Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » Missing PCRE.DLL Hijack included

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

Missing PCRE.DLL Hijack included

Reply
Page 2 of 2 1 2
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #11 (permalink)  
Old 30-03-2006, 02:14 AM
Newbie
D-A-L Newbie
  
Join Date: Mar 2006
Posts: 11
pifabusasadid Is a beginner here at D-A-L
Re: Missing PCRE.DLL Hijack included
a-squared Report
Scan started: 3/29/06 8:16:31 PM
Scan finished: 3/29/06 803 PM
Scan duration: 0h 4min 32sec
Scanned files: 44630
Infected files: 9

Object Diagnosis
c:\WINDOWS.000\Cookies\susan@edge.ru4[2].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@questionmarket[1].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@trafficmp[1].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@casalemedia[2].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@realmedia[1].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@tribalfusion[1].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@zedo[1].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@serving-sys[2].txt Trace.TrackingCookie
c:\WINDOWS.000\Cookies\susan@citi.bridgetrack[1].txt Trace.TrackingCookie
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 30-03-2006, 02:18 AM
Newbie
D-A-L Newbie
  
Join Date: Mar 2006
Posts: 11
pifabusasadid Is a beginner here at D-A-L
Re: Missing PCRE.DLL Hijack included
Switch language


a-squared HiJackFree Analysis
www.hijackfree.com

Version info: Result ToDo
Your used version of a-squared HiJackFree: 1.20
The current version of a-squared HiJackFree: 1.20

Your used operating system version: Windows 98 A
The current version of your operating system: Windows XP or 2003 Server
Please update your operating system and install the latest service pack!
Registry Autoruns: Result ToDo
Name: CountrySelection
Path: pctptt.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: PTSNOOP
Path: ptsnoop.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: SpySweeper
Path: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE /startintray
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: a-squared
Path: C:\Program Files\a-squared\a2guard.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Tricky and Other Autoruns: Result ToDo
Name: load
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: run
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: shell
Path: Explorer.exe
Location: win.ini
Not checked Unknown Item
Search at Google
Name: scrnsave.exe
Path: C:\WINDOWS.000\SYSTEM\BLANKS~1.SCR
Location: win.ini
Not checked Unknown Item
Search at Google
Name: Set tvdumpflags
Path: 8
Location: autoexec.bat
Not checked Unknown Item
Search at Google
Name: SET PATH
Path: C:\WINDOWS.000\SYSTEM\WBEM;%PATH%
Location: autoexec.bat
Not checked Unknown Item
Search at Google
Name: a-squared
Path: C:\Program Files\a-squared\a2guard.exe
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\Cur rentVersion\Run\
Not checked Unknown Item
Search at Google
Name: SetupcPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n SetupcPerUser 64 C:\WINDOWS.000\INF\setupc.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: AppletsPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n AppletsPerUser 64 C:\WINDOWS.000\INF\applets.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: FontsPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n FontsPerUser 64 C:\WINDOWS.000\INF\fonts.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {5A8D6EE0-3E18-11D0-821E-444553540000}
Path: rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS.000\INF\icw.inf,PerUserStub,,36
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_ICW_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_ICW_Inis 0 C:\WINDOWS.000\INF\icw97.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4383}
Path: rundll32.exe advpack.dll,UserInstStubWrapper {89820200-ECBD-11cf-8B85-00AA005B4383}
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4395}
Path: rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS.000\SYSTEM\ie4uinit.inf,Shell.UserStub, ,36
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_MSN_Clean
Path: C:\WINDOWS.000\msnmgsr1.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {CA0A4247-44BE-11d1-A005-00805F8ABE06}
Path: RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Msinfo
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Msinfo 64 C:\WINDOWS.000\INF\msinfo.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Msinfo2
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Msinfo2 64 C:\WINDOWS.000\INF\msinfo.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MotownMmsysPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MotownMmsysPerUser 64 C:\WINDOWS.000\INF\motown.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MotownAvivideoPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MotownAvivideoPerUser 64 C:\WINDOWS.000\INF\motown.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {22d6f312-b0f6-11d0-94ab-0080c74c7e95}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.000\INF\mplayer2.inf,PerUserStub
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MotownMPlayPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MotownMPlayPerUser 64 C:\WINDOWS.000\INF\mplay98.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Base
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Base 64 C:\WINDOWS.000\INF\msmail.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: ShellPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n ShellPerUser 64 C:\WINDOWS.000\INF\shell.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: Shell2PerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n Shell2PerUser 64 C:\WINDOWS.000\INF\shell2.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_winbase_Links
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_winbase_Links 64 C:\WINDOWS.000\INF\subase.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_winapps_Links
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_winapps_Links 64 C:\WINDOWS.000\INF\subase.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_LinkBar_URLs
Path: C:\WINDOWS.000\COMMAND\sulfnbk.exe /L
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: TapiPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n TapiPerUser 64 C:\WINDOWS.000\INF\tapi.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {73fa19d0-2d75-11d2-995d-00c04f98bbc9}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.000\INF\webfdr16.inf,PerUserStub.Instal l,1
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUserOldLinks
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUserOldLinks 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MmoptRegisterPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MmoptRegisterPerUser 64 C:\WINDOWS.000\INF\mmopt.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: OlsPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n OlsPerUser 64 C:\WINDOWS.000\INF\ols.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: OlsMsnPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n OlsMsnPerUser 64 C:\WINDOWS.000\INF\ols.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Paint_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Paint_Inis 64 C:\WINDOWS.000\INF\applets.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Calc_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Calc_Inis_remove 64 C:\WINDOWS.000\INF\applets.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_dxxspace_Links
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_dxxspace_Links 64 C:\WINDOWS.000\INF\applets1.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_MSBackup_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_MSBackup_Inis 64 C:\WINDOWS.000\INF\applets1.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_CVT_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_CVT_Inis 64 C:\WINDOWS.000\INF\applets1.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MotownRecPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MotownRecPerUser 64 C:\WINDOWS.000\INF\motown.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Vol
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Vol 64 C:\WINDOWS.000\INF\motown.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_MSWordPad_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_MSWordPad_Inis 64 C:\WINDOWS.000\INF\wordpad.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_RNA_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_RNA_Inis 64 C:\WINDOWS.000\INF\rna.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Wingames_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Wingames_Inis 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Dialer_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Dialer_Inis 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_CDPlayer_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_CDPlayer_Inis 64 C:\WINDOWS.000\INF\mmopt.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015C}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.000\INF\msnetmtg.inf,NetMtg.Remove.PerU ser.W95
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02}
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: OlsAolPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n OlsAolPerUserRemove 64 C:\WINDOWS.000\INF\ols.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: OlsAttPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n OlsAttPerUserRemove 64 C:\WINDOWS.000\INF\ols.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: OlsCompuservePerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n OlsCompuservePerUserRemove 64 C:\WINDOWS.000\INF\ols.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: OlsProdigyPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n OlsProdigyPerUserRemove 64 C:\WINDOWS.000\INF\ols.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: Theme_Windows_PerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n Themes_Windows_PerUser 0 C:\WINDOWS.000\INF\themes.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: Theme_MoreWindows_PerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n Themes_MoreWindows_PerUser 0 C:\WINDOWS.000\INF\themes.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_DCC_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_DCC_Inis 64 C:\WINDOWS.000\INF\rna.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.000\INF\wmp.inf,PerUserRemove
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {5945c046-1e7d-11d1-bc44-00c04fd912be}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.000\INF\msmsgs.inf,BLC.Remove.PerUser
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}
Path: C:\WINDOWS.000\SYSTEM\updcrl.exe -e -u C:\WINDOWS.000\SYSTEM\verisignpub1.crl
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
Path: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Winpopup_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Winpopup_Inis_remove 64 C:\WINDOWS.000\INF\winpopup.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Sysmon_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Sysmon_Inis 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Sysmeter_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Sysmeter_Inis 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_netwatch_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_netwatch_Inis 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_CharMap_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_CharMap_Inis 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_ClipBrd_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_ClipBrd_Inis 64 C:\WINDOWS.000\INF\clip.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MmoptMusicaPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MmoptMusicaPerUser 64 C:\WINDOWS.000\INF\mmopt.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MmoptJunglePerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MmoptJunglePerUser 64 C:\WINDOWS.000\INF\mmopt.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MmoptRobotzPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MmoptRobotzPerUser 64 C:\WINDOWS.000\INF\mmopt.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: MmoptUtopiaPerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n MmoptUtopiaPerUser 64 C:\WINDOWS.000\INF\mmopt.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: Shell3PerUser
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n Shell3PerUser 64 C:\WINDOWS.000\INF\shell3.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: PerUser_Onlinelnks_Inis
Path: rundll.exe C:\WINDOWS.000\SYSTEM\setupx.dll,InstallHinfSectio n PerUser_Onlinelnks_Inis_remove 64 C:\WINDOWS.000\INF\appletpp.inf
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA851-CC51-11CF-AAFA-00AA00B6015C}
Path: rundll32.exeadvpack.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: VBScript Script File
Path: C:\WINDOWS.000\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: VBScript Script File
Path: C:\WINDOWS.000\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: JScript Script File
Path: C:\WINDOWS.000\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: JScript Script File
Path: C:\WINDOWS.000\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Windows Script Host Settings File
Path: C:\WINDOWS.000\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Windows Script File
Path: C:\WINDOWS.000\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Application
Path: %1 %*
Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: MS-DOS Application
Path: %1 %*
Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: MS-DOS Batch File
Path: %1 %*
Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Screen Saver
Path: %1 /S
Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Shortcut to MS-DOS Program
Path: %1 %*
Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: WebCheck
Path: C:\WINDOWS.000\SYSTEM\WEBCHECK.DLL
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She llServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Layered Service Providers (LSP): Result ToDo
Name: msafd.dll
Path: C:\WINDOWS.000\SYSTEM\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Name: mswsosp.dll
Path: C:\WINDOWS.000\SYSTEM\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Name: rsvpsp.dll
Path: C:\WINDOWS.000\SYSTEM\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Explorer And Browser Addons: Result ToDo
Name:
Path: C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\
ClsID: {53707962-6F74-2D53-2644-206D7942484F}
Good: 1 - Bad: 0
View Details
Name: URL Exec Hook
Path: shell32.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks\
ClsID: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: Radio
Path: C:\WINDOWS.000\SYSTEM\MSDXM.OCX
Location: HKLM\Software\Microsoft\Internet Explorer\Toolbar\
ClsID: {8E718888-423F-11D2-876E-00A0C9082467}
Good: 1 - Bad: 0
View Details
Running Processes: Result ToDo
Name: KERNEL32.DLL
Process ID: FF0F8DA1
Path: C:\WINDOWS.000\SYSTEM\
Info: Threads: 6 - Priority: High - Visible: No
Good: 1 - Bad: 0
View Details
Name: MSGSRV32.EXE
Process ID: FFFFFA5D
Path: C:\WINDOWS.000\SYSTEM\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MPREXE.EXE
Process ID: FFFFCCDD
Path: C:\WINDOWS.000\SYSTEM\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: mmtask.tsk
Process ID: FFFE2021
Path: C:\WINDOWS.000\SYSTEM\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: SPYSWEEPER.EXE
Process ID: FFF135C1
Path: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: WRSSSDK.EXE
Process ID: FFF1C3CD
Path: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\
Info: Threads: 13 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: EXPLORER.EXE
Process ID: FFF1DC5D
Path: C:\WINDOWS.000\
Info: Threads: 16 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: DDHELP.EXE
Process ID: FFF23131
Path: C:\WINDOWS.000\SYSTEM\
Info: Threads: 6 - Priority: Realtime - Visible: No
Good: 1 - Bad: 0
View Details
Name: WINMGMT.EXE
Process ID: FFF2F2BD
Path: C:\WINDOWS.000\SYSTEM\WBEM\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: AIM.EXE (AvEvryDsnePSYCHO - Doin some much needed us history---)
Process ID: FFF54EB9
Path: C:\PROGRAM FILES\AIM\
Info: Threads: 6 - Priority: Normal - Visible: Yes
Good: 1 - Bad: 0
View Details
Name: PSTORES.EXE
Process ID: FFF4A7A9
Path: C:\WINDOWS.000\SYSTEM\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: A2START.EXE
Process ID: FFF437B9
Path: C:\PROGRAM FILES\A-SQUARED\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: IEXPLORE.EXE (DAL Computer Help - Missing PCRE.DLL Hijack included - Microsoft Internet Explorer)
Process ID: FF099721
Path: C:\PROGRAM FILES\INTERNET EXPLORER\
Info: Threads: 13 - Priority: Normal - Visible: Yes
Good: 1 - Bad: 0
View Details
Name: A2SYS.EXE (a-squared HiJackFree)
Process ID: FFF7A0B9
Path: C:\PROGRAM FILES\A-SQUARED\
Info: Threads: 1 - Priority: Normal - Visible: Yes
Good: 1 - Bad: 0
View Details
This analysis is saved and available for at least 7 days at this website address.

Analysis generated on 3/30/2006 3:15:35 AM
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #13 (permalink)  
Old 30-03-2006, 02:42 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: Missing PCRE.DLL Hijack included
Post a new hijackthis log please.


How is your computer running now?
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #14 (permalink)  
Old 30-03-2006, 03:03 AM
Newbie
D-A-L Newbie
  
Join Date: Mar 2006
Posts: 11
pifabusasadid Is a beginner here at D-A-L
Re: Missing PCRE.DLL Hijack included
Hey Neal...It seems to be fine..i d/l yahoo messenger from a freecreed site..all seems ok...so far......but, who knows TYTYTY again for all of your help on this. I truly do appreciate it. I like to "think" I know more than I actually do and it usually gets me into trouble with this thing...LOL TY again.
Susan




Logfile of HijackThis v1.99.1
Scan saved at 9:09:25 PM, on 3/29/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\WINDOWS.000\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\WRSSSDK.EXE
C:\WINDOWS.000\EXPLORER.EXE
C:\WINDOWS.000\SYSTEM\DDHELP.EXE
C:\WINDOWS.000\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/game...ts/y/et1_x.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...bscan_ansi.cab
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #15 (permalink)  
Old 30-03-2006, 03:05 AM
Newbie
D-A-L Newbie
  
Join Date: Mar 2006
Posts: 11
pifabusasadid Is a beginner here at D-A-L
Re: Missing PCRE.DLL Hijack included
Just curious .. was i hacked into through my yahoo messenger? And if so, was it related to m0j0 or net_runner or landor????? LOL just curious is all....
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #16 (permalink)  
Old 30-03-2006, 05:35 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: Missing PCRE.DLL Hijack included
Hi, glad all is ok. Thanks for stopping by.

Probably all of the above.



If you are no longer having any more trouble here is some preventative measures for you.

Here are some preventive measures you can take to keep your computer from getting infected again. also keep all these and Ad-awareSE and SpybotS&D updated.

http://forums.thatcomputerguy.us/ind...showtopic=1190

Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.

Explained here:
Windows XP: service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam

Microsoft ME:

http://service1.symantec.com/SUPPORT...rc=sec_doc_nam


RegProtect

This small registry protection tool will save you hours of heartache by notifying you when some program good or bad is trying to access your registry.

You have the option of allowing(good) items or blocking(bad)items.

http://www.diamondcs.com.au/index.php?page=regprot


To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:

1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
http://v5.windowsupdate.microsoft.co....aspx?ln=en-us

http://www.microsoft.com/windows/ie/default.asp


2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including AVG and Avast!.
AVG: http://free.grisoft.com/doc/1

Avast: http://www.avast.com/eng/avast_4_home.html


3. In addtion to using Ad-aware consider using another free malware scanning/removal program:
MS Antispyware beta: http://www.microsoft.com/athome/secu...e/default.mspx


4. Consider using a free firewall if you are not already using one. Some good free ones are:
Kerio
http://www.sunbelt-software.com/Kerio.cfm

OutPost Personal Firewall:
Outpost



5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
Mozilla Firefox: www.mozilla.org/products/firefox/


6. Consider increasing your browser security by using these programs:
SpywareGuard will protect your homepage from being hijacked: http://www.javacoolsoftware.com/spywareguard.html
SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:

http://www.javacoolsoftware.com/spywareblaster.html


If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/


IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm


*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 2 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Missing PCRE.DLL pifabusasadid Windows 98/98SE Help 2 26-03-2006 10:39 PM
help me please (hijack included) LiLaZnGUy Spyware, Adware, Viruses and HijackThis Logs 1 14-11-2005 10:28 PM
clean up (hijack log included) LiLaZnGUy Spyware, Adware, Viruses and HijackThis Logs 3 30-09-2005 04:24 PM
Browser hijack-HJT log included. richardschuster Windows 2000 Help 1 13-05-2005 02:11 PM
PCRE.DLL File Missing Tina Windows 98/98SE Help 8 10-09-2004 12:18 PM


All times are GMT +1. The time now is 04:20 AM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav