Re: Drvcleaner.exe

Re: Drvcleaner.exe
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Re: Drvcleaner.exe Peter Foldes 05-11-2007
Posted by David H. Lipman on May 11, 2007, 4:29 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| my mistake also download this http://tinyurl.com/bonw6 this is for a scanner
| that you have to use ( pls. dont post again hijackthis log files )
|

Please STOP posting TinyURL replacements for the real URLs.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by =?Utf-8?B?TWlsbyAoTVNQU1Mp?= on May 11, 2007, 2:26 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Also the drive cleaner is a new player
after the said scan is done please call 866 727 2338 Microsoft PCsafety
US/CANADA
http://support.microsoft.com/default.aspx/gp/securityhome
--
Milo
MSPSS


"andresg1975" wrote:

> This is the result. Thanks for your help
> I did not download it. I went to add/remove program but is not there
>
> Logfile of HijackThis v1.99.1
> Scan saved at 12:31:29 PM, on 5/11/2007
> Platform: Windows XP SP2 (WinNT 5.01.2600)
> MSIE: Internet Explorer v7.00 (7.00.6000.16441)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\Program Files\Windows Defender\MsMpEng.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> c:\program files\mcafee.com\agent\mcdetect.exe
> c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
> C:\WINDOWS\wanmpsvc.exe
> C:\WINDOWS\Explorer.EXE
> C:\WINDOWS\system32\hkcmd.exe
> C:\WINDOWS\system32\igfxpers.exe
> C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
> C:\Program Files\Real\RealPlayer\RealPlay.exe
> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
> C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
> C:\Program Files\McAfee.com\VSO\oasclnt.exe
> C:\PROGRA~1\mcafee.com\agent\mcagent.exe
> C:\WINDOWS\System32\DLA\DLACTRLW.EXE
> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
> C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
> C:\Program Files\McAfee.com\VSO\mcvsshld.exe
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
> C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
> C:\Program Files\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe
> C:\Program Files\Common Files\AOL77114863\ee\AOLSoftware.exe
> C:\Program Files\Windows Defender\MSASCui.exe
> c:\progra~1\mcafee.com\vso\mcvsescn.exe
> C:\WINDOWS\system32\ctfmon.exe
> C:\Program
> Files\Google\GoogleToolbarNotifier.2.1128.5462\GoogleToolbarNotifier.exe
> C:\Program Files\DellSupport\DSAgnt.exe
> C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
> C:\WINDOWS\system32\svchost.exe
> C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
> C:\Program Files\America Online 9.0\aoltray.exe
> C:\Program Files\Digital Line Detect\DLG.exe
> C:\Program Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
> C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> C:\Program Files\WinZip\WZQKPICK.EXE
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
> C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
> C:\WINDOWS\system32\ntvdm.exe
> C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe
> c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
> c:\program files\mcafee.com\shared\mghtml.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
> C:\WINDOWS\msagent\AgentSvr.exe
> C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Documents and Settings\Richard Dean\Local Settings\Temporary Internet
> Files\Content.IE5\LY9194F9\HijackThis[1].exe
>
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://go.microsoft.com/fwlink/?LinkId=54896
> O2 - BHO: AcroIEHlprObj Class - -
> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
> O2 - BHO: McAfee AntiPhishing Filter -
> - c:\program
> files\mcafee\spamkiller\mcapfbho.dll
> O2 - BHO: DriveLetterAccess - -
> C:\WINDOWS\System32\DLA\DLASHX_W.DLL
> O2 - BHO: Google Toolbar Helper - -
> c:\program files\google\googletoolbar2.dll
> O2 - BHO: QUICKfind BHO Object - -
> C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
> O2 - BHO: Browser Address Error Redirector -
> - c:\Program Files\BAE\BAE.dll
> O3 - Toolbar: McAfee VirusScan - -
> c:\progra~1\mcafee.com\vso\mcvsshl.dll
> O3 - Toolbar: &Google - - c:\program
> files\google\googletoolbar2.dll
> O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
> O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
> O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
> O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> Files\Java\j2re1.4.2_03\bin\jusched.exe
> O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe
> SYSTEMBOOTHIDEPLAYER
> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
> -atboottime
> O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common
> Files\InstallShield\UpdateService\isuspm.exe" -startup
> O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
> Files\InstallShield\UpdateService\issch.exe" -start
> O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
> O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
> O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
> /checktask
> O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
> O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
> O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
> O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe
> /startup
> O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
> O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google
> Desktop Search\GoogleDesktop.exe" /startup
> O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
> O4 - HKLM\..\Run: [VirusScan Online] C:\Program
> Files\McAfee.com\VSO\mcvsshld.exe
> O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
> O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel
> Photo Album 6\MediaDetect.exe
> O4 - HKLM\..\Run: [HPWITOOLBOX] C:\Program Files\Hewlett-Packard\hp deskjet
> 9600 series\Toolbox\HPWITBX.exe "-i"
> O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common
> Files\AOL\ACS\AOLDial.exe
> O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common
> Files\AOL77114863\ee\AOLSoftware.exe
> O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
> Defender\MSASCui.exe" -hide
> O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
> O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> O4 - HKCU\..\Run: [swg] C:\Program
> Files\Google\GoogleToolbarNotifier.2.1128.5462\GoogleToolbarNotifier.exe
> O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe"
> /startup
> O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program
> Files\America Online 9.0\aoltray.exe
> O4 - Global Startup: Digital Line Detect.lnk = ?
> O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
> Office\Office10\OSA.EXE
> O4 - Global Startup: QuickBooks Database Server Manager.lnk = C:\Program
> Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
> O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common
> Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program
> Files\WinZip\WZQKPICK.EXE
> O8 - Extra context menu item: E&xport to Microsoft Excel -
> res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
> O9 - Extra button: (no name) - -
> C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
> O9 - Extra 'Tools' menuitem: Sun Java Console -
> - C:\Program
> Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
> O9 - Extra button: (no name) - -
> c:\program files\mcafee\spamkiller\mcapfbho.dll
> O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
> - c:\program
> files\mcafee\spamkiller\mcapfbho.dll
> O9 - Extra button: Real.com - -
> C:\WINDOWS\system32\Shdocvw.dll
> O9 - Extra button: (no name) - -
> %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
> O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
> - %windir%\Network
> Diagnostic\xpnetdiag.exe (file missing)
> O9 - Extra button: Messenger - -
> C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger -
> - C:\Program Files\Messenger\msmsgs.exe
> O11 - Options group: [INTERNATIONAL] International*
> O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
> O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
> O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
> O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC -
> C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> O23 - Service: DSBrokerService - Unknown owner - C:\Program
> Files\DellSupport\brkrsvc.exe
> O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
> Files\Google\Common\Google Updater\GoogleUpdaterService.exe
> O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
> c:\program files\mcafee.com\agent\mcdetect.exe
> O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
> c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
> c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
> Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
> O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
> Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
> C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
> O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
> C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
> O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) -
> - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
> O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. -
> C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
> O23 - Service: QuickBooksDB - Intuit, Inc. -
> C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe
> O23 - Service: QuickBooksDB17 - iAnywhere Solutions, Inc. -
> C:\PROGRA~1\Intuit\QUICKB~4\QBDBMgrN.exe
> O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America
> Online, Inc. - C:\WINDOWS\wanmpsvc.exe
>
>
>
> "Milo (MSPSS)" wrote:
>
> > Also can you confirm with us if you did downloaded drive cleaner in your
> > machine or it just came out of nowhere?, a screenshot would be great if you
> > can send me one for that matter.
> >
> > also if its already installed go to add/remove program via
> > start>run> type appwiz.cpl
> >
> > the list of all your programs would be listed tick the drive cleaner and
> > choose to remove it if its listed there.
> >
> > --
> > Milo
> > MSPSS
> >
> >
> > "Milo (MSPSS)" wrote:
> >
> > > Please download
> > > 1. www.microsoft.com/defender
> > > 2. http://tinyurl.com/67reb ( Ewido )
> > > install such and proceed with scan for it
> > >
> > > advise us for following instances afterwards
> > > --
> > > Milo
> > > MSPSS
> > >
> > >
> > > "Peter Foldes" wrote:
> > >
> > > > Crossposted to microsoft.public.security.virus
> > > >
> > > >
> > > > > Can someone tell me how to get rid of of drvcleaner.exe spyware. I
would
> > > > > really appreciate it. Thanks
> > > >

Posted by =?Utf-8?B?YW5kcmVzZzE5NzU=?= on May 11, 2007, 4:51 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
i installed avg anti spyware ran a scan but not success. i still have
drvcleaner.exe in my system. Mcfee detected it but not able to delete it.

"Milo (MSPSS)" wrote:

> Also the drive cleaner is a new player
> after the said scan is done please call 866 727 2338 Microsoft PCsafety
> US/CANADA
> http://support.microsoft.com/default.aspx/gp/securityhome
> --
> Milo
> MSPSS
>
>
> "andresg1975" wrote:
>
> > This is the result. Thanks for your help
> > I did not download it. I went to add/remove program but is not there
> >
> > Logfile of HijackThis v1.99.1
> > Scan saved at 12:31:29 PM, on 5/11/2007
> > Platform: Windows XP SP2 (WinNT 5.01.2600)
> > MSIE: Internet Explorer v7.00 (7.00.6000.16441)
> >
> > Running processes:
> > C:\WINDOWS\System32\smss.exe
> > C:\WINDOWS\system32\winlogon.exe
> > C:\WINDOWS\system32\services.exe
> > C:\WINDOWS\system32\lsass.exe
> > C:\WINDOWS\system32\svchost.exe
> > C:\Program Files\Windows Defender\MsMpEng.exe
> > C:\WINDOWS\System32\svchost.exe
> > C:\WINDOWS\system32\spoolsv.exe
> > C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> > c:\program files\mcafee.com\agent\mcdetect.exe
> > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> > c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> > C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> > C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
> > C:\WINDOWS\wanmpsvc.exe
> > C:\WINDOWS\Explorer.EXE
> > C:\WINDOWS\system32\hkcmd.exe
> > C:\WINDOWS\system32\igfxpers.exe
> > C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
> > C:\Program Files\Real\RealPlayer\RealPlay.exe
> > C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
> > C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
> > C:\Program Files\McAfee.com\VSO\oasclnt.exe
> > C:\PROGRA~1\mcafee.com\agent\mcagent.exe
> > C:\WINDOWS\System32\DLA\DLACTRLW.EXE
> > C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
> > C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
> > C:\Program Files\McAfee.com\VSO\mcvsshld.exe
> > C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
> > C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
> > C:\Program Files\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe
> > C:\Program Files\Common Files\AOL77114863\ee\AOLSoftware.exe
> > C:\Program Files\Windows Defender\MSASCui.exe
> > c:\progra~1\mcafee.com\vso\mcvsescn.exe
> > C:\WINDOWS\system32\ctfmon.exe
> > C:\Program
> > Files\Google\GoogleToolbarNotifier.2.1128.5462\GoogleToolbarNotifier.exe
> > C:\Program Files\DellSupport\DSAgnt.exe
> > C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
> > C:\WINDOWS\system32\svchost.exe
> > C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
> > C:\Program Files\America Online 9.0\aoltray.exe
> > C:\Program Files\Digital Line Detect\DLG.exe
> > C:\Program Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
> > C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
> > C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> > C:\Program Files\WinZip\WZQKPICK.EXE
> > C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
> > C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
> > C:\WINDOWS\system32\ntvdm.exe
> > C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe
> > c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
> > c:\program files\mcafee.com\shared\mghtml.exe
> > C:\Program Files\Internet Explorer\iexplore.exe
> > C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
> > C:\WINDOWS\msagent\AgentSvr.exe
> > C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe
> > C:\Program Files\Internet Explorer\iexplore.exe
> > C:\Documents and Settings\Richard Dean\Local Settings\Temporary Internet
> > Files\Content.IE5\LY9194F9\HijackThis[1].exe
> >
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> > http://go.microsoft.com/fwlink/?LinkId=54896
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> > http://go.microsoft.com/fwlink/?LinkId=54896
> > O2 - BHO: AcroIEHlprObj Class - -
> > C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
> > O2 - BHO: McAfee AntiPhishing Filter -
> > - c:\program
> > files\mcafee\spamkiller\mcapfbho.dll
> > O2 - BHO: DriveLetterAccess - -
> > C:\WINDOWS\System32\DLA\DLASHX_W.DLL
> > O2 - BHO: Google Toolbar Helper - -
> > c:\program files\google\googletoolbar2.dll
> > O2 - BHO: QUICKfind BHO Object - -
> > C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
> > O2 - BHO: Browser Address Error Redirector -
> > - c:\Program Files\BAE\BAE.dll
> > O3 - Toolbar: McAfee VirusScan - -
> > c:\progra~1\mcafee.com\vso\mcvsshl.dll
> > O3 - Toolbar: &Google - - c:\program
> > files\google\googletoolbar2.dll
> > O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
> > O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
> > O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
> > O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> > Files\Java\j2re1.4.2_03\bin\jusched.exe
> > O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe
> > SYSTEMBOOTHIDEPLAYER
> > O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
> > -atboottime
> > O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common
> > Files\InstallShield\UpdateService\isuspm.exe" -startup
> > O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
> > Files\InstallShield\UpdateService\issch.exe" -start
> > O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
> > O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
> > O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
> > /checktask
> > O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
> > O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
> > O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
> > O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe
> > /startup
> > O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
> > O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google
> > Desktop Search\GoogleDesktop.exe" /startup
> > O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
> > O4 - HKLM\..\Run: [VirusScan Online] C:\Program
> > Files\McAfee.com\VSO\mcvsshld.exe
> > O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
> > O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel
> > Photo Album 6\MediaDetect.exe
> > O4 - HKLM\..\Run: [HPWITOOLBOX] C:\Program Files\Hewlett-Packard\hp deskjet
> > 9600 series\Toolbox\HPWITBX.exe "-i"
> > O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common
> > Files\AOL\ACS\AOLDial.exe
> > O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common
> > Files\AOL77114863\ee\AOLSoftware.exe
> > O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
> > Defender\MSASCui.exe" -hide
> > O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
> > O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> > O4 - HKCU\..\Run: [swg] C:\Program
> > Files\Google\GoogleToolbarNotifier.2.1128.5462\GoogleToolbarNotifier.exe
> > O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe"
> > /startup
> > O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program
> > Files\America Online 9.0\aoltray.exe
> > O4 - Global Startup: Digital Line Detect.lnk = ?
> > O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
> > Office\Office10\OSA.EXE
> > O4 - Global Startup: QuickBooks Database Server Manager.lnk = C:\Program
> > Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
> > O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common
> > Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> > O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program
> > Files\WinZip\WZQKPICK.EXE
> > O8 - Extra context menu item: E&xport to Microsoft Excel -
> > res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
> > O9 - Extra button: (no name) - -
> > C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
> > O9 - Extra 'Tools' menuitem: Sun Java Console -
> > - C:\Program
> > Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
> > O9 - Extra button: (no name) - -
> > c:\program files\mcafee\spamkiller\mcapfbho.dll
> > O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
> > - c:\program
> > files\mcafee\spamkiller\mcapfbho.dll
> > O9 - Extra button: Real.com - -
> > C:\WINDOWS\system32\Shdocvw.dll
> > O9 - Extra button: (no name) - -
> > %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
> > O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
> > - %windir%\Network
> > Diagnostic\xpnetdiag.exe (file missing)
> > O9 - Extra button: Messenger - -
> > C:\Program Files\Messenger\msmsgs.exe
> > O9 - Extra 'Tools' menuitem: Windows Messenger -
> > - C:\Program
Files\Messenger\msmsgs.exe
> > O11 - Options group: [INTERNATIONAL] International*
> > O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
> > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
> > O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
> > O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC -
> > C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> > O23 - Service: DSBrokerService - Unknown owner - C:\Program
> > Files\DellSupport\brkrsvc.exe
> > O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
> > Files\Google\Common\Google Updater\GoogleUpdaterService.exe
> > O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
> > c:\program files\mcafee.com\agent\mcdetect.exe
> > O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
> > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> > O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
> > c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> > O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
> > Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
> > O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
> > Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> > O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
> > C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
> > O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
> > C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
> > O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) -
> > - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
> > O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. -
> > C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
> > O23 - Service: QuickBooksDB - Intuit, Inc. -
> > C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe
> > O23 - Service: QuickBooksDB17 - iAnywhere Solutions, Inc. -
> > C:\PROGRA~1\Intuit\QUICKB~4\QBDBMgrN.exe
> > O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America
> > Online, Inc. - C:\WINDOWS\wanmpsvc.exe
> >
> >
> >
> > "Milo (MSPSS)" wrote:
> >
> > > Also can you confirm with us if you did downloaded drive cleaner in your
> > > machine or it just came out of nowhere?, a screenshot would be great if
you
> > > can send me one for that matter.
> > >
> > > also if its already installed go to add/remove program via
> > > start>run> type appwiz.cpl
> > >
> > > the list of all your programs would be listed tick the drive cleaner and
> > > choose to remove it if its listed there.
> > >
> > > --
> > > Milo
> > > MSPSS
> > >
> > >
> > > "Milo (MSPSS)" wrote:
> > >
> > > > Please download
> > > > 1. www.microsoft.com/defender
> > > > 2. http://tinyurl.com/67reb ( Ewido )
> > > > install such and proceed with scan for it
> > > >
> > > > advise us for following instances afterwards
> > > > --
> > > > Milo
> > > > MSPSS
> > > >
> > > >
> > > > "Peter Foldes" wrote:
> > > >
> > > > > Crossposted to microsoft.public.security.virus
> > > > >
> > > > >
> > > > > > Can someone tell me how to get rid of of drvcleaner.exe spyware. I
would
> > > > > > really appreciate it. Thanks
> > > > >

Posted by David H. Lipman on May 11, 2007, 5:47 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| i installed avg anti spyware ran a scan but not success. i still have
| drvcleaner.exe in my system. Mcfee detected it but not able to delete it.


http://www.bleepingcomputer.com/forums/topic71782.html



Two phase answer...

Perform Part 1 then perform Part 2

It is suggested that you execute each tool in Normal Mode then in Safe Mode.


If you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are numerous vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java
JRE/JSE
Version 6.0 update 1 (jre 6u1)

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0_01

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1




Part 1
------------
Download Adware-Virtumundo Removal Tool --
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Information on the Adware-Virtumundo Removal Tool:
http://forums.mcafeehelp.com/viewtopic.php?t=57049

Part 2
------------
Download Atribune's VUNDOFIX.EXE
http://www.atribune.org/ccount/click.php?id=4

Save VUNDOFIX.EXE to "C:\" ( C:\VUNDOFIX.EXE ) and execute it from there.



* * * Please report back your results * * *



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by =?Utf-8?B?TWlsbyAoTVNQU1Mp?= on May 12, 2007, 5:54 am
If you were  Registered and logged in, you could reply and use other advanced thread options
you hijackthis dont show such as listed
its more than likely located else where in the temp folders

Go to start>run
1. %temp%
2. temp
3. prefetch

Delete as much as you can
--
Milo
MSPSS


"andresg1975" wrote:

> i installed avg anti spyware ran a scan but not success. i still have
> drvcleaner.exe in my system. Mcfee detected it but not able to delete it.
>
> "Milo (MSPSS)" wrote:
>
> > Also the drive cleaner is a new player
> > after the said scan is done please call 866 727 2338 Microsoft PCsafety
> > US/CANADA
> > http://support.microsoft.com/default.aspx/gp/securityhome
> > --
> > Milo
> > MSPSS
> >
> >
> > "andresg1975" wrote:
> >
> > > This is the result. Thanks for your help
> > > I did not download it. I went to add/remove program but is not there
> > >
> > > Logfile of HijackThis v1.99.1
> > > Scan saved at 12:31:29 PM, on 5/11/2007
> > > Platform: Windows XP SP2 (WinNT 5.01.2600)
> > > MSIE: Internet Explorer v7.00 (7.00.6000.16441)
> > >
> > > Running processes:
> > > C:\WINDOWS\System32\smss.exe
> > > C:\WINDOWS\system32\winlogon.exe
> > > C:\WINDOWS\system32\services.exe
> > > C:\WINDOWS\system32\lsass.exe
> > > C:\WINDOWS\system32\svchost.exe
> > > C:\Program Files\Windows Defender\MsMpEng.exe
> > > C:\WINDOWS\System32\svchost.exe
> > > C:\WINDOWS\system32\spoolsv.exe
> > > C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> > > c:\program files\mcafee.com\agent\mcdetect.exe
> > > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> > > c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> > > C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> > > C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
> > > C:\WINDOWS\wanmpsvc.exe
> > > C:\WINDOWS\Explorer.EXE
> > > C:\WINDOWS\system32\hkcmd.exe
> > > C:\WINDOWS\system32\igfxpers.exe
> > > C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
> > > C:\Program Files\Real\RealPlayer\RealPlay.exe
> > > C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
> > > C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
> > > C:\Program Files\McAfee.com\VSO\oasclnt.exe
> > > C:\PROGRA~1\mcafee.com\agent\mcagent.exe
> > > C:\WINDOWS\System32\DLA\DLACTRLW.EXE
> > > C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
> > > C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
> > > C:\Program Files\McAfee.com\VSO\mcvsshld.exe
> > > C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
> > > C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
> > > C:\Program Files\Hewlett-Packard\hp deskjet 9600 series\Toolbox\HPWITBX.exe
> > > C:\Program Files\Common Files\AOL77114863\ee\AOLSoftware.exe
> > > C:\Program Files\Windows Defender\MSASCui.exe
> > > c:\progra~1\mcafee.com\vso\mcvsescn.exe
> > > C:\WINDOWS\system32\ctfmon.exe
> > > C:\Program
> > > Files\Google\GoogleToolbarNotifier.2.1128.5462\GoogleToolbarNotifier.exe
> > > C:\Program Files\DellSupport\DSAgnt.exe
> > > C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
> > > C:\WINDOWS\system32\svchost.exe
> > > C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
> > > C:\Program Files\America Online 9.0\aoltray.exe
> > > C:\Program Files\Digital Line Detect\DLG.exe
> > > C:\Program Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
> > > C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
> > > C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> > > C:\Program Files\WinZip\WZQKPICK.EXE
> > > C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
> > > C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
> > > C:\WINDOWS\system32\ntvdm.exe
> > > C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe
> > > c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
> > > c:\program files\mcafee.com\shared\mghtml.exe
> > > C:\Program Files\Internet Explorer\iexplore.exe
> > > C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
> > > C:\WINDOWS\msagent\AgentSvr.exe
> > > C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe
> > > C:\Program Files\Internet Explorer\iexplore.exe
> > > C:\Documents and Settings\Richard Dean\Local Settings\Temporary Internet
> > > Files\Content.IE5\LY9194F9\HijackThis[1].exe
> > >
> > > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> > > http://go.microsoft.com/fwlink/?LinkId=54896
> > > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> > > http://go.microsoft.com/fwlink/?LinkId=54896
> > > O2 - BHO: AcroIEHlprObj Class - -
> > > C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
> > > O2 - BHO: McAfee AntiPhishing Filter -
> > > - c:\program
> > > files\mcafee\spamkiller\mcapfbho.dll
> > > O2 - BHO: DriveLetterAccess - -
> > > C:\WINDOWS\System32\DLA\DLASHX_W.DLL
> > > O2 - BHO: Google Toolbar Helper - -
> > > c:\program files\google\googletoolbar2.dll
> > > O2 - BHO: QUICKfind BHO Object - -
> > > C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
> > > O2 - BHO: Browser Address Error Redirector -
> > > - c:\Program Files\BAE\BAE.dll
> > > O3 - Toolbar: McAfee VirusScan - -
> > > c:\progra~1\mcafee.com\vso\mcvsshl.dll
> > > O3 - Toolbar: &Google - -
c:\program
> > > files\google\googletoolbar2.dll
> > > O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
> > > O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
> > > O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
> > > O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> > > Files\Java\j2re1.4.2_03\bin\jusched.exe
> > > O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe
> > > SYSTEMBOOTHIDEPLAYER
> > > O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
> > > -atboottime
> > > O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common
> > > Files\InstallShield\UpdateService\isuspm.exe" -startup
> > > O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
> > > Files\InstallShield\UpdateService\issch.exe" -start
> > > O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
> > > O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
> > > O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
> > > /checktask
> > > O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
> > > O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
> > > O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
> > > O4 - HKLM\..\Run: [MSKDetectorExe]
C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe
> > > /startup
> > > O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
> > > O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google
> > > Desktop Search\GoogleDesktop.exe" /startup
> > > O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
> > > O4 - HKLM\..\Run: [VirusScan Online] C:\Program
> > > Files\McAfee.com\VSO\mcvsshld.exe
> > > O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
> > > O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel
> > > Photo Album 6\MediaDetect.exe
> > > O4 - HKLM\..\Run: [HPWITOOLBOX] C:\Program Files\Hewlett-Packard\hp
deskjet
> > > 9600 series\Toolbox\HPWITBX.exe "-i"
> > > O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common
> > > Files\AOL\ACS\AOLDial.exe
> > > O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common
> > > Files\AOL77114863\ee\AOLSoftware.exe
> > > O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
> > > Defender\MSASCui.exe" -hide
> > > O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
> > > O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> > > O4 - HKCU\..\Run: [swg] C:\Program
> > > Files\Google\GoogleToolbarNotifier.2.1128.5462\GoogleToolbarNotifier.exe
> > > O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe"
> > > /startup
> > > O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program
> > > Files\America Online 9.0\aoltray.exe
> > > O4 - Global Startup: Digital Line Detect.lnk = ?
> > > O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
> > > Office\Office10\OSA.EXE
> > > O4 - Global Startup: QuickBooks Database Server Manager.lnk = C:\Program
> > > Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
> > > O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common
> > > Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
> > > O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program
> > > Files\WinZip\WZQKPICK.EXE
> > > O8 - Extra context menu item: E&xport to Microsoft Excel -
> > > res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
> > > O9 - Extra button: (no name) - -
> > > C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
> > > O9 - Extra 'Tools' menuitem: Sun Java Console -
> > > - C:\Program
> > > Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
> > > O9 - Extra button: (no name) - -
> > > c:\program files\mcafee\spamkiller\mcapfbho.dll
> > > O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
> > > - c:\program
> > > files\mcafee\spamkiller\mcapfbho.dll
> > > O9 - Extra button: Real.com - -
> > > C:\WINDOWS\system32\Shdocvw.dll
> > > O9 - Extra button: (no name) - -
> > > %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
> > > O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
> > > - %windir%\Network
> > > Diagnostic\xpnetdiag.exe (file missing)
> > > O9 - Extra button: Messenger - -
> > > C:\Program Files\Messenger\msmsgs.exe
> > > O9 - Extra 'Tools' menuitem: Windows Messenger -
> > > - C:\Program
Files\Messenger\msmsgs.exe
> > > O11 - Options group: [INTERNATIONAL] International*
> > > O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
> > > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
> > > O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
> > > O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC -
> > > C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> > > O23 - Service: DSBrokerService - Unknown owner - C:\Program
> > > Files\DellSupport\brkrsvc.exe
> > > O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
> > > Files\Google\Common\Google Updater\GoogleUpdaterService.exe
> > > O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
> > > c:\program files\mcafee.com\agent\mcdetect.exe
> > > O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
> > > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> > > O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
> > > c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> > > O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) -
McAfee,
> > > Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
> > > O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
> > > Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> > > O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
> > > C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
> > > O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
> > > C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
> > > O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) -

> > > - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
> > > O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. -
> > > C:\Program Files\Common
Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
> > > O23 - Service: QuickBooksDB - Intuit, Inc. -
> > > C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe
> > > O23 - Service: QuickBooksDB17 - iAnywhere Solutions, Inc. -
> > > C:\PROGRA~1\Intuit\QUICKB~4\QBDBMgrN.exe
> > > O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America
> > > Online, Inc. - C:\WINDOWS\wanmpsvc.exe
> > >
> > >
> > >
> > > "Milo (MSPSS)" wrote:
> > >
> > > > Also can you confirm with us if you did downloaded drive cleaner in your
> > > > machine or it just came out of nowhere?, a screenshot would be great if
you
> > > > can send me one for that matter.
> > > >
> > > > also if its already installed go to add/remove program via
> > > > start>run> type appwiz.cpl
> > > >
> > > > the list of all your programs would be listed tick the drive cleaner and
> > > > choose to remove it if its listed there.
> > > >
> > > > --
> > > > Milo
> > > > MSPSS
> > > >
> > > >
> > > > "Milo (MSPSS)" wrote:
> > > >
> > > > > Please download
> > > > > 1. www.microsoft.com/defender
> > > > > 2. http://tinyurl.com/67reb ( Ewido )
> > > > > install such and proceed with scan for it
> > > > >
> > > > > advise us for following instances afterwards
> > > > > --
> > > > > Milo
> > > > > MSPSS
> > > > >
> > > > >
> > > > > "Peter Foldes" wrote:
> > > > >
> > > > > > Crossposted to microsoft.public.security.virus
> > > > > >
> > > > > >
> > > > > > > Can someone tell me how to get rid of of drvcleaner.exe spyware. I
would
> > > > > > > really appreciate it. Thanks
> > > > > >


The site map in XML format XML site map

Contact Us | Privacy Policy