Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 6.3.2025 / 10:57
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > help with possible security issue.
Show topics
 
Forums
Forums
help with possible security issue.
  Jump to:
 
Posted Message
born2ride
Senior Member
_ 		10. August 2008 @ 16:48 _ Link to this message    Send private message to this user   
i am using avast and spybot on the laptop which is a gateway mt6451. running vista home. i had some virus issue. but lately i was asking to validate my window copy..
i ran atf. then Malwarebytes' Anti-Malware then combo fix.
malware loglooking for it
Malwarebytes' Anti-Malware 1.24
Database version: 1038
Windows 6.0.6000

3:38:43 PM 8/10/2008
mbam-log-8-10-2008 (15-38-43).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 137986
Time elapsed: 59 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\System32\ci.dll (Trojan.BHO) -> Quarantined and deleted successfully.






combo log
ComboFix 08-08-10.01 - Jessy 2008-08-10 15:58:10.1 - NTFSx86
Microsoft® Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.1004 [GMT -4:00]
Running from: C:\Users\Jessy\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\#SharedObjects\VBMRTB2F\interclick.com
C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\#SharedObjects\VBMRTB2F\interclick.com\ud.sol
C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-07-10 to 2008-08-10 )))))))))))))))))))))))))))))))
.

2008-08-10 13:48 . 2008-08-10 13:48 <DIR> d-------- C:\Users\Jessy\AppData\Roaming\Malwarebytes
2008-08-10 13:48 . 2008-08-10 13:48 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-08-10 13:48 . 2008-08-10 13:48 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-08-10 13:48 . 2008-08-10 15:38 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-10 13:48 . 2008-07-30 20:07 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-10 13:48 . 2008-07-30 20:07 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-07-31 16:21 . 2008-07-31 16:22 <DIR> d-------- C:\Program Files\iTunes
2008-07-31 16:21 . 2008-07-31 16:21 <DIR> d-------- C:\Program Files\iPod
2008-07-25 21:37 . 2008-07-25 21:37 <DIR> d-------- C:\Windows\Sun
2008-07-24 15:32 . 2008-07-24 15:32 <DIR> d-------- C:\Program Files\Bonjour
2008-07-24 15:31 . 2008-07-24 15:32 <DIR> d-------- C:\Program Files\QuickTime
2008-07-24 15:25 . 2008-07-24 15:26 <DIR> d-------- C:\Program Files\Safari
2008-07-24 07:28 . 2008-07-24 07:28 <DIR> d-------- C:\Users\Jessy\AppData\Roaming\Auslogics
2008-07-24 07:28 . 2008-07-24 07:28 <DIR> d-------- C:\Program Files\Auslogics
2008-07-23 06:51 . 2008-07-23 06:51 <DIR> d-------- C:\Program Files\CCleaner
2008-07-22 21:26 . 2008-08-10 15:54 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-07-22 21:26 . 2008-08-10 15:54 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-07-22 21:26 . 2008-07-22 21:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-21 21:04 . 2008-07-21 21:04 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-21 21:04 . 2008-07-19 10:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2008-07-18 00:47 . 2008-06-25 20:33 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-18 00:47 . 2008-06-25 20:33 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-18 00:45 . 2008-06-25 20:33 11,722,752 --a------ C:\Windows\System32\NlsLexicons0001.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-06 20:39 6,238 ----a-w C:\Users\Jessy\AppData\Roaming\wklnhst.dat
2008-07-24 11:31 --------- d-----w C:\Program Files\BigFix
2008-07-24 11:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-24 11:24 --------- d-----w C:\Program Files\Google
2008-07-22 01:02 --------- d-----w C:\ProgramData\Microsoft Help
2008-07-09 07:09 174 --sha-w C:\Program Files\desktop.ini
2008-07-09 07:01 --------- d-----w C:\Program Files\Windows Mail
2008-07-02 16:18 --------- d-----w C:\Users\Jessy\AppData\Roaming\FileZilla
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-05-10 03:30 14,848 ----a-w C:\Windows\System32\wshrm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 16:35 90112]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2006-12-19 16:18 1429504]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 17:58 815104]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-10 00:43 729088]
"NapsterShell"="C:\Program Files\Napster\napster.exe" [2006-09-06 16:12 323216]
"HostManager"="C:\Program Files\Common Files\AOL\1194657096\ee\AOLSoftware.exe" [2007-05-25 13:16 42032]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-26 12:09 185896]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 10:38 78008]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]

C:\Users\Jessy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-299215726-2030545507-1186659468-1000]
"EnableNotificationsRef"=dword:00000002

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-299215726-2030545507-1186659468-500]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{AA8D6ED4-3CA2-41B3-AD01-98C323FE42F4}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{AC860C06-C484-46B0-BB86-0F58061A895B}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BE163E75-2DE7-4173-B43B-CFD83A33D3EB}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{F9A0001D-D222-444D-BD5A-68020565FDC8}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{82AE3B2E-25AB-4265-8069-DEAABC624047}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{30C388AE-DBEC-40E9-AAF4-41F7185137C2}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{9EBABBD8-4883-47A8-A1FD-3FBE61B5FEDD}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{DD228E12-B4E7-4D87-B293-9A46B740EF9C}"= UDP:C:\Program Files\Common Files\aol\1194657096\ee\aolsoftware.exe:AOL Shared Components
"{2E5FC8FA-7EC9-4C62-AD34-97735060C060}"= TCP:C:\Program Files\Common Files\aol\1194657096\ee\aolsoftware.exe:AOL Shared Components
"{BE0D2DBD-5C9C-4314-B6C6-1A8A7949A245}"= UDP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{54B2586A-7920-49FC-BAA7-2F307A7FD206}"= TCP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{779B2357-03F9-4D8D-9B05-45EAFF262A24}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{3438ACFA-925B-4EB0-AA19-513E13453BE7}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{6F7B60E6-3704-4A4E-A4C7-526840908B5A}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{BBC78EDE-439B-4744-BB42-057F1317543D}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{185FF1D1-EAB0-49C4-9AA1-6A776DC919C5}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{81EBBDB1-EA5D-4971-89CC-9EA11E1B6124}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{336C471A-2606-4E83-8821-1ABF1D53AEAC}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{12BDACF0-123E-4EFC-B8D9-C731C8FA554C}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{D8BF2A06-9557-4AA2-9B20-7B56006114E3}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{C84F0733-DB05-4672-8CA1-5A7C453D6F62}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 10:35]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 10:37]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 10:36]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 03:30]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {9EB1C655-331C-5034-CCF8-436FA4B4A3DA} /qb
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Jessy\AppData\Roaming\Mozilla\Firefox\Profiles\24qpix6x.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-10 16:01:13
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-10 16:02:36
ComboFix-quarantined-files.txt 2008-08-10 20:02:25

Pre-Run: 103,039,148,032 bytes free
Post-Run: 103,011,848,192 bytes free

135 --- E O F --- 2008-08-07 19:29:46


going to run a hijack log next
[ + quote]
fix my brain!!!

Then check out my farm: http://www.motoxfarms.com
And my freaky fainting goats: http://fantasticfainters.blogspot.com

This message has been edited since posting. Last time this message was edited on 10. August 2008 @ 17:28
Advertisement
_ 		__
2oldGeek
AfterDawn Addict
_ 		10. August 2008 @ 17:46 _ Link to this message    Send private message to this user   
Hi again, born2ride.

Post your HijackThis Log also....
[ + quote]


There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
born2ride
Senior Member
_ 		10. August 2008 @ 19:36 _ Link to this message    Send private message to this user   
2OG
hello again..
HiJack log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34, on 2008-08-10
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Common Files\aol\1194657096\ee\aolsoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?...ys=PTB&M=MT6451
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?...ys=PTB&M=MT6451
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?...ys=PTB&M=MT6451
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1194657096\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7442 bytes

[ + quote]
fix my brain!!!

Then check out my farm: http://www.motoxfarms.com
And my freaky fainting goats: http://fantasticfainters.blogspot.com
2oldGeek
AfterDawn Addict
_ 		11. August 2008 @ 03:08 _ Link to this message    Send private message to this user   
You are CLEAN - no problems that I can see...
[ + quote]


There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
Advertisement
_ 		__
 
_
born2ride
Senior Member
_ 		11. August 2008 @ 08:47 _ Link to this message    Send private message to this user   
2OG
thanks for looking.
off to seach for some answers.

[ + quote]
fix my brain!!!

Then check out my farm: http://www.motoxfarms.com
And my freaky fainting goats: http://fantasticfainters.blogspot.com
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > help with possible security issue.
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork