Problem trying to visit websites

xFenGz

xFenGz

Member
I'm trying to fix someones computer. There were a lot of spyware and ad aware on this computer. I got rid of a lot of them using spyhunter and lavasoft and comodo antivirus. There was the words Virus Alert! on the clock and in the registry. Task manager was disabled and so was a lot of the other menus in the start area. I managed to get rid of these Virus Alerts and enabled the task manager and menus, but if I try to surf the web or go to yahoo and search for something.. a page comes up with 2 links asking to use some sort of antivirus and it always gets like a lot of diff antivirus websites and supposedly auto scans on sites with 1 or 2 popups.

How do i get rid of this problem completely? are these programs im using not good enough? those programs have been working well for me on other computers.

Thanks

I couldn't get the system recovery stuff to work. The cd wouldn't work when I tried to follow the instructions setting up the system recovery but I went ahead and "tried to install it" didn't think it would delete stuff right away. Thought it was like hijackthis and would be able to just scan and save log. After loading combofix the virus alert in the desktop background disappeared.

Combolog was too big so I split it into 2
 

Attachments

Last edited:
Yes we need a new hijackthis, because you did the hijackthis and then combo fix. that is what he is asking.

Thanks
 
Thanks, i think this will need to be left to ceewi1, just from now on, can you pls post the log in a reply, just a lot easier for us.

Thanks.
 
Sorry about the delay, I don't usually see many threads outside of the Security section. There are a few leftovers still to be removed.

Please run HijackThis and choose Do a system scan only.

Place a check next to the following entries:

  • [*]O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
    [*]O4 - HKLM\..\Run: [UUSEE] "C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe"
Please close all open windows except for HijackThis and choose Fix checked

  • Open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: 
    File::
C:\WINDOWS\system32\wanigvpb.dll
C:\WINDOWS\system32\khfGvvvw.dll.vir
C:\WINDOWS\system32\AIRrrqss.ini
C:\WINDOWS\system32\Sssrttwa.ini
C:\WINDOWS\system32\tuvSmkhe.dll
C:\WINDOWS\system32\xuckhhuh.ini
C:\WINDOWS\rodqgpvlkoa.dll
C:\WINDOWS\pdoskegl.dll
C:\WINDOWS\rqbmvpso.dll
C:\WINDOWS\qalkfxor.dll
C:\WINDOWS\rvoelbxt.exe
  • Save this as CFScript.txt and change the Save as type to All Files and place it on your desktop.


    CFScriptB-4.gif



  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply, along with a new HijackThis log. How is your system running now?
CAUTION:
Do NOT mouse-click ComboFix's window while it is running. That may cause it to stall.
Also, please do NOT adjust your time format while ComboFix is running.
 
HiJackThis log

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdoserv.exe
C:\WINDOWS\system32\lxdocoms.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Lexmark 9500 Series\lxdomon.exe
C:\Program Files\Lexmark 9500 Series\lxdoamon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [lxdomon.exe] "C:\Program Files\Lexmark 9500 Series\lxdomon.exe"
O4 - HKLM\..\Run: [lxdoamon] "C:\Program Files\Lexmark 9500 Series\lxdoamon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.istaria.com/controls/launcher.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1093094374078
O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AutoExNT - Unknown owner - C:\WINDOWS\system32\AutoExNT.Exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdoCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdoserv.exe
O23 - Service: lxdo_device - - C:\WINDOWS\system32\lxdocoms.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
 
ComboFix Log

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\struct~.ini

.
((((((((((((((((((((((((( Files Created from 2008-08-03 to 2008-09-03 )))))))))))))))))))))))))))))))
.

2008-08-28 02:22 . 2008-08-28 02:23 <DIR> d-------- C:\Program Files\Combined Community Codec Pack
2008-08-28 00:51 . 2007-10-03 20:57 34,064 --a------ C:\WINDOWS\system32\Instexnt.exe
2008-08-28 00:51 . 2007-10-03 20:57 5,904 --a------ C:\WINDOWS\system32\Autoexnt.exe
2008-08-28 00:51 . 2007-10-03 20:57 2,364 --a------ C:\WINDOWS\system32\1.reg
2008-08-28 00:51 . 2007-10-03 20:57 2,320 --a------ C:\WINDOWS\system32\Servmess.dll
2008-08-28 00:51 . 2007-10-03 20:57 175 --a------ C:\WINDOWS\system32\Autoexnt.bat
2008-08-28 00:37 . 2008-08-28 00:37 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-27 22:07 . 2008-08-27 22:07 103,552 --a------ C:\WINDOWS\system32\wanigvpb.dll
2008-08-27 21:55 . 2008-08-27 21:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-27 02:55 . 2008-08-27 02:55 323,840 --a------ C:\WINDOWS\system32\khfGvvvw.dll.vir
2008-08-27 02:04 . 2008-08-27 02:04 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-08-26 23:01 . 2008-08-26 23:03 <DIR> d-------- C:\Program Files\WhatsRunning
2008-08-26 22:56 . 2008-08-27 02:23 347 --ahs---- C:\WINDOWS\system32\AIRrrqss.ini
2008-08-26 22:03 . 2008-08-26 22:03 <DIR> d-------- C:\Program Files\Lavasoft
2008-08-26 22:03 . 2008-08-26 22:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-26 21:00 . 2008-08-26 21:00 <DIR> d-------- C:\Program Files\Comodo
2008-08-26 21:00 . 2008-08-26 21:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2008-08-26 21:00 . 2008-08-26 21:00 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2008-08-26 21:00 . 2008-08-26 21:00 216,576 --a------ C:\WINDOWS\system32\monln.dll
2008-08-26 21:00 . 2008-08-26 21:00 102,400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys
2008-08-26 21:00 . 2008-08-26 21:00 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
2008-08-26 20:31 . 2008-08-26 20:31 244 --ah----- C:\sqmnoopt10.sqm
2008-08-26 20:31 . 2008-08-26 20:31 232 --ah----- C:\sqmdata10.sqm
2008-08-26 18:48 . 2008-08-26 18:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-08-26 03:06 . 2008-08-26 22:44 347 --ahs---- C:\WINDOWS\system32\Sssrttwa.ini
2008-08-26 01:06 . 2008-08-26 02:06 5,541 --a------ C:\WINDOWS\system32\tuvSmkhe.dll
2008-08-25 03:28 . 2008-08-25 03:28 244 --ah----- C:\sqmnoopt09.sqm
2008-08-25 03:28 . 2008-08-25 03:28 232 --ah----- C:\sqmdata09.sqm
2008-08-24 19:05 . 2008-08-24 21:17 355 --ahs---- C:\WINDOWS\system32\xuckhhuh.ini
2008-08-24 17:57 . 2008-08-24 03:45 380,928 --a------ C:\WINDOWS\rodqgpvlkoa.dll
2008-08-24 17:57 . 2008-08-24 03:45 233,472 --a------ C:\WINDOWS\pdoskegl.dll
2008-08-24 17:57 . 2008-08-24 03:45 188,416 --a------ C:\WINDOWS\rqbmvpso.dll
2008-08-24 17:57 . 2008-08-24 03:45 155,648 --a------ C:\WINDOWS\qalkfxor.dll
2008-08-24 17:57 . 2008-08-24 03:45 86,016 --a------ C:\WINDOWS\rvoelbxt.exe
2008-08-14 03:48 . 2008-05-01 07:30 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-11 03:23 . 2008-08-11 03:23 52,736 --ah----- C:\Documents and Settings\djira\Application Data\MBSWinPlugin2510.dll
2008-08-11 03:23 . 2008-08-11 03:23 43,008 --ah----- C:\Documents and Settings\djira\Application Data\MBSMainPlugin2510.dll
2008-08-11 03:23 . 2008-08-11 03:23 40,448 --ah----- C:\Documents and Settings\djira\Application Data\MBSCGPlugin2509.dll
2008-08-11 03:22 . 2008-08-11 03:22 86,528 --ah----- C:\Documents and Settings\djira\Application Data\rbap500.dll
2008-08-11 03:22 . 2008-08-11 03:22 57,344 --ah----- C:\Documents and Settings\djira\Application Data\MBSPicturePlugin2510.dll
2008-08-11 03:22 . 2008-08-11 03:22 33,280 --ah----- C:\Documents and Settings\djira\Application Data\MBSIconPlugin2510.dll
2008-08-11 03:22 . 2008-08-11 03:22 27,648 --ah----- C:\Documents and Settings\djira\Application Data\MBSWindowPlugin2510.dll
2008-08-11 03:22 . 2008-08-11 03:22 26,112 --ah----- C:\Documents and Settings\djira\Application Data\MBSRegistrationPlugin2455.dll
2008-08-04 15:26 . 2008-08-04 15:49 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-28 05:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-08-28 05:51 --------- d-----w C:\Program Files\RegistrySmart
2008-08-28 05:38 --------- d-----w C:\Program Files\Pegasys Inc
2008-08-27 09:37 --------- d-----w C:\Program Files\FlashGet
2008-08-27 05:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-27 05:02 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-27 04:00 499,712 ----a-w C:\WINDOWS\system32\MSVCP71.dll
2008-08-27 04:00 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-08-27 04:00 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2008-08-27 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2008-08-27 01:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-24 21:33 --------- d-----w C:\Program Files\Common Files\uusee
2008-08-24 21:16 --------- d-----w C:\Program Files\Java
2008-07-27 09:49 --------- d-----w C:\Program Files\Canon
2008-07-27 09:24 --------- d-----w C:\Program Files\Vimicro
2008-07-25 21:44 --------- d-----w C:\Program Files\MSN Messenger
2008-07-25 21:42 --------- d-----w C:\Program Files\Lexmark 9500 Series
2008-07-20 01:22 --------- d-----w C:\Documents and Settings\djira\Application Data\Lexmark Productivity Studio
2008-07-19 09:01 --------- d-----w C:\Documents and Settings\djira\Application Data\9500 Series
2008-07-19 04:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\9500 Series
2008-07-19 04:12 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-07-19 04:11 --------- d-----w C:\Program Files\Lexmark Applications
2008-07-19 04:10 --------- d-----w C:\Program Files\Common Files\NewSoft
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:38 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-01-20 08:19 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2004-08-26 23:36 76 --sh--w C:\Program Files\Common Files\Desktop.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue SpeedUpMyPC"="C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe" [2007-08-16 9495832]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-11-29 185896]
"lxdomon.exe"="C:\Program Files\Lexmark 9500 Series\lxdomon.exe" [2007-09-06 450560]
"lxdoamon"="C:\Program Files\Lexmark 9500 Series\lxdoamon.exe" [2007-08-09 20480]
"WrtMon.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe" [2007-04-11 26704]
"cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2008-08-26 110592]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-06-19 851968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]
"Symantec NetDriver Warning"="C:\PROGRA~1\Symantec\LIVEUP~1\SNDWarn.EXE" [2004-05-09 91256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln]
2008-08-26 21:00 216576 C:\WINDOWS\system32\monln.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Java\\j2re1.4.2_04\\bin\\javaw.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\djira\\Desktop\\C-XBox Tool 2\\cxboxtool.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\DPNSvr.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\Lexmark 9500 Series\\lxdomon.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdopswx.exe"=
"C:\\WINDOWS\\system32\\lxdocfg.exe"=
"C:\\Program Files\\Lexmark 9500 Series\\lxdoamon.exe"=
"C:\\Program Files\\Lexmark 9500 Series\\FRun.exe"=
"C:\\Program Files\\Abbyy FineReader 6.0 Sprint\\scan\\scanman6.exe"=
"C:\\WINDOWS\\system32\\lxdocoms.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdotime.exe"=
"C:\\Program Files\\Lexmark 9500 Series\\lxdoFax.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdojswx.exe"=
"C:\\Program Files\\Common Files\\uusee\\UUSeeMediaCenter.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:UDP"= 5353:UDP:Rendezvous
"6112:TCP"= 6112:TCP:blizzard

R2 AutoExNT;AutoExNT;C:\WINDOWS\system32\AutoExNT.Exe [2007-10-03 20:57]
R3 ATICDSDr;ATICDSDr;C:\DOCUME~1\djira\LOCALS~1\Temp\ATICDSDr.sys []
R4 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.syS []
S0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-10-30 20:22]
S1 SSHDRV65;SSHDRV65;C:\WINDOWS\System32\drivers\SSHDRV65.sys [2004-04-09 23:44]
S1 SSHDRV76;SSHDRV76;C:\WINDOWS\System32\drivers\SSHDRV76.sys [2004-04-09 23:48]
S2 lxdo_device;lxdo_device;C:\WINDOWS\system32\lxdocoms.exe [2007-09-20 13:05]
S2 lxdoCATSCustConnectService;lxdoCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdoserv.exe [2007-07-17 05:26]
S2 PfDetNT;PfDetNT;C:\WINDOWS\system32\drivers\PfModNT.sys [2006-08-11 15:56]


*Newly Created Service* - CATCHME
 
You must log in or register to reply here.
Back
Top