Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

unable to access taskmanager

Started by john1111 , Jan 23 2008 04:43 AM

  • Please log in to reply

#1
john1111
Posted 23 January 2008 - 04:43 AM

john1111

    New Member

  • Member
  • Pip
  • 1 posts
hi here is details of my scans as requested..........avg no results,didnt find any thing[



Incident Status Location

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\j\Local Settings\Temp\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\j\Local Settings\Temp\Cookies\[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\j\Local Settings\Temp\Cookies\[email protected][1].txt
Hacktool:HackTool/Samdump Not disinfected C:\Documents and Settings\j\Local Settings\Temp\RarSFX1\pwdump2\pwdump2.exe
Hacktool:HackTool/Samdump Not disinfected C:\Documents and Settings\j\Local Settings\Temp\RarSFX1\pwdump2\samdump.dll
Hacktool:HackTool/RockXp4 Not disinfected C:\Documents and Settings\j\Local Settings\Temp\RarSFX1\RockXP4_.exe
Hacktool:HackTool/Samdump Not disinfected C:\Documents and Settings\j\Local Settings\Temp\RarSFX2\pwdump2\pwdump2.exe
Hacktool:HackTool/Samdump Not disinfected C:\Documents and Settings\j\Local Settings\Temp\RarSFX2\pwdump2\samdump.dll
Hacktool:HackTool/RockXp4 Not disinfected C:\Documents and Settings\j\Local Settings\Temp\RarSFX2\RockXP4_.exe
Potentially unwanted tool:Application/Playmp3z Not disinfected C:\Documents and Settings\j\Shared\winavi windows\Setup.exe
Adware:Adware/AdRotator Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus\setup.exe
Adware:Adware/AdRotator Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus.zip[setup.exe]
Adware:Adware/AdRotator Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus.zip[setup.exe][²ÜÇ\bann.exe]
Adware:Adware/AdRotator Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus.zip[setup.exe][²ÜÇ\bann.exe][¦%%\gzmrotate.dll]
Adware:Adware/AdRotator Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus.zip[setup.exe][²ÜÇ\adw.exe]
Virus:Generic Malware Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus.zip[setup.exe][²ÜÇ\adw.exe][²ªÇ]
Adware:Adware/AdRotator Not disinfected C:\Documents and Settings\j\Shared\[Full] winavi windows with Bonus.zip[setup.exe][²ÜÇ\adw.exe][²ïÇ]
Potentially unwanted tool:Application/PassRock Not disinfected D:\Windows.old\Documents and Settings\pw\My Documents\downloads\Keyfinder&Reg user changer.exe
Virus:Generic Malware Disinfected D:\Windows.old\Documents and Settings\pw\My Documents\downloads\Windows XP&2003 activation\X86\antiwpa.dll
Virus:Generic Malware Disinfected D:\Windows.old\Windows\system32\antiwpa.dll


Incident Status Location

Virus:Generic Malware Disinfected Operating system


]SUPERAntiSpyware Scan Log

Application Version : 3.6.1000

Core Rules Database Version : 3385
Trace Rules Database Version: 1379

Scan type : Complete Scan
Total Scan Time : 04:54:26

Memory items scanned : 528
Memory threats detected : 0
Registry items scanned : 5213
Registry threats detected : 43
File items scanned : 115700
File threats detected : 92

Trojan.Media-Codec/V4


HKLM\Software\Classes\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}
HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}
HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}
HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\Implemented

Categories
HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\Implemented

Categories\{00021493-0000-0000-C000-000000000046}


HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\InprocServer32


HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\InprocServer32#Thread

ingModel
C:\PROGRAM FILES\ONLINE ADD-ON\ICTMDL.DLL
HKLM\Software\Microsoft\Internet

Explorer\Toolbar#{F2BADA0D-FD61-45EF-A994-64A073FD6613}


HKU\S-1-5-21-448539723-630328440-682003330-1004\Software\Microsoft\Inte

rnet Explorer\Toolbar\WebBrowser#{F2BADA0D-FD61-45EF-A994-64A073FD6613}
HKU\S-1-5-21-448539723-630328440-682003330-1004\Software\Online

Add-on

Adware.Tracking Cookie
C:\DOCUME~1\j\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\j\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\j\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\j\LOCALS~1\Temp\Cookies\[email protected][2].txt
C:\DOCUME~1\j\LOCALS~1\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\j\Local

Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\j\Local

Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\j\Local

Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\j\Local

Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\j\Local

Settings\Temp\Cookies\[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected].esomniture[2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][3].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][3].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][2].txt


D:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\admini

[email protected][1].txt
D:\Windows.old\Documents and Settings\pw\Cookies\[email protected][1].txt
D:\Windows.old\Documents and

Settings\pw\Cookies\[email protected][2].txt
D:\Windows.old\Documents and

Settings\pw\Cookies\[email protected][2].txt
D:\Windows.old\Documents and

Settings\pw\Cookies\[email protected][1].txt
D:\Windows.old\Documents and

Settings\pw\Cookies\[email protected][1].txt
D:\Windows.old\Documents and

Settings\pw\Cookies\[email protected][1].txt

Trojan.DNSChanger-Codec
HKCR\CLSID\E404.e404mgr
HKCR\CLSID\E404.e404mgr#UserId

Adware.E404 Helper/Hij
HKCR\E404.e404mgr
HKCR\E404.e404mgr\CLSID
HKCR\E404.e404mgr\CurVer
HKCR\E404.e404mgr.1
HKCR\E404.e404mgr.1\CLSID
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}


HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid


HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib


HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version

Trojan.Net-MU/Gen


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#unins

tallString


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#Displ

ayName

Malware.VirusProtect
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\bwyifVh


HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\InprocServer32


HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\InprocServer32#Thread

ingModel
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\IutDoub
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\izYkIq
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\nafualetars
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\ProgID
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\sweqsntrK


HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\VersionIndependentPro

gID
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\Xlmzrv
HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\xqJlj

Trojan.Unclassified/FKN
C:\WINDOW\FKNXWQF.EXE
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:40:11, on 23/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOW\System32\smss.exe
C:\WINDOW\system32\winlogon.exe
C:\WINDOW\system32\services.exe
C:\WINDOW\system32\lsass.exe
C:\WINDOW\system32\Ati2evxx.exe
C:\WINDOW\system32\svchost.exe
C:\WINDOW\System32\svchost.exe
C:\WINDOW\system32\Ati2evxx.exe
C:\WINDOW\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOW\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOW\system32\bgsvcgen.exe
C:\WINDOW\system32\cisvc.exe
C:\WINDOW\System32\svchost.exe
C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\WINDOW\system32\tcpsvcs.exe
C:\WINDOW\system32\svchost.exe
C:\WINDOW\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOW\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOW\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOW\system32\devldr32.exe
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\WINDOW\system32\wuauclt.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684CC} - C:\Program Files\Helper\findsiteonline.dll (file missing)
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOW\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOW\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOW\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOW\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOW\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOW\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Loadout Manager.lnk = C:\Program Files\Belkin\Nostromo\nost_LM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.updat...b?1195823181218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1194950472062
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://members.drive...de=toolkit_lite
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: ablator - {fce1c203-ff2b-4ec1-9983-e2900d29bbd8} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOW\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOW\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOW\system32\bgsvcgen.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

--
End of file - 7934 bytes

HOPE IVE DONE THIS RIGHT AS NO VERY COMPUTER LITERATE THANKS JOHN

Attached Files


  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP