![]() ![]() O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\iPod\bin\iPodService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe VPN Service (CVPND) - Cisco Systems, Inc. C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bonjour Service - Apple Inc. O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. ![]() C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Apple Mobile Device - Apple Inc. O9 - Extra button: (no name) - C:\Program Files\AVG\AVG8\avgpp.dll O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user') O4 - HKCU\.\Run: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\.\Run: C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\.\Run: rundll32.exe "C:\WINDOWS\system32\oqifbgck.dll",b O4 - HKLM\.\Run: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\.\Run: C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\.\Run: "c:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\.\Run: "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\.\Run: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\.\Run: C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe ![]() O4 - HKLM\.\Run: C:\Windows\SMINST\RecGuard.exe O4 - HKLM\.\Run: C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\.\Run: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\.\Run: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\.\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\.\Run: nwiz.exe /installquiet /nodetect O4 - HKLM\.\Run: RunDL元2.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\.\Run: RUNDL元2.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\.\Run: C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\.\Run: c:\windows\regedit.exe -s c:\appl.zip\wxpetool\fpp_xp.reg R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSIE: Internet Explorer v6.00 SP3 (.5512)Ĭ:\Program Files\Lavasoft\Ad-Aware\AAWService.exeĬ:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeĬ:\Program Files\Bonjour\mDNSResponder.exeĬ:\Program Files\Cisco Systems\VPN Client\cvpnd.exeĬ:\Program Files\Common Files\LightScribe\LSSrvc.exeĬ:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exeĬ:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeĬ:\Program Files\Lavasoft\Ad-Aware\AAWTray.exeĬ:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeĬ:\Program Files\Synaptics\SynTP\SynTPEnh.exeĬ:\Program Files\Common Files\InstallShield\UpdateService\issch.exeĬ:\Program Files\SyncroSoft\Pos\H2O\cledx.exeĬ:\Program Files\Spybot - Search & Destroy\TeaTimer.exeĬ:\Program Files\iPod\bin\iPodService.exeĬ:\WINDOWS\system32\SearchProtocolHost.exeĬ:\Program Files\Mozilla Firefox\firefox.exeĬ:\Program Files\Trend Micro\HijackThis\HijackThis.exe I believe there are still remnants of malware/spyware left on my system. I am still having some strange symptoms, such as random registry changes popping up on tea-timer (i have been denying the changes), and also my windows automatic update is turning itself off. I rebooted and scanned again, and removed even more files. ![]() They found several files, and I cleaned them all. I scanned with AVG Free 8, spybot S&D and ad-aware. I immediately updated my definitions and re-booted in safe mode. Spybot tea timer also started popping up with warnings about registry changes. Last night, my antivirus (along with spybot s&d) started indicating that threats were found on my computer. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |