 Infected With Zango, Websearch And I'm Not Sure What Else, Dell Dimensionxps R400, OS Windows 2000 professional - keeps crashing |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
 May 11 2008, 10:09 AM
Post
#1
|
|
|
New Member  Group: Members Posts: 10 Joined: 11-February 08 From: Texas Member No.: 189,681  |
Deckard's System Scanner v20071014.68
Run by Administrator on 2008-05-11 09:49:29 Computer is in Normal Mode. -------------------------------------------------------------------------------- Backed up registry hives. Performed disk cleanup. System Drive C: has 0.91 GiB (less than 15%) free. -- HijackThis (run as Administrator.exe) --------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:51:58 AM, on 5/11/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\MsPMSPSv.exe C:\WINNT\system32\svchost.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Winamp\Winampa.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Administrator\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://top-find4u.com/sp.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://top-find4u.com/sp.htm R3 - URLSearchHook: (no name) - <default> - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1 O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tr...Transporter.cab? O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/...1ee4b511a6285be O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe -- End of file - 8110 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R2 MCSTRM - c:\winnt\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)> R3 allegro (ESS Allegro Audio Driver (WDM)) - c:\winnt\system32\drivers\es198x.sys <Not Verified; ESS Technology, Inc.; Windows ® 2000 DDK driver> S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S2 NNServ - "c:\program files\newdotnet\nnrun.exe" "c:\program files\newdotnet\nncore.dll" servicestart (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-04-11 and 2008-05-11 ----------------------------- 2008-05-11 01:43:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-05-11 01:43:21 0 d-------- C:\WINNT\system32\Kaspersky Lab 2008-05-11 01:27:12 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_23c.dat 2008-05-11 00:10:44 0 d-------- C:\Program Files\Java 2008-05-11 00:10:38 0 d-------- C:\Program Files\Common Files\Java 2008-05-11 00:10:07 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun 2008-05-10 09:03:04 0 d-------- C:\Program Files\Lavasoft 2008-05-08 17:34:12 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_244.dat 2008-05-05 19:10:20 50688 --a------ C:\Program Files\ATF-Cleaner.exe <Not Verified; Atribune.org; ATF Cleaner> 2008-05-05 18:48:49 0 d-------- C:\Program Files\backups 2008-05-01 12:20:14 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_368.dat 2008-05-01 12:19:54 316071 --ahs---- C:\WINNT\system32\wFikTvut.ini2 2008-04-30 20:59:42 102400 --a------ C:\WINNT\xbaqktfv.exe 2008-04-30 20:59:42 241664 --a------ C:\WINNT\qadovnel.dll 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\winlogonpc.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\taack.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\taack.dat 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\ssurf022.dll 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\sncntr.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\psoft1.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\psof1.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\ps1.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\netode.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\mwin32.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\msnbho.dll 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\medup012.dll 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hxiwlgpm.exe 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hxiwlgpm.dat 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hoproxy.dll 2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\bsva-egihsg52.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\vcatchpi.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\thun32.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\thun.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\temp#01.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\ssvchost.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\ssvchost.com 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\Rundl1.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\regm64.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\regc64.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\newsd32.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\mtr2.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\msvchost.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\msgp.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\emesx.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\dpcproxy.exe 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\anticipator.dll 2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\akttzn.exe 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\WINWGPX.EXE 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\winsystem.exe 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\vbsys2.dll 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\sysreq.exe 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\mssecu.exe 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\bdn.com 2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\awtoolb.dll 2008-04-30 20:58:08 0 d-------- C:\Documents and Settings\All Users\Application Data\rcdkbyhg 2008-04-26 21:24:05 0 d-------- C:\Program Files\ZoneAlarmSB 2008-04-26 21:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2008-04-26 21:19:53 4212 ---h----- C:\WINNT\system32\zllictbl.dat 2008-04-26 21:18:12 0 d-------- C:\WINNT\system32\ZoneLabs 2008-04-26 20:47:20 0 d-a------ C:\WINNT\Internet Logs 2008-04-17 20:49:09 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-04-17 20:48:50 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-04-17 20:48:50 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com 2008-04-15 08:39:45 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_24c.dat 2008-04-14 23:14:11 0 d-------- C:\Program Files\Alwil Software 2008-04-14 23:05:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-14 23:04:37 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard -- Find3M Report --------------------------------------------------------------- 2008-05-11 00:10:38 0 d-a------ C:\Program Files\Common Files 2008-05-09 13:57:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\WeatherBug 2008-05-05 15:33:57 0 d-------- C:\Program Files\Trend Micro 2008-04-28 08:13:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe 2008-04-18 22:29:19 0 d-------- C:\Program Files\fsupport -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}] 04/26/08 09:24p 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [04/26/08 09:24p 262144] [-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe" [06/19/03 12:05p C:\WINNT\system32\mobsync.exe] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/24/05 02:13p] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/04 04:49p] "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [04/26/02 12:53p] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/08 12:37p] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/08 04:28a] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [01/06/06 10:57a] "License Manager"="C:\Program Files\License_Manager\license_manager.exe" [] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/27/07 04:19p] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 8:28:24 PM] HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 8:50:52 PM] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/06 12:55p 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/07 12:41p 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINNT\system32\tuvTkiFw [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime "projselector"="C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe" -r "RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" "RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" -- End of Deckard's System Scanner: finished at 2008-05-11 09:53:30 ------------ |
 |
 
|
Posts in this topic
Msvasquez62 Infected With Zango, Websearch And I'm Not Sure What Else May 11 2008, 10:09 AM
Msvasquez62 Merged topics. Title was: Infected With Zlob.down... May 12 2008, 07:08 AM pskelley Welcome to Bleeping Computer, please be sure you h... May 20 2008, 07:08 PM
pskelley There has been no response to this topic in a week... May 27 2008, 05:31 PM  |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 24th November 2009 - 04:22 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.