Jump to content

hotspur77

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ok, thanks. I'm not having any problems, just wanted to check that there wasn't anything still lingering. Thanks again!
  2. Hi, I just had an attack of the TDSS virus. With this site i've finally been able to get Malwarebytes to run and clean it up but i need you guys to check if my PC is now clean. I've followed the pre-HJT Post instructions. Can you let me know what i need to do next. Also let me know if anything is running that doesn't need to be. Thanks MBAM scan log: Malwarebytes' Anti-Malware 1.31 Database version: 1537 Windows 6.0.6001 Service Pack 1 23/12/2008 20:31:37 mbam-log-2008-12-23 (20-31-37).txt Scan type: Quick Scan Objects scanned: 55675 Time elapsed: 2 minute(s), 19 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Panda ActiveScan log: ANALYSIS: 2008-12-23 21:30:32 PROTECTIONS: 1 MALWARE: 27 SUSPECTS: 0 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== Windows Defender 1.1.4205.0 No No ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@trafficmp[2].txt 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@trafficmp[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\zugo@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@atdmt[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@247realmedia[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@247realmedia[1].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@tribalfusion[1].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@tribalfusion[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@tribalfusion[3].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\zugo@tribalfusion[1].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@anm.co[3].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@anm.co[1].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@anm.co[2].txt 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@ccbill[1].txt 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@ccbill[2].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@com[5].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\zugo@com[1].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@com[4].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@com[2].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@com[1].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@com[3].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@xiti[2].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@xiti[3].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@xiti[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@serving-sys[4].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@serving-sys[4].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@serving-sys[3].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@serving-sys[3].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@bs.serving-sys[3].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@bs.serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@bs.serving-sys[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@adtech[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@adtech[4].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@adtech[3].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@adtech[2].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@server.iad.liveperson[2].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\zugo@server.iad.liveperson[2].txt 00168113 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@fe.lea.lycos[2].txt 00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@stat.onestat[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@advertising[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@advertising[3].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@ads.pointroll[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@ads.pointroll[3].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@ads.pointroll[2].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@overture[3].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@overture[2].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@overture[1].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@realmedia[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@realmedia[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@questionmarket[3].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@questionmarket[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Zugo\AppData\Roaming\Microsoft\Windows\Cookies\Low\zugo@questionmarket[2].txt 00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@metriweb[1].txt 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@adultfriendfinder[1].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@go[2].txt 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@searchportal.information[2].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@atwola[2].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@atwola[1].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@smartadserver[4].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@smartadserver[2].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@smartadserver[1].txt 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Users\Nnamdi\AppData\Roaming\Microsoft\Windows\Cookies\nnamdi@citi.bridgetrack[1].txt ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location @|uC5 ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description @|uC5 ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== HijackThis Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:31:18, on 23/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\mobsync.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Lexmark 1400 Series\lxdjamon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Qlock\qlock.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\AVG\AVG8\aAvgApi.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [lxdjamon] "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [simp] C:\Program Files\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: qlock.lnk = C:\Program Files\Qlock\qlock.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...S/wlscctrl2.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: lxdjCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdjserv.exe O23 - Service: lxdj_device - - C:\Windows\system32\lxdjcoms.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- End of file - 10285 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.