Error - template LAYOUT-DATA-WRAPPER not found

A configuration error was detected in the CGI script; the LAYOUT-DATA-WRAPPER template could not be found.

Error - template STYLE-SHEET not found

A configuration error was detected in the CGI script; the STYLE-SHEET template could not be found.

Error - template SUB-TOP-BANNER not found

A configuration error was detected in the CGI script; the SUB-TOP-BANNER template could not be found.
Subject:
Re: Help please!
From:
David Gillett <[log in to unmask]>
Reply To:
PCSOFT - Personal Computer software discussion list <[log in to unmask]>
Date:
Sun, 26 Sep 2004 13:00:56 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (159 lines) 
> C:\WINDOWS\system32\lssas.exe

  I'm fairly certain that that is something that doesn't belong, hoping to
be mistaken for lsass.exe (which appears nearer the top of the list).

Dave Gillett


On 26 Sep 2004 at 13:05, Johnny Sewell wrote:

> I was Having no trouble until I installed XP sp2 & Norton Internet Security 2005. Right after installing NIS 2005, I.E. 6 Got Real Slow & most web pages were blank. Then I got hit with several Adware, Spyware, and Viruses all at once. I have cleaned out all that Spybot, AdAware 6 Pro, & Norton could clean up. But I know there are still some. This is what HijackThis still Shows  Logfile of HijackThis v1.98.0
> Scan saved at 12:30:27 PM, on 9/26/2004
> Platform: Windows XP SP2 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
> C:\Program Files\Norton Internet Security\ISSVC.exe
> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
> C:\WINDOWS\system32\LEXBCES.EXE
> C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\System32\CTsvcCDA.exe
> C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
> C:\WINDOWS\system32\altsvc.exe
> C:\WINDOWS\system32\lssas.exe
> C:\WINDOWS\SYSTEM32\service.exe
> C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
> C:\WINDOWS\System32\nvsvc32.exe
> C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
> C:\WINDOWS\System32\svchost.exe
> C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
> C:\WINDOWS\System32\MsPMSPSv.exe
> C:\WINDOWS\Explorer.EXE
> C:\Program Files\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe
> C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
> C:\WINDOWS\System32\DSentry.exe
> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
> C:\Program Files\BearShare\BearShare.exe
> C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
> C:\Program Files\Common Files\Symantec Shared\ccApp.exe
> C:\Program Files\BearShare\BearShare.exe
> C:\Program Files\VVSN\VVSN.exe
> C:\WINDOWS\system32\lexpps.exe
> C:\WINDOWS\system32\ctfmon.exe
> C:\Program Files\AWS\WeatherBug\Weather.exe
> C:\Program Files\Messenger\msmsgs.exe
> C:\Program Files\Digital Line Detect\DLG.exe
> C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
> C:\unzipped\HijackThis\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.default-search.com/search/search.php
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
> R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
> O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
> O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
> O2 - BHO: SavePicNoAsk PRO - {CC7C8206-344B-45AB-B898-78D06229268F} - C:\Program Files\UnH Solutions\SavePicNoAsk PRO\SPNAPROBHO.dll
> O2 - BHO: LBBHO - {EFD84954-6B46-42f4-81F3-94CE9A77052D} - C:\WINDOWS\lbbho.dll
> O2 - BHO: (no name) - {F195A1A9-4033-4E5B-B85C-848C3E31A83A} - c:\syslibie.dll
> O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
> O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
> O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
> O4 - HKLM\..\Run: [WorkFlo(1)] E:\Install\WorkFlow.exe
> O4 - HKLM\..\Run: [WorkFlo] D:\Install\WorkFlow.exe
> O4 - HKLM\..\Run: [piiserviceOE] "C:\Program Files\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe"
> O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
> O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
> O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
> O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
> O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
> O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
> O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
> O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
> O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
> O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
> O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
> O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
> O4 - Global Startup: Digital Line Detect.lnk = ?
> O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
> O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
> O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
> O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
> O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
> O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
> O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra button: SPNA PRO - {1FCAD22D-3FC8-4811-A247-9EBA202F01CE} - (no file) (HKCU)
> O9 - Extra button: (no name) - {7B9AA385-667F-44ff-8594-0319270C21D9} - C:\Program Files\UnH Solutions\SavePicNoAsk PRO\SPNAPRO.exe (HKCU)
> O9 - Extra 'Tools' menuitem: SavePicNoAsk PRO - {7B9AA385-667F-44ff-8594-0319270C21D9} - C:\Program Files\UnH Solutions\SavePicNoAsk PRO\SPNAPRO.exe (HKCU)
> O15 - Trusted Zone: *.blazefind.com
> O15 - Trusted Zone: *.clickspring.net
> O15 - Trusted Zone: *.flingstone.com
> O15 - Trusted Zone: *.mt-download.com
> O15 - Trusted Zone: *.my-internet.info
> O15 - Trusted Zone: *.searchbarcash.com
> O15 - Trusted Zone: *.skoobidoo.com
> O15 - Trusted Zone: *.slotch.com
> O16 - DPF: cpcScanner - http://www.crucial.com/controls/cpcScanner.cab
> O16 - DPF: ppctlcab - http://69.44.122.156/scanner/ppctlcab.cab
> O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://support.charter.com/sdccommon/download/tgctlar.cab
> O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://support.charter.com/sdccommon/download/tgctlsi.cab
> O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://support.charter.com/sdccommon/download/tgctlins.cab
> O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cab
> O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
> O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
> O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
> O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156/scanner/axscanner.cab
> O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe
> O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe
> O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/274c52c7acdc2f6a4a21/netzip/RdxIE601.cab
> O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
> O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
> O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
> O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
> O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab
> O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
> O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
> O16 - DPF: {FFFF0017-0001-101A-A3C9-08002B2F49FB} - http://www.desktoplife.net/23d25380.exe
>
>
>
>
> ---------------------------------------------------------------------
> "Are you still wasting your time with spam?...
> There is a solution!"
>
> Protected by GIANT Company's Spam Inspector
> The most powerful anti-spam software available.
> http://www.giantcompany.com
>
> By the way BearShare was not running at all when it all hit me. Iappreciate any help you can give. Thanks! Rotten 1
>
>       "Hold No Punches.." Rode brings you great shareware/freeware
>         programs with his honest opinions in this weekly column.
>                        http://freepctech.com/rode
>

      "Hold No Punches.." Rode brings you great shareware/freeware
        programs with his honest opinions in this weekly column.
                       http://freepctech.com/rode

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG Secured by F-Secure Anti-Virus CataList Email List Search Powered by LISTSERV