Free Web Developer Tools
Advanced Search

Thread: Computer Infection! Here are my logs: Please help!

    May 30th, 2010, 02:44 AM
    #1
  1. No Profile Picture
    cwsmith92
    Registered User
    Devshed Newbie (0 - 499 posts)
    Join Date
    May 2010
    Posts
    7
    Rep Power
    0

    Computer Infection! Here are my logs: Please help!

    Thank you so much! The BitDefender online scanner didn't work for me for some reason. It didn't get all the virus signatures or something like that. Hopefully this is enough for you to diagnose whatever is wrong with my computer. It's just running crazy slow. It all started when I downloaded an extension for Google Chrome that was supposed to manage my MegaUpload downloads. Then when i tried to download something from Megaupload my PC just flipped out and I got tons of pop-ups and Doctor Malware or something similar kept popping up. These tests and scans have managed to calm my computer down but it is still running very slow and boot up is like a snail race. I'm running Windows XP btw. Malwarebytes came up with nothing. 0 viruses detected.

    SUPERAntiSpyware Scan Log
    (URL address blocked: See forum rules)

    Generated 05/29/2010 at 10:48 PM

    Application Version : 4.38.1004

    Core Rules Database Version : 5007
    Trace Rules Database Version: 2819

    Scan type : Complete Scan
    Total Scan Time : 00:38:49

    Memory items scanned : 558
    Memory threats detected : 0
    Registry items scanned : 7548
    Registry threats detected : 198
    File items scanned : 31770
    File threats detected : 104

    Trojan.Agent/Gen-FakeFraud[Disap]
    [gotnewupdate000.exe] C:\DOCUMENTS AND SETTINGS\CONNOR\APPLICATION DATA\4A8279FB41B1A78A62AC88AEBBDCB3AC\GOTNEWUPDATE000.EXE
    C:\DOCUMENTS AND SETTINGS\CONNOR\APPLICATION DATA\4A8279FB41B1A78A62AC88AEBBDCB3AC\GOTNEWUPDATE000.EXE
    C:\WINDOWS\Prefetch\GOTNEWUPDATE000.EXE-2E55F7E0.pf

    Trojan.Agent/Gen
    HKLM\Software\Classes\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}#AppID
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}\InprocServer32
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}\InprocServer32#ThreadingModel
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}\ProgID
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}\Programmable
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}\TypeLib
    HKCR\CLSID\{37C921E7-424F-4D3C-9900-D2A946BE02D5}\VersionIndependentProgID
    HKCR\adgj.agHlp.1
    HKCR\adgj.agHlp.1\CLSID
    HKCR\adgj.agHlp
    HKCR\adgj.agHlp\CLSID
    HKCR\adgj.agHlp\CurVer
    HKCR\TypeLib\{7B6A2552-E65B-4A9E-ADD4-C45577FFD8FD}
    C:\WINDOWS\SYSTEM32\VONFRCOF.DLL
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37C921E7-424F-4D3C-9900-D2A946BE02D5}
    HKU\S-1-5-21-1320625360-2160593984-4227932304-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37C921E7-424F-4D3C-9900-D2A946BE02D5}

    Adware.Tracking Cookie
    C:\Documents and Settings\Connor\Cookies\system@imrworldwide[2].txt
    C:\Documents and Settings\Connor\Cookies\system@ad.yieldmanager[2].txt
    C:\Documents and Settings\Connor\Cookies\system@atdmt[1].txt
    C:\Documents and Settings\Connor\Cookies\system@invitemedia[1].txt
    C:\Documents and Settings\Connor\Cookies\system@serving-sys[1].txt
    C:\Documents and Settings\Connor\Cookies\system@ads.pubmatic[2].txt
    C:\Documents and Settings\Connor\Cookies\system@doubleclick[1].txt
    C:\Documents and Settings\Connor\Cookies\system@click.fastpartner[1].txt
    C:\Documents and Settings\Connor\Cookies\system@ads.undertone[2].txt
    C:\Documents and Settings\Connor\Cookies\system@trafficmp[1].txt
    C:\Documents and Settings\Connor\Cookies\system@clickthrough.kanoodle[1].txt
    C:\Documents and Settings\Connor\Cookies\system@hitbox[2].txt
    C:\Documents and Settings\Connor\Cookies\system@insightexpressai[1].txt
    C:\Documents and Settings\Connor\Cookies\system@adbrite[2].txt
    C:\Documents and Settings\Connor\Cookies\system@adecn[1].txt
    C:\Documents and Settings\Connor\Cookies\system@advertise[2].txt
    C:\Documents and Settings\Connor\Cookies\system@bs.serving-sys[1].txt
    C:\Documents and Settings\Connor\Cookies\system@bizzclick[1].txt
    C:\Documents and Settings\Connor\Cookies\system@oasn04.247realmedia[1].txt
    C:\Documents and Settings\Connor\Cookies\system@adserver.adtechus[1].txt
    C:\Documents and Settings\Connor\Cookies\system@questionmarket[2].txt
    C:\Documents and Settings\Connor\Cookies\system@tribalfusion[1].txt
    C:\Documents and Settings\Connor\Cookies\system@247realmedia[1].txt
    C:\Documents and Settings\Connor\Cookies\system@ehg-players.hitbox[1].txt
    C:\Documents and Settings\Connor\Cookies\system@advertising[2].txt
    C:\Documents and Settings\Connor\Cookies\system@content.yieldmanager[1].txt
    C:\Documents and Settings\Connor\Cookies\system@cdn1.trafficmp[2].txt
    C:\Documents and Settings\Jeff\Cookies\jeff@ad.wsod[2].txt
    C:\Documents and Settings\Jeff\Cookies\jeff@atdmt[2].txt
    C:\Documents and Settings\Jeff\Cookies\jeff@doubleclick[1].txt
    C:\Documents and Settings\Jeff\Cookies\jeff@msnportal.112.2o7[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@doubleclick[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@atdmt[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@adtech[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@advertise[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@burstbeacon[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@adbrite[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@invitemedia[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@burstnet[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@media6degrees[2].txt
    C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[2].txt
    C:\Documents and Settings\LocalService\Cookies\system@realmedia[2].txt
    C:\Documents and Settings\LocalService\Cookies\system@content.yieldmanager[2].txt
    C:\Documents and Settings\LocalService\Cookies\system@content.yieldmanager[3].txt
    C:\Documents and Settings\LocalService\Cookies\system@zedo[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@www.burstbeacon[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@www.burstnet[1].txt
    C:\Documents and Settings\LocalService\Cookies\system@revsci[2].txt
    C:\Documents and Settings\LocalService\Cookies\system@network.realmedia[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@imrworldwide[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@casalemedia[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@2o7[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@fastclick[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@tracking.dsmmadvantage[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@serving-sys[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@realmedia[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@specificclick[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@www.googleadservices[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@www.googleadservices[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@specificmedia[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@mediaplex[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@ads.undertone[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@247realmedia[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@interclick[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@pointroll[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@adecn[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@atdmt[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@statcounter[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@112.2o7[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@bs.serving-sys[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@oasn04.247realmedia[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@network.realmedia[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@tribalfusion[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@yieldmanager[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@media6degrees[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@insightexpressai[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@revsci[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@chitika[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@ad.wsod[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@tacoda[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@at.atwola[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@questionmarket[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@cdn4.specificclick[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@invitemedia[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@advertising[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@ad.yieldmanager[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@ads.pointroll[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@legolas-media[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@collective-media[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@statse.webtrendslive[2].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@trafficmp[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@apmebf[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@data.coremetrics[1].txt
    C:\Documents and Settings\Melanie\Cookies\melanie@doubleclick[1].txt

    Adware.MyWebSearch/FunWebProducts
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
    HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
    HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
    HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
    HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib#Version
    HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
    HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid
    HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
    HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
    HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib#Version
    HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
    HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid
    HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
    HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
    HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
    HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
    HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid
    HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
    HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
    HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib#Version
    HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid
    HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
    HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
    HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib#Version
    HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
    HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
    HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
    HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
    HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
    HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
    HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
    HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib#Version
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib#Version
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
    HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
    HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
    HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
    HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid
    HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
    HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
    HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
    HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
    HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid
    HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
    HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
    HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
    HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
    HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid
    HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
    HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
    HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
    HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
    HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid
    HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
    HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
    HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
    HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
    HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid
    HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
    HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
    HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
    HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
    HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid
    HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
    HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
    HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib#Version
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
    HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
    HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
    HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
    HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
    HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
    HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
    HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
    HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
    HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid
    HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
    HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
    HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
    HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid
    HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
    HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
    HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version

    Backdoor.Bot[ZBot]
    HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7}
    HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6}
    HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905}
    HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f}

    Trojan.Agent/Gen-Nullo[Short]
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{46DE8921-1D39-44D2-A9E9-64119261F211}\RP52\A0005506.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{46DE8921-1D39-44D2-A9E9-64119261F211}\RP52\A0005507.EXE
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{46DE8921-1D39-44D2-A9E9-64119261F211}\RP52\A0005509.DLL

    Adware.Vundo/Variant-X32[Header]
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{46DE8921-1D39-44D2-A9E9-64119261F211}\RP54\A0007412.DLL

    Adware.CouponBar
    C:\WINDOWS\CPNPRT2.CID
    C:\WINDOWS\SYSTEM32\CPNPRT2.CID
    2. May 30th, 2010, 02:45 AM
    #2
  2. No Profile Picture
    cwsmith92
    Registered User
    Devshed Newbie (0 - 499 posts)
    Join Date
    May 2010
    Posts
    7
    Rep Power
    0
    Here's my Hijack this log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:12:19 PM, on 5/29/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17023)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Macrium\Reflect\ReflectService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wentxp.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\PIXELA\ImageMixer 3 SE Ver.5\Transfer Utility\CameraMonitor.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3081231
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3081231
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
    R3 - URLSearchHook: (no name) - {db7a1b0e-2c9e-4ad3-a2fd-21907ef2c9d1} - (no file)
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\Managed VirusScan\VScan\ScriptSn.20100426084158.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Sky-Banners Browser Enhancer ywboxeez - {A686D29D-3B73-484C-84C8-D202AFFC36E6} - C:\WINDOWS\system32\ywboxeez.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: voguecash browser enhancer - {DC07243B-89ED-D54C-8AE5-812ADC2A9B57} - C:\WINDOWS\system32\ljhtpwcdcsym.dll (file missing)
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe" /LOGON
    O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [pbffdrli] C:\Documents and Settings\Connor\Local Settings\Application Data\mfrbephfi\fexfnpxtssd.exe
    O4 - HKLM\..\Run: [qguleokt] C:\Documents and Settings\Connor\Local Settings\Application Data\rficeuahw\isnqlpmtssd.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [vuwyxktq] C:\Documents and Settings\Connor\Local Settings\Application Data\yeyjntdtb\cuhrocqtssd.exe
    O4 - HKLM\..\Run: [skb] rundll32 "ywboxeez.dll",,Run
    O4 - HKLM\..\Run: [MChk] C:\WINDOWS\system32\cfzeptut.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [pbffdrli] C:\Documents and Settings\Connor\Local Settings\Application Data\mfrbephfi\fexfnpxtssd.exe
    O4 - HKCU\..\Run: [qguleokt] C:\Documents and Settings\Connor\Local Settings\Application Data\rficeuahw\isnqlpmtssd.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Connor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [vuwyxktq] C:\Documents and Settings\Connor\Local Settings\Application Data\yeyjntdtb\cuhrocqtssd.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.5.lnk = ?
    O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
    O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O20 - Winlogon Notify: 1c7bb169922 - C:\WINDOWS\system32\fxsst32.dll (file missing)
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
    O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor ASFIPmonmyAgtSvc (ASFIPmonmyAgtSvc) - Unknown owner - C:\WINDOWS\system32\algf.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bonjour Service BonjourWmdmPmSN (BonjourWmdmPmSN) - Unknown owner - C:\WINDOWS\system32\6to4svcq.exe (file missing)
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EngineServer - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9db0a125e96c) (gupdate1c9db0a125e96c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
    O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
    O23 - Service: Security Accounts Manager SamSsBITS (SamSsBITS) - Unknown owner - C:\WINDOWS\system32\adsnts.exe (file missing)
    O23 - Service: Smart Card SCardSvrERSvc (SCardSvrERSvc) - Unknown owner - C:\WINDOWS\system32\adsmsextn.exe (file missing)
    O23 - Service: WinEncrypt service (wencrservice) - WinEncrypt - C:\WINDOWS\SYSTEM32\wentxp.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 14808 bytes
    3. May 30th, 2010, 02:46 AM
    #3
  3. No Profile Picture
    cwsmith92
    Registered User
    Devshed Newbie (0 - 499 posts)
    Join Date
    May 2010
    Posts
    7
    Rep Power
    0
    Here's the Uninstall List from Hijack This

    32 Bit HP CIO Components Installer
    Acrobat.com
    Acrobat.com
    Adobe AIR
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Photoshop Elements 7.0
    Adobe Photoshop.com Inspiration Browser
    Adobe Reader 9.1
    AIM 6
    AIM Toolbar
    Amazon MP3 Downloader 1.0.3
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Auto Gordian Knot 2.55
    AviSynth 2.5
    AVS Audio Editor version 5.2
    AVS Update Manager 1.0
    AVS4YOU Software Navigator 1.3
    Axara YouTube Tools 2.9.1
    Bonjour
    Broadcom ASF Management Applications
    Broadcom Management Programs
    Browser Address Error Redirector
    Canon Camera Access Library
    Canon Camera Support Core Library
    CANON iMAGE GATEWAY Task for ZoomBrowser EX
    Canon Internet Library for ZoomBrowser EX
    Canon Utilities CameraWindow
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    Canon Utilities MyCamera
    Canon Utilities RemoteCapture Task for ZoomBrowser EX
    Canon Utilities ZoomBrowser EX
    Canon ZoomBrowser EX Memory Card Utility
    CCleaner
    Copware Folio 4.6
    Coupon Printer for Windows
    Dell ETS Factory Installation
    Dogz (remove only)
    Download Updater (AOL LLC)
    DVD Decrypter (Remove Only)
    Google Earth
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    Google Updater
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB981793)
    HP Customer Participation Program 13.0
    HP Imaging Device Functions 13.0
    HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
    HP Print Projects 1.0
    HP Smart Web Printing 4.5
    HP Solution Center 13.0
    HP Update
    ImageMixer 3 SE Ver.5 Transfer Utility
    ImageMixer 3 SE Ver.5 Video Tools
    Intel(R) Matrix Storage Manager
    iPod to Computer Transfer 4.6.0
    iTunes
    Java(TM) 6 Update 12
    Java(TM) 6 Update 7
    Macrium Reflect - Free Edition
    Malwarebytes' Anti-Malware
    McAfee Firewall Protection Service
    McAfee Virus and Spyware Protection Service
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Choice Guard
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ Run Time Lib Setup
    MobileMe Control Panel
    Mozilla Firefox (3.6.3)
    MP3 Key Shifter
    MSN
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    Music Editor Free
    Music Transfer Utility Ver.2
    NVIDIA Drivers
    NVIDIA Performance Drivers
    OGA Notifier 2.0.0048.0
    ParetoLogic FileCure
    Performance Platform Voguecash
    PhotoshopdotcomInspirationBrowser
    Picture Collage Maker Pro
    PowerDVD
    QuickTime
    Roxio Activation Module
    Roxio Creator Audio
    Roxio Creator BDAV Plugin
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE
    Roxio Creator Tools
    Roxio Drag-to-Disc
    Roxio Express Labeler 3
    Roxio Update Manager
    Safari
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB978380)
    Security Update for Microsoft Office Excel 2007 (KB978382)
    Security Update for Microsoft Office Outlook 2007 (KB972363)
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)
    Security Update for Microsoft Office Publisher 2007 (KB980470)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB969613)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB969604)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB944338-v2)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958470)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971032)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981350)
    Segoe UI
    Shape Collage
    Shop for HP Supplies
    Sky-Banners browser enhancer
    Sonic CinePlayer Decoder Pack
    Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
    Street-Ads Browser Enhancer
    SUPERAntiSpyware
    Twittin_Secrets_Twitter_Tips Toolbar
    Update for 2007 Microsoft Office System (KB967642)
    Update for 2007 Microsoft Office System (KB981715)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office InfoPath 2007 (KB976416)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Outlook 2007 Junk Email Filter (kb981433)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB980182)
    Veoh Web Player
    Viewpoint Media Player
    Visual C++ 8.0 x86 Runtime Setup Package
    VobSub v2.23 (Remove Only)
    Windows Internet Explorer 7
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Support Tools
    WordPerfect Office 11
    Yahoo! Install Manager
    Yahoo! Software Update
    Yahoo! Toolbar
    Yahoo! Widgets
    YouTube Downloader 2.5.4
    Zipeg
    4. May 30th, 2010, 07:40 AM
    #4
  4. No Profile Picture
    _Titan_
    Registered User
    Devshed Newbie (0 - 499 posts)
    Join Date
    Jan 2010
    Location
    Earth
    Posts
    48
    Rep Power
    0
    Did you see at list of processes (Task Manager)? What process use a lot of CPU ?
    May be some software work incorrectly ...
« Previous Thread | Next Thread »
IMN logo majestic logo threadwatch logo seochat tools logo