Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Here's my hijack log.

Started by Garret B , Apr 18 2008 04:59 AM

  • This topic is locked This topic is locked

#1
Garret B
Posted 18 April 2008 - 04:59 AM

Garret B

    New Member

  • Member
  • Pip
  • 5 posts
An online analyzer told me I had 5 really dangerous things.

Line: Status: Comments: Actions:
C:\Windows\System32\smss.exe
More info about file smss.exe Legitimate Change status
C:\Windows\system32\csrss.exe
More info about file csrss.exe Legitimate Process found in system process library Change status
C:\Windows\system32\wininit.exe
More info about file wininit.exe Dangerous Item found in 2-spyware.com libraryFile wininit.exe is related to Wollf backdoor. Wininit logs keystrokes, downloads and executes... Change status
C:\Windows\system32\csrss.exe
More info about file csrss.exe Legitimate Process found in system process library Change status
C:\Windows\system32\services.exe
More info about file services.exe Legitimate In most of cases it is legitimate system process, only sometimes can be used by malicious software Change status
C:\Windows\system32\lsass.exe
More info about file lsass.exe Legitimate Process found in system process library Change status
C:\Windows\system32\lsm.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\winlogon.exe
More info about file winlogon.exe Legitimate Process found in system process library Change status
C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\System32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\System32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\system32\SLsvc.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\System32\spoolsv.exe
More info about file spoolsv.exe Legitimate Process found in system process library Change status
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\system32\Dwm.exe Unknown No exact entries found Insert file into database

C:\Windows\Explorer.EXE
More info about file explorer.exe Legitimate Process found in system process library Change status
C:\Windows\system32\rstrui.exe Unknown No exact entries found Insert file into database

c:\Program Files\Common Files\LightScribe\LSSrvc.exe
More info about file lssrvc.exe Legitimate Item found in 2-spyware.com library
The file is related to Light Scribe software. Change status
C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Program Files\Spyware Doctor\pctsAuxs.exe Unknown No exact entries found Insert file into database

C:\Program Files\Spyware Doctor\pctsSvc.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Program Files\Spyware Doctor\pctsTray.exe Unknown No exact entries found Insert file into database

C:\Windows\System32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\Windows\system32\SearchIndexer.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\DRIVERS\xaudio.exe
More info about file xaudio.exe Legitimate Item found in 2-spyware.com library
xaudio.exe is part of the Conexant SoftK56 Modem Driver package and is responsible for Modem Audio... Change status
C:\Program Files\Anonymizer\Anonymizer Software\AnonASW\AnonAswSvc.exe Unknown No exact entries found Insert file into database

C:\Program Files\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\taskeng.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\taskeng.exe Unknown No exact entries found Insert file into database

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
More info about file aluschedulersvc.exe Legitimate Item found in 2-spyware.com library
Related to Symantec anti-virus software. Change status
C:\Windows\System32\svchost.exe
More info about file svchost.exe Legitimate Process found in system process library Change status
C:\hp\support\hpsysdrv.exe
More info about file hpsysdrv.exe Legitimate Item found in 2-spyware.com library
Hewlett Packard related software. hpsysdrv.exe is located in "C:\windows\system\" on all Windows... Change status
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
More info about file osd.exe Legitimate Item found in 2-spyware.com library
File osd.exe displays an icon in the System Tray, which allows a user to change various display... Change status
C:\WINDOWS\RtHDVCpl.exe Unknown No exact entries found Insert file into database

C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe Unknown No exact entries found Insert file into database

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
More info about file hpwuschd2.exe Legitimate Item found in 2-spyware.com library
hpwuschd2.exe is a legitimate process related to Hewlett Packard software. Change status
C:\WINDOWS\System32\rundll32.exe
More info about file rundll32.exe Legitimate Process found in system process library Change status
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe Unknown No exact entries found Insert file into database

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe Unknown No exact entries found Insert file into database

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
More info about file jusched.exe Legitimate Item found in 2-spyware.com library
Checks if there are new versions of Java available. Change status
C:\Program Files\Windows Sidebar\sidebar.exe
More info about file sidebar.exe Dangerous Item found in 2-spyware.com library
sidebar.exe is an executable file which primary purpose is to start a parasite or launch some of... Change status
C:\Program Files\Skype\Phone\Skype.exe
More info about file skype.exe Legitimate Item found in 2-spyware.com library
Skype.exe is an application process that belongs to the Skype instant messaging application. Change status
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe Legitimate Item found in 2-spyware.com library
SAS is one of the best as-programs Change status
C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe Unknown No exact entries found Insert file into database

C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe Unknown No exact entries found Insert file into database

C:\Program Files\Trend Micro\this\HijackThis.exe
More info about file hijackthis.exe Legitimate Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... Change status
C:\Program Files\Windows Sidebar\sidebar.exe
More info about file sidebar.exe Dangerous Item found in 2-spyware.com library
sidebar.exe is an executable file which primary purpose is to start a parasite or launch some of... Change status
C:\WINDOWS\System32\rundll32.exe
More info about file rundll32.exe Legitimate Process found in system process library Change status
C:\Windows\system32\wbem\wmiprvse.exe Legitimate Process found in system process library Change status
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
More info about file ymsgr_tray.exe Legitimate Item found in 2-spyware.com library
ymsgr_tray.exe is part of Yahoo! Instant Messenger. If you are using this Yahoo! service, do not... Change status
C:\hp\kbd\kbd.exe
More info about file kbd.exe Legitimate Item found in 2-spyware.com library
File kbd.exe, which starts a process with the same name, is the main component of Logitech Keyboard... Change status
C:\Program Files\Skype\Plugin Manager\skypePM.exe Unknown No exact entries found Insert file into database

C:\Windows\system32\msiexec.exe
More info about file msiexec.exe Legitimate Item found in 2-spyware.com library
This file is related to Microsoft Windows Installer - it is a system component, used to handle MSI... Change status
C:\Windows\system32\wbem\wmiprvse.exe Legitimate Process found in system process library Change status
C:\Windows\system32\MsiExec.exe
More info about file msiexec.exe Legitimate Item found in 2-spyware.com library
This file is related to Microsoft Windows Installer - it is a system component, used to handle MSI... Change status
\?\C:\Windows\system32\wbem\WMIADAP.EXE Unknown No exact entries found Insert file into database

C:\Program Files\Anonymizer\Anonymizer Software\common\AnonProxy.exe Unknown No exact entries found Insert file into database

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...faults/sb/msgr8
/*http://www.yahoo.com/ext/search/search.html Not necessary http://us.rd.yahoo.c...faults/sb/msgr8
/*http://www.yahoo.com/ext/search/search.html is your Search Bar.
If you do not like this fact, fix this item. Change status
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com Not necessary http://us.rd.yahoo.c...//www.yahoo.com is your Search Page.
If you do not like this fact, fix this item. Change status
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ Not necessary http://www.yahoo.com/ is your start page.
If you do not like this fact, fix this item. Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ Not necessary http://www.yahoo.com/ is your Default Page URL.
If you do not like this fact, fix this item. Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com Not necessary http://us.rd.yahoo.c...//www.yahoo.com is your Default Search URL.
If you do not like this fact, fix this item. Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...faults/sb/msgr8
/*http://www.yahoo.com/ext/search/search.html Not necessary http://us.rd.yahoo.c...faults/sb/msgr8
/*http://www.yahoo.com/ext/search/search.html is your Search Bar.
If you do not like this fact, fix this item. Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com Not necessary http://us.rd.yahoo.c...//www.yahoo.com is your Search Page.
If you do not like this fact, fix this item. Change status
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ Not necessary http://www.yahoo.com/ is your start page.
If you do not like this fact, fix this item. Change status
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Not necessary Fix this item because it points to nowhere Change status
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Not necessary Fix this item because it points to nowhere Change status
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com Not necessary http://us.rd.yahoo.c...//www.yahoo.com is your default SearchURL.
If you do not like this fact, fix this item. Change status
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Not necessary This is your folder of IE toolbar links, but it points to nowhere.
If you do not like this fact, fix this item. Change status
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll Questionable If you do not recognize this entry name "Yahoo! ¤u¨ã¦C" and this path "C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll", then fix this item Change status
O1 - Hosts: ::1 localhost Questionable Do you want an URL address "localhost" to be redirected to "::1" when you type it? If not, then fix this
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll Legitimate Application program item according to inner database
File related to Adobe Acrobat Reader program. Change status

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll Unknown No exact entries found Insert file into database

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
More info about file yiesrvc.dll Legitimate Application program item according to inner database
The file is related to Yahoo! software. Change status

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll Unknown No exact entries found Insert file into database

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll Unknown No exact entries found Insert file into database

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL Unknown No exact entries found Insert file into database

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
More info about file ssv.dll Legitimate System item according to inner database
Related to Java Virtual Machine software, which is legitimate. Change status

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
More info about file yt.dll Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
More info about file hpsysdrv.exe Legitimate System item according to inner database
Hewlett Packard related software. hpsysdrv.exe is located in "C:\windows\system\" on all Windows... Change status

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
More info about file osd.exe Legitimate Application program item according to inner database
File osd.exe displays an icon in the System Tray, which allows a user to change various display... Change status

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe Legitimate Application program item according to inner database
hpwuschd2.exe is a legitimate process related to Hewlett Packard software. Change status

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
More info about file nvcpl.dll Legitimate System item according to inner database
Related to nVidia cards. NvCpl.dll is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... Change status

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
More info about file nvmctray.dll Legitimate System item according to inner database
nVidia graphics cards related. NVMCTRAY.DLL is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... Change status

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
More info about file ccapp.exe Legitimate System item according to inner database
From Symantec: <i>"ccApp.exe is the common hosting application that is used for both NAV and NIS.... Change status

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" Unknown No exact entries found Insert file into database

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
More info about file jusched.exe Legitimate Application program item according to inner database
Checks if there are new versions of Java available. Change status

O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" Unknown No exact entries found Insert file into database

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
More info about file launcher.exe Questionable Questionable item according to inner database
File launcher.exe is related to various programs, including legitimate and malicious. So it is very... Change status

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
More info about file sidebar.exe Dangerous Spyware related item according to inner database
sidebar.exe is an executable file which primary purpose is to start a parasite or launch some of... Change status

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter Unknown No exact entries found Insert file into database

O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun Unknown No exact entries found Insert file into database

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet Unknown No exact entries found Insert file into database

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
More info about file skype.exe Legitimate Application program item according to inner database
Skype.exe is an application process that belongs to the Skype instant messaging application. Change status

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe Legitimate System item according to inner database
SAS is one of the best as-programs Change status

O4 - HKCU\..\Run: [Anonymizer] C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe -nogui Unknown No exact entries found Insert file into database

O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe Unknown No exact entries found Insert file into database

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') Unknown No exact entries found Change status

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') Unknown No exact entries found Insert file into database

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') Unknown No exact entries found Change status

O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe Unknown No exact entries found Insert file into database

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll Not necessary This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll'. If you do not want it to be there, fix this item. Change status

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll Not necessary This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll'. If you do not want it to be there, fix this item. Change status

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll Not necessary This item represents extra button in your IE toolbar with a name 'Send to OneNote' and points to file 'C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item. Change status

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll Not necessary This item represents extra menu item in your Tools menu in IE with a name 'S&end to OneNote' and points to file 'C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item. Change status

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll Legitimate Legitimate extra button in your browser - related to Yahoo! Services. Change status

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll Not necessary This item represents extra button in your IE toolbar with a name 'Skype' and points to file 'C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll'. If you do not want it to be there, fix this item. Change status

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL Not necessary This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL'. If you do not want it to be there, fix this item. Change status

O9 - Extra button: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - C:\Program Files\Active Whois\ieshow.exe Not necessary This item represents extra button in your IE toolbar with a name 'Active Whois' and points to file 'C:\Program Files\Active Whois\ieshow.exe'. If you do not want it to be there, fix this item. Change status

O9 - Extra 'Tools' menuitem: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - C:\Program Files\Active Whois\ieshow.exe Not necessary This item represents extra menu item in your Tools menu in IE with a name 'Active Whois' and points to file 'C:\Program Files\Active Whois\ieshow.exe'. If you do not want it to be there, fix this item. Change status

O13 - Gopher Prefix: Dangerous This item adds a prefix "Gopher Prefix: " for every URL address you enter in the IE and redirects you to wrong address. Fix this item. Change status
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab Questionable Are you using an ActiveX object with a name 'ewidoOnlineScan Control' located in 'http://downloads.ewido.net/ewidoOnlineScan.cab'? If not, fix this item. Change status

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll Questionable Are you using an ActiveX object with a name 'Installation Support' located in 'C:\Program Files\Yahoo!\Common\Yinsthelper.dll'? If not, fix this item. Change status

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab Legitimate Legitimate ActiveX item from site http://security.symantec.com/ Change status

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab Questionable Are you using an ActiveX object with a name 'System Requirements Lab' located in 'http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab'? If not, fix this item. Change status

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL Questionable It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "grooveLocalGWS" and file "C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL". Change status

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL Questionable It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "skype4com" and file "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL". Change status

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll Unknown No exact entries found Change status

O23 - Service: Anonymizer Anti-Spyware Service (AnonAswSvc) - Anonymizer - C:\Program Files\Anonymizer\Anonymizer Software\AnonASW\AnonAswSvc.exe Unknown No exact entries found Insert file into database

O23 - Service: Anonymizer Management Service (AnonMgmtSvc) - Anonymizer - C:\Program Files\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe Unknown No exact entries found Insert file into database

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
More info about file aluschedulersvc.exe Legitimate Item found in 2-spyware.com database.
Related to Symantec anti-virus... Change status

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe Legitimate Related to Norton/Symantec AntiVirus Change status

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe Legitimate Related to Norton/Symantec AntiVirus. Change status

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe Unknown No exact entries found Insert file into database

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe Unknown No exact entries found Insert file into database

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe Legitimate Related to Macrovision Corporation. Change status

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
More info about file lssrvc.exe Legitimate Item found in 2-spyware.com database.
The file is related to Light Scribe... Change status

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE Unknown No exact entries found Insert file into database

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe Unknown No exact entries found Insert file into database

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe Unknown No exact entries found Insert file into database

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe Unknown No exact entries found Insert file into database

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe Unknown No exact entries found Insert file into database

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe Unknown No exact entries found Insert file into database

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
More info about file symlcsvc.exe Legitimate Item found in 2-spyware.com database.
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... Change status

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
More info about file xaudio.exe Legitimate Item found in 2-spyware.com database.
xaudio.exe is part of the Conexant SoftK56 Modem Driver package and is responsible for Modem Audio... Change status
  • 0

Advertisements

#2
Rorschach112
Posted 18 April 2008 - 05:20 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Stop making multiple topics

Please read the rules
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP