Jump to content

Clairefish

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Clairefish
    It said that avast was still running even after I turned it off, so I'm not sure if there's something I'm missing. Here's the log: ComboFix 10-02-11.04 - Claire 02/11/2010 22:03:51.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.257 [GMT -5:00] Running from: c:\documents and settings\Claire\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Claire\Desktop\CFScript.txt.txt AV: avast! antivirus 4.8.1368 [VPS 100211-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} file zipped: c:\windows\system32\hogufare.dll.tmp file zipped: c:\windows\system32\katowola.dll file zipped: c:\windows\system32\kedawubo.dll file zipped: c:\windows\system32\lemekipe.dll file zipped: c:\windows\system32\lofirelo.dll file zipped: c:\windows\system32\tebanohu.dll.tmp file zipped: c:\windows\system32\wigimogo.dll file zipped: c:\windows\system32\yufivibo.dll.tmp . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\havowezi.dll c:\windows\system32\hogufare.dll.tmp c:\windows\system32\katowola.dll c:\windows\system32\kedawubo.dll c:\windows\system32\lemekipe.dll c:\windows\system32\lofirelo.dll c:\windows\system32\tebanohu.dll.tmp c:\windows\system32\vorikope.dll c:\windows\system32\wigimogo.dll c:\windows\system32\yufivibo.dll.tmp c:\windows\system32\zurihaga.dll c:\windows\Tasks\nrbtrmgq.job . ((((((((((((((((((((((((( Files Created from 2010-01-12 to 2010-02-12 ))))))))))))))))))))))))))))))) . 2010-02-12 02:19 . 2010-02-12 02:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-10 00:56 . 2010-02-10 00:56 -------- d-----w- c:\program files\Trend Micro 2010-01-16 23:44 . 2010-01-17 18:21 -------- d-----w- c:\documents and settings\Dad\Local Settings\Application Data\Adobe 2010-01-13 12:56 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-12 03:14 . 2009-11-23 01:07 -------- d-----w- c:\program files\Steam 2010-02-12 02:20 . 2008-11-11 22:21 -------- d-----w- c:\program files\Alwil Software 2010-02-11 18:53 . 2008-11-11 22:22 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-02-11 18:53 . 2008-11-11 22:22 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-02-11 18:42 . 2008-11-11 22:22 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-02-11 18:42 . 2008-11-11 22:22 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-02-11 18:39 . 2008-11-11 22:22 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-02-11 18:38 . 2008-11-11 22:22 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-02-11 18:38 . 2008-11-11 22:22 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-02-11 18:38 . 2008-11-11 22:22 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-02-11 18:38 . 2008-11-11 22:22 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-02-09 18:31 . 2010-01-11 14:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-24 17:42 . 2009-02-22 04:10 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-14 00:59 . 2008-11-12 17:52 -------- d-----w- c:\program files\Paint Shop Pro 6 2010-01-11 14:17 . 2010-01-11 14:17 -------- d-----w- c:\documents and settings\Dad\Application Data\Malwarebytes 2010-01-11 14:16 . 2010-01-11 14:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-07 22:26 . 2010-01-07 22:26 -------- d-----w- c:\documents and settings\Dad\Application Data\Roxio 2010-01-07 21:07 . 2010-01-11 14:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 21:07 . 2010-01-11 14:16 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-05 10:00 . 2006-02-28 12:00 832512 ------w- c:\windows\system32\wininet.dll 2010-01-05 10:00 . 2006-02-28 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 10:00 . 2006-02-28 12:00 17408 ------w- c:\windows\system32\corpol.dll 2009-12-22 17:00 . 2009-10-30 16:06 -------- d-----w- c:\documents and settings\Claire\Application Data\vlc 2009-12-02 15:21 . 2008-11-11 22:27 36384 ----a-w- c:\documents and settings\Claire\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-02 04:59 . 2009-12-02 04:59 1 ----a-w- c:\documents and settings\Claire\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-02 01:53 . 2009-12-02 01:53 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-23 14:02 . 2009-11-23 14:02 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-11-17 01:03 . 2009-11-17 01:03 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe 1601-01-01 00:03 . 1601-01-01 00:03 53760 --sha-w- c:\windows\system32\kofidina.dll 1601-01-01 00:03 . 1601-01-01 00:03 39424 --sha-w- c:\windows\system32\mijamehu.dll 1601-01-01 00:03 . 1601-01-01 00:03 61952 --sha-w- c:\windows\system32\niyuhelu.dll 1601-01-01 00:03 . 1601-01-01 00:03 53760 --sha-w- c:\windows\system32\zofetehi.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\Steam.exe" [2009-11-23 1217808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-11 344064] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-01 1392640] "Apoint"="c:\program files\Apoint\Apoint.exe" [2005-10-07 176128] "RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" [2005-09-19 1687552] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2005-09-19 163840] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-02 149280] "mijosudus"="c:\windows\system32\havowezi.dll" [bU] "kotesefeba"="zurihaga.dll" [bU] c:\documents and settings\Claire\Start Menu\Programs\Startup\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"= "c:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"= "c:\\Program Files\\Apoint\\Apoint.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11/11/2008 5:22 PM 162512] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11/11/2008 5:22 PM 19024] R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [8/8/2008 8:31 PM 92550] . . ------- Supplementary Scan ------- . FF - ProfilePath - c:\documents and settings\Claire\Application Data\Mozilla\Firefox\Profiles\ygxxhyee.default\ FF - plugin: c:\documents and settings\Claire\Application Data\Mozilla\Firefox\Profiles\ygxxhyee.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll . - - - - ORPHANS REMOVED - - - - SharedTaskScheduler-{221f2978-9611-4149-9907-760eb73bf81e} - c:\windows\system32\havowezi.dll SSODL-hejiyovaz-{221f2978-9611-4149-9907-760eb73bf81e} - c:\windows\system32\havowezi.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-11 22:12 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(648) c:\windows\system32\Ati2evxx.dll c:\windows\System32\BCMLogon.dll - - - - - - - > 'explorer.exe'(2024) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\System32\WLTRYSVC.EXE c:\windows\System32\bcmwltry.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\windows\System32\SCardSvr.exe c:\windows\system32\basfipm.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe c:\program files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\Ati2evxx.exe c:\program files\Apoint\HidFind.exe c:\program files\Apoint\Apntex.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe c:\program files\OpenOffice.org 3\program\soffice.bin . ************************************************************************** . Completion time: 2010-02-11 22:24:47 - machine was rebooted ComboFix-quarantined-files.txt 2010-02-12 03:24 ComboFix2.txt 2010-02-11 00:36 Pre-Run: 30,455,721,984 bytes free Post-Run: 30,300,350,464 bytes free - - End Of File - - B42F4C59FE8CC99A5164F44021A4D5BA
  2. Clairefish
    Here's the Hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:04:21 PM, on 2/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\basfipm.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WLTRAY.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {de50656a-9a01-4000-831b-5a81fc522e4c} - lefegosi.dll (file missing) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: vikuzeja.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Broadcom ASF IP monitoring service v6.0.1 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 6267 bytes The other one is huge, so it's attached. log.txt
  3. Clairefish
    So i'm trying to get rid of malware on my gf's computer, its been making the computer run super slow, making the internet go schizo, and seeding random popups. I ran avast using the boot scan, but it didn't seem to work, the bottom bar for the computer is greyed out and won't work, as can be seen here: and malwarebytes won't launch, I've tried scanning malwarebytes with avast, and thats when the bottom bar started greying out. Avast finds stuff whenever I run the scan, but it can't seem to get all of it and malwarebytes still won't run. here is the Hijack this log: ------------------------------------------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:58:43 PM, on 2/9/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\basfipm.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [bascstray] BascsTray.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [mijosudus] Rundll32.exe "c:\windows\system32\lofirelo.dll",a O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: yufivibo.dll c:\windows\system32\lofirelo.dll O21 - SSODL: rafojidej - {40881e32-642a-4c86-b001-a6c8cb3905e5} - c:\windows\system32\lofirelo.dll O22 - SharedTaskScheduler: tokatiluy - {40881e32-642a-4c86-b001-a6c8cb3905e5} - c:\windows\system32\lofirelo.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Broadcom ASF IP monitoring service v6.0.1 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 6302 bytes ----------------------------------------------------------------- so yeah, please help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.