Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 17 of 17 Posts

·
Registered
Joined
·
37 Posts
Discussion Starter · #1 ·
I use a wireless router to play online games and have used wireless for the past year, it's been absolutely fine and worked well. Today however it has crashed several times, stopping me from not only playing games but also using internet explorer. Every time i reset the router or click to repair it, it will do so, but crash again several minutes later.
 

·
Super Moderator
Joined
·
65,961 Posts
you could try a recovery on the PC to be the issue started
start> programs>accessories>system tools>system restore - choose a date before the problem

anyone else using wireless and is it working OK for them ?

lets have a look at an xirrus screen shot

------------------------------------------------------------------------
{run Xirrus Wi-Fi Inspector} Download and install
If you cannot access the internet with this PC, then you will need to copy the program across to the faulty PC

http://www.xirrus.com/library/wifitools.php
Direct link to the program is here http://www.xirrus.com/library/wifi_download_redirect.php
Then run and install the program
if you get an error - You need NET Framework installed for the WiFi Inspector to function.

Run the program

post a screen shot of the program running - if there are a lot of networks showing can you click on "networks" top lefthand area - so we can see all the network information, and also post which network "Adapter Name" (1st column) is yours on the list

To post a screen shot of the active window, hold the Alt key and press the PrtScn key. Open the Windows PAINT application and Paste the screen shot. You can then use PAINT to trim to suit, and save it as a JPG format file.
To upload it to the forum, open the full reply window and use the Manage Attachments button to upload it here.
------------------------------------------------------------------------
 

·
Registered
Joined
·
37 Posts
Discussion Starter · #3 ·
I've also noticed that the mouse is always showing the egg timer as if it's always trying to load something.. Don't know if that means anything? And thank you for the fast response, i'll try and give it a go :)
 

·
Registered
Joined
·
37 Posts
Discussion Starter · #4 ·
Well this is what i got.. I couldn't connect to the internet at all now. Whenever i clicked to repair the connection it got stuck on 'renewing IP address', it will stay with that message for a few minutes then say there was a problem renewing the IP address.
 

Attachments

·
Registered
Joined
·
37 Posts
Discussion Starter · #5 ·
I tried using the system restore, i restored it to 2 days ago when i had no problems at all. Doesn't seem to have made a difference though :/ It still gets stuck on renewing my IP address.
 

·
Super Moderator
Joined
·
65,961 Posts
well the wireless can be seen, so something is blocking
what security suite do you have or have you ever had on the PC - norton, mcafee etc
lets see an ipconfig /all and some ping tests

------------------------------------------------------------------------
{ipconfig /all}
If you cannot access the internet with this PC, then you will need to paste the results into something like notepad and then copy onto a machine that can access the internet and post results here
We would like to see the results from ipconfig /all post back the results here
-> Start
-> (XP - enter the following in the RUN box)
cmd /k ipconfig /all
-> (Vista or Windows 7 - enter the following in the Search box)
cmd /k ipconfig /all

A black box will appear on the screen -
rightclick in the box
select all
enter
control key + C key - to copy

then reply here and
control key + V to paste
------------------------------------------------------------------------
{Ping Tests}
If you cannot access the internet with this PC, then you will need to paste the results into something like notepad and then copy onto a machine that can access the internet and post results here

Start> Run {search bar in Vista}> CMD to open a DOS window and type:

Type the following command
Ping {plus the number thats shown against the default gateway shown in above ipconfig /all}
Post back the results
rightclick in the box
select all
enter
control key + C key - to copy
then reply here and
control key + V to paste

Type the following command
Ping google.com
Post back the results
rightclick in the box
select all
enter
control key + C key - to copy
then reply here and
control key + V to paste

Type the following command
Ping 209.183.226.152
post back results
rightclick in the box
select all
enter
control key + C key - to copy
then reply here and
control key + V to paste
------------------------------------------------------------------------
 

·
Registered
Joined
·
37 Posts
Discussion Starter · #7 ·
Here are my results, and as for the security suites, i use COMODO internet security but i've had that well over a year and nothing has changed with that. Recently two new ones have turned up.. not sure if my brother installed it on my PC or something seeing as we share. One was norton internet security, and the other i can't remember the name of, i've deleted them both now and there's been no difference.

I'd be really interested to know though why my mouse icon comes up with the egg timer icon every few seconds, for a few seconds.. before disappearing and then reappearing again. Do you have any idea why this could be? It's never done that before.. since today. Could it be a virus of some sort? I did a virus scan with COMODO internet security, it found 9 threats so i removed them, this was after the problem started however so i don't think i removed something which could have caused this...
 

·
Super Moderator
Joined
·
65,961 Posts
post a HJT log - see signature for program - i will then move to virus forum - that sounds like you have a virus

did you use the removal tools to get rid of Norton and the other one ?

do the following
------------------------------------------------------------------------

TCP/IP stack repair options for use with Vista/Windows 7.

Start, Programs\Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.

Note: Type only the text in bold for the following commands.

Reset WINSOCK entries to installation defaults: netsh winsock reset catalog

Reset IPv4 TCP/IP stack to installation defaults. netsh int ipv4 reset reset.log

Reset IPv6 TCP/IP stack to installation defaults. netsh int ipv6 reset reset.log

Reboot the machine.

If you receive the message
The requested operation requires elevation.
The please open the command prompt as administrator - as requested above
Start, Programs\Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.

Post back the results here
rightclick in the box
select all
enter
control key + C key - to copy
then reply here and
control key + V to paste

------------------------------------------------------------------------

TCP/IP stack repair options for use with Windows XP with SP2/SP3.

Start, Run, CMD to open a command prompt:

In the command prompt window that opens, type type the following commands:

Note: Type only the text in bold for the following commands.

Reset TCP/IP stack to installation defaults, type: netsh int ip reset reset.log

Reset WINSOCK entries to installation defaults, type: netsh winsock reset catalog

Reboot the machine.

Post back the results here
rightclick in the box
select all
enter
control key + C key - to copy
then reply here and
control key + V to paste
------------------------------------------------------------------------
 

·
Registered
Joined
·
37 Posts
Discussion Starter · #10 ·
hmm i typed in those commands and the message came up 'please restart' or something.. So i restarted from the start menu.. When the PC rebooted the CMD didnt' come back up, altho for some reason my documents came up.. I'm guessing u wanted the results of the CMD though and not what was in my documents? If it didn't come up should i have restarted differently or something? :p
 

·
Super Moderator
Joined
·
65,961 Posts
no its OK - so long is you didnot get any error messages or need elevation messages or access denied

i assume it still does not work
 

·
Super Moderator
Joined
·
65,961 Posts
you dont need to do anything to post do you remember if the commands actually worked or if you received a message like need elevation messages or access denied

i assume it still does not work
 

·
Super Moderator
Joined
·
65,961 Posts
lets see an HJT log and then i will move to virus forum - note that may take a day to two to decode
 

·
Registered
Joined
·
37 Posts
Discussion Starter · #17 ·
Nevermind here it is

I have pasted into the post as that is the preffered method

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:58, on 16/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Neal Greenaway\Application Data\ssjf.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\wjdrive32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\V0330Mon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Vtune\TBPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\vyre32.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\vyre32.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\EDIMAX\Common\RaUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\Neal Greenaway\Application Data\ssjf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Neal Greenaway\Application Data\ssjf.exe -dwup
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Subsystem Monitor] C:\WINDOWS\system32\csrns.exe
O4 - HKLM\..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vyre32] C:\WINDOWS\system32\vyre32.exe
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\wjdrive32.exe
O4 - HKCU\..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ghccyoo] C:\WINDOWS\system32\0hdyy6k.exe
O4 - HKCU\..\Run: [ojkplg] C:\WINDOWS\system32\s1okkfww.exe
O4 - HKCU\..\Run: [otpklq] C:\WINDOWS\system32\ijokkaq0rc.exe
O4 - HKCU\..\Run: [abwwsii] C:\WINDOWS\system32\faa6mm6yy.exe
O4 - HKCU\..\Run: [ssneezq] C:\WINDOWS\system32\a3ccxoojaav.exe
O4 - HKCU\..\Run: [iieuu] C:\WINDOWS\system32\m1ieezqg0c.exe
O4 - HKCU\..\Run: [chsdezv] C:\WINDOWS\system32\plgg6ss6.exe
O4 - HKCU\..\Run: [ookaa6] C:\WINDOWS\system32\hyytkkfwwri.exe
O4 - HKCU\..\Run: [sneez] C:\WINDOWS\system32\njzzvllh.exe
O4 - HKCU\..\Run: [lmrni] C:\WINDOWS\system32\y9u1qmmhyy.exe
O4 - HKCU\..\Run: [eaavm] C:\WINDOWS\system32\dzpplbbxnn.exe
O4 - HKCU\..\Run: [xyt0z] C:\WINDOWS\system32\dttpffbr.exe
O4 - HKCU\..\Run: [topkggb] C:\WINDOWS\system32\70fbww6.exe
O4 - HKCU\..\Run: [zvllhx] C:\WINDOWS\system32\iidzzvllhx.exe
O4 - HKCU\..\Run: [qlrcxn] C:\WINDOWS\system32\3m1d70k.exe
O4 - HKCU\..\Run: [duupggb] C:\WINDOWS\system32\wwriiduupg.exe
O4 - HKCU\..\Run: [lccxo] C:\WINDOWS\system32\u6gg6ss1.exe
O4 - HKCU\..\Run: [qmcc6e] C:\WINDOWS\system32\70plgg6.exe
O4 - HKCU\..\Run: [llhxxtj] C:\WINDOWS\system32\q1miioj0.exe
O4 - HKCU\..\Run: [Subsystem Monitor] C:\WINDOWS\system32\csrns.exe
O4 - HKCU\..\Run: [zvvgbc] C:\WINDOWS\system32\u6k3g0hdd.exe
O4 - HKCU\..\Run: [uzklb70] C:\WINDOWS\system32\1f70bh0.exe
O4 - HKCU\..\Run: [lmhxytj] C:\WINDOWS\system32\uk66w8s1jp.exe
O4 - HKCU\..\Run: [oufqbm] C:\WINDOWS\system32\jp66g871.exe
O4 - HKCU\..\Run: [uvlbchx] C:\WINDOWS\system32\euvqbbrsnd.exe
O4 - HKCU\..\Run: [fvwrx6] C:\WINDOWS\system32\je0lghm5nje.exe
O4 - HKCU\..\Run: [tookaa6] C:\WINDOWS\system32\0kkfwwr.exe
O4 - HKCU\..\Run: [ggbss] C:\WINDOWS\system32\o3qqlccxooj.exe
O4 - HKCU\..\Run: [aavmmhy] C:\WINDOWS\system32\jk70lhcc6o.exe
O4 - HKCU\..\Run: [qqmcc6o] C:\WINDOWS\system32\1wssnee.exe
O4 - HKCU\..\Run: [miiduu] C:\WINDOWS\system32\bxc3ee0q.exe
O4 - HKCU\..\Run: [hcdyuup] C:\WINDOWS\system32\g6c3ee0q.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [nijea] C:\WINDOWS\system32\to1kggbssn.exe
O4 - HKCU\..\Run: [vrhhdt] C:\WINDOWS\system32\fbrrnddz.exe
O4 - HKCU\..\Run: [qlccx] C:\WINDOWS\system32\a1wssnee.exe
O4 - HKCU\..\Run: [lgg6s] C:\WINDOWS\system32\vrmm6yy6.exe
O4 - HKCU\..\Run: [okaa6] C:\WINDOWS\system32\plgg6ss6.exe
O4 - HKCU\..\Run: [pkk6w] C:\WINDOWS\system32\q9m1ieezqq.exe
O4 - HKCU\..\Run: [jeeaqq6] C:\WINDOWS\system32\6q86c8j.exe
O4 - HKCU\..\Run: [mnieez] C:\WINDOWS\system32\gmh08oev.exe
O4 - HKCU\..\Run: [eezqq] C:\WINDOWS\system32\0ccxooj.exe
O4 - HKCU\..\Run: [rsn0t] C:\WINDOWS\system32\75m70nj.exe
O4 - HKCU\..\Run: [pavlmhi] C:\WINDOWS\system32\fwwriiduupg.exe
O4 - HKCU\..\Run: [bwxsooj] C:\WINDOWS\system32\ojaavmmh.exe
O4 - HKCU\..\Run: [ndj66] C:\WINDOWS\system32\iiduupgw.exe
O4 - HKCU\..\Run: [xtjjfv] C:\WINDOWS\system32\w1soojalgg.exe
O4 - HKCU\..\Run: [eefaa] C:\WINDOWS\system32\10zv5rx.exe
O4 - HKCU\..\Run: [duupgg] C:\WINDOWS\system32\ttpffbrrndd.exe
O4 - HKCU\..\Run: [rmii86] C:\WINDOWS\system32\rns86e8a.exe
O4 - HKCU\..\Run: [uffww9] C:\WINDOWS\system32\iyze8a1r70.exe
O4 - HKCU\..\Run: [qlghm] C:\WINDOWS\system32\g81mxytz60b.exe
O4 - HKCU\..\Run: [jfvvrh] C:\WINDOWS\system32\mcdyy6kk6.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\wjdrive32.exe
O4 - Startup: 03q0rnd.exe
O4 - Startup: 0brx60z.exe
O4 - Startup: 0bxss6e.exe
O4 - Startup: 0di81fa.exe
O4 - Startup: 0hm3o1e.exe
O4 - Startup: 0hnxtop.exe
O4 - Startup: 0hxd60f.exe
O4 - Startup: 0iiduup.exe
O4 - Startup: 0jfaa6m.exe
O4 - Startup: 0lbh66y.exe
O4 - Startup: 0ndduk0.exe
O4 - Startup: 0njee6q.exe
O4 - Startup: 0pk6g86.exe
O4 - Startup: 0puvqgw.exe
O4 - Startup: 0rw86i8.exe
O4 - Startup: 0s1j703.exe
O4 - Startup: 0ssneez.exe
O4 - Startup: 0va86m8.exe
O4 - Startup: 0vlr60t.exe
O4 - Startup: 0xtoo6a.exe
O4 - Startup: 1a81m0t.exe
O4 - Startup: 1cyytkv.exe
O4 - Startup: 1fplghm.exe
O4 - Startup: 1grsny8.exe
O4 - Startup: 1ijo86a.exe
O4 - Startup: 1v703c0.exe
O4 - Startup: 1wxc81z.exe
O4 - Startup: 2fgb081.exe
O4 - Startup: 2jee6qq.exe
O4 - Startup: 2jkf081.exe
O4 - Startup: 2xss6ee.exe
O4 - Startup: 3a0brx6.exe
O4 - Startup: 3lwhnt8.exe
O4 - Startup: 3mhxytj.exe
O4 - Startup: 3mmhyyt.exe
O4 - Startup: 3ojp60r.exe
O4 - Startup: 3q1h703.exe
O4 - Startup: 3qvrhhy.exe
O4 - Startup: 3w0xnt6.exe
O4 - Startup: 5c6xytz.exe
O4 - Startup: 5ccsty8.exe
O4 - Startup: 5dzuva8.exe
O4 - Startup: 5hdyze8.exe
O4 - Startup: 5io5jfa.exe
O4 - Startup: 5k6g86s.exe
O4 - Startup: 5mdte1u.exe
O4 - Startup: 5njefk8.exe
O4 - Startup: 5p0vrmm.exe
O4 - Startup: 5plghm8.exe
O4 - Startup: 5ulq86c.exe
O4 - Startup: 5uufw97.exe
O4 - Startup: 60hc0to.exe
O4 - Startup: 60jpzvq.exe
O4 - Startup: 60lg0nt.exe
O4 - Startup: 60lg0xs.exe
O4 - Startup: 60pk0rx.exe
O4 - Startup: 60xito8.exe
O4 - Startup: 66k81wh.exe
O4 - Startup: 66u86g8.exe
O4 - Startup: 6a81mxy.exe
O4 - Startup: 6a86m81.exe
O4 - Startup: 6c81oza.exe
O4 - Startup: 6e86q81.exe
O4 - Startup: 6gg6ss6.exe
O4 - Startup: 6ii6uu6.exe
O4 - Startup: 6k86w81.exe
O4 - Startup: 6m8ty97.exe
O4 - Startup: 6mm6yy6.exe
O4 - Startup: 6pfq1gh.exe
O4 - Startup: 6q81cno.exe
O4 - Startup: 6vlw1mn.exe
O4 - Startup: 6y81kvw.exe
O4 - Startup: 6zppfl6.exe
O4 - Startup: 70gm6d2.exe
O4 - Startup: 70vbmrs.exe
O4 - Startup: 70vrmm6.exe
O4 - Startup: 75g70hd.exe
O4 - Startup: 7891cno.exe
O4 - Startup: 810zvll.exe
O4 - Startup: 81almhn.exe
O4 - Startup: 81almhx.exe
O4 - Startup: 81epqlb.exe
O4 - Startup: 81mxytj.exe
O4 - Startup: 81qbcxd.exe
O4 - Startup: 81whidj.exe
O4 - Startup: 81whidt.exe
O4 - Startup: 86e8lq8.exe
O4 - Startup: 86ioz0v.exe
O4 - Startup: 86o81al.exe
O4 - Startup: 86q81cn.exe
O4 - Startup: 86u8q1h.exe
O4 - Startup: 86y91kv.exe
O4 - Startup: 870hcid.exe
O4 - Startup: 91grsnt.exe
O4 - Startup: 91mxytj.exe
O4 - Startup: 91o2pql.exe
O4 - Startup: 91q3cxn.exe
O4 - Startup: 91sdezp.exe
O4 - Startup: 97081gr.exe
O4 - Startup: 97081it.exe
O4 - Startup: 97081w8.exe
O4 - Startup: 97081wh.exe
O4 - Startup: 9o1kggb.exe
O4 - Startup: a0rm0dy0.exe
O4 - Startup: a1r70yyo.exe
O4 - Startup: a3r65n0zpp.exe
O4 - Startup: a5w1mns81p.exe
O4 - Startup: a70bxss6e.exe
O4 - Startup: a70rrsn08.exe
O4 - Startup: a86m81yjk.exe
O4 - Startup: a86m8703u.exe
O4 - Startup: aav2xss7.exe
O4 - Startup: abg81sdezp.exe
O4 - Startup: agbh66y86k.exe
O4 - Startup: arr2xyt0.exe
O4 - Startup: bbxnnjzzvll.exe
O4 - Startup: bcx081ep.exe
O4 - Startup: bcx6dezf.exe
O4 - Startup: bcxd60flvrm.exe
O4 - Startup: bcxnojkf.exe
O4 - Startup: bcxnojzavl.exe
O4 - Startup: bww6ii6uu6l.exe
O4 - Startup: bwxc86o81a.exe
O4 - Startup: c3idj60q.exe
O4 - Startup: csi0jzf6.exe
O4 - Startup: cxd2jkf0.exe
O4 - Startup: d081kvwrh.exe
O4 - Startup: dozavb60d.exe
O4 - Startup: dozavlmhx.exe
O4 - Startup: dtupfgbc.exe
O4 - Startup: dyy6kk6ww.exe
O4 - Startup: dyy6kk6ww6i.exe
O4 - Startup: dyz081qbcx.exe
O4 - Startup: dzupqlmh081.exe
O4 - Startup: e0vblhsxi.exe
O4 - Startup: e1ufgbrsn.exe
O4 - Startup: e5aaqrw81t.exe
O4 - Startup: e5g1wxc81o.exe
O4 - Startup: e70fbww6i.exe
O4 - Startup: e81bwxc81.exe
O4 - Startup: e81qbss6t.exe
O4 - Startup: e9a1wssnee.exe
O4 - Startup: epqlr66i8u.exe
O4 - Startup: fbwxc81oz.exe
O4 - Startup: ffgb081i.exe
O4 - Startup: fk86w81i.exe
O4 - Startup: fplghm86y8.exe
O4 - Startup: fqbcxd60f.exe
O4 - Startup: fqbhdte1u.exe
O4 - Startup: fvb66s86.exe
O4 - Startup: fvb66s87.exe
O4 - Startup: g6w81topu.exe
O4 - Startup: g81dyze81qb.exe
O4 - Startup: g9c1yuzfg7.exe
O4 - Startup: gb081itupv6.exe
O4 - Startup: gbcxnojz.exe
O4 - Startup: gbssneezqq.exe
O4 - Startup: glhh66y86k.exe
O4 - Startup: gmh0yyej.exe
O4 - Startup: grsndezpql.exe
O4 - Startup: gwcndezfa.exe
O4 - Startup: gwxc81zuva.exe
O4 - Startup: h2y5tpkl.exe
O4 - Startup: h3ytz60b.exe
O4 - Startup: h5yyopu8.exe
O4 - Startup: h61jefk8.exe
O4 - Startup: h70ooekalg.exe
O4 - Startup: h86y81kv.exe
O4 - Startup: hc0to0vblh.exe
O4 - Startup: hc1yuupggb.exe
O4 - Startup: hcid081k.exe
O4 - Startup: hhdttpffbrr.exe
O4 - Startup: hm86y81kvw.exe
O4 - Startup: hnxtopu81r.exe
O4 - Startup: hx66y87081w.exe
O4 - Startup: hxd60flv.exe
O4 - Startup: hyytkkfw.exe
O4 - Startup: i1yjkfvwr.exe
O4 - Startup: i5e1kplghm.exe
O4 - Startup: i6y86k81w.exe
O4 - Startup: i81ufgbrs.exe
O4 - Startup: i9e2fwwrii.exe
O4 - Startup: idoz6lbrmh.exe
O4 - Startup: idzz2fgb0.exe
O4 - Startup: iiyo0pfl.exe
O4 - Startup: itejufgbr.exe
O4 - Startup: ittup081w.exe
O4 - Startup: iyo0pfl66c.exe
O4 - Startup: iytupql08.exe
O4 - Startup: j0plgg6ss.exe
O4 - Startup: jaavmmhy.exe
O4 - Startup: je6qlhh2no.exe
O4 - Startup: jee6qq1m9i1.exe
O4 - Startup: jefkarhs89.exe
O4 - Startup: jff6703s0tj.exe
O4 - Startup: jfvvrhhdtt.exe
O4 - Startup: jj66a86m81y.exe
O4 - Startup: jkfgb081.exe
O4 - Startup: k5ggwxc81z.exe
O4 - Startup: k81w2xyt081.exe
O4 - Startup: k86w81itk1a.exe
O4 - Startup: ka0brx66o8.exe
O4 - Startup: kabg86s81ea.exe
O4 - Startup: kfwwriiduu.exe
O4 - Startup: kgw0ssneez.exe
O4 - Startup: kk6ww6ii6.exe
O4 - Startup: kkbb81sde.exe
O4 - Startup: kkfwwriidu.exe
O4 - Startup: kvwrx60euk.exe
O4 - Startup: l081sdezf.exe
O4 - Startup: l2hcc6oo.exe
O4 - Startup: l703s0tjp6.exe
O4 - Startup: lbbrx66o86a.exe
O4 - Startup: lbbxnnjz.exe
O4 - Startup: lhxi1yze81b.exe
O4 - Startup: lmhn60pvfb.exe
O4 - Startup: lmhxytup.exe
O4 - Startup: lq86c81o2.exe
O4 - Startup: lw1mns81.exe
O4 - Startup: lwbm3i1z70g.exe
O4 - Startup: m1cdi81u.exe
O4 - Startup: m3i0jk5gg.exe
O4 - Startup: m3ytz60bhrn.exe
O4 - Startup: m6c81ozav.exe
O4 - Startup: m81jefk81wh.exe
O4 - Startup: mcdi86u81g.exe
O4 - Startup: mhdd2jkf0.exe
O4 - Startup: mhdo1eu1qr.exe
O4 - Startup: mhyytkkfww.exe
O4 - Startup: mns81epqlb.exe
O4 - Startup: mxinyjfaq.exe
O4 - Startup: n0tpkk6mr.exe
O4 - Startup: n2euk6gm70n.exe
O4 - Startup: njefk81wh.exe
O4 - Startup: njj66a86.exe
O4 - Startup: njzzvllh.exe
O4 - Startup: nn2e5zaqg.exe
O4 - Startup: nnoj081q.exe
O4 - Startup: nojzavlmhxy.exe
O4 - Startup: nojzavwr.exe
O4 - Startup: ns2tup081w.exe
O4 - Startup: nt2k5fbw.exe
O4 - Startup: ny1opu86.exe
O4 - Startup: nytz66grc0.exe
O4 - Startup: o0pfl66c.exe
O4 - Startup: o1eu1l70.exe
O4 - Startup: o1kggbss.exe
O4 - Startup: o2pql081sde.exe
O4 - Startup: o5pa86m3yt.exe
O4 - Startup: o69a1wssne.exe
O4 - Startup: o6aa6mm6.exe
O4 - Startup: o6fg70hd.exe
O4 - Startup: o9k1gchdtt.exe
O4 - Startup: oefk86w81i.exe
O4 - Startup: oj081qbc.exe
O4 - Startup: ojeuavgrcs.exe
O4 - Startup: ojzavwr03i.exe
O4 - Startup: ooeu0vlr66.exe
O4 - Startup: opu81rmns8.exe
O4 - Startup: ozkpalmhx.exe
O4 - Startup: p703w0xnt6.exe
O4 - Startup: pffbrrnd.exe
O4 - Startup: pfgbrsnoj0.exe
O4 - Startup: pggbssne.exe
O4 - Startup: pk1gccxooj.exe
O4 - Startup: pklq81cnoj.exe
O4 - Startup: pql0x1yze3.exe
O4 - Startup: pqlbcxnojkf.exe
O4 - Startup: pqlbcxyt.exe
O4 - Startup: pqlr60tzjf.exe
O4 - Startup: pva81mxytz.exe
O4 - Startup: q0rnddtz.exe
O4 - Startup: q1miiduupg.exe
O4 - Startup: q3cxnojzav.exe
O4 - Startup: q5mmcd081u.exe
O4 - Startup: qbxnnjzzvl.exe
O4 - Startup: qhh2noj0.exe
O4 - Startup: qqlccxoo.exe
O4 - Startup: qrw86i81uf.exe
O4 - Startup: qvg970oo.exe
O4 - Startup: qwr03i0j.exe
O4 - Startup: r7081ozavb.exe
O4 - Startup: rbxsty8fk8.exe
O4 - Startup: rhn66e83.exe
O4 - Startup: rmns86e81q.exe
O4 - Startup: rns870pfl86.exe
O4 - Startup: rsnoj081.exe
O4 - Startup: rsnt60vblhc.exe
O4 - Startup: rwnddezf.exe
O4 - Startup: rx5ooefk.exe
O4 - Startup: s5njefk86w.exe
O4 - Startup: s6ee6qq6.exe
O4 - Startup: s81epqb0m0n.exe
O4 - Startup: s86e81qbcxd.exe
O4 - Startup: s9o1kgg0ss.exe
O4 - Startup: sdotepqlb.exe
O4 - Startup: smss.exe
O4 - Startup: sn0oz0va.exe
O4 - Startup: snd2ppvq.exe
O4 - Startup: sndezpqlmh.exe
O4 - Startup: snjj2pql081.exe
O4 - Startup: sooz6lbrmhd.exe
O4 - Startup: ss6ee6qq6.exe
O4 - Startup: ss6jk70lh.exe
O4 - Startup: ssnojzav.exe
O4 - Startup: stju1klq86.exe
O4 - Startup: sxnt60vqrw.exe
O4 - Startup: t0zvqq6cc.exe
O4 - Startup: t70pfvwrhi.exe
O4 - Startup: tjjp0lq81cn.exe
O4 - Startup: tju1klq86.exe
O4 - Startup: tkkfwwri.exe
O4 - Startup: tpa1qrw86i.exe
O4 - Startup: tpklq86c8.exe
O4 - Startup: tup0vlr6.exe
O4 - Startup: tupfgbc6.exe
O4 - Startup: tupfgbcx081.exe
O4 - Startup: u3ghxxnt66.exe
O4 - Startup: u3wwr2too6a.exe
O4 - Startup: u4vvmmhyy.exe
O4 - Startup: u6k81whid.exe
O4 - Startup: u70llhxxt.exe
O4 - Startup: u86mrhn81ef.exe
O4 - Startup: u9q1mxdpff.exe
O4 - Startup: ua0bxx66.exe
O4 - Startup: ue10q1xsty.exe
O4 - Startup: uka0brx66o.exe
O4 - Startup: upggbssnee.exe
O4 - Startup: upv60xdd.exe
O4 - Startup: uupggbsnne.exe
O4 - Startup: uvllhh81yj.exe
O4 - Startup: v0gmxs0zu.exe
O4 - Startup: v7081sdezf.exe
O4 - Startup: va2bcx0dtz6.exe
O4 - Startup: vblhcdi3e1.exe
O4 - Startup: vlmhxytjkf.exe
O4 - Startup: vqq6m3oe9.exe
O4 - Startup: vrmm6yy6.exe
O4 - Startup: vvlr66i8.exe
O4 - Startup: vwrsdi86u81.exe
O4 - Startup: vww81itupfg.exe
O4 - Startup: vww81topu81.exe
O4 - Startup: w1dnjefk.exe
O4 - Startup: w1mns86e.exe
O4 - Startup: w1soojaavm.exe
O4 - Startup: w5ssijo86a.exe
O4 - Startup: w6m81jepf.exe
O4 - Startup: w81topu81g3.exe
O4 - Startup: wcx081ep.exe
O4 - Startup: wgmindj66q.exe
O4 - Startup: whi70jzf6.exe
O4 - Startup: whidtupfgb.exe
O4 - Startup: whidtzvlw1.exe
O4 - Startup: whsxitupf.exe
O4 - Startup: wrhidez081.exe
O4 - Startup: wwmc1t70.exe
O4 - Startup: x703e0fbb6.exe
O4 - Startup: xc2dez081g.exe
O4 - Startup: xcydtupql0.exe
O4 - Startup: xhdyze86q8.exe
O4 - Startup: xi1yze86.exe
O4 - Startup: xitupv60x.exe
O4 - Startup: xndezpql.exe
O4 - Startup: xnnjzzvq.exe
O4 - Startup: xtjjfvvr.exe
O4 - Startup: xtju1klq86c.exe
O4 - Startup: xtt2k5fb.exe
O4 - Startup: xytjkfgb.exe
O4 - Startup: y2zav081cno.exe
O4 - Startup: y3o1ka1hr.exe
O4 - Startup: y6kk6ww6.exe
O4 - Startup: y6o81a9w6.exe
O4 - Startup: y81kvwrhi.exe
O4 - Startup: y81kvwrhidt.exe
O4 - Startup: yi6kpll2rh.exe
O4 - Startup: yjuzkvwrh.exe
O4 - Startup: ytz66q81cn.exe
O4 - Startup: yu6karhs8.exe
O4 - Startup: z1vbg81sd.exe
O4 - Startup: z3qvrhhy.exe
O4 - Startup: z9vgbsxtjjf.exe
O4 - Startup: zalg7ntup.exe
O4 - Startup: zavb60ni6uu.exe
O4 - Startup: zf6rw86i81.exe
O4 - Startup: zpv60xdnjef.exe
O4 - Startup: zqqlccxo.exe
O4 - Startup: zuu70bxss.exe
O4 - Startup: zvv2bcx0.exe
O4 - Global Startup: hpzrcv01.LNK = C:\Program Files\HP\Temp\{7F08A772-2816-4F46-84F1-49578502AD28}\setup\hpzstub.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/da/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 24984 bytes
 

Attachments

1 - 17 of 17 Posts
Status
Not open for further replies.
Top