Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

media motor, apropos year-end house cleaning


  • Please log in to reply

#1
misstepp

misstepp

    Member

  • Member
  • PipPip
  • 25 posts
My son got some spyware on the PC a few weeks ago and while the pop ups appear to have stopped, I now get an error message when I boot up (not a big deal, just an annoyance) and when I ran through all the malware traps I found some possible problems I'd like to clean up. Always good to start the year with a clean machine. Below are the logs:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:13:10 PM 12/26/2006

+ Scan result:



C:\Documents and Settings\Chris Brigaitis\Start Menu\Programs\EARN -> Adware.eZula : Cleaned with backup (quarantined).
C:\Documents and Settings\Chris Brigaitis\Start Menu\Programs\EARN\About EARN.lnk -> Adware.eZula : Cleaned with backup (quarantined).
C:\Documents and Settings\Chris Brigaitis\Start Menu\Programs\EARN\EARN website.url -> Adware.eZula : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-1078081533-602162358-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\Chris Brigaitis\Application Data\Netscape\NSB\Profiles\odsrm5bl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Chris Brigaitis\Application Data\Netscape\NSB\Profiles\odsrm5bl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.51:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.82:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.83:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.84:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.59:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.88:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.65:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.67:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.68:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.69:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.100:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.101:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.99:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.22:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.23:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.24:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.25:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.89:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.90:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.19:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.20:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.26:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.27:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.92:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.93:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.94:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.56:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.57:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.58:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.60:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.61:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.62:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.29:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.45:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.63:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.64:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\system32\wnscpsv.exe -> Trojan.Small : Cleaned with backup (quarantined).


::Report end
SUPERAntiSpyware Scan Log
Generated 12/26/2006 at 04:56 PM

Application Version : 3.4.1000

Core Rules Database Version : 3154
Trace Rules Database Version: 1171

Scan type : Complete Scan
Total Scan Time : 01:32:46

Memory items scanned : 445
Memory threats detected : 0
Registry items scanned : 5790
Registry threats detected : 35
File items scanned : 75715
File threats detected : 5

Spyware.WebSearch (WinTools/Huntbar)
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#DeviceDesc

Trojan.NetMon/DNSChange
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc

Trojan.cmdService
HKLM\SYSTEM\CurrentControlSet\Services\cmdService
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#Type
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#DeviceDesc

Adware.FullContext
HKU\.DEFAULT\Software\PSHope
HKU\S-1-5-18\Software\PSHope

Adware.NextFriday
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\DESKTOP\FREE IPOD NANO.LNK
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\DESKTOP\PLAY PARTY POKER.LNK

Trojan.Unknown Origin
C:\PROGRAM FILES\YAHOO!\YPSR\QUARANTINE\PPQ81.TMP
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5775905D-94A2-4A36-A715-DEF74E188A58}\RP94\A0008702.EXE
C:\WINDOWS\SYSTEM32\W01A03D1.INI


Incident Status Location

Adware:adware/wintools Not disinfected Windows Registry
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/esyndicate Not disinfected Windows Registry
Adware:adware/ieplugin Not disinfected Windows Registry
Adware:adware/sidesearch Not disinfected Windows Registry
Spyware:spyware/apropos Not disinfected Windows Registry
Possible Virus. Not disinfected C:\BFU\FindQool.zip[FindQool/Sub/swreg.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Brenda Stepp\Desktop\Anti-Spyware etc\Nailfix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Brenda Stepp\Desktop\Anti-Spyware etc\nailfix.zip[Nailfix/Process.exe]
Possible Virus. Not disinfected C:\FindQool\FindQool\Sub\swreg.exe
Spyware:Spyware/Media-motor Not disinfected C:\WINDOWS\srvcwuwubw.exe[nodeipproc.dll]

Logfile of HijackThis v1.99.1
Scan saved at 6:45:49 PM, on 12/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Documents and Settings\Brenda Stepp\Desktop\Anti-Spyware etc\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo..../sbc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Steam] D:\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....015/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4156EC68-BB80-4B06-B1FA-780C3DB183A6} (KyozouX Control) - http://my.kyozou.com/KyozouX.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp...ads/sysinfo.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp...oads/msxml4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15014/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP