Spybot Logo
Go Back   Safer-Networking Forums > General Malware > Archives
Reload this Page Help me gaining turn off button back...
Register ProjectsBlogs FAQ Search Today's Posts Mark Forums Read Home Support Download Donate

 
 
Thread Tools Display Modes
Old 2007-09-19, 17:31   #1
MeDIeVaL
Junior Member
 
Join Date: Aug 2007
Location: Malaysia
Posts: 6
Send a message via Yahoo to MeDIeVaL Send a message via Skype™ to MeDIeVaL
Default Help me gaining turn off button back...
Early this day I've found my pc been infected by Win32:SdBot-4142 [Trj], Win32:Sdbot-4987 [Trj] and Win32:Delf-PZ [Trj]. Win32:Delf-PZ [Trj] pick up by avast! On Access scanner and both SdBot by avast! bootscan. There's 2 more that avast! can pick it up and I've upload it here... http://www dot geocities dot com / solutem / virus dot zip (11/32 in VirusTotal) and http://www dot geocities dot com / solutem / m2n1 dot zip (15/32 in VirusTotal). I've done all the neccessary step to get back my Registry Editor, Task Manager and Folder Option. Only 1 left that I can't find a way to recover, my turn off button. So anyone have an idea please help me to get it back...
MeDIeVaL is offline  
Old 2007-09-19, 17:34   #2
MeDIeVaL
Junior Member
 
Join Date: Aug 2007
Location: Malaysia
Posts: 6
Send a message via Yahoo to MeDIeVaL Send a message via Skype™ to MeDIeVaL
Default
avast! bootscan log...

09/19/2007 00:26
Scan of all local drives
File C:\WINDOWS\system32\Isass.exe is infected by Win32:SdBot-4142 [Trj], Moved to chest
File C:\WINDOWS\system32\vvbwfjkq.exe is infected by Win32:SdBot-4142 [Trj], Moved to chest

Number of searched folders: 1416
Number of tested files: 12678
Number of infected files: 2

----------------------------------------
09/19/2007 11:56
Scan of all local drives
File C:\System Volume Information\_restore{230C2C9F-9B90-4D23-AA38-525DEEC88D61}\RP12\A0003251.exe is infected by Win32:SdBot-4142 [Trj], Moved to chest
File C:\System Volume Information\_restore{230C2C9F-9B90-4D23-AA38-525DEEC88D61}\RP12\A0003252.exe is infected by Win32:SdBot-4142 [Trj], Moved to chest
File C:\WINDOWS\system32\dxdllreg.exe\[UPX] is infected by Win32:Delf-PZ [Trj], Moved to chest
File C:\WINDOWS\system32\ke1.exe is infected by Win32:Sdbot-4987 [Trj], Moved to chest
File C:\WINDOWS\system32\ne1.exe is infected by Win32:Sdbot-4988 [Trj], Moved to chest

Number of searched folders: 3271
Number of tested files: 86904
Number of infected files: 5

----------------------------------------
09/19/2007 15:51
Scan of all local drives

Number of searched folders: 2771
Number of tested files: 61089
Number of infected files: 0

----------------------------------------
09/19/2007 18:53
Scan of all local drives

Number of searched folders: 2889
Number of tested files: 80060
Number of infected files: 0


ComboFix log...

ComboFix 07-08-17.2 - "Owner" 2007-09-19 20:41:44.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.72 [GMT 8:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wpcap.dll


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_NPF
-------\NPF


((((((((((((((((((((((((( Files Created from 2007-08-19 to 2007-09-19 )))))))))))))))))))))))))))))))


2007-09-19 20:41 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-09-19 17:55 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-09-19 17:54 <DIR> d-------- C:\DOCUME~1\Owner\.housecall6.6
2007-09-19 16:47 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-09-19 16:47 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2007-09-19 16:47 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-09-19 16:47 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-09-19 16:47 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-09-19 16:47 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2007-09-19 16:47 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-09-19 16:47 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-09-19 16:47 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2007-09-19 16:47 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-09-19 16:46 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-09-19 16:46 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-09-19 16:46 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-09-19 16:46 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-09-19 16:46 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-09-19 16:46 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-09-19 16:46 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-09-19 16:46 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-09-19 16:46 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-09-19 16:46 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-09-19 16:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-09-19 16:46 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-09-19 16:46 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-09-19 16:36 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-19 16:34 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\SUPERAntiSpyware.com
2007-09-19 16:20 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-09-19 13:14 401,720 --a------ C:\Program Files\HiJackThis.exe
2007-09-19 11:52 <DIR> d-------- C:\Program Files\Process Explorer
2007-09-19 11:50 <DIR> d-------- C:\Program Files\Windows Defender
2007-09-19 11:35 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\DMCache
2007-09-19 10:31 <DIR> d-------- C:\Program Files\MTV Networks
2007-09-19 10:20 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-09-19 10:19 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-09-19 10:19 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-19 10:12 <DIR> d-------- C:\WINDOWS\Prefetch
2007-09-19 07:57 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-09-19 07:29 <DIR> d-------- C:\WINDOWS\provisioning
2007-09-19 07:29 <DIR> d-------- C:\WINDOWS\peernet
2007-09-19 07:27 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-09-19 07:22 <DIR> d-------- C:\WINDOWS\EHome
2007-09-19 06:54 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-09-19 06:53 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-09-19 06:53 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-09-19 06:53 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-09-19 06:53 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-09-19 06:53 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-09-19 06:53 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-09-19 06:53 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2007-09-19 06:53 <DIR> dr------- C:\Program Files
2007-09-19 06:53 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-09-19 06:53 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-09-19 06:52 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-09-19 06:52 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-09-19 06:52 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-09-19 06:52 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-09-19 06:52 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-09-19 06:52 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-09-19 06:52 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-09-19 06:52 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-09-19 06:52 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-09-19 06:52 69,120 --a------ C:\WINDOWS\notepad.exe
2007-09-19 06:52 68,768 --a------ C:\WINDOWS\system\mmsystem.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-09-19 06:52 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-09-19 06:52 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-09-19 06:52 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-09-19 06:52 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-09-19 06:52 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-09-19 06:52 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-09-19 06:52 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-09-19 06:52 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-09-19 06:52 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-09-19 06:52 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-09-19 06:52 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-09-19 06:52 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-09-19 06:52 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-09-19 06:52 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-09-19 06:52 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-09-19 06:52 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-09-19 06:52 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-09-19 06:52 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-09-19 06:52 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-09-19 20:38 4172 --a------ C:\Program Files\hijackthis.log
2007-09-19 07:31 3488 --a------ C:\WINDOWS\pchealth\HelpCtr\PackageStore\SkuStore.bin
2007-09-19 07:30 9492 --a------ C:\WINDOWS\pchealth\HelpCtr\Config\Cntstore.bin
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:18 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-06-26 14:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-19 21:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="-C:\WINDOWS\System32\igfxtray.exe" []
"HotKeysCmds"="-C:\WINDOWS\System32\hkcmd.exe" []
"%FP%TM Net fts.exe"="-C:\Program Files\TM Net\tmnet streamyx dialer\fts.exe" []
"PCMService"="-C:\Program Files\Dell\Media Experience\PCMService.exe" []
"avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [2007-09-06 18:06]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

R3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS


Contents of the 'Scheduled Tasks' folder
2007-09-18 16:18:27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-09-19 11:12:44 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-19 20:44:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-09-19 20:46:44 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-19 20:46

--- E O F ---
MeDIeVaL is offline  
Old 2007-09-19, 17:37   #3
MeDIeVaL
Junior Member
 
Join Date: Aug 2007
Location: Malaysia
Posts: 6
Send a message via Yahoo to MeDIeVaL Send a message via Skype™ to MeDIeVaL
Default
Latest HijackThis log...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:05 PM, on 9/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Executive Software\Diskeeper\DkIcon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] -C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] -C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [%FP%TM Net fts.exe] -"C:\Program Files\TM Net\tmnet streamyx dialer\fts.exe"
O4 - HKLM\..\Run: [PCMService] -"C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1190129766046
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1190129905218
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7847829E-A45C-4373-8A1A-88553C858F04}: NameServer = 202.188.0.133 202.188.1.5
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 5638 bytes
MeDIeVaL is offline  
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +2. The time now is 17:23.

Contact Us - Safer-Networking Limited - Archive - Privacy Statement - Top

Copyright © 2000-2010 Safer-Networking Limited. All rights reserved.