Jump to content

oaktree

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

 Content Type 

Posts posted by oaktree

    searchnu and search.conduit homepages and toolbar

    in Resolved Malware Removal Logs

    Posted

    Thanks again for your reply!

    Here the delete operation output:

    # AdwCleaner v2.006 - Logfile created 11/03/2012 at 22:08:48

    # Updated 30/10/2012 by Xplode

    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

    # User : Yogesh - COMPUTER

    # Boot Mode : Normal

    # Running from : C:\Users\Yogesh\Desktop\adwcleaner.exe

    # Option [Delete]

    ***** [services] *****

    ***** [Files / Folders] *****

    File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

    File Deleted : C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\searchplugins\Conduit.xml

    File Deleted : C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\searchplugins\Search_Results.xml

    Folder Deleted : C:\Program Files (x86)\Conduit

    Folder Deleted : C:\ProgramData\boost_interprocess

    Folder Deleted : C:\ProgramData\Partner

    Folder Deleted : C:\Users\Yogesh\AppData\Local\Conduit

    Folder Deleted : C:\Users\Yogesh\AppData\LocalLow\Conduit

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software

    Key Deleted : HKCU\Software\DataMngr

    Key Deleted : HKCU\Software\DataMngr_Toolbar

    Key Deleted : HKCU\Software\ilivid

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3198785

    Key Deleted : HKLM\Software\Conduit

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Deleted : HKLM\SOFTWARE\DataMngr

    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Deleted : HKU\S-1-5-21-3102565771-2103099571-1929986515-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    ***** [internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406 --> hxxp://www.google.com

    -\\ Mozilla Firefox v16.0.2 (en-US)

    Profile name : default

    File : C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\prefs.js

    C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\user.js ... Deleted !

    Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke US Customized Web Search");

    Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&Sea[...]

    Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn[...]

    -\\ Google Chrome v [unable to get version]

    File : C:\Users\Yogesh\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.11] : homepage = "hxxp://www.searchnu.com/406",

    Deleted [l.15] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48" ]

    Deleted [l.51] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=6219551355444105&q={searchTerms}",

    Deleted [l.1473] : homepage = "hxxp://www.searchnu.com/406",

    Deleted [l.1725] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48" ]

    *************************

    AdwCleaner[R1].txt - [3824 octets] - [03/11/2012 21:27:04]

    AdwCleaner[s1].txt - [3750 octets] - [03/11/2012 22:08:48]

    ########## EOF - C:\AdwCleaner[s1].txt - [3810 octets] ##########

    searchnu and search.conduit homepages and toolbar

    in Resolved Malware Removal Logs

    Posted

    Hello Mrcharlie,

    Thanks for your reply!.

    Here is the contents of the log:

    # AdwCleaner v2.006 - Logfile created 11/03/2012 at 21:27:04

    # Updated 30/10/2012 by Xplode

    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

    # User : Yogesh - COMPUTER

    # Boot Mode : Normal

    # Running from : C:\Users\Yogesh\Desktop\adwcleaner.exe

    # Option [search]

    ***** [services] *****

    ***** [Files / Folders] *****

    File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

    File Found : C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\searchplugins\Conduit.xml

    File Found : C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\searchplugins\Search_Results.xml

    Folder Found : C:\Program Files (x86)\Conduit

    Folder Found : C:\ProgramData\boost_interprocess

    Folder Found : C:\ProgramData\Partner

    Folder Found : C:\Users\Yogesh\AppData\Local\Conduit

    Folder Found : C:\Users\Yogesh\AppData\LocalLow\Conduit

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\Software

    Key Found : HKCU\Software\AppDataLow\Software\SmartBar

    Key Found : HKCU\Software\DataMngr

    Key Found : HKCU\Software\DataMngr_Toolbar

    Key Found : HKCU\Software\ilivid

    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3198785

    Key Found : HKLM\Software\Conduit

    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Found : HKLM\SOFTWARE\DataMngr

    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Found : HKU\S-1-5-21-3102565771-2103099571-1929986515-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Key Found : HKU\S-1-5-21-3102565771-2103099571-1929986515-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    ***** [internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406

    -\\ Mozilla Firefox v16.0.2 (en-US)

    Profile name : default

    File : C:\Users\Yogesh\AppData\Roaming\Mozilla\Firefox\Profiles\e88rvwph.default\prefs.js

    Found : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke US Customized Web Search");

    Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&Sea[...]

    Found : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn[...]

    -\\ Google Chrome v [unable to get version]

    File : C:\Users\Yogesh\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Found [l.11] : homepage = "hxxp://www.searchnu.com/406",

    Found [l.15] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48" ]

    Found [l.51] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=6219551355444105&q={searchTerms}",

    Found [l.1473] : homepage = "hxxp://www.searchnu.com/406",

    Found [l.1725] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48" ]

    *************************

    AdwCleaner[R1].txt - [3701 octets] - [03/11/2012 21:27:04]

    ########## EOF - C:\AdwCleaner[R1].txt - [3761 octets] ##########

    System Security fake alert and a lot of other problems...

    in Resolved Malware Removal Logs

    Posted

    Dear Experts

    My PC recently got affected with the System Security fake spyware alert program, after doing a web search, I installed MalwareBytes' Antimalware program. it cleaned all the trojans. I also ran Spybot Search and Destroy. I thought I had got ridden of the problem. I also installed a program called Hotspot shield(anonymizer) However one day later, when I powered up my computer and logged in, it showed the dreaded blue screen indicating some recent change has caused a problem. I restarted, everything was ok. this happened twice so far and usually goes away after a restart. I removed the Hotspot shield program assuming this software was causing the blue screen. Anyways with that program gone, I tried to restore my computer to a earlier date, I cannot see a restore point and neither create restore point. Multiple restarts have not solved this problem. Now most of my searched on IE7.0 are being redirected to overclick.cn website. I just did another Malwarebytes' scan and found some trojans that were deleted. But I am still getting reffered to the overclick.cn

    So in summary my problems are:

    --Possible Malware infection

    --overclick.cn redirection

    --Blue screen occasionally, possibly because of some change

    --System restore not working, could be because of the the infection

    I have copied the TrendMicro HiJackThis log for all of you to look at. Please help me here to get out of this multiple problems....Thanks in aadvance!

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 10:11:45 PM, on 6/23/2009

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16850)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\Google\Update\GoogleUpdate.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

    C:\Program Files\Lexmark 3400 Series\lxcymon.exe

    C:\WINDOWS\V0330Mon.exe

    C:\WINDOWS\RTHDCPL.EXE

    C:\WINDOWS\system32\RUNDLL32.EXE

    C:\WINDOWS\BCMSMMSG.exe

    C:\JavaJRE\bin\jusched.exe

    C:\Program Files\McAfee.com\Agent\mcagent.exe

    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Documents and Settings\Matrix\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    C:\WINDOWS\system32\bgsvcgen.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\WINDOWS\system32\inetsrv\inetinfo.exe

    C:\WINDOWS\system32\lxcycoms.exe

    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

    C:\Program Files\Common Files\Motive\McciCMService.exe

    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    C:\Program Files\McAfee\MSK\MskSrver.exe

    C:\WINDOWS\system32\nvsvc32.exe

    C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Documents and Settings\Matrix\Application Data\mjusbsp\magicJack.exe

    C:\Program Files\iPod\bin\iPodService.exe

    C:\WINDOWS\System32\svchost.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    C:\Program Files\McAfee\MPF\MPFSrv.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\HijackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    O2 - BHO: (no name) - AutorunsDisabled - (no file)

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\JavaJRE\bin\ssv.dll

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\JavaJRE\bin\jp2ssv.dll

    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\JavaJRE\lib\deploy\jqs\ie\jqs_plugin.dll

    O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll

    O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)

    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

    O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"

    O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16

    O4 - HKLM\..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe

    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install

    O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\JavaJRE\bin\jusched.exe"

    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

    O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Matrix\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

    O4 - HKCU\..\Run: [MMAgent] "C:\Program Files\Mobile Master\MMAgent.exe"

    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Matrix\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

    O4 - Global Startup: AutorunsDisabled

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

    O8 - Extra context menu item: Subscribe in RSS Bandit - C:\Documents and Settings\Matrix\Application Data\RssBandit\iecontext_subscribebandit.htm

    O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll

    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O15 - Trusted Zone: *.antimalwareguard.com

    O15 - Trusted Zone: *.gomyhit.com

    O15 - Trusted Zone: *.antimalwareguard.com (HKLM)

    O15 - Trusted Zone: *.gomyhit.com (HKLM)

    O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.loksatta.com/daily/dynamic/w ... server.cab

    O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - https://setup.bellsouth.net/wizlet/PWRe ... _6-1-2.cab

    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab

    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab

    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.6.cab

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9857538140

    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

    O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) - http://www.ooxtv.com/livetv.ocx

    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -

    O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/ ... 0.0.11.cab?

    O17 - HKLM\System\CCS\Services\Tcpip\..\{2A25946B-1BBA-4584-B0EC-DB1802D4378C}: NameServer = 208.67.220.220,208.67.222.222

    O17 - HKLM\System\CCS\Services\Tcpip\..\{74C6452B-2DE4-488B-99D5-5AA0DAFDA6C1}: NameServer = 208.67.220.220,208.67.222.222

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222

    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222

    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Google Update Service (gupdate1c98d81f432108) (gupdate1c98d81f432108) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: jsr468ijdfghfjsw3rw3i6tjag80 - Unknown owner - C:\WINDOWS\jsr468ijdfghfjsw3rw3i6tjag81.exe

    O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe

    O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe

    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --

    End of file - 14070 bytes

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.