Home > General > Popcaploader_v6(1).cab


I'm having a tough time reading it.. Thanks.   ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Tuesday, June 13, 2006 1:44:42 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version: Kaspersky Anti-Virus Thank you for your understanding and cooperation!Plus and Pro Ad-Aware users (only) may use the Support Center for personal assistance:Support CenterMicrosoft MVP/Windows - Security 2003-2009 Back to top Prev Page 2 One question you can hopefully answer for me is that Panda claims there's a virus in my email, and I'd like to find out who it came from.

Thanks in advance for the help.Logfile of HijackThis v1.99.1Scan saved at 1:28:30 PM, on 1/9/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5700.0006)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\Explorer.EXEC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINNT\system32\rundll32.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Hewlett-Packard\Digital My name is RatHat, and I will help you get through the process of cleaning the malware from your computer.OK firstly, I need you to print out each post I make Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Internet\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear BleepingComputer.com

Options Mark as New Bookmark Subscribe Subscribe to RSS Feed Highlight Print Report Logfile of HijackThis v1.99.1 Scan saved at 4:09:37 PM, on 1/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: I don't see a problem.. This applies only to the original topic starter. If you are still having malware problems, I will be glad to help.   Please post a fresh HJT log in this thread, so I can be sure nothing has changed

  • O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINNT\system32\dcads_sidebar.dll (file missing)O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINNT\system32\nsc29A.dllO16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CABNow close all windows other
  • Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo!
  • Firewall's help prevent malware from getting into your computer, so I would recommend installing one of the following very good free firewalls:Online Armor (Free edition) personal firewallComodo is a free fully

Mark it as an accepted solution!I am not a Comcast employee. Use your up arrow key to highlight SafeMode then hit enter. Programs are downloading without my knowledge, and also can't seem to delete them. All rights reserved.

Click the button that says Do a System Scan and Save a Logfile. It helps keep you safe by indicating whether sites are safe to visit or safe to download from. Sign Up This Topic All Content This Topic This Forum Advanced Search Browse Forums Calendar Staff Online Users More Activity All Activity Search More More More All Activity Home Spyware, thiefware, http://www.bullguard.com/forum/15/what-is-applicationaniqurotool_58647.html In the 'System Restore' window,click on the 'Create a Restore Point' button,then click 'Next'.

MahJong Solitaire - http://download.game...s/y/mjst3_x.cabO16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} (SkillJamLoader Class) - http://skill.skillja...llJamLoader.cabO16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaud...d/ccpm_0237.cabO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cabO16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} Please help, I do not understand Started by MsMarie , Nov 13 2006 02:54 PM Prev Page 2 of 2 1 2 Please log in to reply 26 replies to this Choose a location where you can find the HijackThis log again (normally the log will save in the folder that HijackThis is saved in) and click Save. Using the site is easy and fun.

Share this post Link to post Share on other sites SUB SWI Junkie Retired Staff - Helper 321 posts Gender:Male Location:London, UK Posted June 13, 2006 · Report post Looks https://forums.spybot.info/showthread.php?17487-Virtumonde Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. Type : IECache Entry Data : [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:[email protected]/ Expires : 12-31-2020 7:00:00 PM LastSync : Hits:1 UseCount :

Continue with the next file? [RegSaveKeyEx:87] Second warning: Warning Error Saving File C:\windows\erdnt\Hiv-backup\Users\00000004\UsrClass.dat! They will be deleted. This applies only to the original topic starter. Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Yahoo!

Using the site is easy and fun. Reboot your computer once all Java components are removed.13. Click Create a Restore Point then click Next. Navigate to and delete the following folder:   C:\WINDOWS\system32\1024\   Apart from a couple of infected restore points, your computer appears otherwise clean.

PLEASE save me from hurting my computer! Now click on the Save as Text button:Save the file to your desktop as Kaspersky.txt.Copy and paste that information in your next post.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Your version of Java is out of date. Place the following lines (complete paths) in bold in the "Full Path of File to Delete" box in Killbox, and click the red button with the white X on it after

Click the Change/Remove button.11.

My Windows is updated. This applies only to the original topic starter. Share this post Link to post Share on other sites This topic is now closed to further replies. For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered?

Posted 1/15/2008 10:23 PM #58647 Lady Divine Member Date Joined Nov 2016 Total Posts: 7 My bullguard has come up with a block message 6 times today, about this Application.Aniquro.Toolbar.A I Mark it as an accepted solution!I am not a Comcast employee. MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab Share this post Link to post Share on other sites Quote Report Back to top Posted 1/16/2008 11:10 AM #58677 Lady Divine Member Date Joined Nov 2016 Total Posts: 7 Here it is:(but there where problems with installing the

Download HijackThis   Right click on the following link and choose "Save Target As...": http://www.spywareinfo.com/~merijn/files/HijackThis.exe   2. FileDescription : PowerCinema Resident Program for Dell InternalName : PowerCinema Resident Program for Dell LegalCopyright : Copyright c 2003 CyberLink Corp. Share this post Link to post Share on other sites This topic is now closed to further replies. Quote Report Back to top Posted 1/18/2008 2:04 PM #58784 Lady Divine Member Date Joined Nov 2016 Total Posts: 7 This is one of them: 2008/01/15 21:44:53 | C:\Users\Heidi\AppData\Local\MICROSOFT\Windows\TEMPORARY

Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab O16 - DPF: Yahoo! Type : Regkey Data : C:\WINDOWS\Downloaded Program Files\popcaploader.dll TAC Rating : 10 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : TYPELIB\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1} Win32.Trojan.Downloader Object Recognized! Create Account How it Works Javascript Disabled Detected You currently have javascript disabled. The page will refresh.6.

htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AIM - For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? Read through the information found here,to help you prevent any possible future infections.'How to prevent Malware' by miekiemoes:http://users.telenet.be/bluepatchy/miekiem...prevention.html****************************Please Note:Your version of Sun Java is out of date.Older versions have vulnerabilities that Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

OriginalFilename : McVsShld.exe Comments : McAfee VirusScan ActiveShield Resource #:19 [oasclnt.exe] FilePath : C:\Program Files\McAfee.com\VSO\ ProcessID : 180 ThreadCreationTime : 12-1-2006 4:35:44 PM BasePriority : Normal FileVersion : 10, 0, 0,