Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware - Trojans - Redirect Windows -- Want to get Rid of them


  • Please log in to reply

#1
SweetC

SweetC

    New Member

  • Member
  • Pip
  • 1 posts
Hello All!

For about the last two months I have been receiving the following Avast alerts daily [with multiple alerts during the day]:

Malware Was Found!
A Trojan Horse Was Found!

It usually involves the following.

<snip>

I then clicked on the "Abort Connection" Button to stop the Malware/Trojan Horse from downloading to the computer.

WHAT I DID:
I ran an online scan at Eset.com. Nothing was found.

STORY CONTINUES
This morning after the computer booted up, I got a Window with a message that I was going to be redirected to a page and that any information I gave would be transmitted to another page. I was given a choice to agree or cancel. I canceled.

I never ever saw a window like that before. I only have IE7 and FF 2.x on the computer. No browser had been opened yet.

WHAT I DID NEXT
[1] I ran HijackThis this morning. The results are below.
[2] I ran RunScanner this morning in Beginner mode. Saved the "RUN" file and "LOG". The "LOG" results are below. Not able to open or attach the "RUN" results.

Thanks in advance for your help with this.

SC

HijackThis Log File
---------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:47 AM, on 12/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\IDriveE\IDriveE Service.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: Skype add-on (mastermind) -

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program

Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection -

{53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO -

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO -

{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program

Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker -

{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program

Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program

Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows

Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"

/background
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting]

"C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting]

"C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org

2.3\program\quickstart.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver -

res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -

C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -

http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine

Advantage Validation Tool) -

http://go.microsoft....k/?linkid=39204
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -

http://www.eset.eu/b...lineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash

Object) -

https://fpdownload.m...ash/swflash.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{D32999E4-7EAD-4323-BEEA-B20EEE3478FD}

: NameServer = 68.237.161.12 71.243.0.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software

- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program

Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program

Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program

Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Desktop Manager 5.5.709.30344

(GoogleDesktopManager-093007-112848) - Google - C:\Program

Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IDriveE Service - Pro Softnet Corporation - C:\Program

Files\IDriveE\IDriveE Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) -

Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6792 bytes

=======================================
RunScanner Log File
-------------------
Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

000 General info
----------------
Computer name : QUE-T
Creation time : 12/31/2007 10:43:39 AM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.13
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 1.6.1.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

001 Running processes
---------------------
* c:\windows\system32\alg.exe (Microsoft Corporation)
* c:\program files\alwil software\avast4\ashserv.exe (ALWIL Software)
* c:\program files\alwil software\avast4\aswupdsv.exe (ALWIL Software)
* c:\program files\alwil software\avast4\ashmaisv.exe (ALWIL Software)
* c:\progra~1\alwils~1\avast4\ashdisp.exe (ALWIL Software)
* c:\program files\alwil software\avast4\ashwebsv.exe (ALWIL Software)
* c:\windows\system32\csrss.exe (Microsoft Corporation)
* c:\windows\system32\ctfmon.exe (Microsoft Corporation)
* c:\program files\mozilla firefox\firefox.exe (Mozilla Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\program files\google\common\google updater\googleupdaterservice.exe (Google)
* c:\program files\idrivee\idrivee service.exe (Pro Softnet Corporation)
* c:\program files\java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
* c:\windows\system32\lsass.exe (Microsoft Corporation)
* c:\documents and settings\quet\desktop\runscanner.exe (Runscanner.net)
* c:\program files\windows defender\msmpeng.exe (Microsoft Corporation)
* c:\windows\system32\services.exe (Microsoft Corporation)
* c:\windows\system32\spoolsv.exe (Microsoft Corporation)
c:\program files\spyware terminator\sp_rsser.exe (Crawler.com)
* c:\windows\system32\zonelabs\vsmon.exe (Zone Labs, LLC)
* c:\program files\windows defender\msascui.exe (Microsoft Corporation)
* c:\windows\explorer.exe (Microsoft Corporation)
* c:\windows\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\system32\smss.exe (Microsoft Corporation)
* c:\program files\zone labs\zonealarm\zlclient.exe (Zone Labs, LLC)

002 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys)
-----------------------------------------------------------------
* c:\progra~1\alwils~1\avast4\ashdisp.exe (ALWIL Software)
* c:\program files\zone labs\zonealarm\zlclient.exe (Zone Labs, LLC)

004 C:\Documents and Settings\QueT\Start Menu\Programs\Startup
--------------------------------------------------------------
c:\progra~1\openof~1.3\program\quicks~1.exe

010 HKLM\SYSTEM\CurrentControlSet\Services (Services)
-----------------------------------------------------
* c:\program files\alwil software\avast4\ashserv.exe (avast! Antivirus)
* c:\program files\alwil software\avast4\aswupdsv.exe (avast! iAVS4 Control Service)
* c:\program files\alwil software\avast4\ashmaisv.exe (avast! Mail Scanner)
* c:\program files\alwil software\avast4\ashwebsv.exe (avast! Web Scanner)
* c:\program files\idrivee\idrivee service.exe (IDriveE Service)
* c:\program files\ipod\bin\ipodservice.exe (iPod Service)
c:\program files\spyware terminator\sp_rsser.exe (Spyware Terminator Realtime Shield Service)
* c:\windows\system32\zonelabs\vsmon.exe (TrueVector Internet Monitor)

011 HKLM\SYSTEM\CurrentControlSet\Services (drivers)
----------------------------------------------------
* c:\windows\system32\drivers\aswrdr.sys (aswRdr)
* c:\windows\system32\drivers\aavmker4.sys (avast! Asynchronous Virus Monitor)
* c:\windows\system32\drivers\aswtdi.sys (avast! Network Shield Support)
* c:\windows\system32\drivers\aswmon2.sys (avast! Standard Shield Support)
- c:\windows\system32\drivers\changer.sys (Changer)
- c:\windows\system32\drivers\i2omgmt.sys (i2omgmt)
* C:\WINDOWS\system32\drivers\klif.sys (KLIF)
- c:\windows\system32\drivers\lbrtfdc.sys (lbrtfdc)
- c:\windows\system32\drivers\pcidump.sys (PCIDump)
- c:\windows\system32\drivers\pdcomp.sys (PDCOMP)
- c:\windows\system32\drivers\pdframe.sys (PDFRAME)
- c:\windows\system32\drivers\pdreli.sys (PDRELI)
- c:\windows\system32\drivers\pdrframe.sys (PDRFRAME)
C:\WINDOWS\system32\drivers\pxhelp20.sys (PxHelp20)
c:\windows\system32\drivers\sp_rsdrv2.sys (Spyware Terminator Driver 2)
* C:\WINDOWS\system32\zonelabs\srescan.sys (srescan)
* C:\WINDOWS\system32\vsdatant.sys (vsdatant)
- c:\windows\system32\drivers\wdica.sys (WDICA)

030 HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
------------------------------------------
C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}

035 HKLM-HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
------------------------------------------------------------------
c:\windows\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}
c:\windows\system32\tcpconn.exe {43564368-4375-8601-4371-458454791235

041 HKLM-HKCU\Software\Microsoft\Internet Explorer\Toolbar
----------------------------------------------------------
c:\program files\zonealarmsb\bar\1.bin\spyblock.dll (ZoneAlarm) {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}

045 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
----------------------------------------------------------------
c:\program files\zonealarmsb\bar\1.bin\spyblock.dll (ZoneAlarm) {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}

052 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
----------------------------------------------------------------------------------
GUID / CLSID not found {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
* c:\program files\google\googletoolbarnotifier\2.1.615.5858\swg.dll (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
* c:\progra~1\spybot~1\sdhelper.dll (Safer Networking Limited) {53707962-6F74-2D53-2644-206D7942484F}
c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll (Skype Technologies S.A.) {22BF413B-C6D2-4d91-82A9-A0F997BA588C}
c:\program files\zonealarmsb\bar\1.bin\spyblock.dll (ZoneAlarm) {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}

061 HKLM-HCKU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
---------------------------------------------------------------------------------
c:\program files\7-zip\7-zip.dll {23170F69-40C1-278A-1000-000100020000}
* c:\program files\alwil software\avast4\ashshell.dll (ALWIL Software) {472083B0-C522-11CF-8763-00608CC02F24}
- deskpan.dll {42071714-76d4-11d1-8b24-00a0c9068ff3}
c:\program files\efax messenger 4.3\j2gshell.dll (j2 Global Communications, Inc.) {6872d785-fe43-44cb-9b2a-2df4c5eb13b2}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509050}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509056}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509054}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509052}
c:\program files\idrivee\idriveeview.dll (Pro Softnet Corporation.) {22A9D756-FFFC-4878-BC5A-0DAA07544F97}
c:\program files\idrivee\idriveeview.dll (Pro Softnet Corporation.) {3FEF8143-3896-464A-98DF-0AE3FC390C46}
c:\program files\idrivee\idriveeview.dll (Pro Softnet Corporation.) {41A7CC4B-32CA-45C1-8777-E907F4C6DDC1}
c:\program files\idrivee\idriveeview.dll (Pro Softnet Corporation.) {4396F50A-E1E6-4177-8048-D2EF9E8A46F8}
* c:\program files\itunes\itunesminiplayer.dll (Apple Inc.) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}
* c:\program files\zone labs\zonealarm\zlavscan.dll (Zone Labs, LLC) {D9872D13-7651-4471-9EEE-F0A00218BEBB}
c:\program files\omnidrive\omnidrive.dll (Omnidrive) {5FCD4425-CA3A-48F4-A57C-B8A75C32ACB1}
c:\program files\omnidrive\omnidrive.dll (Omnidrive) {3B3256E4-49DF-11D3-8229-0080AE509060}
c:\program files\openoffice.org 2.3\program\shlxthdl.dll (Sun Microsystems, Inc.) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
c:\program files\openoffice.org 2.3\program\shlxthdl.dll (Sun Microsystems, Inc.) {087B3AE3-E237-4467-B8DB-5A38AB959AC9}
c:\program files\openoffice.org 2.3\program\shlxthdl.dll (Sun Microsystems, Inc.) {63542C48-9552-494A-84F7-73AA6A7C99C1}
c:\program files\openoffice.org 2.3\program\shlxthdl.dll (Sun Microsystems, Inc.) {3B092F0C-7696-40E3-A80F-68D74DA84210}
* c:\program files\real\realplayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
c:\windows\system32\dfshim.dll (Microsoft Corporation) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
c:\windows\system32\dfshim.dll (Microsoft Corporation) {e82a2d71-5b2f-43a0-97b8-81be15854de8}
c:\program files\spyware terminator\sptcontmenu.dll (Crawler.com) {BD88A479-9623-4897-8546-BC62B9628F44}

062 HKLM-HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
------------------------------------------------------------
c:\program files\common files\adobe\acrobat\activex\pdfshell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
c:\program files\openoffice.org 2.3\program\shlxthdl.dll (Sun Microsystems, Inc.) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}

069 HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
--------------------------------------------------------
C:\WINDOWS\system32\bzpdf.dll (BullZip)
C:\WINDOWS\system32\primomonnt.dll

102 HKLM - HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
------------------------------------------------------------------
GUID / CLSID not found {32683183-48a0-441b-a342-7c2a440a9478}

104 HKLM\Software\Microsoft\Code Store Database\Distribution Units
------------------------------------------------------------------
* c:\windows\downloaded program files\pcpitstop.dll (PC Pitstop) {0E5F0222-96B9-11D3-8997-00104BD12D94}
GUID / CLSID not found {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}

105 HKCU\Software\Microsoft\Internet Explorer\MenuExt
-----------------------------------------------------
Add to Google Photos Screensa&ver : res://C:\WINDOWS\system32\GPhotos.scr/200
Crawler Search :

120 Domain/DNS hijacking
------------------------
NameServer {D32999E4-7EAD-4323-BEEA-B20EEE3478FD} : 68.237.161.12 71.243.0.12

121 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
--------------------------------------------------------------------------
c:\progra~1\google\google~4\goec62~1.dll (Google)

173 HKCR\*\shellex\ContextMenuHandlers
--------------------------------------
c:\program files\7-zip\7-zip.dll {23170F69-40C1-278A-1000-000100020000}
c:\program files\omnidrive\omnimenu.dll (Omnidrive) {3A2B7BDE-CC65-4DF7-8AEA-8DDC4E57DE75}
* c:\program files\alwil software\avast4\ashshell.dll (ALWIL Software) {472083B0-C522-11CF-8763-00608CC02F24}
c:\progra~1\idrivee\idrive~4.dll {5E814CF3-3DF9-4D53-BCCC-94079E571569}
c:\program files\efax messenger 4.3\j2gshell.dll (j2 Global Communications, Inc.) {6872D785-FE43-44cb-9B2A-2DF4C5EB13B2}
c:\program files\spyware terminator\sptcontmenu.dll (Crawler.com) {BD88A479-9623-4897-8546-BC62B9628F44}
* c:\program files\zone labs\zonealarm\zlavscan.dll (Zone Labs, LLC) {D9872D13-7651-4471-9EEE-F0A00218BEBB}
c:\program files\yousendit\express\version2\ysiext.dll (TODO: <Company name>) {E46B8A96-C11A-4EE5-9B0F-2050A3DD6A45}


QUESTION
Can anyone tell me what is going on??

Any and all help appreciated.

SC

Edited by Rorschach112, 31 December 2007 - 10:15 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP