Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Spyware CyberLog-X

2»

Comments

  • #32
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    How is your PC running ? Any problems ?

    Just post one more DSS log and we can send you on your way.


  • #33
    Baldie
    Registered Users, Registered Users 2 Posts: 1,197 ✭✭✭Baldie


    Seems to be running ok now. No viruses popping up. Im in work at the moment and the pc is at home, so I'll run the report when I get home.

    I am currently running Avast anti-virus, AdAware SE, Spybot, Spyware blaster, CCleaner and now HiJackThis. Are they sufficient to keep my PC safe? Would you recommend different virus/spyware software, or anything extra I would need to stop this from happening again?


  • #34
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Those programs are pretty good. I wouldn't recommend that you use HijackThis yourself though.

    I would also include AVG anti-spyware into the list, although you have it now. That is really good. Also SpywareGuard I would recommend, it is really amazing
    http://www.javacoolsoftware.com/spywareguard.html

    Other than that, that is some pretty good protection.


  • #35
    Baldie
    Registered Users, Registered Users 2 Posts: 1,197 ✭✭✭Baldie


    I have run all my anti-virus and malware programmes, Here is the HiJackThis log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:49, on 2007-11-17
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
    C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Lexmark 4300 Series\lxcemon.exe
    C:\Program Files\Lexmark 4300 Series\ezprint.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\WINDOWS\system32\lxcecoms.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Documents and Settings\Derek\Desktop\dss.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
    O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1190929777716
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1191158134265
    O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} - http://www.kodakgallery.eu.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 8761 bytes


  • #36
    Baldie
    Registered Users, Registered Users 2 Posts: 1,197 ✭✭✭Baldie


    ..and the DSS log:

    Deckard's System Scanner v20071014.68
    Run by Derek on 2007-11-17 19:48:58
    Computer is in Normal Mode.



    -- HijackThis (run as Derek.exe)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:49, on 2007-11-17
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
    C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Lexmark 4300 Series\lxcemon.exe
    C:\Program Files\Lexmark 4300 Series\ezprint.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\WINDOWS\system32\lxcecoms.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Documents and Settings\Derek\Desktop\dss.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
    O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1190929777716
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1191158134265
    O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} - http://www.kodakgallery.eu.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 8761 bytes

    -- Files created between 2007-10-17 and 2007-11-17

    2007-11-17 19:49:19 0 d
    C:\Program Files\Trend Micro
    2007-11-17 19:06:11 0 dr-h
    C:\Documents and Settings\Derek\Recent
    2007-11-17 10:52:18 0 d
    C:\Documents and Settings\Derek\Application Data\Comodo
    2007-11-17 10:52:17 0 d
    C:\Documents and Settings\All Users\Application Data\Comodo
    2007-11-17 10:48:01 0 d
    C:\Program Files\Comodo
    2007-11-17 10:26:30 0 d
    C:\Program Files\SpywareGuard
    2007-11-15 23:15:03 0 d
    C:\Documents and Settings\Derek\Application Data\Grisoft
    2007-11-15 23:14:49 0 d
    C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-11-14 19:57:38 0 d
    C:\WINDOWS\ERUNT
    2007-11-13 23:06:06 0 d--h
    C:\WINDOWS\system32\GroupPolicy
    2007-11-11 15:44:26 0 d
    C:\Program Files\Java
    2007-11-11 15:43:21 0 d
    C:\Program Files\Common Files\Java
    2007-11-10 14:46:45 0 d
    C:\Program Files\VibrateGameDeviceDriver
    2007-11-10 13:57:42 0 d
    C:\Documents and Settings\Scott\Application Data\Adobe
    2007-11-04 12:29:40 0 d
    C:\Documents and Settings\Derek\Application Data\VideoEgg
    2007-10-28 15:31:40 0 d
    C:\Documents and Settings\Scott\Application Data\Macromedia
    2007-10-28 15:30:12 0 d
    C:\Documents and Settings\Scott\Application Data\Mozilla
    2007-10-28 15:29:43 0 d
    C:\Documents and Settings\Scott\Application Data\Real
    2007-10-28 15:29:40 0 d
    C:\Documents and Settings\Scott\Application Data\PC Suite
    2007-10-28 15:29:36 0 d
    C:\Documents and Settings\Scott\Application Data\FaxCtr
    2007-10-28 15:29:09 0 d
    C:\Documents and Settings\Scott\Application Data\Identities
    2007-10-28 15:28:28 0 d--h
    C:\Documents and Settings\Scott\Templates
    2007-10-28 15:28:28 0 dr
    C:\Documents and Settings\Scott\Start Menu
    2007-10-28 15:28:28 0 dr-h
    C:\Documents and Settings\Scott\SendTo
    2007-10-28 15:28:28 0 dr-h
    C:\Documents and Settings\Scott\Recent
    2007-10-28 15:28:28 0 d--h
    C:\Documents and Settings\Scott\PrintHood
    2007-10-28 15:28:28 1048576 --ah
    C:\Documents and Settings\Scott\NTUSER.DAT
    2007-10-28 15:28:28 0 d--h
    C:\Documents and Settings\Scott\NetHood
    2007-10-28 15:28:28 0 dr
    C:\Documents and Settings\Scott\My Documents
    2007-10-28 15:28:28 0 d--h
    C:\Documents and Settings\Scott\Local Settings
    2007-10-28 15:28:28 0 dr
    C:\Documents and Settings\Scott\Favorites
    2007-10-28 15:28:28 0 d
    C:\Documents and Settings\Scott\Desktop
    2007-10-28 15:28:28 0 d--hs---- C:\Documents and Settings\Scott\Cookies
    2007-10-28 15:28:28 0 dr-h
    C:\Documents and Settings\Scott\Application Data
    2007-10-28 15:28:28 0 d---s---- C:\Documents and Settings\Scott\Application Data\Microsoft
    2007-10-28 15:02:29 0 d
    C:\Documents and Settings\Ellen\Application Data\Real
    2007-10-27 09:32:47 0 d
    C:\Program Files\Common Files\Real
    2007-10-27 09:32:46 0 d
    C:\Program Files\Real
    2007-10-27 09:30:02 0 d
    C:\Documents and Settings\Derek\Application Data\Real
    2007-10-22 21:32:42 4738 --a
    C:\WINDOWS\system32\tmp.reg
    2007-10-22 21:29:34 25600 --a
    C:\WINDOWS\system32\WS2Fix.exe
    2007-10-22 21:29:32 289144 --a
    C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
    2007-10-22 21:29:30 51200 --a
    C:\WINDOWS\system32\dumphive.exe
    2007-10-22 21:29:29 288417 --a
    C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
    2007-10-22 21:29:26 53248 --a
    C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
    2007-10-22 21:13:53 0 d
    C:\Documents and Settings\Derek\dwhelper
    2007-10-22 20:11:31 0 d--h
    C:\WINDOWS\PIF
    2007-10-22 19:33:20 0 d--hs---- C:\WINDOWS\CSC
    2007-10-22 19:27:59 0 dr
    C:\Documents and Settings\LocalService\My Documents
    2007-10-22 19:14:33 0 d
    C:\WINDOWS\system32\appmgmt
    2007-10-20 13:21:01 0 d
    C:\Documents and Settings\Derek\Application Data\Video DVD Maker FREE


    -- Find3M Report

    2007-11-17 19:49:56 0 d
    C:\Documents and Settings\Derek\Application Data\uTorrent
    2007-11-17 19:46:40 29786 --a
    C:\logfile
    2007-11-14 22:11:02 4212 ---h
    C:\WINDOWS\system32\zllictbl.dat
    2007-11-13 21:27:35 0 d
    C:\Program Files\Ahead
    2007-11-11 15:45:22 1447 --a
    C:\WINDOWS\mozver.dat
    2007-11-11 15:43:21 0 d
    C:\Program Files\Common Files
    2007-11-10 14:46:19 0 d
    C:\Program Files\Common Files\InstallShield
    2007-10-23 17:30:24 0 d
    C:\Documents and Settings\Derek\Application Data\Ahead
    2007-10-22 19:55:24 0 d
    C:\Program Files\Windows Media Connect 2
    2007-10-22 19:34:09 0 d
    C:\Documents and Settings\Derek\Application Data\Lavasoft
    2007-10-22 19:22:30 0 d
    C:\Program Files\Lavasoft
    2007-10-11 18:49:03 0 d
    C:\Documents and Settings\Derek\Application Data\PC Suite
    2007-10-11 18:45:00 0 d
    C:\Documents and Settings\Derek\Application Data\Nokia Multimedia Player
    2007-10-11 18:29:09 335 --a
    C:\WINDOWS\mozregistry.dat
    2007-10-11 18:05:01 0 d
    C:\Documents and Settings\Derek\Application Data\Talkback
    2007-10-09 21:45:46 0 d
    C:\Documents and Settings\Derek\Application Data\Mozilla
    2007-10-08 11:18:33 0 d
    C:\Documents and Settings\Derek\Application Data\Nokia
    2007-10-08 11:16:11 0 d
    C:\Program Files\Common Files\Nokia
    2007-10-08 11:16:10 0 d
    C:\Program Files\Common Files\PCSuite
    2007-10-08 11:16:08 0 d
    C:\Program Files\Nokia
    2007-10-08 11:15:40 0 d
    C:\Program Files\DIFX
    2007-10-08 11:15:29 0 d
    C:\Program Files\PC Connectivity Solution
    2007-10-08 10:37:18 0 d
    C:\Program Files\IVT Corporation
    2007-10-08 10:37:17 0 d--h
    C:\Program Files\InstallShield Installation Information
    2007-10-01 20:26:10 0 d
    C:\Program Files\Runtime Software
    2007-10-01 20:18:05 0 d
    C:\Documents and Settings\Derek\Application Data\Adobe
    2007-09-30 14:15:01 0 d
    C:\Documents and Settings\Derek\Application Data\OfficeUpdate12
    2007-09-30 13:11:53 0 d
    C:\Program Files\MSXML 4.0
    2007-09-30 12:52:21 0 d
    C:\Program Files\Microsoft ActiveSync
    2007-09-30 11:22:19 0 d
    C:\Program Files\Microsoft.NET
    2007-09-29 19:43:46 0 d
    C:\Program Files\Kodak
    2007-09-29 19:42:51 0 d
    C:\Program Files\Common Files\Kodak
    2007-09-29 15:09:22 0 d
    C:\Documents and Settings\Derek\Application Data\Apple Computer
    2007-09-29 15:09:15 0 d
    C:\Program Files\iTunes
    2007-09-29 15:09:06 0 d
    C:\Program Files\iPod
    2007-09-29 15:08:24 0 d
    C:\Program Files\QuickTime
    2007-09-29 15:07:26 0 d
    C:\Program Files\Apple Software Update
    2007-09-29 15:06:50 0 d
    C:\Program Files\Common Files\Apple
    2007-09-29 14:21:20 0 d
    C:\Documents and Settings\Derek\Application Data\DivX
    2007-09-29 14:20:49 0 d
    C:\Program Files\DivX
    2007-09-29 14:11:44 0 --a
    C:\WINDOWS\nsreg.dat
    2007-09-29 14:08:39 0 d
    C:\Program Files\uTorrent
    2007-09-29 14:01:24 0 d
    C:\Program Files\DVD Shrink
    2007-09-29 13:47:38 0 d
    C:\Program Files\CCleaner
    2007-09-28 23:04:03 0 d
    C:\Program Files\ASUS
    2007-09-28 21:58:00 0 d
    C:\Program Files\Common Files\Adobe
    2007-09-28 21:57:23 0 d
    C:\Documents and Settings\Derek\Application Data\Leadertech
    2007-09-28 21:18:55 0 d
    C:\Program Files\MSXML 6.0
    2007-09-28 18:46:46 0 d
    C:\Program Files\MSBuild
    2007-09-28 18:42:01 0 d
    C:\Program Files\Reference Assemblies
    2007-09-28 18:33:29 0 d
    C:\Documents and Settings\Derek\Application Data\Macromedia
    2007-09-28 16:48:17 0 d
    C:\Program Files\Messenger
    2007-09-27 23:26:54 0 d
    C:\Program Files\Common Files\Nero
    2007-09-27 23:24:10 0 d
    C:\Program Files\Common Files\Ahead
    2007-09-27 23:16:43 0 d
    C:\Documents and Settings\Derek\Application Data\FaxCtr
    2007-09-27 23:16:16 0 d
    C:\Program Files\Lexmark 4300 Series
    2007-09-27 23:08:44 0 d
    C:\Program Files\Abbyy FineReader 6.0 Sprint
    2007-09-27 23:07:30 0 d
    C:\Program Files\Lexmark Fax Solutions
    2007-09-27 22:50:01 0 d
    C:\Program Files\Movie Maker
    2007-09-27 22:47:51 0 d
    C:\Program Files\Windows NT
    2007-09-27 21:50:16 0 d--h
    C:\Program Files\WindowsUpdate
    2007-09-27 21:48:00 0 d
    C:\Program Files\Netopia
    2007-09-27 21:29:24 0 d
    C:\Program Files\Analog Devices
    2007-09-27 21:27:17 0 d
    C:\Program Files\Intel
    2007-09-27 21:23:01 0 d
    C:\Documents and Settings\Derek\Application Data\Help
    2007-09-27 21:14:09 0 d
    C:\Program Files\ATI Technologies
    2007-09-27 21:13:06 0 d
    C:\Program Files\Common Files\ODBC
    2007-09-27 21:13:04 0 d
    C:\Program Files\Common Files\SpeechEngines
    2007-09-27 21:12:44 62 --ahs---- C:\Documents and Settings\Derek\Application Data\desktop.ini
    2007-09-27 20:30:27 0 d
    C:\Program Files\Alwil Software
    2007-09-27 20:26:06 0 d
    C:\Documents and Settings\Derek\Application Data\Identities
    2007-09-27 20:21:38 0 d
    C:\Program Files\microsoft frontpage
    2007-09-27 20:21:00 0 -rahs---- C:\MSDOS.SYS
    2007-09-27 20:21:00 0 -rahs---- C:\IO.SYS
    2007-09-27 20:21:00 0 --a
    C:\CONFIG.SYS
    2007-09-27 20:21:00 0 --a
    C:\AUTOEXEC.BAT
    2007-09-27 20:20:04 0 d
    C:\Program Files\Online Services
    2007-09-27 20:19:01 0 d
    C:\Program Files\Common Files\MSSoap
    2007-09-27 20:18:33 21640 --a
    C:\WINDOWS\system32\emptyregdb.dat
    2007-09-27 20:18:01 0 d
    C:\Program Files\MSN Gaming Zone
    2007-09-17 18:23:00 823296 --a
    C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
    2007-09-17 18:23:00 823296 --a
    C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
    2007-09-17 18:22:58 802816 --a
    C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
    2007-09-17 18:22:58 739840 --a
    C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
    2007-08-21 00:26:52 196608 --a
    C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
    2007-08-21 00:26:52 81920 --a
    C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>


    -- Registry Dump

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 16:20]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 20:10]
    "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe" [2003-04-01 15:41]
    "HydraVisionViewport"="C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe" [2003-04-01 15:41]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 15:28]
    "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2003-05-30 08:42]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 23:56 C:\WINDOWS\system32\bthprops.cpl]
    "LXCECATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll" [2005-07-20 13:46]
    "lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-08-02 17:45]
    "EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-07-26 12:17]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 09:36]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-01-27 17:17]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
    "ASUS Probe"="C:\Program Files\ASUS\Probe\AsusProb.exe" [2002-12-06 15:07]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10]
    "RTBatteryMeter"="C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe" [2003-01-16 11:32]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25]
    "COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-11-17 10:48]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NBJ"="C:\Program Files\Ahead\Nero BackItUp\nbj.exe" [2006-09-15 13:27]
    "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2007-09-29 14:08]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

    C:\Documents and Settings\Derek\Start Menu\Programs\Startup\
    SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-10-08 10:37:20]
    Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-09-19 03:33:46]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @=&quot;Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @=&quot;Volume shadow copy"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs BthServ




    -- End of Deckard's System Scanner: finished at 2007-11-17 19:51:04


  • Advertisement
Advertisement