Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

lost control panel again

Started by itryed2 , Nov 22 2007 10:54 PM

  • Please log in to reply

#1
itryed2
Posted 22 November 2007 - 10:54 PM

itryed2

    Member

  • Member
  • PipPipPip
  • 196 posts
i lost my control panel for the second time .and a pop up screen keeps comeing up even when im not online,it says warning potential spyware operation,your computer is makeing unautherized copies of ur system and internett files.run a full system scan now to prevent any unautheriezed access to your files,click yes to download spyware remover,.im running avg,and antispyware removal,did a combofix,got control panel back,still pop ups,and a highjack this log,
ComboFix 07-11-19.3 - Compaq_Owner 2007-11-23 22:36:14.11 - NTFSx86
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-10-24 to 2007-11-24 )))))))))))))))))))))))))))))))
.

2007-11-23 10:27 6,144 --a------ C:\WINDOWS\system32\timoty.exe
2007-11-23 10:27 6,144 --a------ C:\WINDOWS\system32\msanton.exe
2007-11-21 21:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-21 21:18 356,352 --a------ C:\WINDOWS\eSellerateEngine.dll
2007-11-21 21:17 <DIR> d-------- C:\Program Files\Deskshare
2007-11-21 21:17 <DIR> d-------- C:\Program Files\Common Files\DeskShare Shared
2007-11-20 17:41 <DIR> d-------- C:\Program Files\ArcSoft
2007-11-19 18:08 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-11-16 22:24 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-11-16 22:24 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AVG7
2007-11-16 22:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-16 16:47 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-11-14 20:31 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\ArcSoft
2007-11-14 19:17 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
2007-11-14 19:17 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2007-11-14 19:17 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2007-11-14 19:17 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2007-11-14 19:17 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2007-11-14 19:14 <DIR> d-------- C:\Program Files\DIFX
2007-11-14 18:18 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-11-13 18:18 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-13 18:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-13 16:43 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-10 19:17 <DIR> d-------- C:\Program Files\iTunes
2007-11-10 19:17 <DIR> d-------- C:\Program Files\iPod
2007-11-06 18:52 <DIR> d-------- C:\Program Files\Uninstall Plus v4.1
2007-11-05 00:52 780,885 --a--c--- C:\WINDOWS\system32\dllcache\chkrres.dll
2007-11-05 00:52 113,222 --a--c--- C:\WINDOWS\system32\dllcache\zoneclim.dll
2007-11-05 00:52 42,575 --a--c--- C:\WINDOWS\system32\dllcache\chkrzm.exe
2007-11-05 00:52 41,029 --a--c--- C:\WINDOWS\system32\dllcache\zcorem.dll
2007-11-05 00:52 40,515 --a--c--- C:\WINDOWS\system32\dllcache\chkr.dll
2007-11-05 00:52 36,937 --a--c--- C:\WINDOWS\system32\dllcache\zclientm.exe
2007-11-05 00:52 32,339 --a--c--- C:\WINDOWS\system32\dllcache\uniansi.dll
2007-11-05 00:52 29,760 --a--c--- C:\WINDOWS\system32\dllcache\znetm.dll
2007-11-05 00:52 13,894 --a--c--- C:\WINDOWS\system32\dllcache\zonelibm.dll
2007-11-05 00:52 5,632 --a--c--- C:\WINDOWS\system32\dllcache\write.exe
2007-11-05 00:52 4,677 --a--c--- C:\WINDOWS\system32\dllcache\zeeverm.dll
2007-11-05 00:51 214,528 --a--c--- C:\WINDOWS\system32\dllcache\wordpad.exe
2007-11-05 00:51 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-11-05 00:51 119,808 --a--c--- C:\WINDOWS\system32\dllcache\winmine.exe
2007-11-05 00:51 102,912 --a--c--- C:\WINDOWS\system32\dllcache\clipbrd.exe
2007-11-05 00:51 49,275 --a------ C:\WINDOWS\system32\wfospf.mib
2007-11-05 00:51 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-11-05 00:51 35,328 --a--c--- C:\WINDOWS\system32\dllcache\winchat.exe
2007-11-05 00:51 35,328 --a--c--- C:\WINDOWS\system32\dllcache\iprip.dll
2007-11-05 00:51 33,792 --a--c--- C:\WINDOWS\system32\dllcache\lmmib2.dll
2007-11-05 00:51 13,312 --a--c--- C:\WINDOWS\system32\dllcache\htrn_jis.dll
2007-11-04 13:43 10,368 --------- C:\WINDOWS\system32\drivers\iviaspi.sys
2007-11-04 13:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-11-04 13:41 10,368 --a------ C:\WINDOWS\system32\iviaspi.sys
2007-11-04 13:40 <DIR> d-------- C:\Program Files\Sandisk
2007-11-02 21:25 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\F-Secure
2007-11-02 21:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2007-11-02 21:10 <DIR> d-------- C:\Program Files\F-Secure Internet Security
2007-11-02 21:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\fssg
2007-11-02 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-02 16:48 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
2007-11-02 13:58 <DIR> d-------- C:\Program Files\NoAdware5.0
2007-10-31 16:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-10-29 20:02 <DIR> d-------- C:\KAV
2007-10-25 19:36 <DIR> d-------- C:\Program Files\Windows Desktop Search

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-24 01:14 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\WeatherBug
2007-11-24 01:11 --------- d-----w C:\Program Files\lx_cats
2007-11-24 00:08 --------- d-----w C:\Program Files\SUPERAntiSpyware
2007-11-23 15:27 289,280 ----a-w C:\WINDOWS\system32\libcurl.dll
2007-11-23 15:20 --------- d-----w C:\Program Files\MARS
2007-11-22 02:52 --------- d-----w C:\Program Files\QuickTime
2007-11-20 22:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-19 07:56 --------- d-----w C:\Program Files\Java
2007-11-17 01:58 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2007-11-11 05:26 --------- d--h--r C:\Documents and Settings\Compaq_Owner\Application Data\yahoo!
2007-11-11 05:26 --------- d-----w C:\Program Files\Yahoo!
2007-11-11 05:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\yahoo!
2007-11-05 18:43 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
2007-11-04 19:41 --------- d-----w C:\Program Files\LimeWire
2007-11-04 18:42 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-11-03 21:05 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
2007-11-03 20:21 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-11-03 20:17 --------- d-----w C:\Program Files\Windows Defender
2007-11-01 21:39 --------- d-----w C:\Program Files\Common Files\Defender Pro Firewall
2007-11-01 21:38 --------- d-----w C:\Program Files\Defender Pro
2007-10-26 00:50 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-10-26 00:49 --------- d-----w C:\Program Files\Symantec
2007-10-26 00:48 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-10-22 00:44 --------- d-----w C:\Program Files\johnqtv1
2007-10-20 23:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-20 04:11 806 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-20 04:11 60,808 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-10-20 04:11 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-10-20 04:11 10,652 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-10-20 03:22 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Symantec
2007-10-16 03:47 --------- d-----w C:\Program Files\AWS
2007-10-06 05:08 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
2007-10-06 05:07 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\FaxCtr
2007-10-06 05:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2007-10-06 04:59 --------- d-----w C:\Program Files\Lexmark 2400 Series
2007-10-06 04:28 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue
2007-10-06 04:10 --------- d-----w C:\Program Files\Microsoft Works
2007-10-06 03:31 --------- d-----w C:\Program Files\Easy Internet signup
2007-10-06 03:28 --------- d-----w C:\Program Files\Secure PC Solutions
2007-10-06 01:37 0 ----a-w C:\WINDOWS\system32\drivers\USB
2007-10-06 01:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-10-01 04:11 --------- d-----w C:\Program Files\RegistrySmart
2007-10-01 04:06 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart
2007-09-29 04:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-28 22:17 --------- d-----w C:\Program Files\Lexmark Toolbar
2007-09-28 21:31 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Yahoo!
2007-09-28 07:03 --------- d-----w C:\Program Files\Common Files\Apple
2007-09-28 07:00 --------- d-----w C:\Program Files\Apple Software Update
2007-09-28 07:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-09-27 04:52 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2007-09-25 07:10 --------- d---a-w C:\Program Files\PC-Doctor for Windows
2007-09-25 07:10 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-09-25 07:10 --------- d-----w C:\Program Files\Vietcong
2007-09-25 07:10 --------- d-----w C:\Program Files\MSN Encarta Standard
2007-09-25 04:16 --------- d-----w C:\Program Files\Trend Micro
2007-09-23 06:02 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-09-22 08:16 3,888 ----a-w C:\WINDOWS\viassary-hp.reg
2007-08-29 21:18 577,928 ----a-w C:\WINDOWS\system32\SymNeti.dll
2003-08-05 18:41 53,248 ----a-w C:\WINDOWS\inf\ap561.exe
2002-11-26 23:24 32,768 ----a-w C:\WINDOWS\inf\Remove561.exe
2002-11-22 22:56 118,784 ----a-w C:\WINDOWS\inf\ShowBmp.exe
2002-10-30 01:07 36,864 ----a-w C:\WINDOWS\inf\Setup8a.exe
2002-10-01 21:43 119,798 ----a-w C:\WINDOWS\inf\spca561.sys
2004-10-13 16:21 1,694,208 --sha-w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
.

((((((((((((((((((((((((((((( snapshot@2007-11-23_19.00.28.98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-05-07 21:38:46 500,120 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.2\daas_s.dll
+ 2007-05-07 21:39:00 192,920 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.2\fsauc.dll
+ 2007-05-07 21:39:24 254,360 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.2\fscax.dll
+ 2007-11-24 01:10:53 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_530.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 16:00]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [2007-08-23 21:31]
"Windows Registry Repair Pro"="C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe" [2005-09-08 20:59]
"froody"="C:\WINDOWS\system32\timoty.exe" [2007-11-23 10:27]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-11-02 10:59]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 22:43]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 19:06 C:\WINDOWS\AGRSMMSG.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 22:13]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2003-12-18 01:31]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-11-02 11:03]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-23 00:56]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2006-01-22 12:45]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [2006-02-07 00:10]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2005-12-01 13:38]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-11-16 22:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 03:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"version"="C:\WINDOWS\system32\timoty.exe" [2007-11-23 10:27]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-16 22:24]

C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\
setings.exe [2007-11-23 10:27:32]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
startup.exe [2007-11-23 10:27:32]

[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys
S3 p2pgasvc;Peer Networking Group Authentication;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2pimsvc;Peer Networking Identity Manager;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2psvc;Peer Networking;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 PNRPSvc;Peer Name Resolution Protocol;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc

*Newly Created Service* - F-SECURE_STANDALONE_MINIFILTER
.
Contents of the 'Scheduled Tasks' folder
"2007-11-18 00:05:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-03-15 21:14:39 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2007-11-23 08:30:00 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.exe
- C:\Program Files\RegistrySmart
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 22:39:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-23 22:41:20
C:\ComboFix2.txt ... 2007-11-23 22:11
C:\ComboFix3.txt ... 2007-11-23 20:24
.
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:59 PM, on 11/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\timoty.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\timoty.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [froody] C:\WINDOWS\system32\timoty.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: setings.exe
O4 - Global Startup: startup.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1191122673921
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us...nfo/webscan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

--
End of file - 6516 bytes
Also windows secrety alert doesnt detect my avg,thanks for your time
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP