Jump to content

M Pettit

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello again, and thanks for the speedy reply - very appreciated! My computer's running at its usual speed, and Security Center is enabled and staying on (even after a reboot). So, that's a good sign. Also, the start-up programs I mentioned before are starting and running as usual. (You're right they're quite unnecessary; I mentioned them in case their failure to start was indicative of a problem, but that seems to not be the case.) I'm unable to start Windows Defender, as before. However, whereas it originally gave the generic "Windows Defender is unable to start" message box, it now says "The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. (Error Code: 0x80070422)". I then attempted to start it through the Services manager, first enabling it then clicking "Start," and it gave the message "The Windows Defender service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs." As for Security Essentials, I haven't yet re-downloaded and re-installed it. Before I do: Would you suggest I continue to use MSE, or should I switch to, e.g., Eset's Nod32 software? I've heard it's good, but am unsure if it's better than MSE. Regards, Matthew
  2. Hi, and thanks for the response, My computer is currently running very slowly, despite having very few running processes. This is new, as it was running with no noticeable problems before the ComboFix reboot, apart from the software issues mentioned in my first post. Also, none of my usual "start up" software initiated following the ComboFix reboot; BOINC, uTorrent, Logitech apps, etc. Again, this is new. Here's my log: ComboFix 11-01-08.05 - Matthew 01/09/2011 12:46:39.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3327.2396 [GMT -5:00] Running from: c:\users\Matthew\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\-1608165053 C:\install.exe C:\jsykm.exe C:\jvbfrms.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll C:\ydbkaxo.exe . ((((((((((((((((((((((((( Files Created from 2010-12-09 to 2011-01-09 ))))))))))))))))))))))))))))))) . 2011-01-08 15:47 . 2011-01-08 15:47 388096 ----a-r- c:\users\Matthew\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-08 15:47 . 2011-01-08 15:47 -------- d-----w- c:\program files\Trend Micro 2011-01-08 00:09 . 2011-01-08 00:09 -------- d-----w- c:\users\Matthew\AppData\Roaming\Malwarebytes 2011-01-08 00:08 . 2011-01-08 00:08 -------- d-----w- c:\programdata\Malwarebytes 2011-01-07 22:59 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll 2011-01-07 22:59 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll 2011-01-07 22:59 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll 2011-01-07 22:59 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll 2011-01-07 22:59 . 2010-10-16 18:55 319080 ----a-w- c:\windows\system32\nvdecodemft.dll 2011-01-07 22:59 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll 2011-01-07 22:59 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-01-07 22:59 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll 2011-01-07 22:59 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll 2011-01-07 22:59 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-01-07 22:59 . 2011-01-07 22:59 -------- d-----w- C:\NVIDIA 2011-01-07 22:50 . 2011-01-07 22:50 -------- d-----w- c:\users\Matthew\AppData\Local\Windows Live 2011-01-07 22:50 . 2011-01-07 22:50 -------- d-----w- c:\program files\Common Files\Windows Live 2011-01-07 22:50 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2011-01-07 22:50 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-01-07 22:50 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll 2011-01-07 21:12 . 2011-01-07 21:12 102400 ----a-w- c:\windows\RegBootClean.exe 2011-01-07 21:03 . 2010-09-06 09:26 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-01-07 02:12 . 2011-01-07 02:12 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2011-01-07 02:12 . 2011-01-07 03:29 -------- d-----w- c:\programdata\Rosetta Stone 2011-01-07 02:12 . 2011-01-07 02:12 -------- d-----w- c:\program files\Rosetta Stone 2011-01-07 02:12 . 2011-01-07 02:12 70144 --sha-r- c:\windows\system32\KBDICY.dll 2011-01-06 23:12 . 2011-01-06 23:12 -------- d-----w- c:\program files\PowerISO 2011-01-05 08:00 . 2011-01-05 08:00 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2011-01-04 18:10 . 2011-01-04 18:10 -------- d-----w- c:\users\Matthew\AppData\Roaming\Leadertech 2011-01-04 18:10 . 2011-01-08 00:02 -------- d-----w- c:\programdata\LogiShrd 2011-01-04 18:08 . 2011-01-04 18:10 -------- d-----w- c:\program files\Common Files\logishrd 2010-12-20 16:42 . 2010-12-20 16:42 -------- d-----w- c:\program files\iPod 2010-12-20 16:42 . 2010-12-20 16:42 -------- d-----w- c:\program files\iTunes 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2010-12-20 16:41 . 2010-12-20 16:41 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2010-12-20 16:40 . 2010-12-20 16:41 -------- d-----w- c:\program files\QuickTime 2010-12-10 22:49 . 2010-12-20 00:23 -------- d-----w- c:\programdata\VirtualizedApplications 2010-12-10 20:39 . 2010-12-10 20:39 -------- d-----w- c:\users\Matthew\AppData\Local\SoftGrid Client 2010-12-10 20:39 . 2011-01-08 15:27 -------- d-----w- c:\users\Matthew\AppData\Roaming\SoftGrid Client 2010-12-10 20:37 . 2010-12-12 05:19 -------- d-----w- c:\program files\Microsoft Application Virtualization Client 2010-12-10 20:37 . 2010-12-10 20:37 -------- d-----w- c:\windows\PCHEALTH 2010-12-10 20:36 . 2010-12-10 20:39 -------- d-----w- c:\users\Matthew\AppData\Roaming\TP 2010-12-10 19:47 . 2010-12-10 19:55 -------- d-----w- c:\users\Matthew\AppData\Roaming\Canon 2010-12-10 19:38 . 2010-12-10 19:46 -------- d-----w- c:\program files\Canon . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-29 22:38 . 2010-11-29 22:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 22:38 . 2010-11-29 22:38 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-24 13:33 . 2010-11-09 23:46 184320 ----a-w- c:\windows\system32\UnsConv.dll 2010-11-19 23:18 . 2010-11-19 23:18 517535 ----a-w- c:\windows\system32\MetrePlus.dll 2010-11-10 22:12 . 2010-11-10 22:12 380928 ----a-w- c:\windows\system32\GlebeU.dll 2010-11-09 23:52 . 2010-11-09 23:52 438272 ----a-w- c:\windows\system32\SBox.ocx 2010-10-26 06:14 . 2010-10-26 06:14 53248 ----a-r- c:\users\Matthew\AppData\Roaming\Microsoft\Installer\{23C12370-3A82-4558-B727-F345B473AD87}\ARPPRODUCTICON.exe 2010-10-20 21:24 . 2010-11-24 13:31 106496 ----a-w- c:\windows\system32\TextConvertor.dll 2010-10-19 20:51 . 2010-10-23 22:27 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-18 13:41 . 2010-10-23 22:27 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{80491235-3666-4919-B3CB-3C3164317AF5}\mpengine.dll 2010-10-16 18:55 . 2011-01-07 22:59 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2010-10-16 18:55 . 2010-07-10 10:37 1719912 ----a-w- c:\windows\system32\nvapi.dll 2010-10-16 18:55 . 2009-07-13 22:09 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll 2010-10-16 18:55 . 2009-06-10 21:19 10023528 ----a-w- c:\windows\system32\nvd3dum.dll 2010-10-16 17:42 . 2010-10-16 17:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe 2010-10-16 17:42 . 2010-10-16 17:42 110696 ----a-w- c:\windows\system32\nvmctray.dll 2010-10-16 17:42 . 2010-10-16 17:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll 2010-10-16 17:42 . 2010-10-16 17:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SNLClient"="c:\program files\Deluxe Digital Studios\SNL Client\SNLClient.exe" [2010-10-01 325064] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-14 395640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "D-Link D-Link Wireless 150 USB Adapter DWA-125"="c:\program files\D-Link\DWA-125 revA\AirGCFG.exe" [2009-04-22 1683456] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 101136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] c:\users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992] OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE [2010-2-28 3207072] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-10-26 688128] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKLM\~\startupfolder\C:^Users^Matthew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] path=c:\users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service] 2007-01-19 15:49 49152 ----a-w- c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-12-13 22:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 netr28u;D-Link USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-17 722944] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-24 1343400] S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwf.sys [2009-03-06 12800] S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [2009-02-26 147456] S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304] S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768] . Contents of the 'Scheduled Tasks' folder 2011-01-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953818763-4026089624-272341136-1000Core.job - c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-25 22:03] 2011-01-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953818763-4026089624-272341136-1000UA.job - c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-25 22:03] . . ------- Supplementary Scan ------- . uStart Page = hxxp://snl.bydeluxe.com/ uInternet Settings,ProxyOverride = *.local Trusted Zone: bydeluxe.com\snl Trusted Zone: dgmusa.com\iweb . . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(7936) c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\NvXDSync.exe c:\windows\system32\nvvsvc.exe c:\program files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\rundll32.exe c:\windows\system32\UI0Detect.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe . ************************************************************************** . Completion time: 2011-01-09 13:02:14 - machine was rebooted ComboFix-quarantined-files.txt 2011-01-09 18:02 Pre-Run: 201,742,217,216 bytes free Post-Run: 204,697,751,552 bytes free - - End Of File - - E5D31B7CC47754956856CB8FCB6B4FDF
  3. Hello, I can't pinpoint when exactly I might have gotten a virus, but all of a sudden: 1. Windows Security Center is disabled. a) A simple attempt to turn it on gives the generic "can't be started" message box. b) I can enable and start it through Services.msc, but it becomes disabled again within 30 seconds. 2. Windows Defender won't start. 3. Security Essentials won't stay open for more than a moment. a) It worked in safe mode, but found nothing. b) I've since uninstalled it. Eset online scan found nothing; HouseCall online scan found a couple virus threats and fixed them without problem, but the issues above are still present. (Unfortunately, I ran this scan at the very start of my troubles and, believing the viruses to have been removed, didn't record their names or details.) Jemmo92 had the same problems, and was given useful instructions here: http://forums.malwarebytes.org/index.php?s...=71178&st=0 I imagine we have the same issue, but his solution was tailor-made for his system, so I hesitate to follow it. My HiJackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:57:17 AM, on 1/8/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Deluxe Digital Studios\SNL Client\SNLClient.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe Q:\140061.enu\Office14\ONENOTEM.EXE C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Matthew\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://snl.bydeluxe.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [D-Link D-Link Wireless 150 USB Adapter DWA-125] C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKCU\..\Run: [sNLClient] C:\Program Files\Deluxe Digital Studios\SNL Client\SNLClient.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - Startup: Dropbox.lnk = Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE O4 - Global Startup: Logitech SetPoint.lnk = ? O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O15 - Trusted Zone: http://snl.bydeluxe.com O15 - Trusted Zone: http://iweb.dgmusa.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\Windows\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe Note that it gave me the message "For some reason your system denied write access to the Hosts file." Thank you in advance, and happy new year, Matthew
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.