Jump to content

annelore

Member
  • Content Count

    9
  • Joined

  • Last visited

  1. I was told in a PM this is clean!! dankjewel!! thank you!!
  2. ok, sorry about this, but this is the log of my laptop... could you check it too? many thanks!! Logfile of HijackThis v1.99.1 Scan saved at 22:41:18, on 10/10/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\HPConfig.exe C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\carpserv.exe C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe C:\Documents and Settings\Jan Vleugels\Local Settings\Temp\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/2Q00CPT/0813/bF8.asp R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.skynet.be/search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skynet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redire...;lc=0813&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirec...rch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirec...rch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...rch&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redire...;lc=0813&ac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [ATIPTA] C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{51E1BF8C-E136-4900-A81F-0EB5ADE79B54}: NameServer = 195.238.2.22 195.238.2.21 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
  3. both, and if i search myself, the etb folder doesn't exist, even not when hidden folders and files are shown...a mistery? :-)
  4. I tried to do that but I get the message 'pad doesn't exist, check if the filename is correct' (I translated this from dutch to english).
  5. thanks! hope this will work! I trust you guys... :-)
  6. Ok this is what i did: - i scanned with ewido - i tried to find C:Windowsetbnt_hide32.dll and C:Windowsetbpokapoka75.exe, but didn't find them so i couldn't delete after reboot... still, here's my log after the ewido scan Logfile of HijackThis v1.99.1 Scan saved at 19:53:22, on 7/10/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSSystem32alg.exe C:PROGRA~1GrisoftAVG7avgamsvr.exe C:PROGRA~1GrisoftAVG7avgupsvc.exe C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesRealUpdate_OBrealsched.exe C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe C:Program FilesJavajre1.5.0_01binjusched.exe C:Program FilesQuickTimeqttask.exe C:Program FilesiTunesiTunesHelper.exe C:Program FilesThomsonSpeedTouch USBDragdiag.exe C:Program FilesSupport.combintgcmd.exe C:PROGRA~1GrisoftAVG7avgcc.exe C:PROGRA~1GrisoftAVG7avgemc.exe C:WINDOWSetbpokapoka75.exe C:WINDOWSSystem32ctfmon.exe C:Program FilesSkypePhoneSkype.exe C:Program Filesipttotsr.exe C:WINDOWSSystem32d?xplore.exe C:Program FilesSpyware Doctorswdoctor.exe C:WINDOWSSystem32wuauclt.exe C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe C:Program FilesiPodbiniPodService.exe C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe C:Program Filesewidosecurity suiteewidoguard.exe C:Program Filesewidosecurity suiteewidoctrl.exe C:Documents and SettingsanneloreBureaubladHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL = http://www.easysearch4you.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.easysearch4you.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.easysearch4you.com/sp2.php R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.radio1.be/ R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.easysearch4you.com/sp2.php R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Koppelingen O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1toolsiesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck.exe O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot O4 - HKLM..Run: [CamMonitor] C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe O4 - HKLM..Run: [share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_01binjusched.exe O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [iTunesHelper] C:Program FilesiTunesiTunesHelper.exe O4 - HKLM..Run: [speedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon O4 - HKLM..Run: [tgcmd] "C:Program FilesSupport.combintgcmd.exe" /server /startmonitor O4 - HKLM..Run: [FireWire Service] nvscv32.exe O4 - HKLM..Run: [Windows Process Manager] winproc.exe O4 - HKLM..Run: [dGTJw] C:WINDOWSjtplkt.exe O4 - HKLM..Run: [bO²ùð×y-¯Œ] C:WINDOWSjtplkt.exe O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVG7avgemc.exe O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe" O4 - HKLM..Run: [system service75] C:WINDOWSetbpokapoka75.exe O4 - HKLM..RunServices: [FireWire Service] nvscv32.exe O4 - HKLM..RunServices: [Windows Process Manager] winproc.exe O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe O4 - HKCU..Run: [skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized O4 - HKCU..Run: [Toat] "C:Program Filesipttotsr.exe" -vt mt O4 - HKCU..Run: [Otj] C:WINDOWSSystem32d?xplore.exe O4 - HKCU..Run: [spyware Doctor] "C:Program FilesSpyware Doctorswdoctor.exe" /Q O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~4Office10EXCEL.EXE/3000 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:Program FilesCommon FilesMicrosoft SharedReference 2001EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe O16 - DPF: {0D62A517-E7C6-4E1F-A577-07D4AC549A48} (Progetto1.int_ver32) - http://advnt01.com/dialer/bel_ver32b.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128610703608 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128610598167 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:Program Filesewidosecurity suiteewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:Program Filesewidosecurity suiteewidoguard.exe O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: sdktemp - Unknown owner - C:WINDOWSsdktemp.exe (file missing) THANKS!!
  7. Use HijackThis to do the following: Config... Delete a file on reboot. C:Windowsetbnt_hide32.dll C:Windowsetbpokapoka75.exe ok, I only find the C:Windowsetbpokapoka75.exe in the log (the other one i can't find) and when i tried to check the box of the C:Windowsetbpokapoka75.exe and i want to do config and delete a file on reboot, i get an hourglass and the program freezes. In the mean time i'll have a look at te ewido.com ...
  8. hi, i'm annelore, i'm from belgium and i know NOTHING about computers, and i think all those trojan horse and virus know it. So this forum might be my only help.
  9. hi! thanks for the usefull support. I cleaned my computer with your antimalware package, but i still have some problems. When i connect to the internet, (i use firefox) an internet explorer window opens automatically and goes to this site (which doesn't open): "http://www.funbangladesh.com/blehx.html". Also there is a tool/searchbar that i don't want with buttons like 'online casino' 'ringtones', etc. If i try to click the 'uninstall' thing, i come to this site: "http://yupsearch.com/uninstall.php?ver=75&acc=r1chj4pqr" and i get pop-ups of this site. Can you help me? thanks, annelore from Belgium. here's my hijack this log: Logfile of HijackThis v1.99.1 Scan saved at 16:12:53, on 7/10/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSSystem32alg.exe C:PROGRA~1GrisoftAVG7avgamsvr.exe C:PROGRA~1GrisoftAVG7avgupsvc.exe C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesRealUpdate_OBrealsched.exe C:WINDOWSSystem32wuauclt.exe C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe C:Program FilesJavajre1.5.0_01binjusched.exe C:Program FilesQuickTimeqttask.exe C:Program FilesiTunesiTunesHelper.exe C:Program FilesThomsonSpeedTouch USBDragdiag.exe C:Program FilesSupport.combintgcmd.exe C:pichx.exe C:PROGRA~1GrisoftAVG7avgcc.exe C:PROGRA~1GrisoftAVG7avgemc.exe C:WINDOWSetbpokapoka75.exe C:WINDOWSSystem32ctfmon.exe C:Program FilesSkypePhoneSkype.exe C:Program Filesipttotsr.exe C:WINDOWSSystem32d?xplore.exe C:Program FilesSpyware Doctorswdoctor.exe C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe C:Program FilesiPodbiniPodService.exe C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe C:Program FilesMozilla Firefoxfirefox.exe C:Documents and SettingsanneloreBureaubladHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL = http://www.easysearch4you.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.easysearch4you.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.easysearch4you.com/sp2.php R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.radio1.be/ R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.easysearch4you.com/sp2.php R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck.exe O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot O4 - HKLM..Run: [CamMonitor] C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe O4 - HKLM..Run: [share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_01binjusched.exe O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [iTunesHelper] C:Program FilesiTunesiTunesHelper.exe O4 - HKLM..Run: [speedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon O4 - HKLM..Run: [tgcmd] "C:Program FilesSupport.combintgcmd.exe" /server /startmonitor O4 - HKLM..Run: [FireWire Service] nvscv32.exe O4 - HKLM..Run: [Windows Process Manager] winproc.exe O4 - HKLM..Run: [REGWIN32] C:pichx.exe O4 - HKLM..Run: [dGTJw] C:WINDOWSjtplkt.exe O4 - HKLM..Run: [bO²ùð×y-¯Œ] C:WINDOWSjtplkt.exe O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVG7avgemc.exe O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe" O4 - HKLM..Run: [system service75] C:WINDOWSetbpokapoka75.exe O4 - HKLM..RunServices: [FireWire Service] nvscv32.exe O4 - HKLM..RunServices: [Windows Process Manager] winproc.exe O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe O4 - HKCU..Run: [skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized O4 - HKCU..Run: [Toat] "C:Program Filesipttotsr.exe" -vt mt O4 - HKCU..Run: [Otj] C:WINDOWSSystem32d?xplore.exe O4 - HKCU..Run: [spyware Doctor] "C:Program FilesSpyware Doctorswdoctor.exe" /Q O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~4Office10EXCEL.EXE/3000 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:Program FilesCommon FilesMicrosoft SharedReference 2001EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe O16 - DPF: {0D62A517-E7C6-4E1F-A577-07D4AC549A48} (Progetto1.int_ver32) - http://advnt01.com/dialer/bel_ver32b.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128610703608 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128610598167 O17 - HKLMSystemCCSServicesTcpip..{4E21BD91-2422-4EA6-9EDC-9441DE74406C}: NameServer = 195.238.2.22 195.238.2.21 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: sdktemp - Unknown owner - C:WINDOWSsdktemp.exe (file missing)
×
×
  • Create New...