O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P.
#Remove malware mac search spinstall software
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bonjour Service - Apple Inc. O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Apple Mobile Device - Apple Inc. C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - (Performance Viewer Activex Control).
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
#Remove malware mac search spinstall windows
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = I have backup of system registry and HJT log (attached).Ĭ:\Program Files\Alwil Software\Avast4\aswUpdSv.exeĬ:\Program Files\Alwil Software\Avast4\ashServ.exeĬ:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeĬ:\Program Files\Bonjour\mDNSResponder.exeĬ:\Program Files\Common Files\LightScribe\LSSrvc.exeĬ:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeĬ:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeĬ:\Program Files\Alwil Software\Avast4\ashMaiSv.exeĬ:\Program Files\Alwil Software\Avast4\ashWebSv.exeĬ:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeĬ:\Program Files\Hp\HP Software Update\HPWuSchd2.exeĬ:\Program Files\Common Files\InstallShield\UpdateService\issch.exeĬ:\Program Files\Java\jre6\bin\jusched.exeĬ:\Program Files\Spybot - Search & Destroy\TeaTimer.exeĬ:\Program Files\iPod\bin\iPodService.exeĬ:\Program Files\Mozilla Firefox\firefox.exeĬ:\Program Files\Trend Micro\HijackThis\HijackThis.exe I believe I am infected with precisead malware.