Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

help needed to remove Malwares/Trojans


  • Please log in to reply

#1
rockywang

rockywang

    New Member

  • Member
  • Pip
  • 2 posts
My computer is running Windows XP Pro w/SP2. I found it has been hit by some malware/trojan viruses. I've tried many different softwares to kill them, such as the VirusScan, GMER, Reanimator/Regrun. They have found I got hit by srosa.sys, hldrrr.exe, wintems.exe, flec006.exe, and mdelk.exe. Only Malwarebytes' Anti-Malware seems to be effective to kill flec006.exe. The other viruses are very difficult to kill. Recently, my Windows cannot run system restore/updates, my IE cannot run java scripts, my VirusScan cannot do on-access scan and I cannot reinstall it. The worst problem is that some recently downloaded anti-virus applications cannot be run. It gives me "*.exe is not a valid Win32 application" error. Even HijackThis gives me the same error. I followed the instructions in other posts to run Combo-Fix. It was successful. So I am posting the log file below. Please help me check what the next step I should do. Thank you very much!

ComboFix 08-06-16.5 - Gang 2008-06-17 18:42:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.936.86.1033.18.58 [GMT -4:00]
Running from: C:\Documents and Settings\Gang\Desktop\Combo-Fix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin.zip
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\#SharedObjects\TUZFUNDX\www.inter-focus.cn
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\#SharedObjects\TUZFUNDX\www.inter-focus.cn\flashad-v5-stop_firstput_mute.swf\IFFLASHAD.sol
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn\settings.sol
C:\Documents and Settings\Gang\Local Settings\Temporary Internet Files\Tvm.log
C:\WINDOWS\inf\MSView.inf
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\289921.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdm.exe
C:\WINDOWS\system32\uninstall.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((( Files Created from 2008-05-17 to 2008-06-17 )))))))))))))))))))))))))))))))
.

2008-06-16 17:48 . 2004-08-04 03:56 116,224 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxwiadr.dll
2008-06-16 17:48 . 2001-08-17 22:37 99,865 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xlog.exe
2008-06-16 17:48 . 2001-08-17 22:37 27,648 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxftplt.exe
2008-06-16 17:48 . 2001-08-17 22:36 23,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxwbtmp.dll
2008-06-16 17:48 . 2001-08-17 22:36 17,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxscnui.dll
2008-06-16 17:48 . 2001-08-17 22:37 4,608 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxflnch.exe
2008-06-16 17:47 . 2001-08-17 13:28 771,581 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winacisa.sys
2008-06-16 17:47 . 2002-08-29 01:59 154,624 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wlluc48.sys
2008-06-16 17:47 . 2001-08-17 22:36 87,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wiafbdrv.dll
2008-06-16 17:47 . 2001-08-17 22:36 53,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wiamsmud.dll
2008-06-16 17:47 . 2001-08-17 12:12 34,890 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wlandrv2.sys
2008-06-16 17:47 . 2004-08-04 01:29 19,455 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wvchntxx.sys
2008-06-16 17:47 . 2001-08-17 12:11 16,970 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xem336n5.sys
2008-06-16 17:47 . 2004-08-04 01:29 12,063 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wsiintxx.sys
2008-06-16 17:47 . 2004-08-04 02:07 8,832 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wmiacpi.sys
2008-06-16 17:47 . 2004-08-04 03:56 8,192 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wshirda.dll
2008-06-16 17:45 . 2001-08-17 13:28 765,884 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usrti.sys
2008-06-16 17:45 . 2001-08-17 13:28 687,999 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usrwdxjs.sys
2008-06-16 17:45 . 2001-08-17 13:28 604,253 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\vmodem.sys
2008-06-16 17:45 . 2001-08-17 13:28 397,502 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\vpctcom.sys
2008-06-16 17:45 . 2001-08-17 12:14 249,402 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\vinwm.sys
2008-06-16 17:45 . 2001-08-17 13:28 224,802 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usr1807a.sys
2008-06-16 17:45 . 2001-08-17 13:28 113,762 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usrpda.sys
2008-06-16 17:45 . 2001-08-17 13:49 24,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\viairda.sys
2008-06-16 17:45 . 2001-08-17 13:28 7,556 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usroslba.sys
2008-06-16 17:43 . 2001-08-17 22:36 525,568 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridxp.dll
2008-06-16 17:43 . 2001-08-17 14:56 440,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridkb.dll
2008-06-16 17:43 . 2001-08-17 22:36 216,064 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\um34scan.dll
2008-06-16 17:43 . 2001-08-17 22:36 211,968 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\um54scan.dll
2008-06-16 17:43 . 2001-08-17 12:51 166,784 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridxpm.sys
2008-06-16 17:43 . 2001-08-17 12:51 159,232 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridkbm.sys
2008-06-16 17:43 . 2001-08-17 22:36 50,176 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\umaxp60.dll
2008-06-16 17:43 . 2001-08-17 22:36 47,616 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\umaxcam.dll
2008-06-16 17:43 . 2001-08-17 13:58 22,912 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\umaxpcls.sys
2008-06-16 17:43 . 2001-08-17 13:48 11,520 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\twotrack.sys
2008-06-16 17:42 . 2001-08-17 14:56 315,520 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\trid3d.dll
2008-06-16 17:42 . 2001-08-17 14:01 241,664 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tosdvd02.sys
2008-06-16 17:42 . 2001-08-17 14:02 230,912 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tosdvd03.sys
2008-06-16 17:42 . 2001-08-17 12:51 222,336 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\trid3dm.sys
2008-06-16 17:42 . 2001-08-17 12:14 123,995 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tjisdn.sys
2008-06-16 17:42 . 2004-08-04 03:56 82,432 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tp4mon.exe
2008-06-16 17:42 . 2001-08-17 22:35 42,496 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tp4res.dll
2008-06-16 17:42 . 2001-08-17 12:12 34,375 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tpro4.sys
2008-06-16 17:42 . 2001-08-17 22:36 31,744 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tp4.dll
2008-06-16 17:42 . 2001-08-17 12:10 28,232 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tos4mo.sys
2008-06-16 17:41 . 2004-08-04 02:00 149,376 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tffsport.sys
2008-06-16 17:41 . 2001-08-17 12:51 138,528 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tgiulnt5.sys
2008-06-16 17:41 . 2001-08-17 14:56 81,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tgiul50.dll
2008-06-16 17:41 . 2001-08-17 12:13 37,961 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tdk100b.sys
2008-06-16 17:41 . 2001-08-17 12:50 36,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\t2r4mini.sys
2008-06-16 17:41 . 2001-08-17 13:49 30,464 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tbatm155.sys
2008-06-16 17:41 . 2001-08-17 12:13 17,129 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tdkcd31.sys
2008-06-16 17:41 . 2001-08-17 13:52 7,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tandqic.sys
2008-06-16 17:40 . 2001-08-17 14:56 172,768 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\t2r4disp.dll
2008-06-16 17:40 . 2001-08-17 22:36 155,648 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stlnprop.dll
2008-06-16 17:40 . 2001-08-17 13:50 103,936 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sx.sys
2008-06-16 17:40 . 2001-08-17 22:36 94,293 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sxports.dll
2008-06-16 17:40 . 2001-08-17 22:36 53,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sw_wheel.dll
2008-06-16 17:40 . 2001-08-17 22:36 53,248 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stlncoin.dll
2008-06-16 17:40 . 2001-08-17 22:36 41,472 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sw_effct.dll
2008-06-16 17:40 . 2001-08-17 22:36 10,240 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\swpidflt.dll
2008-06-16 17:40 . 2001-08-17 22:36 10,240 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\swpdflt2.dll
2008-06-16 17:40 . 2001-08-17 14:02 3,968 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\swusbflt.sys
2008-06-16 17:39 . 2001-08-17 12:18 285,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stlnata.sys
2008-06-16 17:39 . 2001-08-17 22:36 106,584 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\spdports.dll
2008-06-16 17:39 . 2001-08-17 22:36 99,328 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\srusd.dll
2008-06-16 17:39 . 2001-08-17 13:51 61,824 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\speed.sys
2008-06-16 17:39 . 2001-08-17 12:11 48,736 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\srwlnd5.sys
2008-06-16 17:39 . 2001-08-17 22:36 24,660 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\spxupchk.dll
2008-06-16 17:39 . 2001-08-17 13:51 16,896 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stcusb.sys
2008-06-16 17:39 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonypvu1.sys
2008-06-16 17:38 . 2001-08-17 14:56 147,200 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\smidispb.dll
2008-06-16 17:38 . 2001-08-17 22:36 114,688 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonypi.dll
2008-06-16 17:38 . 2001-08-17 12:51 58,368 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\smiminib.sys
2008-06-16 17:38 . 2001-08-17 12:51 37,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonypi.sys
2008-06-16 17:38 . 2001-08-17 12:12 25,034 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\smcpwr2n.sys
2008-06-16 17:38 . 2001-08-17 12:51 20,752 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonync.sys
2008-06-16 17:38 . 2001-08-17 13:53 9,600 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonymc.sys
2008-06-16 17:38 . 2004-08-04 02:00 7,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonyait.sys
2008-06-16 17:38 . 2001-08-17 13:53 7,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\snyaitmc.sys
2008-06-16 17:36 . 2001-08-17 14:56 252,032 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis300iv.dll
2008-06-16 17:36 . 2001-08-17 22:36 238,592 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisgrv.dll
2008-06-16 17:36 . 2001-08-17 14:56 157,696 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisv256.dll
2008-06-16 17:36 . 2001-08-17 14:56 150,144 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis6306v.dll
2008-06-16 17:36 . 2001-08-17 12:50 104,064 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisgrp.sys
2008-06-16 17:36 . 2001-08-17 12:50 101,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis300ip.sys
2008-06-16 17:36 . 2001-08-17 12:12 94,698 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sk98xwin.sys
2008-06-16 17:36 . 2001-08-17 12:50 68,608 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis6306p.sys
2008-06-16 17:36 . 2001-08-17 12:50 50,432 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisv.sys
2008-06-16 17:36 . 2004-08-04 01:31 32,768 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisnic.sys
2008-06-16 17:35 . 2001-08-17 22:36 386,560 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgiul50.dll
2008-06-16 17:35 . 2001-07-21 14:29 161,568 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgsmusb.sys
2008-06-16 17:35 . 2001-08-17 12:51 98,080 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgiulnt5.sys
2008-06-16 17:35 . 2001-07-21 14:29 18,400 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgsmld.sys
2008-06-16 17:35 . 2001-08-17 13:48 17,664 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sermouse.sys
2008-06-16 17:35 . 2001-08-17 13:53 10,880 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scsiscan.sys
2008-06-16 17:35 . 2001-08-17 13:53 6,912 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\seaddsmc.sys
2008-06-16 17:35 . 2001-08-17 13:53 6,784 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\serscan.sys
2008-06-16 17:34 . 2001-08-17 14:56 245,632 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3savmx.dll
2008-06-16 17:34 . 2001-08-17 14:56 198,400 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav4.dll
2008-06-16 17:34 . 2001-08-17 12:50 77,824 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav4m.sys
2008-06-16 17:34 . 2001-08-17 12:50 75,392 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3savmxm.sys
2008-06-16 17:34 . 2004-08-04 01:59 43,136 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sbp2port.sys
2008-06-16 17:34 . 2001-08-17 13:51 23,936 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sccmusbm.sys
2008-06-16 17:34 . 2001-08-17 13:51 23,936 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sccmn50m.sys
2008-06-16 17:34 . 2001-08-17 13:51 17,280 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scr111.sys
2008-06-16 17:34 . 2001-08-17 13:51 16,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scmstcs.sys
2008-06-16 17:34 . 2001-08-17 13:52 11,648 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scsiprnt.sys
2008-06-16 17:33 . 2001-08-17 14:56 210,496 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mvirge.dll
2008-06-16 17:33 . 2001-08-17 14:56 182,272 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mt3d.dll
2008-06-16 17:33 . 2001-08-17 14:56 179,264 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav3d.dll
2008-06-16 17:33 . 2001-08-17 12:50 166,720 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3m.sys
2008-06-16 17:33 . 2001-08-17 22:36 82,432 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rwia450.dll
2008-06-16 17:33 . 2001-08-17 22:36 79,872 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rwia430.dll
2008-06-16 17:33 . 2001-08-17 13:57 65,664 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3legacy.sys
2008-06-16 17:33 . 2001-08-17 22:36 62,496 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mtrio.dll
2008-06-16 17:33 . 2001-08-17 12:50 61,504 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav3dm.sys
2008-06-16 17:33 . 2001-08-17 12:50 41,216 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mt3d.sys
2008-06-16 17:32 . 2004-08-04 01:59 79,104 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rocket.sys
2008-06-16 17:32 . 2001-08-17 12:12 37,563 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rlnet5.sys
2008-06-16 17:32 . 2001-08-17 12:19 30,720 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rthwcls.sys
2008-06-16 17:32 . 2001-08-17 22:36 26,624 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rw450ext.dll
2008-06-16 17:32 . 2001-08-17 22:36 24,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rw430ext.dll
2008-06-16 17:32 . 2001-08-17 12:12 19,017 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rtl8029.sys
2008-06-16 17:32 . 2001-08-17 22:36 9,216 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rsmgrstr.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-15 05:13 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-07 20:45 --------- d-----w C:\Program Files\McAfee
2008-06-07 20:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-31 04:29 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-05-31 04:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2008-05-31 01:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-16 17:39 --------- d-----w C:\Program Files\eMule
2008-05-03 06:03 --------- d-----w C:\Program Files\Adobe Media Player
2008-05-03 06:02 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-04-18 23:41 --------- d-----w C:\Program Files\Java
2008-03-18 23:07 77,592 ----a-w C:\Documents and Settings\Gang\Application Data\GDIPFONTCACHEV1.DAT
2004-06-03 19:38 168,641 ----a-w C:\Documents and Settings\Gang\Application Data\tvmknwrd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-24 18:22 1916928]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [2006-02-24 10:06 704512]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"SUPERAntiSpyware"="C:\Downloads\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39 1310720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dell|Alert"="C:\Program Files\Dell\Support\Alert\bin\DAMon.exe" [2002-07-11 16:15 270336]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
"UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 02:00 90112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-09-30 03:25 96984]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [2002-08-29 00:39 455168]
"PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [2002-08-29 00:39 455168]
"nwiz"="nwiz.exe" [2003-10-06 14:16 741376 C:\WINDOWS\SYSTEM32\nwiz.exe]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 14:16 5058560]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"MSPY2002"="C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe" [2002-08-29 00:39 59392]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 14:39 136768]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 01:13 774168]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 01:12 488984]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 01:31 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2001-08-18 07:00 44032]
"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [2001-03-28 02:00 102400]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 17:44 679936]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 03:56 15360]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
WinStartUpDll.exe [2004-01-24 21:09:50 700385]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 01:19:50 217193]
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2002-11-25 21:01:21 114688]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2002-09-06 04:40:03 45056]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]
Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2001-08-07 18:06:54 24633]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Downloads\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Downloads\SUPERAntiSpyware\SASWINLO.dll 2007-02-27 11:39 282624 C:\Downloads\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\System32\ctmp3.acm
"msacm.l3acm"= L3codecp.acm
"aux"= ctwdm32.dll
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.DIVF"= DivX412.dll
"VIDC.HFYU"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm
"msacm.l3radius"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Kingsoft\\PowerWord 2005\\XDICT.EXE"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Invitrogen\\Vector NTI Advance 10\\Vector NTI 10.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\Gang\\Desktop\\ivs\\ivs.exe"=
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

S2 Ca533av;DV Cam(Video);C:\WINDOWS\system32\Drivers\Ca533av.sys []
S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\13.tmp []
S3 RegGuard;RegGuard;C:\WINDOWS\system32\Drivers\regguard.sys [2008-06-06 01:04]
S3 USBCamera;DSC Still Image Capture (CA533A);C:\WINDOWS\system32\Drivers\Bulk533.sys []
S4 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys [2001-08-23 08:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0896b9c5-2d36-11dd-ab34-00038a000015}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17500ee6-2ea6-11dc-a9b9-00038a000015}]
\Shell\AutoRun\command - H:\nideiect.com
\Shell\explore\Command - H:\nideiect.com
\Shell\open\Command - H:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a92406-cef7-11da-a80a-00038a000015}]
\Shell\AutoRun\command - H:\nideiect.com
\Shell\explore\Command - H:\nideiect.com
\Shell\open\Command - H:\nideiect.com

.
Contents of the 'Scheduled Tasks' folder
"2008-02-12 17:54:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-17 18:56:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\C:\WINDOWS\system32\13.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tsd32.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
C:\WINDOWS\SYSTEM32\devldr32.exe
C:\WINDOWS\SYSTEM32\conime.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
.
**************************************************************************
.
Completion time: 2008-06-17 19:18:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-17 23:17:50

Pre-Run: 3,731,722,240 bytes free
Post-Run: 4,514,959,360 bytes free

311 --- E O F --- 2008-06-17 23:04:42
  • 0

Advertisements


#2
rockywang

rockywang

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
After running Combo-Fix, I was able to reinstall and run Hijack This. Here is the log file it generated. Thank you!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:45 AM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Downloads\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
C:\Downloads\HijackThis\HijackThis.exe

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\Net Transport\NTIEHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Downloads\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Registration-Pinnacle Express.lnk = C:\Program Files\Pinnacle\Pinnacle Express\EReg\RegTool.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\smARTupdate.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: ?eé?′ê°? 2005.lnk (User 'SYSTEM')
O4 - .DEFAULT Startup: Registration-Pinnacle Express.lnk = C:\Program Files\Pinnacle\Pinnacle Express\EReg\RegTool.exe (User 'Default user')
O4 - .DEFAULT Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\smARTupdate.exe (User 'Default user')
O4 - .DEFAULT Startup: ?eé?′ê°? 2005.lnk (User 'Default user')
O4 - Startup: Registration-Pinnacle Express.lnk = C:\Program Files\Pinnacle\Pinnacle Express\EReg\RegTool.exe
O4 - Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\smARTupdate.exe
O4 - Startup: ?eé?′ê°? 2005.lnk
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: Download all by Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - https://components.v...point/0105.html
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxres...m/Preloader.dll
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} (Image Uploader Control) - http://gianteagle.li...PUploader45.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective....torLauncher.cab
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} (Image Uploader Control) - http://gianteagle.li...PUploader45.cab
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://198.99.241.12.../ACNePlayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai...0/Installer.exe
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai...l/installer.exe
O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions Participant Control(MR)) - http://online.invoke...1445/MILive.cab
O16 - DPF: {DADE1C2F-5A48-445C-82B5-3A5F102E84DF} (LifePicsUploader.UserControl1) - http://meijer.lifepi...icsUploader.CAB
O16 - DPF: {F992FDC0-DAA7-4774-B01C-E9DFF19FE0FE} (Invoke Solutions MILive Participant Control(MR)) - http://online.invoke...7206/MILive.cab
O18 - Protocol: ncbi8 - {2B576DD3-0B3E-4718-BCBF-B15E4FB8009D} - C:\Program Files\Invitrogen\Vector NTI Advance 10\Ncbi.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Downloads\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 10239 bytes
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP