Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Worm.Win32.Netsky

Started by Penrod , Mar 08 2008 11:21 PM

  • Please log in to reply

#1
Penrod
Posted 08 March 2008 - 11:21 PM

Penrod

    New Member

  • Member
  • Pip
  • 1 posts
Hi, a virus recently attacked my computer. I believe it came from a program called VideoAccessCodecInstall.exe. There were many Windows Security Popups that kept coming up, and one of them kept saying I have the "Worm.Win32.NetSky" virus. It would also replace my background with a red screen saying that my computer may be infected.

I have spent the better part of today on this site going through posts with similar problems and running much of the software recommended. I also followed the step by step instructions in the "Before posting a HiJackThis.log thread. I had done this once before and my machine seemed to work fine for a week or so and then all the malware came back. Bottom line is my machine seems to be running fine now, but the ActiveScan Log still shows infected files. I am attaching my AVG log, Superantispyware log, Activescane log and HijackThis log in hopes that someone will be able to make sense of this and help me finally get everything clean. Thanks in advance for the help.

AVG Reporet:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

 + Created at:	7:45:33 PM 3/8/2008

 + Scan result:	



:mozilla.46:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.328:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.182:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.117:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.93:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.94:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.95:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.96:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.97:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.149:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.38:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.275:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.302:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.303:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.304:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.310:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.311:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.312:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.147:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.160:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.164:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.142:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.143:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.144:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.150:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.151:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.137:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.138:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.119:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.120:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.121:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.122:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.123:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.232:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.269:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.270:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.113:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.114:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.115:C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end

SUPERAntiSpyware Report
SUPERAntiSpyware Scan Log
Generated 03/08/2008 at 09:18 PM

Application Version : 3.6.1000

Core Rules Database Version : 3416
Trace Rules Database Version: 1408

Scan type	   : Complete Scan
Total Scan Time : 01:18:33

Memory items scanned	  : 685
Memory threats detected   : 0
Registry items scanned	: 6703
Registry threats detected : 0
File items scanned		: 55401
File threats detected	 : 8

Desktop Hijacker.AboutYourPrivacy
	C:\Documents and Settings\Home\Favorites\Error Cleaner.url
	C:\Documents and Settings\Home\Favorites\Privacy Protector.url
	C:\Documents and Settings\Home\Favorites\Spyware&Malware Protection.url
	C:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\SPYWAREBOT\QUARANTINE\10-02-2008-15-30-31\181.QIT
	C:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\SPYWAREBOT\QUARANTINE\10-02-2008-15-30-31\182.QIT
	C:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\SPYWAREBOT\QUARANTINE\10-02-2008-15-30-31\183.QIT

Adware.SXGAdvisor
	C:\DOCUMENTS AND SETTINGS\HOME\DESKTOP\BACKUPS\BACKUP-20080308-130925-690.DLL
	C:\WINDOWS\DWRMNTSVRM.DLL

ActiveScan report
Incident																		Status						Location																																																														
																															  
Spyware:Cookie/Seeq															 Not disinfected			   C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt[www48.seeq.com/]																																		  
Spyware:Cookie/Buydomains													   Not disinfected			   C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt[www47.buydomains.com/]																																	
Spyware:Cookie/WebPower														 Not disinfected			   C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt[.webpower.com/]																																		   
Spyware:Cookie/Target														   Not disinfected			   C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt[.target.com/]																																			 
Spyware:Cookie/Xiti															 Not disinfected			   C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt[.xiti.com/]																																			   
Spyware:Cookie/360i															 Not disinfected			   C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\edg7xaal.default\cookies.txt[.ct.360i.com/]																																			
Potentially unwanted tool:Application/Processor								 Not disinfected			   C:\Documents and Settings\Home\Desktop\SmitfraudFix\Process.exe																																																 
Virus:Trj/Rebooter.J															Disinfected				   C:\Documents and Settings\Home\Desktop\SmitfraudFix\Reboot.exe																																																  
Potentially unwanted tool:Application/SuperFast								 Not disinfected			   C:\Documents and Settings\Home\Desktop\SmitfraudFix\restart.exe

HijackThis Report
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:21 AM, on 3/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] "C:\Program Files\Realtek\InstallShield\AzMixerSel.exe"
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [TVTunerLib] "C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] "C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Amazon Unbox.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Recording Status.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1205036502890
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205037132218
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: bfrgnos - {790BBD0F-2252-4878-BA6E-23F9108B50BB} - C:\WINDOWS\bfrgnos.dll (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Amazon Unbox Video Service (ADVService) - Amazon.com - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 14747 bytes

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP