O23 - Service: CAISafe - Computer Associates International, Inc.
C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bonjour Service - Apple Computer, Inc. O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: sys32 - sys32.dll (file missing) O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\hamewina.dll c:\windows\system32\bozagudu.dll c:\windows\system32\riwakabe.dll R3 - URLSearchHook: Yahoo! Toolbar - (Virtools WebPlayer Class). R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
Any help you could give me would be wonderful.Ĭ:\Program Files\HP DigitalMedia Archive\DMAScheduler.exeĬ:\Program Files\HP\HP Software Update\HPwuSchd2.exeĬ:\Program Files\BroadJump\Client Foundation\CFD.exeĬ:\Program Files\Yahoo!\Antivirus\CAVTray.exeĬ:\Program Files\Yahoo!\Antivirus\CAVRID.exeĬ:\Program Files\Java\jre1.6.0_01\bin\jusched.exeĬ:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\winlogun.exeĬ:\Program Files\Internet Explorer\IEXPLORE.EXEĬ:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exeĬ:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exeĬ:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exeĬ:\Program Files\Bonjour\mDNSResponder.exeĬ:\Program Files\Yahoo!\Antivirus\ISafe.exeĬ:\Program Files\Common Files\LightScribe\LSSrvc.exeĬ:\Program Files\Yahoo!\Antivirus\VetMsg.exeĬ:\Program Files\iPod\bin\iPodService.exeĬ:\Documents and Settings\HP_Administrator\Desktop\HijackThis.exe
Protect your PC from this threats (sic) by downloading antivirus software.
Impact of Vulnerability: Remote Code Execution/ Virus Infection/ Unexpected shutdowns.
A window pops up and says "Microsoft Windows Alert! However, one of the Virus 2009 infections still seems to be on there. I read through other threads on this forum, downloaded SuperAntiSpyware and nuked most of it (There was quite a bit. C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.I am helping a friend out who had numerous bad infection on her machine. C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 MPolicies-system: EnableUIADesktopToggle = 0 (0x0) MPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) MPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) MRun: "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MRun: "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MRun: "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MRun: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MRun: "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\" -launchedbylogin MRun: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MRun: "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 MRun: "C:\Program Files (x86)\AVG Secure Search\vprot.exe" MRun: "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MRun: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run MRun: C:\Program Files (x86)\AVG\AVG10\avgtray.exe MRun: "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MRun: "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime URunOnce: C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10zb_Plugin.exe -update plugin URun: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
ĪV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll Hopefully there is nothing wrong, but my computer has not been running as it should. I have also run superantispyware which has come up clean as well. Yesterday I ran malwarbytes and it find something and deleted it, but I don't remember what it located. Processes terminated by Rkill or while it was running: I downloaded TDSKILLER to see if it detected anything, which it didn't, and rkill also included that in the log: I ran rkill to see if there were any things running that shouldn't be, and I was prompted with an unknown process running: I've noticed my web browser has been running a bit slowly today, and seen an addition in the amount of processes running, so I thought something was a bit fishy.