Solved

Trojan : Bravesentry fakealert

Posted on 2006-10-29
6
598 Views
Last Modified: 2012-05-05
Spy Sweeper has found Bravesentry fakealert, but i only have the scan version .So ned your help to find out if it on system. I have scan with  the forlowing scanners below without finding anything  but i found i did not find anything. Alsi i have try to search my system with the bulid-in search tool in xp home and in register database but i did not find anything . at the moment i am scanning with trojan hutter and the cleaner but i do not expect to find it because i search there database and it was not there?
.

e Trust spyware online scanner
House  spyware online scanner
X-Cleaner Spyware online Remover.
AVG Anti-Spyware 7.5
PestPatrol
Anonymizer anti-spyware
Spybot

This is where it suppose to be :

Found Adware: bravesentry fakealert
 HKU\S-1-5-21-790525478-1390067357-839522115-1004\software\microsoft\windows\currentversion\ext\stats\{72267f6a-a6f9-11d0-bc94-00c04fb67863}\ (ID =

 Bravesentry fakealert  is an adware program that display advertisements on your system
0
Comment
Question by:beocom2500
  • 3
  • 3
6 Comments
 
LVL 97

Expert Comment

by:war1
Comment Utility
Greetings, beocom2500 !

Use SmitFraudFix to remove BraveSentry Alert
http://www.geekstogo.com/forum/index.php?showtopic=109268
OR
http://siri.geekstogo.com/SmitfraudFix.zip  

If no joy, download HijackThis

http://www.majorgeeks.com/download3155.html

Run the program and you will find many entries. Most are OK. Post the log at http://www.hijackthis.de/ and click Analyse, Save.  Post a link to the saved list here.


Best wishes!
0
 
LVL 97

Expert Comment

by:war1
Comment Utility
beocom2500,

We have not heard from you. Did any comment help you solve your problem? Do you have any more question? If an Expert helped you, please accept his/her answer above with an excellent or good grade.

Thanks, war1
0
 

Author Comment

by:beocom2500
Comment Utility
I did run hijackthis and test it on the website, and post the log at www.hijackthis.de.
but i don`t understand in the first place why i ever got on my pc because i have never instal there software. Below you can see my  my hijackthis log.

Anyway i decided reformat my c drive , so Bravesentry fakealert is not on my anymore.


Logfile of HijackThis v1.99.1
 
Shows the version of HijackThis an. The newest version is: v1.99.1!
 
This should be the newest version. (v1.99.1)
 
Platform: Windows XP SP2 (WinNT 5.01.2600)
 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 

Safe.
 
Shows the version of your Internet Explorer. Newest Version is: 6.00.2900.2180!
 
This should be the newest version. (6.00.2900.2180)
 
C:\WINDOWS\System32\smss.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\winlogon.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\services.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\lsass.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\svchost.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\System32\svchost.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\spoolsv.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\Explorer.EXE
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\brss01a.exe
 

Safe.
 
running process. (brss01a.exe)
Brother Druckertreiber

 

 
C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
 

Safe.
 
running process. (CTSysVol.exe)
Prozess zur Creative Soundkarte.

 

 
C:\WINDOWS\CTHELPER.EXE
 

Safe.
 
running process. (CTHELPER.EXE)
Tool für die Creative Soundkarte.

 

Possibly nasty! According to our database this process runs normally in c:\windows\system32\! Check if you know this process and arrange a viruscheck where required.
 
C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDET.EXE
 

Safe.
 
running process. (CTDVDDET.EXE)


 

 
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
 

Safe.
 
running process. (realmon.exe)


 

 
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
 

Safe.
 
running process. (zlclient.exe)
Zone Alarm

 

 
C:\Programmer\Java\jre1.5.0_09\bin\jusched.exe
 

Safe.
 
running process. (jusched.exe)
Java Runtime

 

 
C:\Programmer\Webroot\Spy Sweeper\SpySweeperUI.exe
 

Unknown
 
running process. (SpySweeperUI.exe)


 
This is a unknown process.
 
C:\WINDOWS\system32\ctfmon.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\Programmer\Creative\MediaSource\RemoteControl\RcMan.exe
 

Safe.
 
running process. (RcMan.exe)


 

 
C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe
 

Safe.
 
running process. (CTDetect.exe)


 
Not dangerous, but unnecessary.
 
C:\Programmer\Creative\MediaSource\Go\CTCMSGo.exe
 

Safe.
 
running process. (CTCMSGo.exe)
"Creative MediaSource playbacks music in DVD-Audio, MP3, WMA, WAV and other media formats"

 
Not dangerous, but unnecessary.
 
C:\Programmer\Anonymizer TNS\AnonTns.exe
 

Unknown
 
running process. (AnonTns.exe)


 
This is a unknown process.
 
C:\Documents and Settings\My Computer\Menuen Start\Programmer\Start\NoAds.exe
 

Safe.
 
running process. (NoAds.exe)


 

Possibly nasty! According to our database this process runs normally in c:\programme\noads\! Check if you know this process and arrange a viruscheck where required.
 
C:\WINDOWS\system32\cisvc.exe
 

Safe.
 
running process. (cisvc.exe)
Microsoft Index Service Helper

 

 
C:\WINDOWS\system32\CTsvcCDA.exe
 

Safe.
 
running process. (CTsvcCDA.exe)
Creative Soundkarte

 

 
C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
 

Safe.
 
running process. (InoRpc.exe)
eTrust Antivirus

 

 
C:\Programmer\CA\eTrust Antivirus\InoRT.exe
 

Safe.
 
running process. (InoRT.exe)
Part of eTrust Antivirus

 

 
C:\Programmer\CA\eTrust Antivirus\InoTask.exe
 

Safe.
 
running process. (InoTask.exe)


 

 
C:\WINDOWS\System32\nvsvc32.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
 

Safe.
 
running process. (SpySweeper.exe)


 

 
C:\WINDOWS\system32\MsPMSPSv.exe
 

Safe.
 
running process. (MsPMSPSv.exe)
Helper service installed by Windows Media Player 7.

 

 
C:\WINDOWS\system32\wscntfy.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
C:\WINDOWS\system32\cidaemon.exe
 

Safe.
 
running process. (cidaemon.exe)
Indexing Service Filter Daemon

 

 
C:\PROGRA~1\MOZILL~2\THUNDE~1.EXE
 

Safe.
 
running process. (THUNDE~1.EXE)


 

 
C:\Programmer\Mozilla Firefox\firefox.exe
 

Safe.
 
running process. (firefox.exe)
Internet Browser

 

 
C:\Programmer\Windows NT\Tilbehør\wordpad.exe
 

Safe.
 
running process. (wordpad.exe)


 

Possibly nasty! According to our database this process runs normally in c:\programme\windows nt\accessories\! Check if you know this process and arrange a viruscheck where required.
 
C:\Programmer\Webroot\Spy Sweeper\SSU.EXE
 

Unknown
 
running process. (SSU.EXE)


 
This is a unknown process.
 
C:\Programmer\Internet Download Manager\IDMan.exe
 

Safe.
 
running process. (IDMan.exe)


 

 
C:\Programmer\Anonymizer\Anonymizer Software\Anonymizer.exe
 

Unknown
 
running process. (Anonymizer.exe)


 
This is a unknown process.
 
C:\Programmer\Internet Explorer\iexplore.exe
 

Safe.
 
running process. (iexplore.exe)
Internet Explorer - Wir empfehlen einen sichereren alternativen Browser zu verwenden. (z.B. Firefox)

 

 
C:\WINDOWS\system32\rundll32.exe
 

Safe.
 
running process. (rundll32.exe)
RUNDLL32 is the Microsoft Windows program that loads DLLs into memory so that they can be used by specific programs or by Windows.

 

 
C:\Documents and Settings\My Computer\Dokumenter\Downloads\Compressed\HijackThis.exe
 

Safe.
 
running process. (HijackThis.exe)
Tool, mit dem sie dieses Logfile erzeugt haben. Das Programm sollte so angelegt sein ! C:\Programme\HijackThis\HijackThis.exe

 
Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups!
 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:80
 

Possibly nasty
 
This page could possibly be nasty.

 

 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
 

Nasty
 
This entry should be fixed by HijackThis!

 
This entry should be fixed by HijackThis!
 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programmer\Internet Download Manager\IDMIECC.dll
 

Safe.
 
Entries found in this registry zone are potentially nasty. This application ([0055C089-8582-441B-A0BF-17B458C2A3A8] - Result: 0055C089-8582-441B-A0BF-17B458C2A3A8) has been checked. Hit rate: 100,00%

 

 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 

Safe.
 
Entries found in this registry zone are potentially nasty. This application ([06849E9F-C8D7-4D59-B87D-784B7D6BE0B3] - Result: 06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) has been checked. Hit rate: 100,00%

 

 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_09\bin\ssv.dll
 

Safe.
 
Entries found in this registry zone are potentially nasty. This application ([761497BB-D6F0-462C-B6EB-D4DAF1D92D43] - Result: 761497BB-D6F0-462C-B6EB-D4DAF1D92D43) has been checked. Hit rate: 100,00%

 

 
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
 

Safe.
 
Part of NVidia
Hit rate: 100,00 % (result)

 

 
O4 - HKLM\..\Run: [CTSysVol] "C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe"
 

Safe.
 
Creative sound card volume controls
Hit rate: 77,08 % (result)

 

 
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
 

Safe.
 
Reminder to register Creative Labs SoundBlaster Live! cards
Hit rate: 80,00 % (result)

 
Not dangerous, but unnecessary.
 
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
O4 - HKLM\..\Run: [CTDVDDET] C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDET.EXE
 

Safe.
 
Creative SBAudigy2ZS
Hit rate: 100,00 % (result)

 

 
O4 - HKLM\..\Run: [AntivirusRegistration] "C:\Programmer\CA\Etrust Antivirus\Register.exe"
 

Safe.
 
Part of Etrust Antivirus
Hit rate: 100,00 % (result)

 

 
O4 - HKLM\..\Run: [Realtime Monitor] "C:\PROGRA~1\CA\ETRUST~1\realmon.exe" -s
 

Safe.
 
Realtime scanner part of eTrust Antivirus/InoculateIT version 6 virus scanners from Computer Associates
Hit rate: 100,00 % (result)

 

 
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
 

Safe.
 
Firewall program from Zonelabs. Pro version inlcudes other online security options
Hit rate: 86,36 % (result)

 

 
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_09\bin\jusched.exe
 

Safe.
 
Java von Sun
Hit rate: 100,00 % (result)

 

 
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
 

Safe.
 
This is an entry that appears when you uncheck an item in the Startup group, and will disappear if on the next reboot you select the option to not be reminded that you are running in Selective Startup mode
Hit rate: 59,72 % (result)

 
Not dangerous, but unnecessary.
 
O4 - HKLM\..\Run: [SpySweeper] "C:\Programmer\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
 

Unknown
 

Hit rate: 0,00 % (result)

 
Unknown application.
 
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 

Safe.
 
CTFMon is involved with the language/alternative input services in Office XP. CTFMON.exe will continue to put itself back into MSConfig when you run the Office XP apps as long as the Text Services and Speech applets in the Control Panel are enabled. Not required if you don\'t need these features. For more info on ctfmon see here. CTFMON can be disabled from Control Panel, Text & Speech Services
Hit rate: 55,00 % (result)

 

 
O4 - HKCU\..\Run: [Simp] C:\Programmer\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe
 

Unknown
 

Hit rate: 0,00 % (result)

 
Unknown application.
 
O4 - HKCU\..\Run: [RemoteCenter] C:\Programmer\Creative\MediaSource\RemoteControl\RcMan.exe
 

Safe.
 
Remote control for Creative MediaSource - plays back music in DVD-Audio, MP3, WMA, WAV and other media formats
Hit rate: 100,00 % (result)

 

 
O4 - HKCU\..\Run: [Creative Detector] "C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe" /R
 

Safe.
 
Auto-detect and play a DVD when using a Creative Soundblaster Audigy2 soundcard. Uses about 2.2 MB of memory. Disable it by heading to the MediaSource DVD Audio Player, selecting Tools, then uncheck the Auto Start box. It should not start up automatically again
Hit rate: 100,00 % (result)

 
Not dangerous, but unnecessary.
 
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Programmer\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
 

Safe.
 
"Creative MediaSource playbacks music in DVD-Audio, MP3, WMA, WAV and other media formats"
Hit rate: 100,00 % (result)

 
Not dangerous, but unnecessary.
 
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmer\Yahoo!\Messenger\YahooMessenger.exe" -quiet
 

Unknown
 

Hit rate: 0,00 % (result)

 
Unknown application.
 
O4 - Startup: Anonymizer Total Net Shield.lnk = C:\Programmer\Anonymizer TNS\AnonTns.exe
 

Unknown
 

Hit rate: 0,00 % (result)

 
Unknown application.
 
O4 - Startup: NoAds.exe
 

Unknown
 

Hit rate: 0,00 % (result)

 
Unknown application.
 
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 

Safe.
 
Part of Acrobat Reader 7
Hit rate: 82,73 % (result)

 

 
O8 - Extra context menu item: Download All Links with IDM - C:\Programmer\Internet Download Manager\IEGetAll.htm
 

Safe.
 
The entry Download All Links with IDM has been identified as safe.

 
If the entry 'Download All Links with IDM ' is not needed anymore, it should be fixed.
 
O8 - Extra context menu item: Download with IDM - C:\Programmer\Internet Download Manager\IEExt.htm
 

Safe.
 
The entry Download with IDM has been identified as safe.

 
If the entry 'Download with IDM ' is not needed anymore, it should be fixed.
 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_09\bin\ssv.dll
 

Safe.
 
The entry has been identified as safe.

 
If the entry '' is not needed anymore, it should be fixed.
 
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_09\bin\ssv.dll
 

Safe.
 
The entry Sun Java Console has been identified as safe.

 
If the entry 'Sun Java Console ' is not needed anymore, it should be fixed.
 
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programmer\Yahoo!\Messenger\YahooMessenger.exe
 

Safe.
 
The entry Yahoo! Messenger has been identified as safe.

 
If the entry 'Yahoo! Messenger ' is not needed anymore, it should be fixed.
 
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programmer\Yahoo!\Messenger\YahooMessenger.exe
 

Safe.
 
The entry Yahoo! Messenger has been identified as safe.

 
If the entry 'Yahoo! Messenger ' is not needed anymore, it should be fixed.
 
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
 

Safe.
 
This entry has been identified as safe.

 

 
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex /hcImpl.cab
 

Safe.
 
This entry has been identified as safe.

 

 
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www3.ca.com/securityadvisor/pestscan/pestscan.cab
 

Safe.
 
This entry has been identified as safe.

 

 
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site .cab?1161369967796
 

Safe.
 
This entry has been identified as safe.

 

 
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall /xscan53.cab
 

Safe.
 
This entry has been identified as safe.

 

 
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
 

Safe.
 
This entry has been identified as safe.

 

 
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
 

Safe.
 
This entry has been identified as safe.

 

 
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (brsvc01a.exe) was identified as a good one.
 
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (CTsvcCDA.exe) was identified as a good one.
 
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (InoRpc.exe) was identified as a good one.
 
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRT.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (InoRT.exe) was identified as a good one.
 
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoTask.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (InoTask.exe) was identified as a good one.
 
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (nvsvc32.exe) was identified as a good one.
 
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

Safe.
 
This entry was classified from our visitors as good.

 
Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way.
 
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
 

Safe.
 
These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.

 
This service (SpySweeper.exe) was identified as a good one.

This log has been checked automatically.
Check your log file automatically at www.hijackthis.de.







 
 


        

0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 97

Accepted Solution

by:
war1 earned 25 total points
Comment Utility
beocom2500,

Glad the problem is gone. I wish you had run the SmitFraudFix first. I could have saved you from a Windows reformat and install.  
0
 

Author Comment

by:beocom2500
Comment Utility
War1,

Thank you very much. I will use SmitFraudFix next time.

Have a good weekend.

0
 

Author Comment

by:beocom2500
Comment Utility
You still deserve my 25 point with a grade b  because i have not use your removal instructions.
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now