spyaxe

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

recordmoth

Thread Starter
Joined
Jan 1, 2006
Messages
26
hi
I Just got spyaxe today. I don't really know much about getting rid of these kind of things- I've downloaded spybot and other things today and cleaned up a lot but I can't make this go away.

I've just found this website so I thought I'd see if someone could help...

A virus alert keeps coming at the bottom of the screen when I click on it takes me to a site and tries to get me to download the software. Even though I don't download, the spyaxe software seems to keep appearing on my desk top. Also when I start IE it loads up systemwarning.com - whatever I change my homepage to I can't get on to that site and i'm taken to systemwarning.com instead where it tries to get me to download software.

Also I just noticed when searching google for info on spyaxe that a few sites wouldn't open and I get a message at the top of the screen saying an adware won't allow me to open the site and I need to download spy trooper... Is this something to do with spyaxe too?


I've just been reading another thread and I followed the instuctions to downlaod Hijack this. I've done the scan and copied it from notepad. Here it is:

Logfile of HijackThis v1.99.1
Scan saved at 04:50:31, on 02/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Belkin\BELKIN~1\Tool\WinXPDisableZeroConfigation.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\twain_32\CANON\FB310\Scaner32.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vvv.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bobdylan.com/index.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.personal.leeds.ac.uk/~phy0gjw
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp7AF7.tmp
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [HDAudio Driver 1.0] C:\WINDOWS\system32\tiyl.exe
O4 - HKLM\..\Run: [XpDis0Conf] C:\PROGRA~1\Belkin\BELKIN~1\Tool\WinXPDisableZeroConfigation.exe VEN_14E4&DEV_4320&SUBSYS_70111799 /d
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [uereyv] C:\WINDOWS\system32\qrlyzw.exe r
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: CanoScan FB310 Utilities.lnk = C:\WINDOWS\twain_32\CANON\FB310\Scaner32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O4 - Global Startup: Ulead Photo Express Calendar Checker For My Custom Edition.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 My Custom Edition\CalCheck.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,90/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136121392203
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-gb/1,0,0,23/mcgdmgr.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


I'd really appreciate it if someone could help :) I've been messing round with it all day and it's a bit annoying. The virus alert has been popping up at the bottom right of the screen all day making an annoying noise. I just did another spybot scan and it seems to have stopped doing that for the moment... IE homepage still takes me to systemwarning.com tho. IE seems to jerk as I start it up, i'm not sure what that means or if it's a sign of anything?

Thanks ...
 
Joined
Jul 8, 2002
Messages
14,681
Please save or print these instructions before beginning
  • Save smitRem to your Desktop and run smitRem.exe
  • Download and install Ewido Security Suite
  • During the installation, uncheck the following under Additional Options:

    Install background guard
    Install scan via context menu
  • Run Ewido and click OK when prompted to update the program
  • On the left side of the screen, click update>>Start
  • When the update is finished, exit Ewido
  • Open the smitRem folder and run RunThis.bat. Follow the onscreen prompts
  • Run Ewido Security Suite
  • Click scanner>>Complete System Scan
  • Click OK when prompted to clean the problems found
  • When the scan is finished, click Save Report and save a copy of this log to your Desktop
  • Exit Ewido
  • Go to Start>>Control Panel>>Internet Options>>Programs
  • Click Reset Web Settings>>Apply>>OK
  • Go to Start>>Control Panel>>Display>>Desktop
  • Click Customize Desktop>>Web
  • If you see an entry called Security info or something similar, select it and click Delete>>OK>>Apply>>OK
  • Restart your computer
  • Post the contents of C:\smitfiles.txt
  • Post the contents of the Ewido Security Suite report that you saved to your Desktop earlier
  • Run HijackThis and click Do a system scan and save a log file
  • Your HijackThis log will open in Notepad. Post the contents of the log here
 

recordmoth

Thread Starter
Joined
Jan 1, 2006
Messages
26
All done.

Here are results of kaspersky online scanner:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, January 02, 2006 11:40:27
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 2/01/2006
Kaspersky Anti-Virus database records: 158387
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 79031
Number of viruses found: 14
Number of infected objects: 135
Number of suspicious objects: 0
Duration of the scan process: 3131 sec

Infected Object Name - Virus Name
C:\Documents and Settings\g\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-3ee65730-7914ebee.class Infected: Trojan-Downloader.Java.OpenStream.y
C:\Documents and Settings\g\Local Settings\Temporary Internet Files\Content.IE5\QP47OV4H\l[1].exe Infected: Trojan-Downloader.Win32.Zlob.dq
C:\Program Files\Microsoft AntiSpyware\Quarantine\0904E721-7F6B-4BA6-BADA-B6EA4D\259FC1D5-8437-4C4A-863C-DF81E4 Infected: Trojan.Win32.Agent.db
C:\Program Files\Microsoft AntiSpyware\Quarantine\87B823A6-FEE1-4301-8A9E-50F8F3\CA2041EE-96E0-432C-897A-1BAE02 Infected: Trojan.Win32.Agent.kp
C:\Program Files\Microsoft AntiSpyware\Quarantine\87C8CDDD-2C25-4B4E-8C35-EE4C0B\7D519116-9702-40ED-A3A6-81DE07 Infected: Trojan.Win32.Agent.ic
C:\Program Files\Microsoft AntiSpyware\Quarantine\A8FF08AA-273C-4DD0-B8FA-BEA0C4\82CA1C94-26BF-458C-9814-340C4D Infected: Trojan.Win32.Agent.ic
C:\Program Files\Microsoft AntiSpyware\Quarantine\B8F4B905-D8D0-47AB-8157-52B99E\005E5226-BC7C-4217-A62E-90DDB1 Infected: Trojan.Win32.Agent.ic
C:\Program Files\Microsoft AntiSpyware\Quarantine\BCED4CD5-A0B9-43ED-A8BF-4DBDE0\DE3B8C1A-0D0A-4C17-B3C7-F7C5CF Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP132\A0048925.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP136\A0049926.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP136\A0050926.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP137\A0051926.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP137\A0052926.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP137\A0053925.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP139\A0054925.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP139\A0055925.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP141\A0055950.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0055979.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0055983.dll Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0056951.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0056952.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0057952.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0058017.dll Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP142\A0058026.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0058104.exe Infected: Trojan.Win32.Pakes
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0058147.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0058148.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0059124.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0059166.dll Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0059169.exe Infected: Trojan.Win32.Pakes
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0060125.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0061126.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0062125.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0063124.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP143\A0064124.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP144\A0064196.dll Infected: Trojan.Win32.Agent.kp
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP144\A0064198.exe Infected: Trojan.Win32.Pakes
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP144\A0064199.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP144\A0064209.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0065209.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0065226.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0065229.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0066225.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0067225.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0068225.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0069225.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0070225.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0071225.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0071294.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0072294.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0072327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0073327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0074327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0075327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0076327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0077327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0078327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0079327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP145\A0080327.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0080379.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0080391.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0081386.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0082386.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0083386.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0084386.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0084432.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0085432.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0086431.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0087434.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0088432.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0089432.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0089474.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0090474.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0090509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0091509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0092509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0093509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0094513.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0095510.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0096509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0097509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0098509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0099509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0100509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0101509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0102509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0103509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0104510.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0105509.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0105531.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0105532.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP146\A0106531.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0106630.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0106696.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0107697.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0108696.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0108697.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0109697.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0109699.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0110696.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0111696.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0112696.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0113699.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114696.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114823.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114825.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114851.dll Infected: Trojan.Win32.Agent.db
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114864.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114865.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP147\A0114867.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115017.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115028.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115032.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115049.dll Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115163.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115208.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115211.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115328.dll Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115340.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115342.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP149\A0115490.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115558.exe Infected: Trojan-Dropper.Win32.Agent.vl
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115559.exe Infected: Trojan-Dropper.Win32.Agent.mu
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115568.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115578.dll Infected: Trojan.Win32.Agent.ic
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115586.exe Infected: Trojan.Win32.Agent.ay
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115675.exe Infected: Trojan.Win32.LowZones.df
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115684.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115685.exe Infected: Trojan-Downloader.Win32.Zlob.bu
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115687.exe Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115688.exe Infected: Trojan-Downloader.Win32.Zlob.dq
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115689.exe Infected: Trojan-Downloader.Win32.Agent.tf
C:\System Volume Information\_restore{E6E5D273-3852-4548-9D5F-83DE56ECD84F}\RP151\A0115693.exe Infected: Trojan.Win32.Agent.ay
C:\WINDOWS\system32\InstallerV5.exe/data0006 Infected: Backdoor.Win32.HacDef.bo
C:\WINDOWS\system32\InstallerV5.exe Infected: Backdoor.Win32.HacDef.bo

Scan process completed.
 

recordmoth

Thread Starter
Joined
Jan 1, 2006
Messages
26
Here is the smitfiles file:



smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: 02/01/2006
The current time is: 6:58:27.96

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Online Security Guide.url
Security Troubleshooting.url
Security Troubleshooting.url


~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

1024 dir
msvol.tlb
ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
mscornet.exe
hp***.tmp


~~~ Icons in System32 ~~~

ts.ico
ot.ico


~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 892 'explorer.exe'
Killing PID 892 'explorer.exe'

Starting registry repairs

Deleting files


Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Online Security Guide.url


~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Miscellaneous Files/folders ~~~




~~~ Wininet.dll ~~~

CLEAN! :)
 

recordmoth

Thread Starter
Joined
Jan 1, 2006
Messages
26
Here's the Ewido report:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 08:35:34, 02/01/2006
+ Report-Checksum: 3CC21C2B

+ Scan result:

HKLM\SOFTWARE\Classes\Interface\{CABBB49A-4D7B-415B-8250-15C3B854E9FF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Softomate.IEToolbar -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Softomate.IEToolbar\CLSID -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Softomate.IEToolbar\CurVer -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Softomate.IEToolbar.1 -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-6663810-1723617592-393042161-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -> Spyware.ComLoad : Cleaned with backup
C:\Documents and Settings\g\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\my.class-66735319-7aedc86d.class -> Downloader.Small.aaq : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@adserver.71i[1].txt -> Spyware.Cookie.71i : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@as-eu.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@centrport[2].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cnn.122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cs.sexcounter[2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cz4.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cz5.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cz6.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cz7.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@cz8.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@dbbsrv[1].txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wfk4gpcjgep.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjk4wmcpakp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjkocnajoeo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjlysmcpcbq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjmieidjkbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjmyaoc5glq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjnyeod5weq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@e-2dj6wjnyulazodp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@findwhat[1].txt -> Spyware.Cookie.Findwhat : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@hotlog[1].txt -> Spyware.Cookie.Hotlog : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@microsoftwga.112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@partygaming.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@paycounter[1].txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@paypopup[2].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@popunder.paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@qksrv[1].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@revenue[2].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@server.iad.liveperson[2].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@service.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@spylog[2].txt -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@stat.onestat[1].txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@vip.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@vip2.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@xxxcounter[1].txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Documents and Settings\g\Cookies\g@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\g\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0C.dat/files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\Documents and Settings\g\Local Settings\Temporary Internet Files\Content.IE5\63ELYNLJ\gdnUS250[1].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\g\Local Settings\Temporary Internet Files\Content.IE5\EQCPM2N3\gba250[1].exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\g\Local Settings\Temporary Internet Files\Content.IE5\F2VPOCSP\dba250[1].exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\g\Local Settings\Temporary Internet Files\Content.IE5\F2VPOCSP\ErrorSafeScannerInstall[1].cab/UERS_0001_NI57M1124NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Cleaned with backup
C:\Documents and Settings\g\Local Settings\Temporary Internet Files\Content.IE5\F2VPOCSP\wmf_exp[1].wmf -> Downloader.Agent.acd : Cleaned with backup
C:\Program Files\CMAPP\cmappstub.exe -> Downloader.Agent.tf : Cleaned with backup
C:\Program Files\MalwareWipe\MalwareWipe.exe -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\107A1066-9CDD-45F3-A21E-4D9CBE\E61143E8-D521-4CB3-B060-6685D6 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4206625A-19D5-4E6A-BD50-604F02\D616767A-9730-4E75-9EC6-976B3A -> Trojan.Agent.ic : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\48996F0B-DB59-4DD4-95DC-CA7596\75722EFD-1B89-4C46-91BF-19C767 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4F9776F3-1B06-4928-9E32-A76686\CF3F0E7F-7794-4D56-A9A6-525AE0 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\60FECCCA-23F9-4897-AF94-AEACE4\478F8B50-F050-4B39-9045-FF4F58 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6F0F501F-A3AF-4D90-93A4-2B26C8\28481B9D-ABFC-4ACE-8E96-C62412 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\7CAA9718-51AD-4B11-A542-8DEF67\57E267CA-102E-4480-8D30-87CA40 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\BDD26767-1CF1-416F-BF55-CF2A36\DD159A05-021F-4221-95BB-037634 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C85DBB39-878F-4BCD-ABB8-77F035\4AC43E8E-CC77-478D-B861-EEA690 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CC6C1951-8BE5-4141-AEC7-D01F2F\5B4A06FB-A035-4660-BDFB-87C962 -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E8C2384F-7097-4065-965E-CF0B45\63F07718-70F8-4FC6-BD36-D5A559 -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\F579D242-53FA-4A8E-A3BF-0B13D0\301158F8-00C0-412E-BC3E-EF9F59 -> Adware.Spyaxe : Cleaned with backup
C:\RECYCLER\S-1-5-21-6663810-1723617592-393042161-1006\Dc277.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gba250.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gdnUS250.exe -> Downloader.Small.ayl : Cleaned with backup
C:\WINDOWS\svcproc.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\hjpqftc.exe -> Trojan.Agent.ay : Cleaned with backup
C:\WINDOWS\system32\netlanm.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\system32\nsv169.dll -> Spyware.HotSearchBar : Cleaned with backup


::Report End
 

recordmoth

Thread Starter
Joined
Jan 1, 2006
Messages
26
Just done Hijack this scan:

Logfile of HijackThis v1.99.1
Scan saved at 14:06:54, on 02/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Whisper Technology\FTP Surfer\Surfer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\McAfee.com\MPS\mscifapp.exe
c:\program files\mcafee.com\shared\mghtml.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bobdylan.com/index.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.personal.leeds.ac.uk/~phy0gjw
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,90/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136121392203
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-gb/1,0,0,23/mcgdmgr.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top