Revision A0
Processor a Main Circuit Board b
567 megahertz Intel Celeron
32 kilobyte primary memory cache
128 kilobyte secondary memory cache Board: Intel Corporation Whitney System CR Platform
BIOS: Phoenix Technologies LTD 6.00 08/29/2001
Drives Memory Modules c,d
6.49 Gigabytes Usable Hard Drive Capacity
3.06 Gigabytes Hard Drive Free Space

ATAPI COMBO48XMAX [CD-ROM drive]
3.5" format removeable media [Floppy drive]

QUANTUM BIGFOOT_CY6480A [Hard drive] (6.50 GB) -- drive 0, s/n 166764921676, rev A03.0800, SMART Status: Healthy 128 Megabytes Installed Memory

Slot 'M1' has 128 MB
Slot 'M2' is Empty
Local Drive Volumes

c: (on drive 0) 6.49 GB 3.06 GB free

Network Drives


Users Printers
local user accounts last logon
na 6/16/2004 5:34:50 PM (admin)
local system accounts
admin1 never (admin)
Administrator 5/17/2004 9:19:58 PM (admin)
Guest never


Marks a disabled account; Marks a locked account CAPTURE FAX BVRP on NUL:
HP DeskJet 722C on LPT1:
Lexmark X1100 Series on USB001

Controllers Display
Standard floppy disk controller
Intel(r) 82801AA Bus Master IDE Controller
Primary IDE Channel [Controller]
Secondary IDE Channel [Controller] Intel Corporation 810 Graphics Controller Hub [Display adapter]
GATEWAY EV700 [Monitor] (16.1"vis, October 1997)
Bus Adapters Multimedia
Intel(r) 82801AA USB Universal Host Controller AC'97 Driver for Intel(r) 82801AA Controller
MPU-401 Compatible MIDI Device
Standard Game Port
Communications Other Devices
ADMtek AN983 10/100Mbps Fast Ethernet Adapter
Network Card MAC Address: 00:00:E8:12:BC:CD
Network IP Address: 64.254.216.134 / 24 Dual-Mode DSC(2770)
Lexmark X1100 Series
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Microsoft PS/2 Port Mouse (IntelliPoint)
Generic USB Hub
Generic USB Hub
USB Printing Support
USB Root Hub
Virus Protection
No AntiVirus details available
Installed Microsoft Hotfixes [Back to Top]
DataAccess
Q329414-25 on 3/20/2004 (details...)
Q832483 on 3/20/2004 (details...)
Internet Explorer
Q330994 (details...)
Q832894 (details...)
SP1 (SP1)
Windows 2000
SP2
KB833330 on 3/20/2004 (details...)
SP4
Q327194[SP] on 3/20/2004 (details...)
SP5
KB329115 on 3/20/2004 (details...)
KB820888 on 3/20/2004 (details...)
KB822831 on 3/20/2004 (details...)
KB823182 on 3/20/2004 (details...)
Windows 2000
SP5 (continued)
KB823559 on 3/20/2004 (details...)
KB824105 on 3/20/2004 (details...)
KB824141 on 3/20/2004 (details...)
KB824146 on 3/20/2004 (details...)
KB825119 on 3/20/2004 (details...)
KB826232 on 3/20/2004 (details...)
KB828028 on 3/20/2004 (details...)
KB828035 on 3/20/2004 (details...)
KB828749 on 3/20/2004 (details...)
KB829558 on 3/20/2004 (details...)
Q818043 on 3/20/2004 (details...)
Windows Media Player
WM819639 (details...)
SP0
Q828026 on 3/20/2004 (details...) Reinstall!



Click here to see all available Microsoft security hotfixes for this computer.

Marks a HotFix that verifies correctly
Marks a HotFix that fails verification
(note that failing hotfixes need to be reinstalled)
Unmarked HotFixes lack the data to allow verification

Software Licenses [Back to Top]

Microsoft - IntelliPoint 11111-111-1111111-11111
Microsoft - Internet Explorer 55736-355-7993545-04348 (Key: R2D43-3DHG9-DQ79W-W3DXQ-929DY)
Microsoft - MediaPlayer 69808-520-8044282-04673
Microsoft - WebFldrs 12345-111-1111111-18200
Microsoft - Windows 2000 Professional 51873-270-7738296-09607 (Key: HB9CF-JTKJF-722HV-VPBRF-9VKVM)

Software Versions [Back to Top]
ABBYY (BIT Software) - FineReader Version 5.0.0.482 (private) *
Adobe Acrobat Version 4.05 *
Agnitum - Outpost Firewall Version 1.0 *
Ahead Software AG Karlsbad Germany Phone: +49-7248-911-800 Fax: +49-7248-911-888 e-mail: info@nero.com - LANGUAGE_English2 Version 5, 5, 10, 45 *
Ahead Software AG - InCD Version 4, 0, 1, 18 *
Ahead Software AG - InfoTool Application Version 1, 0, 3, 3 *
Ahead Software AG - Nero CD Speed Application Version 1, 0, 2, 1 *
Ahead Software Gmbh NeroCheck Version 1, 0, 0, 2 *
ahead software gmbh, karlsbad - Cover Designer Version 2, 2, 1, 11 *
AHEAD Software incdsrv Version 4, 0, 1, 18 *
ArcSoft Inc. - Multimedia Email Version 3.0.0.29 *
ArcSoft Inc. - PhotoPrinter 2000Pro Version 3, 0, 100, 5 *
ArcSoft PhotoStudio Version 4, 1, 0, 0 *
ArcSoft PhotoStudio Version 4,3,0,24 *
AvatarSoft - Back2zip Version 1.0.0.0 *
AvatarSoft - JustZIPit Version 1.0.0.0 *
Belarc, Inc. - BelManage Client Version 6.1 *
BVRP Software - FaxTools Version 1.00 *
Caere Corporation - OmniPage Pro Version 9.0 *
CANON INC. - ScanGear Toolbox CS Application Version 2.2.0 *
Cinematronics - 3D Pinball Version 5.00.2134.1 *
crwl.exe *
CyberLink Corp. - CLDMA Version 1, 0, 0, 2502 *
CyberLink Corp. - PowerDVD Version 5.00.0711 *
d3ux.exe *
Decoder Configuration Utility *
DivX Player *
dvdplay Application Version 1, 0, 0, 1 *
Eastman Software, Inc., A Kodak Business - Imaging for Windows® Version 5.00.2138.1 *
Erik Deppe - DriveSpeed Version 1, 6, 1, 0 *
Gabest - Media Player Classic Version 6, 4, 8, 2 *
GRISOFT s.r.o - AVG6 Version 6.0.1.696 *
GRISOFT s.r.o. - AVG Anti-Virus System Version 6, 0, 0, 0 *
GRISOFT(c) SOFTWARE - AVG Anti-Virus System Version 6, 0, 0, 0 *
GRISOFT, s.r.o. - AVG Anti-Virus System Version 6, 0, 0, 0 *
Inkjet Printer Version 1.0.0.0 *
Inno Setup *
Java Web Start *
javaw.exe *
Lavasoft Ad-aware Plus Version 6.0.0.0 *
Lexmark International Inc. - AIO exe Version 2.0.2.2 *
Lexmark International, Inc. - Button Manager Executable Version 0.1.1.1 *
Lexmark International, Inc. - MarkVision for Windows (32 bit) Version 8.29 * Lexmark Photo Editor Version 0.1.1.1 *
Logitech QuickCam Version 5.2.0.2099 *
mfckt.exe *
Microsoft (r) Windows Script Host Version 5.6.0.6626 *
Microsoft Corporation - Internet Explorer Version 6.00.2800.1106 *
Microsoft Corporation - Messenger Version 6.1 *
Microsoft Corporation - Windows Installer - Unicode Version 2.0.2600.1183 *
Microsoft Corporation - Windows Journal Viewer Version 1.5.2315.3 *
Microsoft Corporation - Windows® NetMeeting® Version 3.01 *
Microsoft Data Access Components Version 3.525.1022.0 *
Microsoft Pointing Device Software Version 3.10.0393 *
Microsoft PowerPoint Viewer for Windows Version 8.0 *
Microsoft Windows Media Player Version 6.4.09.1125 *
Microsoft® NetShow Version 2.0.0.912 *
Mozilla - Firefox Personal *
Mozilla.org - Thunderbird Version 1.7: 2004050210 *
NEATO - MediaFACE Version 3, 0, 0, 0 *
Network Security Service *
PCCam *
PepiMK Software - Spybot - Search & Destroy Version 1, 3, 0, 12 *
PhotoBase 2.0 *
Remove the DivX Bundle *
Remove the DivX Codec *
Remove the DivX Player *
Safer Networking Limited - SpyBot-S&D Version 1, 3, 0, 12 *
Script Defender *
Shoot The Messenger, by Steve Gibson Version 1.0 *
Shortcut to hjsplit.exe Version 1.0.0.0 *
Shortcut to sdefendi.exe *
Soeperman Enterprises Ltd. - HijackThis Version 1.97.0007 *
SpywareBlaster AutoUpdate Version 3.01 *
SpywareBlaster Version 3.01 *
Stop StartupMonitor *
SunJavaUpdateSched *
Symantec Corporation - LiveUpdate Version 1.62.17.0 *
Symantec Corporation - Norton Utilities for Windows Version 14.00.0.28 *
Symantec Corporation - Norton Utilities Version 14.00.0.28 *
UpdateIPR.exe *
USB DSC Version 1, 7, 2, 8 *
Viewer.exe *
Virtos GmbH - WaveEdit DLL Version 1, 0, 5, 0 *
wmplayer.exe *
Yahoo! Messenger Version 5, 6, 0, 1358 *

--------------------------------------------------------------------------------

* Click to see where software is installed.
a. Megahertz measurement may be inaccurate if other programs were busy during last analysis.
b. Data may be transferred on the bus at one, two, or four times the Bus Clock rate.
c. Memory slot contents may not add up to Installed Memory if some memory is not recognized by Windows.
d. Memory slot contents is reported by the motherboard BIOS. Contact system vendor if slot contents are wrong.
e. This may be the manufacturer's factory installed product key rather than yours.
Copyright 2000-4, Belarc, Inc. All rights reserved.
Legal notice. U.S. Patents 6085229, 5665951 and Patents pending.

--------------------------------------------------------------------------------




Logfile of HijackThis v1.97.7
Scan saved at 10:12:23 PM, on 6/16/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINNT\StartupMonitor.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINNT\system32\d3ux.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\ieua.exe
C:\WINNT\netmk.exe
C:\Documents and Settings\na\My Documents\Flix\HijackThis.exe

O2 - BHO: (no name) - {3E68846A-B6CA-BDA8-E434-82EC1BEE2FC5} - C:\WINNT\system32\netlw32.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [crwl.exe] C:\WINNT\system32\crwl.exe
O4 - HKLM\..\Run: [mfckt.exe] C:\WINNT\system32\mfckt.exe
O4 - HKLM\..\Run: [d3ux.exe] C:\WINNT\system32\d3ux.exe
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17c72f8587c4d72b0e23/netzip/RdxIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38066.3549768519
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://download.yahoo.com/dl/mail/autocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

 

Have Hijack This fix all of the following by placing a check in the appropriate boxes and hitting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

O2 - BHO: (no name) - {3E68846A-B6CA-BDA8-E434-82EC1BEE2FC5} - C:\WINNT\system32\netlw32.dll

O4 - HKLM\..\Run: [crwl.exe] C:\WINNT\system32\crwl.exe
O4 - HKLM\..\Run: [mfckt.exe] C:\WINNT\system32\mfckt.exe
O4 - HKLM\..\Run: [d3ux.exe] C:\WINNT\system32\d3ux.exe

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17c72f8...ip/RdxIE601.cab

Reboot and delete

files
C:\WINNT\system32\crwl.exe
C:\WINNT\system32\mfckt.exe
C:\WINNT\system32\d3ux.exe

These may be hidden files. See HERE for how to show hidden files.

Please post a followup Hijack this log, and say if your problems persist.