#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0

    PC spontaniously restarts when visiting certain sites


    Hi

    In the last few days, I have found that if I visit certain file hosting sites (e.g. Hotfile.com) or some blogs with links to file host sites, my PC will suddenly just go to the black screen and restart. Various scans have turned up no malware, but I am sure there must be some malware at the root of this. I have found that if I update my browser (like recently I changed to the latest beta of Firefox) it's fine for a short while, but then soon enough it happens again. Your advice would be most welcome. I enclose the relevant logs below. Thank you for your time.

    BTW, my anti-malware software is Zone Alarm free firewall, Avast! free antivirus, and Super AntiSpyware (subscription). My OS is Windows XP Home.

    UPDATE
    Please see lower down thread for more recent logs.

    Code:
    --------------------------------------------
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    
    Database version: 4287
    
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702
    
    07/07/2010 10:13:48
    mbam-log-2010-07-07 (10-13-48).txt
    
    Scan type: Quick scan
    Objects scanned: 132669
    Time elapsed: 5 minute(s), 7 second(s)
    
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    
    Memory Processes Infected:
    (No malicious items detected)
    
    Memory Modules Infected:
    (No malicious items detected)
    
    Registry Keys Infected:
    (No malicious items detected)
    
    Registry Values Infected:
    (No malicious items detected)
    
    Registry Data Items Infected:
    (No malicious items detected)
    
    Folders Infected:
    (No malicious items detected)
    
    Files Infected:
    (No malicious items detected)
    ---------------------------------------------
    Code:
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    
    Generated 07/07/2010 at 10:49 PM
    
    Application Version : 4.40.1002
    
    Core Rules Database Version : 5166
    Trace Rules Database Version: 2978
    
    Scan type       : Complete Scan
    Total Scan Time : 00:24:12
    
    Memory items scanned      : 435
    Memory threats detected   : 0
    Registry items scanned    : 8064
    Registry threats detected : 0
    File items scanned        : 18568
    File threats detected     : 0
    -----------------------------------------
    Code:
    BITDEFENDER
    
    QuickScan Beta 32-bit v0.9.9.23
    -------------------------------
    Scan date:  Wed Jul 07 22:56:10 2010
    Machine ID: BC7FE1E8
    
    C:\WINDOWS\S368EBA2E.tmp - could not be accessed
    
    
    No infection found.
    -------------------
    
    
    
    Processes
    ---------
    <unsigned>  updtr.exe                                2044    K:\Program 
    
    Files\AudioTranscoder\updtr.exe
    
    <verified>  AcroTray - Adobe Acrobat Distiller help  3112    K:\Program 
    
    Files\Adobe\Acrobat\Acrotray.exe
    <verified>  ASUS Keyboard Service                    2020    
    
    C:\WINDOWS\ATKKBService.exe
    <verified>  avast! Antivirus                         1480    C:\Program Files\Alwil 
    
    Software\Avast5\AvastSvc.exe
    <verified>  avast! Antivirus                         3092    C:\Program Files\Alwil 
    
    Software\Avast5\AvastUI.exe
    <verified>  CameraMonitor Application                3076    C:\WINDOWS\vsnp2std.exe
    <verified>  Firefox                                   660    C:\Program Files\Mozilla 
    
    Firefox\firefox.exe
    <verified>  Google Update                             268    C:\Program 
    
    Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    <verified>  Microsoft® Windows® Operating System     2004    
    
    C:\WINDOWS\Explorer.EXE
    <verified>  Microsoft® Windows® Operating System     2380    
    
    C:\WINDOWS\System32\alg.exe
    <verified>  Microsoft® Windows® Operating System      520    
    
    C:\WINDOWS\system32\csrss.exe
    <verified>  Microsoft® Windows® Operating System     3204    
    
    C:\WINDOWS\system32\ctfmon.exe
    <verified>  Microsoft® Windows® Operating System      600    
    
    C:\WINDOWS\system32\lsass.exe
    <verified>  Microsoft® Windows® Operating System     2576    
    
    C:\WINDOWS\system32\NOTEPAD.EXE
    <verified>  Microsoft® Windows® Operating System      588    
    
    C:\WINDOWS\system32\services.exe
    <verified>  Microsoft® Windows® Operating System      436    
    
    C:\WINDOWS\System32\smss.exe
    <verified>  Microsoft® Windows® Operating System     1712    
    
    C:\WINDOWS\system32\spoolsv.exe
    <verified>  Microsoft® Windows® Operating System      360    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      764    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      860    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      900    
    
    C:\WINDOWS\System32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      952    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      992    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System     1036    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System     1788    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      544    
    
    C:\WINDOWS\system32\winlogon.exe
    <verified>  NVIDIA Driver Helper Service, Version 8   260    
    
    C:\WINDOWS\system32\nvsvc32.exe
    <verified>  SpeedTouch USB                           3060    C:\Program 
    
    Files\Thomson\SpeedTouch USB\Dragdiag.exe
    <verified>  SUPERAntiSpyware                         3188    C:\Program 
    
    Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    <verified>  TrueVector Service                       1104    C:\WINDOWS\system32
    
    \ZoneLabs\vsmon.exe
    <verified>  ZoneAlarm Client                         3132    C:\Program Files\Zone 
    
    Labs\ZoneAlarm\zlclient.exe
    <verified>  ZoneAlarm ForceField                     3504    C:\Program 
    
    Files\CheckPoint\ZAForceField\ForceField.exe
    <verified>  ZoneAlarm ForceField                     1408    C:\Program 
    
    Files\CheckPoint\ZAForceField\IswSvc.exe
    
    
    Network activity
    ----------------
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 66.235.143.54
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 174.129.123.123
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 66.102.9.99
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 66.102.9.99
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 92.123.92.20
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 66.40.145.26
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 209.85.229.102
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 92.123.85.115
    Process AvastSvc.exe (1480) connected on port 80 (HTTP) --> 66.102.9.99
    
    Process svchost.exe (860) listens on ports: 135 (RPC)
    Process svchost.exe (900) listens on ports: 139 (NetBIOS)
    
    
    Autoruns and critical files
    ---------------------------
    <unsigned>  SUPERAntiSpyware WinLogon Processor      C:\Program 
    
    Files\SUPERAntiSpyware\SASWINLO.DLL
    
    <verified>  AcroTray - Adobe Acrobat Distiller help  K:\Program 
    
    Files\Adobe\Acrobat\Acrotray.exe
    <verified>  Adobe Acrobat                            K:\Program 
    
    Files\Adobe\Acrobat\Acrobat_sl.exe
    <verified>  avast! Antivirus                         C:\PROGRA~1\ALWILS~1\Avast5
    
    \AvastUI.exe
    <verified>  CameraMonitor Application                C:\WINDOWS\vsnp2std.exe
    <verified>  DivX Update                              C:\Program Files\DivX\DivX 
    
    Update\DivXUpdate.exe
    <verified>  Google Update                            C:\Program 
    
    Files\Google\Update\GoogleUpdate.exe
    <verified>  GrooveShellExtensions Module             c:\program files\microsoft 
    
    office\office12\grooveshellextensions.dll
    <verified>  Microsoft Genuine Advantage              C:\WINDOWS\system32
    
    \WgaLogon.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \browseui.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \crypt32.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \cryptnet.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \cscdll.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \ctfmon.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \dimsntfy.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \logonui.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \sclgntfy.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \shell32.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \stobject.dll
    <verified>  Microsoft® Windows® Operating System     c:\windows\system32
    
    \userinit.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \wlnotify.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \WPDShServiceObj.dll
    <verified>  NVIDIA Compatible Windows 2000 Display   C:\WINDOWS\system32
    
    \NvCpl.dll
    <verified>  SpeedTouch USB                           C:\Program 
    
    Files\Thomson\SpeedTouch USB\Dragdiag.exe
    <verified>  SuperAntiSpyware                         C:\Program 
    
    Files\SUPERAntiSpyware\SASSEH.DLL
    <verified>  SUPERAntiSpyware                         C:\Program 
    
    Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    <verified>  Windows® Internet Explorer               C:\WINDOWS\system32
    
    \webcheck.dll
    <verified>  Windows® Search                          C:\Program Files\Windows Desktop 
    
    Search\MsnlNamespaceMgr.dll
    <verified>  ZoneAlarm Client                         C:\Program Files\Zone 
    
    Labs\ZoneAlarm\zlclient.exe
    <verified>  ZoneAlarm ForceField                     C:\Program 
    
    Files\CheckPoint\ZAForceField\ForceField.exe
    
    
    Browser plugins
    ---------------
    <unsigned>  FFExternalAlert.dll                      C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\FFExternalAlert.dll
    <unsigned>  Google Gears 0.5.36.0                    c:\program files\google\google 
    
    gears\internet explorer\0.5.36.0\gears.dll
    <unsigned>  npFFApi                                  C:\Program 
    
    Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
    <unsigned>  RadioWMPCore.dll                         C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\RadioWMPCore.dll
    
    <verified>  2007 Microsoft Office system             C:\Program Files\Mozilla 
    
    Firefox\plugins\NPOFF12.DLL
    <verified>  AcroIEHelperShim Library                 c:\program files\common 
    
    files\adobe\acrobat\activex\acroiehelpershim.dll
    <verified>  Adobe Acrobat                            C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\nppdf32.dll
    <verified>  Adobe Acrobat                            C:\Program Files\Mozilla 
    
    Firefox\plugins\nppdf32.dll
    <verified>  Adobe PDF Toolbar for IE                 c:\program files\common 
    
    files\adobe\acrobat\activex\acroiefavclient.dll
    <verified>  bdoscandel.exe                           C:\WINDOWS\bdoscandel.exe
    <verified>  bdscanonline                             C:\WINDOWS\Downloaded Program 
    
    Files\oscan82.ocx
    <verified>  BitDefender QuickScan                    C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{e001c731-5e37-4538
    
    -a5cb-8168736a2360}\components\qscanff.dll
    <verified>  BitDefender QuickScan                    C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{e001c731-5e37-4538
    
    -a5cb-8168736a2360}\plugins\npqscan.dll
    <verified>  Conduit Toolbar                          c:\program files\zonealarm\tbzone.dll
    <verified>  DivX Player Netscape Plugin              C:\Program Files\Mozilla 
    
    Firefox\plugins\npDivxPlayerPlugin.dll
    <verified>  FlashGot.exe                             C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\FlashGot.exe
    <verified>  Foxit Reader Plugin for Mozilla          C:\Program Files\Mozilla 
    
    Firefox\plugins\npFoxitReaderPlugin.dll
    <verified>  getPlusPlus for Adobe 16263              C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{E2883E8F-472F-4fb0
    
    -9522-AC9BF37916A7}\plugins\np_gp.dll
    <verified>  getPlusPlus for Adobe 16263              C:\Program Files\Mozilla 
    
    Firefox\plugins\np_gp.dll
    <verified>  Google Update                            C:\Program 
    
    Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
    <verified>  GrooveShellExtensions Module             c:\program files\microsoft 
    
    office\office12\grooveshellextensions.dll
    <verified>  IE Tab Plug-in                           C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{77b819fa-95ad-4f2c-
    
    ac7c-486b356188a9}\plugins\npietab.dll
    <verified>  iefdm2.dll                               c:\program files\free download 
    
    manager\iefdm2.dll
    <verified>  InstallShield Update Service             C:\WINDOWS\Downloaded Program 
    
    Files\dwusplay.dll
    <verified>  InstallShield Update Service             C:\WINDOWS\Downloaded Program 
    
    Files\dwusplay.exe
    <verified>  InstallShield Update Service             C:\WINDOWS\Downloaded Program 
    
    Files\isusweb.dll
    <verified>  ipsupd.dll                               C:\WINDOWS\Downloaded Program 
    
    Files\ipsupd.dll
    <verified>  Java Deployment Toolkit 6.0.140.8        C:\Program Files\Mozilla 
    
    Firefox\plugins\npdeploytk.dll
    <verified>  Java(TM) Platform SE 6 U14               c:\program files\java\jre6
    
    \bin\jp2ssv.dll
    <verified>  Java(TM) Platform SE 6 U14               c:\program files\java\jre6
    
    \lib\deploy\jqs\ie\jqs_plugin.dll
    <verified>  Messenger                                C:\Program 
    
    Files\Messenger\msmsgs.exe
    <verified>  Microsoft® Windows Live OneCare          C:\WINDOWS\Downloaded 
    
    Program Files\wlscBase.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\Network 
    
    Diagnostic\xpnetdiag.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \mswsock.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \rsvpsp.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \winrnr.dll
    <verified>  Mozilla Default Plug-in                  C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\npnul32.dll
    <verified>  Mozilla Default Plug-in                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npnul32.dll
    <verified>  nppdf32.DEU                              C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\nppdf32.DEU
    <verified>  nppdf32.DEU                              C:\Program Files\Mozilla 
    
    Firefox\plugins\nppdf32.DEU
    <verified>  nppdf32.FRA                              C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\nppdf32.FRA
    <verified>  nppdf32.FRA                              C:\Program Files\Mozilla 
    
    Firefox\plugins\nppdf32.FRA
    <verified>  NPSWF32.dll                              C:\WINDOWS\system32
    
    \Macromed\Flash\NPSWF32.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin2.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin3.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin4.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin5.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin6.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin7.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin2.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin3.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin4.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin5.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin6.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin7.dll
    <verified>  Windows Genuine Advantage                C:\Program Files\Mozilla 
    
    Firefox\plugins\npLegitCheckPlugin.dll
    <verified>  Windows Presentation Foundation          
    
    C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation 
    
    Foundation\NPWPF.dll
    <verified>  Windows® Internet Explorer               C:\WINDOWS\system32\ieframe.dll
    <verified>  ZoneAlarm ForceField                     C:\Program 
    
    Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll
    
    
    Missing files
    -------------
    File not found: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
     referenced in: HKLM\System\ControlSet001\services\aswUpdSv\"ImagePath"
    
    File not found: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32
    
    \IDriverT.exe
     referenced in: HKLM\System\ControlSet001\services\IDriverT\"ImagePath"
    
    File not found: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
     referenced in: HLKM\Software\MozillaPlugins\@divx.com/DivX Player 
    
    Plugin,version=1.0.0\"Path"
    
    File not found: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
     referenced in: HKLM\System\ControlSet001\services\Lavasoft Ad-Aware 
    
    Service\"ImagePath"
    
    File not found: C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys
     referenced in: HKLM\System\ControlSet001\services\mferkdk\"ImagePath"
    
    File not found: C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
     referenced in: HKLM\System\ControlSet001\services\OcHealthMon\"ImagePath"
    
    File not found: C:\WINDOWS\System32\hidserv.dll
     referenced in: HKLM\System\ControlSet001
    
    \services\HidServ\Parameters\"ServiceDll"
    
    File not found: System32\Drivers\sptd.sys
     referenced in: HKLM\System\ControlSet001\services\sptd\"ImagePath"
    
    File not found: system32\DRIVERS\mcdbus.sys
     referenced in: HKLM\System\ControlSet001\services\mcdbus\"ImagePath"
    
    File not found: system32\ZoneLabs\srescan.sys
     referenced in: HKLM\System\ControlSet001\services\srescan\"ImagePath"
    
    File not found: system32\drivers\xpstqtv.sys
     referenced in: HKLM\System\ControlSet001\services\bxaqeti\"ImagePath"
    
    
    Scan
    ----
    <unsigned>  MD5: ebebdbf1df7621623bbc5af82b533542  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\FFExternalAlert.dll
    <unsigned>  MD5: 696f6787818300362f15485d654f6887  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\RadioWMPCore.dll
    <unsigned>  MD5: 031ccdff85a57172f3402cb99b3e9d46  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    <unsigned>  MD5: 2786afc6ab1f04d7600228e39df2e186  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    <unsigned>  MD5: bd3c896066be6451797943d5425d8e6d  C:\Program Files\Alwil 
    
    Software\Avast5\defs\10070701\algo.dll
    <unsigned>  MD5: e8a82ff8277e4f63644f7ee6f0eab367  C:\Program 
    
    Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
    <unsigned>  MD5: 3be2c9c74cc42793109327754c0c0d65  C:\Program 
    
    Files\foobar2000\ShellExt32.dll
    <unsigned>  MD5: 5af9bf694133d557014e1481743f3846  C:\Program 
    
    Files\Google\Google Gears\Firefox\lib\ff36\gears.dll
    <unsigned>  MD5: 432226e3e9c09a73f389a65dec49bb2f  c:\program 
    
    files\google\google gears\internet explorer\0.5.36.0\gears.dll
    <unsigned>  MD5: 9dcb9d9bdb7e3c0f66f86ee09a392cbb  C:\Program Files\LG Soft 
    
    India\forteManager\bin\I2CDriver.sys
    <unsigned>  MD5: 21a62a7a95b1905634e7c12e5158ec32  C:\Program Files\LG Soft 
    
    India\forteManager\bin\PII2CDriver.sys
    <unsigned>  MD5: 1445270793c8a5bc8acc1b86b6d8a32f  C:\Program Files\Mozilla 
    
    Firefox\freebl3.dll
    <unsigned>  MD5: f444dec32dcc2fde8d4e4ad8ec99f106  C:\Program Files\Mozilla 
    
    Firefox\nssdbm3.dll
    <unsigned>  MD5: 9a97f3f45019d13430657bd5dec46e97  C:\Program Files\Mozilla 
    
    Firefox\softokn3.dll
    <unsigned>  MD5: 482e8f6fd557d5a0df7363f72df145fe  C:\Program 
    
    Files\SUPERAntiSpyware\SASWINLO.DLL
    <unsigned>  MD5: f5c2ccdb273a546e9c3a15250f1d9165  C:\WINDOWS\system32
    
    \drivers\atkkbnt.sys
    <unsigned>  MD5: de6c7979dc56c8724d7d5c581adfa826  C:\WINDOWS\system32
    
    \drivers\NSYNAS32.sys
    <unsigned>  MD5: d24ea301e2b36c4e975fd216ca85d8e7  C:\WINDOWS\system32
    
    \drivers\TCPIP.sys
    <unsigned>  MD5: 35255ededd214aaa0820f10b2af0f808  C:\WINDOWS\system32
    
    \drivers\TPKD.sys
    <unsigned>  MD5: d631f9dbf8e9ccde198991b84c8106ab  K:\Program 
    
    Files\AudioTranscoder\updtr.exe
    
    
    No file uploaded.
    
    Scan finished - communication took 1 sec
    Total traffic - 0.01 MB sent, 0.29 KB recvd
    Scanned 757 files and modules - 26 seconds
    
    ============================
    Last edited by Dave543210; July 10th, 2010 at 06:44 PM. Reason: Added updated logs
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0
    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:58:30, on 07/07/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ATKKBService.exe
    K:\Program Files\AudioTranscoder\updtr.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\vsnp2std.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    K:\Program Files\Adobe\Acrobat\Acrotray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
    R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O1 - Hosts: 80.239.151.231 db1.rapidshare.com
    O1 - Hosts: 80.239.151.232 db2.rapidshare.com
    O1 - Hosts: 80.239.151.233 db3.rapidshare.com
    O1 - Hosts: 80.239.151.234 db4.rapidshare.com
    O1 - Hosts: 80.239.151.235 db5.rapidshare.com
    O1 - Hosts: 80.239.151.253 games.rapidshare.com
    O1 - Hosts: 80.239.151.251 images.rapidshare.com
    O1 - Hosts: 80.239.151.240 images2.rapidshare.com
    O1 - Hosts: 82.129.39.245 kvm1.rapidshare.com
    O1 - Hosts: 82.129.39.246 kvm2.rapidshare.com
    O1 - Hosts: 82.129.39.247 kvm3.rapidshare.com
    O1 - Hosts: 82.129.39.248 kvm4.rapidshare.com
    O1 - Hosts: 82.129.39.249 kvm5.rapidshare.com
    O1 - Hosts: 80.239.151.250 mail.rapidshare.com
    O1 - Hosts: 80.239.151.250 ns1.rapidshare.com
    O1 - Hosts: 80.239.151.234 ns2.rapidshare.com
    O1 - Hosts: 80.239.151.250 pay.rapidshare.com
    O1 - Hosts: 80.239.151.240 rem1.rapidshare.com
    O1 - Hosts: 82.129.39.2 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.3 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.4 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.5 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.6 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.7 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.8 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.9 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.10 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.11 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.12 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.13 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.14 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.15 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.35.2 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.3 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.4 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.5 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.6 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.7 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.8 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.9 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.10 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.11 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.12 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.13 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.14 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.15 rs0cg2.rapidshare.com
    O1 - Hosts: 80.152.62.2 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.3 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.4 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.5 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.6 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.7 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.8 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.9 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.10 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.11 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.12 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.13 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.14 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.15 rs0dt.rapidshare.com
    O1 - Hosts: 64.215.245.2 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.3 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.4 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.5 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.6 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.7 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.8 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.9 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.10 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.11 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.12 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.13 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.14 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.15 rs0gc.rapidshare.com
    O1 - Hosts: 207.138.168.2 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.3 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.4 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.5 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.6 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.7 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.8 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.9 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.10 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.11 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.12 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.13 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.14 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.15 rs0gc2.rapidshare.com
    O1 - Hosts: 80.239.151.2 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.3 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.4 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.5 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.6 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.7 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.8 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.9 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.10 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.11 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.12 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.13 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.14 rs0l3.rapidshare.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1FD79A59-37B1-459B-9097-09F9FAB8A523} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "K:\Program Files\Adobe\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "K:\Program Files\Adobe\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235309417661
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8E9E35A6-0704-448A-9B70-253008FCC0CD}: NameServer = 62.24.243.1 62.24.243.2
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Digital Music Software: Audio Transcoder update permissions manager. 1543. - Unknown owner - K:\Program Files\AudioTranscoder\updtr.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Windows Live OneCare Health Monitor (OcHealthMon) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe (file missing)
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    
    --
    End of file - 15747 bytes
  4. #3
  5. Jealous Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,302
    Rep Power
    9400
    Ayayaya.

    How about you edit your posts and put &amp;#91;code][/code] tags around the two logs?
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0

    Temporary blocking of web


    Well, it's been 3 days since I created this post and the original logs. This evening I suddenly found that I could not connect to any web page using either Firefox or IE. I was still connected, and my uTorrent app still downloaded and uploaded normally. So I tried a system restore, and although it appeared to work at first, a message appeared on start-up to say that Windows was unable to restore to the selected point. So I tried another earlier restore point, and that gave the same message. I just could not surf the web - no page could be found. Then I went through the usual scans/clean-ups recommended by this site, and luckily I have web access again. Anyway, here are all the logs from todays scans. (Hope this is ok - I believe your rules state it is ok to post updated reports if no reply after 3 days).

    Code:
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    
    Database version: 4298
    
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702
    
    10/07/2010 22:42:56
    mbam-log-2010-07-10 (22-42-56).txt
    
    Scan type: Quick scan
    Objects scanned: 133109
    Time elapsed: 4 minute(s), 55 second(s)
    
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    
    Memory Processes Infected:
    (No malicious items detected)
    
    Memory Modules Infected:
    (No malicious items detected)
    
    Registry Keys Infected:
    (No malicious items detected)
    
    Registry Values Infected:
    (No malicious items detected)
    
    Registry Data Items Infected:
    (No malicious items detected)
    
    Folders Infected:
    (No malicious items detected)
    
    Files Infected:
    (No malicious items detected)
    Code:
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    
    Generated 07/10/2010 at 11:07 PM
    
    Application Version : 4.40.1002
    
    Core Rules Database Version : 5181
    Trace Rules Database Version: 2993
    
    Scan type       : Complete Scan
    Total Scan Time : 00:22:43
    
    Memory items scanned      : 450
    Memory threats detected   : 0
    Registry items scanned    : 8068
    Registry threats detected : 0
    File items scanned        : 18453
    File threats detected     : 0
    Code:
    BitDefender
    QuickScan Beta 32-bit v0.9.9.23
    -------------------------------
    Scan date:  Sat Jul 10 23:12:23 2010
    Machine ID: BC7FE1E8
    
    C:\WINDOWS\S368EBA2E.tmp - could not be accessed
    
    
    No infection found.
    -------------------
    
    
    
    Processes
    ---------
    <unsigned>  updtr.exe                                 176    K:\Program 
    
    Files\AudioTranscoder\updtr.exe
    
    <verified>  AcroTray - Adobe Acrobat Distiller help  3148    K:\Program 
    
    Files\Adobe\Acrobat\Acrotray.exe
    <verified>  ASUS Keyboard Service                    2044    
    
    C:\WINDOWS\ATKKBService.exe
    <verified>  avast! Antivirus                         1404    C:\Program Files\Alwil 
    
    Software\Avast5\AvastSvc.exe
    <verified>  avast! Antivirus                         3100    C:\Program Files\Alwil 
    
    Software\Avast5\AvastUI.exe
    <verified>  CameraMonitor Application                3036    C:\WINDOWS\vsnp2std.exe
    <verified>  Firefox                                  3872    C:\Program Files\Mozilla 
    
    Firefox\firefox.exe
    <verified>  Google Update                            1836    C:\Program 
    
    Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    <verified>  Microsoft® Windows® Operating System     1856    
    
    C:\WINDOWS\Explorer.EXE
    <verified>  Microsoft® Windows® Operating System     2308    
    
    C:\WINDOWS\System32\alg.exe
    <verified>  Microsoft® Windows® Operating System      516    
    
    C:\WINDOWS\system32\csrss.exe
    <verified>  Microsoft® Windows® Operating System     2648    
    
    C:\WINDOWS\system32\ctfmon.exe
    <verified>  Microsoft® Windows® Operating System      596    
    
    C:\WINDOWS\system32\lsass.exe
    <verified>  Microsoft® Windows® Operating System      660    
    
    C:\WINDOWS\system32\NOTEPAD.EXE
    <verified>  Microsoft® Windows® Operating System      584    
    
    C:\WINDOWS\system32\services.exe
    <verified>  Microsoft® Windows® Operating System      448    
    
    C:\WINDOWS\System32\smss.exe
    <verified>  Microsoft® Windows® Operating System     1692    
    
    C:\WINDOWS\system32\spoolsv.exe
    <verified>  Microsoft® Windows® Operating System      364    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      764    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      852    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System     1904    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System     1028    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      984    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      928    
    
    C:\WINDOWS\system32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      892    
    
    C:\WINDOWS\System32\svchost.exe
    <verified>  Microsoft® Windows® Operating System      540    
    
    C:\WINDOWS\system32\winlogon.exe
    <verified>  NVIDIA Driver Helper Service, Version 8   268    
    
    C:\WINDOWS\system32\nvsvc32.exe
    <verified>  SpeedTouch USB                           2972    C:\Program 
    
    Files\Thomson\SpeedTouch USB\Dragdiag.exe
    <verified>  SUPERAntiSpyware                         3212    C:\Program 
    
    Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    <verified>  TrueVector Service                       1112    C:\WINDOWS\system32
    
    \ZoneLabs\vsmon.exe
    <verified>  ZoneAlarm Client                         3172    C:\Program Files\Zone 
    
    Labs\ZoneAlarm\zlclient.exe
    <verified>  ZoneAlarm ForceField                     3516    C:\Program 
    
    Files\CheckPoint\ZAForceField\ForceField.exe
    <verified>  ZoneAlarm ForceField                     1340    C:\Program 
    
    Files\CheckPoint\ZAForceField\IswSvc.exe
    
    
    Network activity
    ----------------
    Process AvastSvc.exe (1404) connected on port 80 (HTTP) --> yu-in-f99.1e100.net
    Process AvastSvc.exe (1404) connected on port 80 (HTTP) --> yu-in-f99.1e100.net
    Process AvastSvc.exe (1404) connected on port 80 (HTTP) --> yu-in-f99.1e100.net
    
    Process svchost.exe (852) listens on ports: 135 (RPC)
    Process svchost.exe (892) listens on ports: 139 (NetBIOS)
    
    
    Autoruns and critical files
    ---------------------------
    <unsigned>  SUPERAntiSpyware WinLogon Processor      C:\Program 
    
    Files\SUPERAntiSpyware\SASWINLO.DLL
    
    <verified>  AcroTray - Adobe Acrobat Distiller help  K:\Program 
    
    Files\Adobe\Acrobat\Acrotray.exe
    <verified>  Adobe Acrobat                            K:\Program 
    
    Files\Adobe\Acrobat\Acrobat_sl.exe
    <verified>  avast! Antivirus                         C:\PROGRA~1\ALWILS~1\Avast5
    
    \AvastUI.exe
    <verified>  CameraMonitor Application                C:\WINDOWS\vsnp2std.exe
    <verified>  DivX Update                              C:\Program Files\DivX\DivX 
    
    Update\DivXUpdate.exe
    <verified>  Google Update                            C:\Program 
    
    Files\Google\Update\GoogleUpdate.exe
    <verified>  GrooveShellExtensions Module             c:\program files\microsoft 
    
    office\office12\grooveshellextensions.dll
    <verified>  Microsoft Genuine Advantage              C:\WINDOWS\system32
    
    \WgaLogon.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \browseui.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \crypt32.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \cryptnet.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \cscdll.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \ctfmon.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \dimsntfy.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \logonui.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \sclgntfy.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \shell32.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \stobject.dll
    <verified>  Microsoft® Windows® Operating System     c:\windows\system32
    
    \userinit.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \wlnotify.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \WPDShServiceObj.dll
    <verified>  NVIDIA Compatible Windows 2000 Display   C:\WINDOWS\system32
    
    \nvcpl.dll
    <verified>  SpeedTouch USB                           C:\Program 
    
    Files\Thomson\SpeedTouch USB\Dragdiag.exe
    <verified>  SuperAntiSpyware                         C:\Program 
    
    Files\SUPERAntiSpyware\SASSEH.DLL
    <verified>  SUPERAntiSpyware                         C:\Program 
    
    Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    <verified>  Windows® Internet Explorer               C:\WINDOWS\system32
    
    \webcheck.dll
    <verified>  Windows® Search                          C:\Program Files\Windows Desktop 
    
    Search\MsnlNamespaceMgr.dll
    <verified>  ZoneAlarm Client                         C:\Program Files\Zone 
    
    Labs\ZoneAlarm\zlclient.exe
    <verified>  ZoneAlarm ForceField                     C:\Program 
    
    Files\CheckPoint\ZAForceField\ForceField.exe
    
    
    Browser plugins
    ---------------
    <unsigned>  FFExternalAlert.dll                      C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\FFExternalAlert.dll
    <unsigned>  Google Gears 0.5.36.0                    c:\program files\google\google 
    
    gears\internet explorer\0.5.36.0\gears.dll
    <unsigned>  npFFApi                                  C:\Program 
    
    Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
    <unsigned>  RadioWMPCore.dll                         C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\RadioWMPCore.dll
    
    <verified>  2007 Microsoft Office system             C:\Program Files\Mozilla 
    
    Firefox\plugins\NPOFF12.DLL
    <verified>  AcroIEHelperShim Library                 c:\program files\common 
    
    files\adobe\acrobat\activex\acroiehelpershim.dll
    <verified>  Adobe Acrobat                            C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\nppdf32.dll
    <verified>  Adobe Acrobat                            C:\Program Files\Mozilla 
    
    Firefox\plugins\nppdf32.dll
    <verified>  Adobe PDF Toolbar for IE                 c:\program files\common 
    
    files\adobe\acrobat\activex\acroiefavclient.dll
    <verified>  bdoscandel.exe                           C:\WINDOWS\bdoscandel.exe
    <verified>  bdscanonline                             C:\WINDOWS\Downloaded Program 
    
    Files\oscan82.ocx
    <verified>  BitDefender QuickScan                    C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{e001c731-5e37-4538
    
    -a5cb-8168736a2360}\components\qscanff.dll
    <verified>  BitDefender QuickScan                    C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{e001c731-5e37-4538
    
    -a5cb-8168736a2360}\plugins\npqscan.dll
    <verified>  Conduit Toolbar                          c:\program files\zonealarm\tbzone.dll
    <verified>  DivX Player Netscape Plugin              C:\Program Files\Mozilla 
    
    Firefox\plugins\npDivxPlayerPlugin.dll
    <verified>  FlashGot.exe                             C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\FlashGot.exe
    <verified>  Foxit Reader Plugin for Mozilla          C:\Program Files\Mozilla 
    
    Firefox\plugins\npFoxitReaderPlugin.dll
    <verified>  getPlusPlus for Adobe 16263              C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{E2883E8F-472F-4fb0
    
    -9522-AC9BF37916A7}\plugins\np_gp.dll
    <verified>  getPlusPlus for Adobe 16263              C:\Program Files\Mozilla 
    
    Firefox\plugins\np_gp.dll
    <verified>  Google Update                            C:\Program 
    
    Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
    <verified>  GrooveShellExtensions Module             c:\program files\microsoft 
    
    office\office12\grooveshellextensions.dll
    <verified>  IE Tab Plug-in                           C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{77b819fa-95ad-4f2c-
    
    ac7c-486b356188a9}\plugins\npietab.dll
    <verified>  iefdm2.dll                               c:\program files\free download 
    
    manager\iefdm2.dll
    <verified>  InstallShield Update Service             C:\WINDOWS\Downloaded Program 
    
    Files\dwusplay.dll
    <verified>  InstallShield Update Service             C:\WINDOWS\Downloaded Program 
    
    Files\dwusplay.exe
    <verified>  InstallShield Update Service             C:\WINDOWS\Downloaded Program 
    
    Files\isusweb.dll
    <verified>  ipsupd.dll                               C:\WINDOWS\Downloaded Program 
    
    Files\ipsupd.dll
    <verified>  Java Deployment Toolkit 6.0.140.8        C:\Program Files\Mozilla 
    
    Firefox\plugins\npdeploytk.dll
    <verified>  Java(TM) Platform SE 6 U14               c:\program files\java\jre6
    
    \bin\jp2ssv.dll
    <verified>  Java(TM) Platform SE 6 U14               c:\program files\java\jre6
    
    \lib\deploy\jqs\ie\jqs_plugin.dll
    <verified>  Messenger                                C:\Program 
    
    Files\Messenger\msmsgs.exe
    <verified>  Microsoft® Windows Live OneCare          C:\WINDOWS\Downloaded 
    
    Program Files\wlscBase.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\Network 
    
    Diagnostic\xpnetdiag.exe
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \mswsock.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \rsvpsp.dll
    <verified>  Microsoft® Windows® Operating System     C:\WINDOWS\system32
    
    \winrnr.dll
    <verified>  Mozilla Default Plug-in                  C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\npnul32.dll
    <verified>  Mozilla Default Plug-in                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npnul32.dll
    <verified>  nppdf32.DEU                              C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\nppdf32.DEU
    <verified>  nppdf32.DEU                              C:\Program Files\Mozilla 
    
    Firefox\plugins\nppdf32.DEU
    <verified>  nppdf32.FRA                              C:\Program Files\Mozilla Firefox 3.6 
    
    Beta 4\plugins\nppdf32.FRA
    <verified>  nppdf32.FRA                              C:\Program Files\Mozilla 
    
    Firefox\plugins\nppdf32.FRA
    <verified>  NPSWF32.dll                              C:\WINDOWS\system32
    
    \Macromed\Flash\NPSWF32.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin2.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin3.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin4.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin5.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin6.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Internet 
    
    Explorer\plugins\npqtplugin7.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin2.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin3.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin4.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin5.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin6.dll
    <verified>  QuickTime Plug-in 7.5.5                  C:\Program Files\Mozilla 
    
    Firefox\plugins\npqtplugin7.dll
    <verified>  Windows Genuine Advantage                C:\Program Files\Mozilla 
    
    Firefox\plugins\npLegitCheckPlugin.dll
    <verified>  Windows Presentation Foundation          
    
    C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation 
    
    Foundation\NPWPF.dll
    <verified>  Windows® Internet Explorer               C:\WINDOWS\system32\ieframe.dll
    <verified>  ZoneAlarm ForceField                     C:\Program 
    
    Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll
    
    
    Missing files
    -------------
    File not found: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
     referenced in: HKLM\System\ControlSet001\services\aswUpdSv\"ImagePath"
    
    File not found: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32
    
    \IDriverT.exe
     referenced in: HKLM\System\ControlSet001\services\IDriverT\"ImagePath"
    
    File not found: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
     referenced in: HLKM\Software\MozillaPlugins\@divx.com/DivX Player 
    
    Plugin,version=1.0.0\"Path"
    
    File not found: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
     referenced in: HKLM\System\ControlSet001\services\Lavasoft Ad-Aware 
    
    Service\"ImagePath"
    
    File not found: C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys
     referenced in: HKLM\System\ControlSet001\services\mferkdk\"ImagePath"
    
    File not found: C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
     referenced in: HKLM\System\ControlSet001\services\OcHealthMon\"ImagePath"
    
    File not found: C:\WINDOWS\System32\hidserv.dll
     referenced in: HKLM\System\ControlSet001
    
    \services\HidServ\Parameters\"ServiceDll"
    
    File not found: System32\Drivers\sptd.sys
     referenced in: HKLM\System\ControlSet001\services\sptd\"ImagePath"
    
    File not found: system32\DRIVERS\mcdbus.sys
     referenced in: HKLM\System\ControlSet001\services\mcdbus\"ImagePath"
    
    File not found: system32\ZoneLabs\srescan.sys
     referenced in: HKLM\System\ControlSet001\services\srescan\"ImagePath"
    
    File not found: system32\drivers\xpstqtv.sys
     referenced in: HKLM\System\ControlSet001\services\bxaqeti\"ImagePath"
    
    
    Scan
    ----
    <unsigned>  MD5: ebebdbf1df7621623bbc5af82b533542  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\FFExternalAlert.dll
    <unsigned>  MD5: 696f6787818300362f15485d654f6887  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\Mozilla\Firefox\Profiles\f6rw2ck3.default\extensions\{66f2e20d-0da8-4c11-
    
    a9c8-dd8477b88acd}\components\RadioWMPCore.dll
    <unsigned>  MD5: 031ccdff85a57172f3402cb99b3e9d46  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    <unsigned>  MD5: 2786afc6ab1f04d7600228e39df2e186  C:\Documents and 
    
    Settings\Andrew\Application 
    
    Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    <unsigned>  MD5: 17e41b51ca28d8878059492294fbb138  C:\Program Files\Alwil 
    
    Software\Avast5\defs\10071001\algo.dll
    <unsigned>  MD5: 35bc7e5f1e468eb549f5f26b43fdae11  C:\Program Files\Alwil 
    
    Software\Avast5\defs\10071002\algo.dll
    <unsigned>  MD5: e8a82ff8277e4f63644f7ee6f0eab367  C:\Program 
    
    Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
    <unsigned>  MD5: 3be2c9c74cc42793109327754c0c0d65  C:\Program 
    
    Files\foobar2000\ShellExt32.dll
    <unsigned>  MD5: 5af9bf694133d557014e1481743f3846  C:\Program 
    
    Files\Google\Google Gears\Firefox\lib\ff36\gears.dll
    <unsigned>  MD5: 432226e3e9c09a73f389a65dec49bb2f  c:\program 
    
    files\google\google gears\internet explorer\0.5.36.0\gears.dll
    <unsigned>  MD5: 3670793815240fd554cb0bd7a10176be  C:\Program Files\LG Soft 
    
    India\forteManager\bin\ContextMenu.dll
    <unsigned>  MD5: 9dcb9d9bdb7e3c0f66f86ee09a392cbb  C:\Program Files\LG Soft 
    
    India\forteManager\bin\I2CDriver.sys
    <unsigned>  MD5: 21a62a7a95b1905634e7c12e5158ec32  C:\Program Files\LG Soft 
    
    India\forteManager\bin\PII2CDriver.sys
    <unsigned>  MD5: 1445270793c8a5bc8acc1b86b6d8a32f  C:\Program Files\Mozilla 
    
    Firefox\freebl3.dll
    <unsigned>  MD5: f444dec32dcc2fde8d4e4ad8ec99f106  C:\Program Files\Mozilla 
    
    Firefox\nssdbm3.dll
    <unsigned>  MD5: 9a97f3f45019d13430657bd5dec46e97  C:\Program Files\Mozilla 
    
    Firefox\softokn3.dll
    <unsigned>  MD5: 482e8f6fd557d5a0df7363f72df145fe  C:\Program 
    
    Files\SUPERAntiSpyware\SASWINLO.DLL
    <unsigned>  MD5: f5c2ccdb273a546e9c3a15250f1d9165  C:\WINDOWS\system32
    
    \drivers\atkkbnt.sys
    <unsigned>  MD5: de6c7979dc56c8724d7d5c581adfa826  C:\WINDOWS\system32
    
    \drivers\NSYNAS32.sys
    <unsigned>  MD5: d24ea301e2b36c4e975fd216ca85d8e7  C:\WINDOWS\system32
    
    \drivers\TCPIP.sys
    <unsigned>  MD5: 35255ededd214aaa0820f10b2af0f808  C:\WINDOWS\system32
    
    \drivers\TPKD.sys
    <unsigned>  MD5: d631f9dbf8e9ccde198991b84c8106ab  K:\Program 
    
    Files\AudioTranscoder\updtr.exe
    
    
    No file uploaded.
    
    Scan finished - communication took 1 sec
    Total traffic - 0.01 MB sent, 0.13 KB recvd
    Scanned 750 files and modules - 26 seconds
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0
    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:20:36, on 10/07/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ATKKBService.exe
    K:\Program Files\AudioTranscoder\updtr.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\vsnp2std.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    K:\Program Files\Adobe\Acrobat\Acrotray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
    R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O1 - Hosts: 80.239.151.231 db1.rapidshare.com
    O1 - Hosts: 80.239.151.232 db2.rapidshare.com
    O1 - Hosts: 80.239.151.233 db3.rapidshare.com
    O1 - Hosts: 80.239.151.234 db4.rapidshare.com
    O1 - Hosts: 80.239.151.235 db5.rapidshare.com
    O1 - Hosts: 80.239.151.253 games.rapidshare.com
    O1 - Hosts: 80.239.151.251 images.rapidshare.com
    O1 - Hosts: 80.239.151.240 images2.rapidshare.com
    O1 - Hosts: 82.129.39.245 kvm1.rapidshare.com
    O1 - Hosts: 82.129.39.246 kvm2.rapidshare.com
    O1 - Hosts: 82.129.39.247 kvm3.rapidshare.com
    O1 - Hosts: 82.129.39.248 kvm4.rapidshare.com
    O1 - Hosts: 82.129.39.249 kvm5.rapidshare.com
    O1 - Hosts: 80.239.151.250 mail.rapidshare.com
    O1 - Hosts: 80.239.151.250 ns1.rapidshare.com
    O1 - Hosts: 80.239.151.234 ns2.rapidshare.com
    O1 - Hosts: 80.239.151.250 pay.rapidshare.com
    O1 - Hosts: 80.239.151.240 rem1.rapidshare.com
    O1 - Hosts: 82.129.39.2 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.3 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.4 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.5 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.6 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.7 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.8 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.9 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.10 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.11 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.12 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.13 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.14 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.39.15 rs0cg.rapidshare.com
    O1 - Hosts: 82.129.35.2 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.3 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.4 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.5 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.6 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.7 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.8 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.9 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.10 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.11 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.12 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.13 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.14 rs0cg2.rapidshare.com
    O1 - Hosts: 82.129.35.15 rs0cg2.rapidshare.com
    O1 - Hosts: 80.152.62.2 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.3 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.4 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.5 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.6 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.7 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.8 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.9 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.10 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.11 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.12 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.13 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.14 rs0dt.rapidshare.com
    O1 - Hosts: 80.152.62.15 rs0dt.rapidshare.com
    O1 - Hosts: 64.215.245.2 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.3 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.4 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.5 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.6 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.7 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.8 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.9 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.10 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.11 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.12 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.13 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.14 rs0gc.rapidshare.com
    O1 - Hosts: 64.215.245.15 rs0gc.rapidshare.com
    O1 - Hosts: 207.138.168.2 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.3 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.4 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.5 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.6 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.7 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.8 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.9 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.10 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.11 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.12 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.13 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.14 rs0gc2.rapidshare.com
    O1 - Hosts: 207.138.168.15 rs0gc2.rapidshare.com
    O1 - Hosts: 80.239.151.2 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.3 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.4 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.5 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.6 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.7 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.8 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.9 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.10 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.11 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.12 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.13 rs0l3.rapidshare.com
    O1 - Hosts: 80.239.151.14 rs0l3.rapidshare.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1FD79A59-37B1-459B-9097-09F9FAB8A523} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "K:\Program Files\Adobe\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "K:\Program Files\Adobe\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235309417661
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8E9E35A6-0704-448A-9B70-253008FCC0CD}: NameServer = 62.24.243.1 62.24.243.2
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Digital Music Software: Audio Transcoder update permissions manager. 1543. - Unknown owner - K:\Program Files\AudioTranscoder\updtr.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Windows Live OneCare Health Monitor (OcHealthMon) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe (file missing)
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    
    --
    End of file - 15800 bytes
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2010
    Location
    Michigan, United States of America
    Posts
    36
    Rep Power
    5
    Try running a Flash Memory scan in MalwareBytes. You might want to try http://www.softpedia.com/get/Tweak/System-Tweak/Advanced-WindowsCare.shtml also
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0
    Originally Posted by Axigy
    Try running a Flash Memory scan in MalwareBytes. You might want to try http://www.softpedia.com/get/Tweak/System-Tweak/Advanced-WindowsCare.shtml also
    I am not a registered MBAM user so do not have access to the flash memory scan.
    Your other suggestion was interesting, I went ahead and it has provided some nice tuning to my PC, so thanks for that. However, the original problem still exists - my PC spontaneously reboots when visiting certain sites (e.g. Hotfile, Megaupload). This is clearly malware. I would still be most grateful it if someone in-the-know could examine my Hijack This log and tell me if there is anything I need to be doing. Thanks.
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2010
    Location
    Michigan, United States of America
    Posts
    36
    Rep Power
    5
    Originally Posted by Dave543210
    I am not a registered MBAM user so do not have access to the flash memory scan.
    Your other suggestion was interesting, I went ahead and it has provided some nice tuning to my PC, so thanks for that. However, the original problem still exists - my PC spontaneously reboots when visiting certain sites (e.g. Hotfile, Megaupload). This is clearly malware. I would still be most grateful it if someone in-the-know could examine my Hijack This log and tell me if there is anything I need to be doing. Thanks.
    It could also be a hardware issue too causing overheating, I'm honestly not sure. Try running a HouseCall Scan - http://housecall.trendmicro.com/ or maybe even trial Kaspersky to see if it can find anything.
  16. #9
  17. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0
    Originally Posted by Axigy
    It could also be a hardware issue too causing overheating, I'm honestly not sure. Try running a HouseCall Scan - http://housecall.trendmicro.com/ or maybe even trial Kaspersky to see if it can find anything.
    It is not a hardware issue. It is only certain sites that cause the re-boot.

    I'm sorry to keep asking, but I took the time to produce all the above reports, and no one yet has commented on them. I know this is a volunteer service, and I really appreciate people giving up their time, but could somebody please HELP! Thanks again.
  18. #10
  19. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2009
    Location
    Sheffield, UK
    Posts
    14
    Rep Power
    0
    OK, so I guess I'm being ignored due to the sites I mentioned! So you've made up your minds that I must therefore be involved in some kind of illegal activity, eh?

    Prejudice is alive and well at this site, isn't it!
  20. #11
  21. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,453
    Rep Power
    4539
    Did you run housecall as suggested? Did it find any problems?

    Also you might want to check your windows OS error dump settings, maybe you can review the dump file after a crash and learn something about the cause.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester

IMN logo majestic logo threadwatch logo seochat tools logo