We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Hijack this, please
Comments
-
Part 6
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-21 01:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERS\S-1-5-21-970466924-1080031110-2498218558-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,69,ac,eb,52,61,05,4f,ad,e1,73,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,69,ac,eb,52,61,05,4f,ad,e1,73,\
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(304)
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\windows\SbHpNp.DLL
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
- - - - - - - > 'lsass.exe'(440)
c:\windows\SbHpNp.dll
- - - - - - - > 'explorer.exe'(3080)
c:\windows\system32\WININET.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Other Running Processes
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\msdtc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\mqsvc.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
.
**************************************************************************
.
Completion time: 2010-03-21 01:47:52 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-21 01:47
Pre-Run: 44,271,366,144 bytes free
Post-Run: 44,236,357,632 bytes free
- - End Of File - - AF328709716189BEA8DAFB21F1B281960 -
I dont see anything in the log at first glance
My suggestion is to uninstall AVG and see how it is then:idea:0 -
Just to update - laptop is running nicely now, with regular Glary clean ups!
Cheers
Lesley0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350K Banking & Borrowing
- 252.7K Reduce Debt & Boost Income
- 453.1K Spending & Discounts
- 243K Work, Benefits & Business
- 619.9K Mortgages, Homes & Bills
- 176.5K Life & Family
- 255.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards