Tech Support banner

Status
Not open for further replies.
1 - 4 of 4 Posts

·
Registered
Joined
·
18 Posts
Discussion Starter #1 (Edited)
When I was using Norton Internet Security earlier today I noticed that when I ran a full system scan, in the area that tells you what is currently being scanned I saw a LOT of:
Adware. ___
Trojan. ___
Backdoor. ___
Spyware. ___
Trackware. ___
w32. ___
and so on...
___ = the name/words after the dot.

But Norton just scans it, it doesn't pick it up as a risk. So I can't quarantine or remove any of it. I've tried CA eTrust, AVG, Spybot and Adaware...none of them have picked up anything except cookies. I've tried scanning in safe-mode as well.

As far as I can see I haven't got any of the symptons (that I know of anyway). My homepage is still the same, I don't get random pop-ups or see advertisements on my browser. Though sometimes my mouse ends up on the other side of the screen or has a right-click window without me doing anything...is that something to worry about? And sometimes my internet is slow when loading a page (but not when streaming something).

So, are these really infecting my computer?
If so...
Why hasn't any of the programs detected anything?
And what can I do to get rid of them?

5 Steps to do before posting:
1) Done.
2) Panda ActiveScan doesn't work with Vista...is there something else I can use?
3) I already have a spyware program and don't use IE...do I still need to download them?
4) Done.
 

·
Registered
Joined
·
18 Posts
Discussion Starter #2
Deckard's System Scanner v20071014.68
Run by User on 2007-11-22 22:06:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-22 22:10:00
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\System32\taskeng.exe
C:\Windows\explorer.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.21\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovep.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CAGlobal.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\Light\CAGlobalLight.exe
C:\Users\User\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/homepage/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CallingIDIE.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CallingIDIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinSys2] C:\Windows\system32\startup.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.21\QOELoader.exe"
O4 - HKLM\..\Run: [cafw] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\isafe.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


--
End of file - 8724 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 pgfilter - \??\c:\program files\peerguardian2\pgfilter.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-22 20:44:11 512 --a------ C:\Windows\Tasks\CAAntiSpywareScan_Daily as User at 8 42 PM.job


-- Files created between 2007-10-22 and 2007-11-22 -----------------------------

2007-11-22 20:42:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-22 20:41:50 0 d-------- C:\Windows\Downloaded Installations
2007-11-22 20:41:46 0 d-------- C:\Program Files\Common Files\Scanner
2007-11-22 20:41:28 0 d-------- C:\Users\All Users\CA
2007-11-22 20:41:24 0 d-------- C:\Program Files\CA
2007-11-22 20:36:49 0 d-------- C:\Users\User\.housecall6.6
2007-11-22 20:31:11 0 d-------- C:\Windows\system32\appmgmt
2007-11-22 19:28:33 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-11-22 16:21:44 0 d-------- C:\Program Files\MediaCoder
2007-11-15 17:46:35 0 d-------- C:\Program Files\Microsoft IntelliPoint 5.5
2007-11-14 12:45:07 0 d-------- C:\Users\All Users\Viewpoint
2007-11-14 12:45:06 0 d-------- C:\Program Files\Viewpoint
2007-11-14 12:44:56 0 d-------- C:\Users\All Users\AOL
2007-11-14 12:44:56 0 d-------- C:\Users\All Users\AOL OCP
2007-11-14 12:44:43 0 d-------- C:\Program Files\Common Files\AOL
2007-11-14 12:44:37 0 d-------- C:\Program Files\AIM6
2007-11-12 13:38:36 304128 --a------ C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-11-12 13:38:20 0 -rahs---- C:\MSDOS.SYS
2007-11-12 13:38:20 0 -rahs---- C:\IO.SYS
2007-11-11 19:51:38 0 d-------- C:\Users\User\Shared
2007-11-11 19:21:08 0 d-------- C:\Program Files\LimeWire
2007-11-10 17:52:36 0 d-------- C:\Program Files\Common Files\PX Storage Engine
2007-11-10 17:52:32 0 d-------- C:\Program Files\DivX
2007-11-09 14:04:29 0 d-------- C:\Program Files\iPod
2007-11-09 14:04:26 0 d-------- C:\Program Files\iTunes
2007-11-09 14:02:59 0 d-------- C:\Program Files\QuickTime
2007-11-06 21:20:12 0 d-------- C:\Windows\system32\URTTEMP
2007-11-06 21:14:10 0 d-------- C:\Program Files\Nancy Drew
2007-11-05 17:13:07 28857 -----n--- C:\Windows\system32\drivers\enethusb.sys <Not Verified; Siemens Subscriber Networks, Inc.; Speedstream Ethernet USB Adapter>
2007-11-05 17:13:07 0 d-------- C:\Program Files\Siemens Subscriber Networks
2007-11-04 17:47:43 0 d-------- C:\Program Files\IZArc
2007-11-04 16:38:13 0 d-------- C:\Program Files\PeerGuardian2
2007-11-04 13:55:51 0 d-------- C:\Users\All Users\Azureus
2007-11-04 13:53:45 0 d-------- C:\Program Files\Azureus
2007-11-04 12:17:30 0 d-------- C:\Program Files\SystemRequirementsLab
2007-11-03 23:56:19 0 d-------- C:\Users\All Users\Messenger Plus!
2007-11-02 14:50:12 0 d-------- C:\Program Files\AviSynth 2.5
2007-11-02 14:50:11 0 d-------- C:\Program Files\Videora
2007-11-01 23:37:48 0 d-------- C:\Program Files\Windows Live
2007-11-01 23:37:47 0 d-------- C:\Program Files\Messenger Plus! Live
2007-11-01 21:03:01 0 d-------- C:\Users\All Users\Microsoft Corporation
2007-11-01 21:02:45 0 d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2007-11-01 20:28:25 0 d-------- C:\Users\User\Incomplete
2007-11-01 15:25:06 0 d-------- C:\Users\All Users\Adobe Systems
2007-11-01 15:17:31 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-11-01 14:29:28 164352 --a------ C:\Windows\system32\unrar.dll
2007-11-01 14:29:27 7680 --a------ C:\Windows\system32\ff_vfw.dll
2007-11-01 14:29:25 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-11-01 14:11:59 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2007-11-01 14:09:32 0 d-------- C:\Program Files\Microsoft IntelliPoint
2007-11-01 14:07:10 0 d-------- C:\Users\All Users\Adobe
2007-11-01 14:06:51 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-01 13:56:31 0 d-------- C:\Program Files\Java
2007-11-01 13:55:17 0 d-------- C:\Program Files\Common Files\Java
2007-11-01 13:48:34 0 d-------- C:\Users\All Users\CyberLink
2007-11-01 13:48:29 0 d-------- C:\Program Files\CyberLink
2007-11-01 13:48:29 0 d-------- C:\Program Files\ASUSTek
2007-11-01 13:32:06 0 d-------- C:\Users\All Users\Apple Computer
2007-11-01 13:31:40 0 d-------- C:\Program Files\Apple Software Update
2007-11-01 13:30:51 0 d-------- C:\Users\All Users\Apple
2007-11-01 13:30:51 0 d-------- C:\Program Files\Common Files\Apple
2007-10-31 20:31:49 0 d-------- C:\Program Files\Sims2Pack Clean Installer
2007-10-31 20:30:31 0 d-------- C:\Program Files\Sims2RoboFileMaid3000
2007-10-31 14:55:23 0 d-------- C:\Program Files\MSN Messenger
2007-10-31 14:51:38 0 --a------ C:\Windows\nsreg.dat
2007-10-31 13:29:45 0 d-------- C:\Users\All Users\Symantec
2007-10-31 13:29:44 0 d-------- C:\Program Files\Common Files\Symantec Shared


-- Find3M Report ---------------------------------------------------------------

2007-11-22 20:52:17 0 d-------- C:\Users\User\AppData\Roaming\CallingID
2007-11-22 20:42:06 0 d-------- C:\Program Files\Common Files
2007-11-19 15:26:13 0 d-------- C:\Users\User\AppData\Roaming\Azureus
2007-11-18 17:25:15 0 d-------- C:\Users\User\AppData\Roaming\Adobe
2007-11-15 15:19:34 0 d-------- C:\Users\User\AppData\Roaming\CyberLink
2007-11-14 17:58:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-14 12:46:24 0 d-------- C:\Users\User\AppData\Roaming\acccore
2007-11-14 11:49:31 0 d-------- C:\Program Files\Windows Mail
2007-11-13 12:59:20 0 d-------- C:\Users\User\AppData\Roaming\mIRC
2007-11-12 14:48:48 0 d-------- C:\Users\User\AppData\Roaming\DivX
2007-11-11 19:28:27 0 d-------- C:\Users\User\AppData\Roaming\LimeWire
2007-11-06 21:13:38 0 d-------- C:\Users\User\AppData\Roaming\InstallShield
2007-11-04 17:39:33 0 d-------- C:\Users\User\AppData\Roaming\Ahead
2007-11-04 12:17:30 0 d-------- C:\Users\User\AppData\Roaming\SystemRequirementsLab
2007-11-01 14:16:39 0 d-------- C:\Users\User\AppData\Roaming\Media Player Classic
2007-11-01 13:47:53 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-01 13:33:19 0 d-------- C:\Users\User\AppData\Roaming\Apple Computer
2007-10-31 20:30:44 0 d-------- C:\Program Files\EA GAMES
2007-10-31 19:49:39 0 d-------- C:\Users\User\AppData\Roaming\Macromedia
2007-10-31 15:09:50 174 --ahs---- C:\Program Files\desktop.ini
2007-10-31 15:06:51 0 d-------- C:\Program Files\Windows Calendar
2007-10-31 14:51:36 0 d-------- C:\Users\User\AppData\Roaming\Mozilla
2007-10-31 13:33:06 0 d-------- C:\Users\User\AppData\Roaming\Symantec
2007-10-30 21:37:11 0 dr-h----- C:\Users\User\AppData\Roaming\SecuROM
2007-10-20 09:56:16 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2007-10-20 09:54:28 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-10-20 09:54:28 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-10-20 09:54:12 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-20 09:54:12 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-20 09:54:12 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-20 09:54:10 739840 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-18 18:02:34 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [15/05/2007 02:22 PM]
"RtHDVCpl"="RtHDVCpl.exe" [13/06/2007 02:11 PM C:\Windows\RtHDVCpl.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [13/01/2006 07:40 AM]
"WinSys2"="C:\Windows\system32\startup.exe" [01/06/2006 02:21 PM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [12/09/2007 06:28 AM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [12/09/2007 06:28 AM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [12/09/2007 06:28 AM]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [31/10/2003 07:42 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [31/08/2007 12:01 PM]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [21/11/2006 05:08 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [19/10/2007 08:16 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/11/2007 06:36 PM]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [14/10/2007 04:06 PM]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [14/10/2007 03:31 PM]
"QOELOADER"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.21\QOELoader.exe" [22/11/2007 08:42 PM]
"cafw"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [17/10/2007 10:27 PM]
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [17/10/2007 10:27 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [02/11/2006 09:33 PM]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [02/06/2007 03:59 PM]
"Aim6"="" []

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 7:16:50 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{1869181A-9F50-4FCF-8BFF-1B8588ECB85C}"= C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\LinkAdvisor\CIDLinkAdvisor.dll [15/10/2007 09:40 PM 1373624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
UmxWnp.Dll 18/05/2007 02:30 PM 79368 C:\Windows\System32\UmxWNP.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

*Newly Created Service* - KMXAGENT
*Newly Created Service* - KMXCF
*Newly Created Service* - KMXCFG
*Newly Created Service* - KMXFILE
*Newly Created Service* - KMXFILTER
*Newly Created Service* - KMXFW
*Newly Created Service* - KMXSBX
*Newly Created Service* - VET-FILT
*Newly Created Service* - VET-REC
*Newly Created Service* - VETEBOOT
*Newly Created Service* - VETEFILE
*Newly Created Service* - VETMONNT

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- Hosts -----------------------------------------------------------------------

127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com

7517 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2007-11-22 22:12:32 ------------
 

Attachments

1 - 4 of 4 Posts
Status
Not open for further replies.
Top