Home   News  Product reviews  Website reviews  Forums   Competitions  Subscribe 
Search
You are not logged in.
Login | New user registration 		Main Index | Search | Active Topics | Who's Online | FAQ / HELP

Security >> HijackThis logs help and analysis
Previous thread Previous   View all threads Index   Next thread Next   Flat Mode Flat  

 |  Print Thread
sol2soul77
new user


Reg'd: Tue
Posts: 2
Re: spyware infection ....
      Thu Mar 27 2008 10:49 PM
Reply to this post Reply   Reply to this post Quote  

hi joe

attached is the combo log
ComboFix 08-03-26.3 - sol2soul 2008-03-27 22:26:08.5 - NTFSx86
Running from: C:\Documents and Settings\sol2soul\Desktop\ComboFix2.exe
.

((((((((((((((((((((((((( Files Created from 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))))
.

2008-03-27 20:40 . 2008-03-27 20:40 <DIR> d-------- C:\ComboFix
2008-03-26 07:21 . 2008-03-25 22:21 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-26 07:21 . 2008-03-26 07:21 2,550 --a------ C:\WINDOWS\unins000.dat
2008-03-25 23:25 . 2008-03-25 23:25 122 --a------ C:\WINDOWS\wininit.ini
2008-03-25 22:16 . 2008-03-25 22:21 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-25 22:16 . 2008-03-26 14:29 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-03-25 20:36 . 2008-03-25 20:36 269,334 --a------ C:\WINDOWS\system32\mtknmdgjmpknmp.bmp
2008-03-25 20:31 . 2008-03-25 20:31 269,334 --a------ C:\WINDOWS\system32\hkfetoril.bmp
2008-03-25 19:31 . 2008-03-25 19:31 269,334 --a------ C:\WINDOWS\system32\rmtkralonid.bmp
2008-03-25 19:24 . 2008-03-27 22:22 <DIR> d-------- C:\Program Files\Symantec
2008-03-25 19:24 . 2008-03-25 19:24 <DIR> d-------- C:\Documents and Settings\sol2soul\Application Data\Symantec
2008-03-25 19:24 . 2008-03-27 22:25 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2008-03-25 19:23 . 2008-03-27 22:24 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-24 23:57 . 2001-08-18 14:00 88,064 --a------ C:\WINDOWS\system32\clusap.dll
2008-03-24 22:58 . 2008-03-24 22:58 <DIR> d-------- C:\Documents and Settings\sol2soul\Application Data\Anti-Virus-Pro.com
2008-03-24 22:57 . 2008-03-24 23:13 <DIR> d-------- C:\Program Files\AntiVirusPro
2008-03-24 22:57 . 2008-03-24 22:57 269,334 --a------ C:\WINDOWS\system32\tsrmdsbal.bmp
2008-03-24 14:49 . 2008-03-24 19:42 868,352 --a------ C:\ffastunT.ffl
2008-03-14 16:39 . 2008-03-15 08:00 <DIR> d-------- C:\Documents and Settings\pavlinka\Application Data\AVG7
2008-03-12 10:59 . 2008-03-12 10:59 8,617 --a------ C:\WINDOWS\extend.dat
2008-03-02 11:47 . 2008-03-27 08:00 <DIR> d-------- C:\Documents and Settings\sol2soul\Application Data\AVG7
2008-03-02 11:47 . 2008-03-02 11:47 <DIR> d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\AVG7
2008-03-02 11:46 . 2008-03-02 11:46 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-03-02 11:46 . 2008-03-03 08:51 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 22:29 --------- d-----w C:\Documents and Settings\sol2soul\Application Data\Skype
2008-03-27 21:44 --------- d-----w C:\Program Files\BrowsingTool
2008-03-27 21:02 --------- d-----w C:\Documents and Settings\sol2soul\Application Data\LimeWire
2008-03-25 23:24 --------- d-----w C:\Program Files\SpyShredder
2008-02-25 11:07 --------- d-----w C:\Program Files\TalkTalk Online Security
2008-02-24 12:44 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-24 12:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-24 12:43 --------- d-----w C:\Program Files\Sony Ericsson
2008-02-24 12:43 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2008-02-24 12:43 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Teleca
2008-02-24 12:43 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Ericsson
2008-02-21 17:17 --------- d-----w C:\Program Files\ICQLite
2008-02-21 13:22 --------- d-----w C:\Program Files\MSN Messenger
2008-02-20 07:46 --------- d-----w C:\Program Files\ICQToolbar
2008-02-19 21:56 --------- d-----w C:\Documents and Settings\sol2soul\Application Data\ICQLite
2008-02-16 14:00 --------- d-----w C:\Program Files\FBrowserAdvisor
2008-02-15 21:25 --------- d-----w C:\Program Files\LimeWire
2008-02-15 21:24 --------- d-----w C:\Program Files\Java
2008-02-15 21:19 --------- d-----w C:\Program Files\Common Files\Java
2004-04-19 01:54 139,264 ----a-w C:\Program Files\MSI20Wiz.dll
.

((((((((((((((((((((((((((((( snapshot@2008-03-26_20.34.31.62 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-03-26 20:09:32 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2008-03-27 20:44:55 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{237B0715-490B-427E-941E-D89B4042D7D1}]
2001-08-18 14:00 88064 --a------ C:\WINDOWS\System32\clusap.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51C58BEE-AF12-4295-8668-2D6630A7A0EB}]
2001-08-18 14:00 88064 --a------ C:\WINDOWS\System32\clusap.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{71D0F621-871B-47D5-9191-C2B5ED5B5A5F}]
2001-08-18 14:00 88064 --a------ C:\WINDOWS\System32\clusap.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7BE501CE-D618-4F1D-A4D1-1EBF1C0A90F5}]
2001-08-18 14:00 88064 --a------ C:\WINDOWS\System32\clusap.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0661233-42D4-F7F1-80E1-8A9E0E99E71D}]
2007-12-30 20:48 1019904 --a------ C:\Program Files\BrowsingTool\BrowsingTool-2.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-18 14:00 13312]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 16:30 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 13:31 22880040]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 10:00 299008]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-11-29 16:28 262144]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-18 14:12 843776]
"USB Storage Toolbox"="C:\WINDOWS\UMStor\Res.EXE" [2005-09-14 20:44 65536]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-11 10:06 3144800]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2001-08-18 14:00 135680]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-02 11:47 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-18 14:00 13312]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-02 11:47 219136]

C:\Documents and Settings\sol2soul\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2008-02-08 21:32:57 147456]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\digital imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\digital imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-08-01 111376]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1997-08-01 51984]
Phone Connection Monitor.lnk - C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe [2007-12-15 01:05:21 754176]

R3 iadusb;MT882;C:\WINDOWS\System32\DRIVERS\glauiad.sys [2006-07-27 15:37]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\System32\DRIVERS\V0260Vid.sys [2006-11-03 22:45]

.
Contents of the 'Scheduled Tasks' folder
"2008-03-25 19:39:39 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-27 22:29:34
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\NAVAP]
"ImagePath"="\??\C:\WINDOWS\System32\Drivers\NAVAP.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\navapsvc]
"ImagePath"="C:\Program Files\Norton AntiVirus\navapsvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\NAVENG]
"ImagePath"="\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVENG.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\NAVEX15]
"ImagePath"="\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVEX15.SYS"
--

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\NISSERV]
"ImagePath"="\"C:\Program Files\Norton Internet Security\NISSERV.EXE\""

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\NISUM]
"ImagePath"="\"C:\Program Files\Norton Internet Security\NISUM.EXE\""
--

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\SBService]
"ImagePath"="C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe"
--

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\SYMDNS]
"ImagePath"="\??\C:\WINDOWS\System32\Drivers\SYMDNS.SYS"
--

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\SYMFW]
"ImagePath"="\??\C:\WINDOWS\System32\Drivers\SYMFW.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\SYMNDIS]
"ImagePath"="\??\C:\WINDOWS\System32\Drivers\SYMNDIS.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\SymProxySvc]
"ImagePath"="\"C:\Program Files\Norton Internet Security\SymProxySvc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\SYMREDRV]
"ImagePath"="\??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS"
.
Completion time: 2008-03-27 22:31:26
ComboFix-quarantined-files.txt 2008-03-27 22:30:33
ComboFix2.txt 2008-03-27 20:52:23
ComboFix3.txt 2008-03-26 20:38:05
Pre-Run: 17,781,735,424 bytes free
Post-Run: 17,766,785,024 bytes free
.
2008-02-20 23:02:05 --- E O F ---

and the fresh hjt log


Logfile of HijackThis v1.99.1
Scan saved at 22:48:22, on 27/03/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\UMStor\Res.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
c:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Microsoft Office\Office\Winword.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: (no name) - {0B0DBFBA-AF58-4E14-B01C-51EB9E1F6BDC} - C:\WINDOWS\System32\clusap.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {237B0715-490B-427E-941E-D89B4042D7D1} - C:\WINDOWS\System32\clusap.dll
O2 - BHO: (no name) - {51C58BEE-AF12-4295-8668-2D6630A7A0EB} - C:\WINDOWS\System32\clusap.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {71D0F621-871B-47D5-9191-C2B5ED5B5A5F} - C:\WINDOWS\System32\clusap.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7BE501CE-D618-4F1D-A4D1-1EBF1C0A90F5} - C:\WINDOWS\System32\clusap.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: BrowsingTool - {D0661233-42D4-F7F1-80E1-8A9E0E99E71D} - C:\Program Files\BrowsingTool\BrowsingTool-2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\WINDOWS\UMStor\Res.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Phone Connection Monitor.lnk = C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsof...b?1194970102779
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1194970090685
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://xscanner.spyshredderscanner.com/a/install1609.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

cheers sol

Post Extras Print Post   Remind Me!     Notify Moderator
Rate this thread

Jump to


Entire topic
Subject Posted by Posted on
* spyware infection .... sol2soul77 Tue Mar 25 2008 10:04 PM
. * * Re: spyware infection .... Joe_LondonModerator   Wed Mar 26 2008 01:38 PM
. * * Re: spyware infection .... sol2soul77   Thu Mar 27 2008 10:49 PM
. * * Re: spyware infection .... Joe_LondonModerator   Fri Mar 28 2008 09:47 AM

Extra information
0 registered and 7 anonymous users are browsing this forum.

Moderator:  putasolutions, greysts, bricat, AndrewC, Joe_London, John_McKenna, Mouse, Hello_There, TheFatControlleR, Nanook, Noviciate 


Print Thread
Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      Mark-up is enabled

Rating:
Thread views: 0

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved