📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

JohnDoes777's spyware problem

Options
Browntoa
Browntoa Posts: 49,604 Forumite
Part of the Furniture 10,000 Posts Name Dropper Photogenic
in Techie Stuff
Hi, have the exact same problem with random pop-ups (textdoor.com/?3 etc.). I have already tried antivirus scan, ccleaner, ad-aware, a-squared, spybot s&d, superspwareremover.
My log from HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:27, on 2008-08-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20733)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\OEM02Mon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\STacSV.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Referensinformation - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: !!1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 5.0 (SP2)) - [URL]file:///C:/Program%20Files/The%20Tournament%20Director/comdlg32.cab[/URL]
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


Any ideas?
Ex forum ambassador

Long term forum member
«1

Comments

  • Browntoa
    Browntoa Posts: 49,604 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    this is a copy of Johns post from an existing thread, started him a new thread so it's less confusing
    Ex forum ambassador

    Long term forum member
  • Browntoa
    Browntoa Posts: 49,604 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    fix these

    O16 - DPF: !!1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab

    O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 5.0 (SP2)) - [URL="file:///C:/Program%20Files/The%20Tou...r/comdlg32.cab"]file:///C:/Program%20Files/The%20Tou...r/comdlg32.cab[/URL]

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    Ex forum ambassador

    Long term forum member
  • Browntoa
    Browntoa Posts: 49,604 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    then

    Please download Malwarebytes Anti-Malware and save it to your desktop.
    alternate download link 1
    alternate download link 2
    • Make sure you are connected to the Internet.
    • Double-click on Download_mbam-setup.exe to install the application.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • When installation has finished, make sure you leave both of these checked:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
    • On the Scanner tab:
      • Make sure the "Perform Quick Acan" option is selected.
      • Then click on the Scan button.
    • The next screen will ask you to select the drives to scan. Leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply and exit MBAM.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
    Ex forum ambassador

    Long term forum member
  • JohnDoe777
    JohnDoe777 Posts: 5 Forumite
    Okey, thank you for the fast reply!

    I fixed the three lines you recommended, however
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    keeps coming back eventhough I tried many times and rebooted in between..
    Ran the full scan with Malwarebytes scanner and it didnt find anything..
    Haven't gotten any more popups yet, but I will let you know how it turns out!
  • Browntoa
    Browntoa Posts: 49,604 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    if malwarebytes did not find anything then i would say you are ok
    Ex forum ambassador

    Long term forum member
  • JohnDoe777
    JohnDoe777 Posts: 5 Forumite
    Crap, they are still there! :(

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:19:58, on 2008-08-10
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20733)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\WINDOWS\stsystra.exe
    C:\WINDOWS\OEM02Mon.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Referensinformation - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    --
    End of file - 7112 bytes
  • Pelican_eats_pigeon
    Pelican_eats_pigeon Posts: 783 Forumite
    The Andrea ST stuff is related to SigmaTel soundcard and is fine.
  • Browntoa
    Browntoa Posts: 49,604 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    I'm assuming your Nortons Subscription is up to date ??
    Ex forum ambassador

    Long term forum member
  • Reluctant_spender
    Reluctant_spender Posts: 2,785 Forumite
    Part of the Furniture Combo Breaker
    Need to look a little deeper;
    Please download Deckard's System Scanner (DSS) and save to your Desktop.
    alternate download site

    DSS will do the following:
    • Create a new System Restore point in Windows XP and Vista.
    • Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.
    • Check some important areas of your system and produce a report for an analyst to review.
    • Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.
    You must be logged onto an account with administrator privileges when using.
    • Close all applications and windows.
    • Double-click on dss.exe to run it and follow the prompts.
    • If your anti-virus or firewall complains, please allow this script to run as it is not
      malicious.
    • When the scan is complete, two text files will open in Notepad:
      • main.txt <- this one will be maximized
      • extra.txt <- this one will be minimized
    • If not, they both can be found in the C:\Deckard\System Scanner folder.
    • Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.
    -- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do so.
    -- If you get a warning from your anti-virus while DSS is scanning, please allow DSS to continue as the scan is not harmful.
  • JohnDoe777
    JohnDoe777 Posts: 5 Forumite
    Deckard's System Scanner v20071014.68
    Run by Johan on 2008-08-10 22:06:44
    Computer is in Normal Mode.
    -- System Restore
    Successfully created a Deckard's System Scanner Restore Point.

    -- Last 5 Restore Point(s) --
    5: 2008-08-10 20:06:47 UTC - RP5 - Deckard's System Scanner Restore Point
    4: 2008-08-09 18:16:19 UTC - RP4 - System Checkpoint
    3: 2008-08-07 21:02:20 UTC - RP3 - System Checkpoint
    2: 2008-08-06 20:09:08 UTC - RP2 - System Checkpoint
    1: 2008-08-05 18:26:54 UTC - RP1 - System Checkpoint

    Backed up registry hives.
    Performed disk cleanup.

    -- HijackThis (run as Johan.exe)
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:07:15, on 2008-08-10
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20733)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\WINDOWS\stsystra.exe
    C:\WINDOWS\OEM02Mon.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\XFE9U88P\dss[1].exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\Johan.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Referensinformation - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    --
    End of file - 7240 bytes
    -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\)
    backup-20080810-115002-105 O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    backup-20080810-115002-477 O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 5.0 (SP2)) - [URL]file:///C:/Program%20Files/The%20Tournament%20Director/comdlg32.cab[/URL]
    backup-20080810-115002-997 O16 - DPF: !!1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
    backup-20080810-115025-137 O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    backup-20080810-115115-433 O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    backup-20080810-122356-721 O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\WINDOWS\system32\aestsrv.exe (file missing)
    -- File Associations
    All associations okay.

    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled
    R2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.0.1.2609>
    R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
    S3 btwhid - c:\windows\system32\drivers\btwhid.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.0.1.2609>
    S3 btwmodem (Bluetooth-modem) - c:\windows\system32\drivers\btwmodem.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.0.1.2609>

    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled
    R2 STacSV (SigmaTel Audio Service) - c:\windows\system32\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
    S2 AESTFilters (Andrea ST Filters Service) - c:\windows\system32\aestsrv.exe (file missing)
    S2 RPCH (Remote Procedure Call (HPM)) - c:\program files\netmeeting\intell.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    S2 RPCHK (Remote Procedure Calld (RPCK)) - c:\program files\common files\system\netsh.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

    -- Device Manager: Disabled
    No disabled devices found.

    -- Files created between 2008-07-10 and 2008-08-10
    2008-08-10 11:56:04 0 dr-h
    C:\Documents and Settings\Johan\Recent
    2008-08-10 11:48:53 0 d
    C:\Documents and Settings\Johan\Application Data\Malwarebytes
    2008-08-10 11:48:50 0 d
    C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-10 11:48:50 0 d
    C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-08-09 19:30:36 0 d
    C:\Program Files\Trend Micro
    2008-08-05 20:26:38 0 d
    C:\Program Files\Java
    2008-08-05 20:26:36 0 d
    C:\Program Files\Common Files\Java
    2008-08-05 19:30:26 0 d
    C:\WINDOWS\pss
    2008-08-01 12:22:43 0 d
    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-08-01 12:22:41 0 d
    C:\Program Files\SUPERAntiSpyware
    2008-08-01 12:22:41 0 d
    C:\Documents and Settings\Johan\Application Data\SUPERAntiSpyware.com
    2008-08-01 00:19:18 0 d
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-01 00:15:12 0 d
    C:\Program Files\a-squared Free
    2008-07-30 22:41:06 14080 ---hs---- C:\WINDOWS\system32\mssjfilejf.dll
    2008-07-30 22:41:04 20192 ---hs---- C:\WINDOWS\system32\vcrxfileju.dll
    2008-07-21 20:57:32 967 --a
    C:\WINDOWS\ScUnin.pif
    2008-07-21 20:57:32 32558 --a
    C:\WINDOWS\scunin.dat
    2008-07-21 20:57:31 94208 --a
    C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>

    -- Find3M Report
    2008-08-10 21:01:13 0 d
    C:\Program Files\Symantec AntiVirus
    2008-08-10 17:54:32 146451 --a
    C:\WINDOWS\system32\nvModes.dat
    2008-08-06 22:21:05 0 d
    C:\Program Files\Steam
    2008-08-06 00:15:32 0 d
    C:\Documents and Settings\Johan\Application Data\uTorrent
    2008-08-05 20:26:36 0 d
    C:\Program Files\Common Files
    2008-08-05 19:30:03 0 d
    C:\Program Files\CCleaner
    2008-08-02 08:11:13 0 d
    C:\Program Files\QuickTime Alternative
    2008-08-01 15:33:13 0 d
    C:\Program Files\Common Files\Wise Installation Wizard
    2008-07-30 22:51:00 0 ---hs---- C:\Program Files\desktoq.ini
    2008-07-21 18:32:06 0 d--h
    C:\Program Files\InstallShield Installation Information
    2008-07-20 23:09:26 0 d
    C:\Documents and Settings\Johan\Application Data\Audacity
    2008-07-12 18:21:07 0 d
    C:\Documents and Settings\Johan\Application Data\Adobe
    2008-07-06 17:20:27 0 d
    C:\Program Files\SigmaTel
    2008-07-01 00:36:13 0 d
    C:\Program Files\Ahead
    2008-07-01 00:36:09 0 d
    C:\Program Files\Common Files\Ahead
    2008-07-01 00:34:21 0 d
    C:\Program Files\Common Files\Nero
    2008-06-30 23:57:46 0 d
    C:\Documents and Settings\Johan\Application Data\Nero
    2008-06-30 17:01:32 0 d
    C:\Documents and Settings\Johan\Application Data\ImgBurn
    2008-06-30 16:58:42 0 d
    C:\Program Files\ImgBurn
    2008-06-29 02:55:17 0 d
    C:\Documents and Settings\Johan\Application Data\dvdcss
    2008-06-23 01:50:38 0 d
    C:\Documents and Settings\Johan\Application Data\Vso
    2008-06-21 14:41:05 0 d
    C:\Program Files\World of Warcraft
    2008-06-19 15:35:25 0 d
    C:\Program Files\Activision
    2008-06-16 00:57:21 0 d
    C:\Program Files\MSBuild
    2008-06-16 00:57:16 0 d
    C:\Program Files\Reference Assemblies
    2008-06-16 00:55:42 0 d
    C:\Program Files\MSXML 6.0
    2008-06-12 17:52:26 0 d
    C:\Documents and Settings\Johan\Application Data\MyPhoneExplorer
    2008-06-11 23:00:48 0 d
    C:\Program Files\Audacity 1.3 Beta (Unicode)
    2008-06-05 14:47:37 34 --a
    C:\Documents and Settings\Johan\Application Data\pcouffin.log
    2008-06-05 14:47:33 47360 --a
    C:\Documents and Settings\Johan\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
    2008-06-05 14:47:33 1144 --a
    C:\Documents and Settings\Johan\Application Data\pcouffin.inf
    2008-06-05 14:47:33 7887 --a
    C:\Documents and Settings\Johan\Application Data\pcouffin.cat
    2008-05-31 18:10:18 62 --ahs---- C:\Documents and Settings\Johan\Application Data\desktop.ini
    2008-05-31 16:20:52 0 -rahs---- C:\MSDOS.SYS
    2008-05-31 16:20:52 0 -rahs---- C:\IO.SYS
    2008-05-31 16:20:52 0 --a
    C:\CONFIG.SYS
    2008-05-31 16:20:52 0 --a
    C:\AUTOEXEC.BAT
    2008-05-31 16:17:38 21640 --a
    C:\WINDOWS\system32\emptyregdb.dat
    2008-05-31 15:19:56 1580544 --a
    C:\WINDOWS\system32\sfcfiles.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

    -- Registry Dump
    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2007-10-07 20:48]
    "SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 14:26 C:\WINDOWS\stsystra.exe]
    "OEM02Mon.exe"="C:\WINDOWS\OEM02Mon.exe" [2007-05-10 01:01]
    "nwiz"="nwiz.exe" [2008-02-22 05:46 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-02-22 05:46]
    "NVHotkey"="nvHotkey.dll" [2008-02-22 05:46 C:\WINDOWS\system32\nvhotkey.dll]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-02-22 05:46]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 C:\WINDOWS\KHALMNPR.Exe]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-05-29 16:33]
    "Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2007-10-09 19:17]
    "Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-07-02 13:29]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27]
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-05-24 18:28:28]
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-05-31 19:59:39]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "!!00748128-D7A2-456A-AE04-EB9ABF822FE4}"= C:\WINDOWS\TEMP\Down(0)ow.dll [ ]
    "!!00B80C4A-E883-4899-BD2E-1B6F926757E7}"= C:\DOCUME~1\Johan\LOCALS~1\Temp\buindexs.dll [ ]
    "{E8606370-4F7A-4C2F-A39C-EDCDCC177924}"= C:\WINDOWS\system32\vcrxfileju.dll [2008-08-08 13:33 20192]
    "!!009DCBFF-40D7-462A-B449-302C887C148F}"= C:\WINDOWS\system32\mssjfilejf.dll [2008-07-30 22:41 14080]
    "{C51C4AFB-2A3A-6C2E-BA41-C10F02760731}"= C:\DOCUME~1\Johan\LOCALS~1\Temp\xptahsylgfile.dll [ ]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll 2008-05-02 02:42 72208 c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""


    -- End of Deckard's System Scanner: finished at 2008-08-10 22:07:44
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351.1K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244.1K Work, Benefits & Business
  • 599K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture