| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 97708 | 2009-02-24 15:46:00 | PC Problems need help | Robert1234 (14649) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 751124 | 2009-02-24 15:46:00 | When I run spybot, about half way through my computer will shut off, same thing when I run a virus scan. And now I am losing my internet connection about evey hour. Could I be hijacked or do I have a virus? Any help? Thank You:thanks | Robert1234 (14649) | ||
| 751125 | 2009-02-24 17:54:00 | PC shuts down when running spybot and a few others and now I am losing my Internet connection about every hour, any help out there? TIA Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\System32\LXSUPMON.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\Program Files\McAfee\McAfee Firewall\CPD.EXE C:\Program Files\McAfee\McAfee Firewall\CPDCLNT.EXE C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre6\bin\javaw.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = us.etrade.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.inbox.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.inbox.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by CenturyTel F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5 Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\ROBERT PLAIR\Application Data\Mozilla\Profiles\default\3so3g4l0.slt\prefs.j s) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [Alogserv] C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServicesOnce: [InstallNAIProduct] "C:\bundle\McAfee\VSC\vsStart.EXE" /RUNKEY O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor O4 - HKCU\..\Run: [Anonymizer] C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe -nogui O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ROBERT~1\LOCALS~1\Temp\CUninst.exe" "/remove" O4 - HKCU\..\Run: [Antivirus] C:\Program Files\SPP\SPP.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {11B2C0D3-DFFB-11D3-9253-00500498D7E5} (ShowSetupObj5 Class) - invite.mshow.com/(3xijtai3xkr0e155xce4oofy) O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - us.dl1.yimg.com O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Plug-in 1.4.1_02) - O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVSync Manager (AvSynMgr) - Networks Associates Technologies, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Firewall - Networks Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe -- End of file - 8090 bytes |
Robert1234 (14649) | ||
| 751126 | 2009-02-24 19:20:00 | Hi Robert - welcome to PressF1 :thumbs: Disable system restore, then download ccleaner (www.ccleaner.com) (run both the Cleaner and Registry options). Download malwarebytes (www.malwarebytes.org), update it and run a full scan, and lastly, get Trojan Remover (www.simplysup.com), update it and run a scan. Run all the utilities from that menu also. I'd uninstall McAfee as well; it's really resource-hungry, and not that good and picking up/preventing infection. Get avast! for a good free AV app, or NOD32/Kaspersky if you don't mind paying for one. Post another HJT log here when the scans are done! :) |
nofam (9009) | ||
| 751127 | 2009-02-24 19:56:00 | Wrong forum, should be in the other one. The mods will move it. Run Spybot and Malware Bytes in Safe mode. Also post a Hijackthis log here for Speedy to view for you. |
pctek (84) | ||
| 751128 | 2009-02-24 20:02:00 | F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - (no file) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ROBERT~1\LOCALS~1\Temp\CUninst.exe" "/remove" O4 - HKCU\..\Run: [Antivirus] C:\Program Files\SPP\SPP.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O16 - DPF: {11B2C0D3-DFFB-11D3-9253-00500498D7E5} (ShowSetupObj5 Class) - invite.mshow.com/(3xijtai3xkr0e155xce4oofy) O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Remove |
pctek (84) | ||
| 751129 | 2009-02-24 21:40:00 | You might also like to to disable autorestart, right click my computer>properties>advanced>Under startup and recovery>settings>Untick Automatically restart | Blam (54) | ||
| 751130 | 2009-02-25 01:49:00 | Thank you all! How do you disable the restore? I did down load the 3 spywares and ran them. plus I took out the ones that he wanted me to take out. Here is my new list, did i miss anything. Thank you all again! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\System32\LXSUPMON.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\Program Files\McAfee\McAfee Firewall\CPD.EXE C:\Program Files\McAfee\McAfee Firewall\CPDCLNT.EXE C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = us.etrade.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.inbox.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.inbox.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by CenturyTel N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5 Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\ROBERT PLAIR\Application Data\Mozilla\Profiles\default\3so3g4l0.slt\prefs.j s) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O4 - HKLM\..\Run: [Alogserv] C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServicesOnce: [InstallNAIProduct] "C:\bundle\McAfee\VSC\vsStart.EXE" /RUNKEY O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor O4 - HKCU\..\Run: [Anonymizer] C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe -nogui O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - us.dl1.yimg.com O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Plug-in 1.4.1_02) - O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} - O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVSync Manager (AvSynMgr) - Networks Associates Technologies, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Firewall - Networks Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe -- End of file - 6502 bytes |
Robert1234 (14649) | ||
| 751131 | 2009-02-25 02:16:00 | To disable SR, right click my computer>properties>system restore tab>tick "turn off SR on all drives" | Blam (54) | ||
| 751132 | 2009-02-25 03:17:00 | Tick these as well Uninstall all versions of Java then install the latest version ONLY (you've got 3 versions installed) O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} - |
Speedy Gonzales (78) | ||
| 751133 | 2009-02-25 04:19:00 | Another thing is, I put my PC in the safe mode and some thing turns my power off so I can't do anything? So as fast as I could I msconfig it back out to the normal mode, very confused! I disable my restore, should I put it back now? How does this look now? Again thank you for all the help! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\System32\LXSUPMON.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\Program Files\McAfee\McAfee Firewall\CPD.EXE C:\Program Files\McAfee\McAfee Firewall\CPDCLNT.EXE C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = us.etrade.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.inbox.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.inbox.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by CenturyTel N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5 Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\ROBERT PLAIR\Application Data\Mozilla\Profiles\default\3so3g4l0.slt\prefs.j s) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [Alogserv] C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\RunServicesOnce: [InstallNAIProduct] "C:\bundle\McAfee\VSC\vsStart.EXE" /RUNKEY O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor O4 - HKCU\..\Run: [Anonymizer] C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe -nogui O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - us.dl1.yimg.com O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Plug-in 1.4.1_02) - O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVSync Manager (AvSynMgr) - Networks Associates Technologies, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Firewall - Networks Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe -- End of file - 6320 bytes |
Robert1234 (14649) | ||
| 1 2 | |||||