Hello!
I have this virus and I can't do anything to get rid of, because don't let me to use Control Panel and Task manager. In Safe Mode it created an account as administrator and I can't do anithing. Now I'm running Bitdeffender online scaning.
I wold like to understad what joy can have the producer of a virus against ordinary people, like me... Enjoy, man! Sa fi blestemat!
Hello!
I have this virus and I can't do anything to get rid of, because don't let me to use Control Panel and Task manager. In Safe Mode it created an account as administrator and I can't do anithing. Now I'm running Bitdeffender online scaning.
I wold like to understad what joy can have the producer of a virus against ordinary people, like me... Enjoy, man! Sa fi blestemat!
Full Version: I Have Another Problem
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive HijackThis Logs
Hello,
* Download Trend Micro Hijack This™
Doubleclick the HJTInstall.exe to start it.
By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut.
HijackThis will open after install. Press the Scan button below.
This will start the scan and open a log.
Copy and paste the contents of the log in your next reply.
* Download Trend Micro Hijack This™
Doubleclick the HJTInstall.exe to start it.
By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut.
HijackThis will open after install. Press the Scan button below.
This will start the scan and open a log.
Copy and paste the contents of the log in your next reply.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02:14 AM, on 9/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Windows Defender\MSASCui.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\BitTorrent\bittorrent.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\laptop\Programe+softuri\totalcmd\TOTALCMD.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Lto Manager] "E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCFCATS] rundll32 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [kis] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [SpyHunter] E:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Yahoo! Search - file:///E:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///E:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///E:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///E:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1177557833906
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://msweb01.co.wake.nc.us/viewer/active...tivexviewer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: E:\WINDOWS\system32\systems.txt,E:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcf_device - - E:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - E:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - E:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
--
End of file - 11512 bytes
Scan saved at 10:02:14 AM, on 9/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Windows Defender\MSASCui.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\BitTorrent\bittorrent.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\laptop\Programe+softuri\totalcmd\TOTALCMD.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Lto Manager] "E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCFCATS] rundll32 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [kis] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [SpyHunter] E:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Yahoo! Search - file:///E:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///E:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///E:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///E:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1177557833906
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://msweb01.co.wake.nc.us/viewer/active...tivexviewer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: E:\WINDOWS\system32\systems.txt,E:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcf_device - - E:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - E:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - E:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
--
End of file - 11512 bytes
Hi,
I notice from the log that there are running more than one different Anti-Virus programs with Auto-protect enabled. Kaspersky and Avast
Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously!
The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time.
Also because more than one Antivirus and Firewall installed are not compatible with eachother, it can cause system performance problems and a serious system slowdown.
So you have to make a decision here and keep the Antivirus you prefer and uninstall the other one. In case you didn't purchase Kaspersky and you're not planning to purchase it anyway, I suggest you uninstall that one and keep Avast (since Avast is for free)
Then reboot after uninstalling.
After reboot, * Download Combofix to your desktop.
In case you already used Combofix previously, please delete the version you are having and redownload it again, because Combofix is being updated everyday.
Doubleclick combofix.exe
Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.
When finished and after reboot (in case it asks to reboot), combofix will open again to gather the necessary information for the log. This may take a bit. When done, Combofix will close and a log should open, combofix.txt.
Post the contents of this log in your next reply together with a new hijackthislog.
Do NOT post the ComboFix-quarantined-files.txt - unless I ask you to.
I notice from the log that there are running more than one different Anti-Virus programs with Auto-protect enabled. Kaspersky and Avast
Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously!
The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time.
Also because more than one Antivirus and Firewall installed are not compatible with eachother, it can cause system performance problems and a serious system slowdown.
So you have to make a decision here and keep the Antivirus you prefer and uninstall the other one. In case you didn't purchase Kaspersky and you're not planning to purchase it anyway, I suggest you uninstall that one and keep Avast (since Avast is for free)
Then reboot after uninstalling.
After reboot, * Download Combofix to your desktop.
In case you already used Combofix previously, please delete the version you are having and redownload it again, because Combofix is being updated everyday.
Doubleclick combofix.exe
Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.
When finished and after reboot (in case it asks to reboot), combofix will open again to gather the necessary information for the log. This may take a bit. When done, Combofix will close and a log should open, combofix.txt.
Post the contents of this log in your next reply together with a new hijackthislog.
Do NOT post the ComboFix-quarantined-files.txt - unless I ask you to.
Thank you for your rapid answer and help.
It's fun because I don't have a key for Kaspersky and it don't let me uninstall asking me the key!!!!!!!!!!!!!
It's fun because I don't have a key for Kaspersky and it don't let me uninstall asking me the key!!!!!!!!!!!!!
New HijackThis Logs
ComboFix 07-09-17.2 - "mihai" 2007-09-17 11:10:59.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.474 [GMT -4:00]
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\Abbr
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\ActivationCode
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\ProductCode
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007\Reinstall or Uninstall WinAntiVirus Pro 2007.lnk
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007\WinAntiVirus Pro 2007 Manual.lnk
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007\WinAntiVirus Pro 2007.lnk
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\history.db
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\Logs\wa7Support.log
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\Logs\winav.log
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\PGE.dat
E:\DOCUME~1\anca\err.log
E:\DOCUME~1\anca\ResErrors.log
E:\DOCUME~1\anca\STARTM~1\Programs\Startup\info.exe
E:\DOCUME~1\gabi\APPLIC~1\WinAntiVirus Pro 2007
E:\DOCUME~1\gabi\APPLIC~1\WinAntiVirus Pro 2007\Logs\winav.log
E:\DOCUME~1\gabi\err.log
E:\DOCUME~1\gabi\ResErrors.log
E:\DOCUME~1\gabi\STARTM~1\Programs\Startup\info.exe
E:\DOCUME~1\mihai\err.log
E:\DOCUME~1\mihai\ResErrors.log
E:\DOCUME~1\mihai\STARTM~1\Programs\WebMediaPlayer
E:\DOCUME~1\mihai\STARTM~1\Programs\WebMediaPlayer\WebMediaPlayer.lnk
E:\DOCUME~1\mihai\STARTM~1\Programs\WebMediaPlayer\Website.lnk
E:\Program Files\Common Files\companion wizard
E:\Program Files\Common Files\Companion Wizard\CompWiz.xml
E:\Program Files\Common Files\companion wizard\CompWiz.xml
E:\Program Files\Common Files\winantivirus pro 2007
E:\Program Files\Common Files\WinAntiVirus Pro 2007\err.log
E:\Program Files\Common Files\winantivirus pro 2007\err.log
E:\UGA6P
E:\WINDOWS\explore.exe
E:\WINDOWS\pack.epk
E:\WINDOWS\system32\gogpasppop.dat
E:\WINDOWS\system32\gogpasppop_nav.dat
E:\WINDOWS\system32\gogpasppop_navps.dat
E:\WINDOWS\system32\nvs2.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_FOPF
-------\LEGACY_FOPN
((((((((((((((((((((((((( Files Created from 2007-08-17 to 2007-09-17 )))))))))))))))))))))))))))))))
.
2007-09-17 11:09 51,200 --a------ E:\WINDOWS\NirCmd.exe
2007-09-17 10:22 187,184 --a------ E:\DOCUME~1\mihai\pskill.exe
2007-09-17 10:19 187,184 --a------ E:\pskill.exe
2007-09-17 10:01 <DIR> d-------- E:\Program Files\Trend Micro
2007-09-16 12:52 <DIR> d-------- E:\WINDOWS\BDOSCAN8
2007-09-16 12:35 <DIR> d-------- E:\Program Files\Enigma Software Group
2007-09-16 11:31 8,295,200 --ahs---- E:\WINDOWS\system32\drivers\fidbox.dat
2007-09-16 11:31 15,648 --ahs---- E:\WINDOWS\system32\drivers\fidbox2.dat
2007-09-16 11:31 <DIR> d-------- E:\Program Files\Kaspersky Lab
2007-09-16 11:24 <DIR> d-------- E:\Program Files\XoftSpySE
2007-09-16 06:19 <DIR> d-------- E:\Program Files\Windows Live Safety Center
2007-09-13 20:18 <DIR> d-------- E:\Program Files\Windows Defender
2007-09-12 18:29 10,872 --a------ E:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-12 18:19 <DIR> d-------- E:\DOCUME~1\mihai\APPLIC~1\AntiSpyware
2007-09-11 20:20 8,704 --a------ E:\WINDOWS\system32\SpOrder.dll
2007-09-11 15:46 <DIR> d-------- E:\DOCUME~1\NETWOR~1\APPLIC~1\Google
2007-09-11 15:21 626,688 --a------ E:\WINDOWS\system32\msvcr80.dll
2007-09-11 14:21 39,424 --a------ E:\WINDOWS\system32\vtr.dll
2007-09-04 20:40 <DIR> d-------- E:\Program Files\AdVantage
2007-08-31 16:08 <DIR> d-------- E:\WINDOWS\MACROMED
2007-08-31 16:08 <DIR> d-------- E:\WINDOWS\A3W_DATA
2007-08-25 10:16 <DIR> d-------- E:\WINDOWS\MaxTV
2007-08-25 10:16 <DIR> d-------- E:\Program Files\DMV
2007-08-25 09:10 <DIR> d-------- E:\DOCUME~1\mihai\APPLIC~1\Unreal Streaming
2007-08-23 15:47 <DIR> d-------- E:\Program Files\iTunes
2007-08-23 15:47 <DIR> d-------- E:\Program Files\iPod
2007-08-18 10:31 <DIR> d-------- E:\Program Files\Get-Torrent
2007-08-18 10:31 <DIR> d-------- E:\DOCUME~1\mihai\APPLIC~1\Get-Torrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-17 11:17 3056 --ahs---- E:\WINDOWS\system32\drivers\fidbox2.idx
2007-09-17 11:17 14768 --ahs---- E:\WINDOWS\system32\drivers\fidbox.idx
2007-09-16 12:15 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\BitTorrent
2007-09-13 06:51 --------- d-------- E:\Program Files\Lx_cats
2007-09-06 06:09 801144 --a------ E:\WINDOWS\system32\aswBoot.exe
2007-09-06 06:03 23152 --a------ E:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-05 18:55 --------- d-------- E:\Program Files\BitTorrent
2007-09-04 20:46 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\BSplayer
2007-08-15 09:27 --------- d-------- E:\Program Files\MSXML 4.0
2007-08-03 21:10 --------- dr-h----- E:\DOCUME~1\mihai\APPLIC~1\yahoo!
2007-08-01 11:08 --------- d-------- E:\Program Files\TVUPlayer
2007-08-01 11:08 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\TVU Networks
2007-07-30 19:19 92504 --a------ E:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ E:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ E:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ E:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ E:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 271224 --a------ E:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ E:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ E:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ E:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ E:\WINDOWS\system32\wups.dll
2007-07-22 08:18 --------- d-------- E:\Program Files\DivX
2007-07-22 08:18 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\Talkback
2007-07-21 09:25 --------- d-------- E:\Program Files\Yahoo!
2007-07-19 16:05 --------- d-------- E:\DOCUME~1\gabi\APPLIC~1\CyberLink
2007-07-09 15:07 524288 --a------ E:\WINDOWS\system32\DivXsm.exe
2007-07-09 15:07 3596288 --a------ E:\WINDOWS\system32\qt-dx331.dll
2007-07-09 15:07 200704 --a------ E:\WINDOWS\system32\ssldivx.dll
2007-07-09 15:07 1044480 --a------ E:\WINDOWS\system32\libdivx.dll
2007-07-09 15:05 823296 --a------ E:\WINDOWS\system32\divx_xx0c.dll
2007-07-09 15:05 823296 --a------ E:\WINDOWS\system32\divx_xx07.dll
2007-07-09 15:05 802816 --a------ E:\WINDOWS\system32\divx_xx11.dll
2007-07-09 15:05 740442 --a------ E:\WINDOWS\system32\DivX.dll
2007-07-09 15:05 73728 --a------ E:\WINDOWS\system32\dpl100.dll
2007-07-09 15:05 593920 --a------ E:\WINDOWS\system32\dpuGUI11.dll
2007-07-09 15:05 57344 --a------ E:\WINDOWS\system32\dpv11.dll
2007-07-09 15:05 53248 --a------ E:\WINDOWS\system32\dpuGUI10.dll
2007-07-09 15:05 344064 --a------ E:\WINDOWS\system32\dpus11.dll
2007-07-09 15:05 294912 --a------ E:\WINDOWS\system32\dpu11.dll
2007-07-09 15:05 294912 --a------ E:\WINDOWS\system32\dpu10.dll
2007-07-09 15:05 196608 --a------ E:\WINDOWS\system32\dtu100.dll
2007-07-09 15:05 124472 --a------ E:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-07-09 15:05 12288 --a------ E:\WINDOWS\system32\DivXWMPExtType.dll
2007-06-26 02:08 1104896 --a------ E:\WINDOWS\system32\msxml3.dll
2007-06-19 09:31 282112 --a------ E:\WINDOWS\system32\gdi32.dll
2005-09-23 18:49 12288 --a------ E:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 08:43]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 03:00 E:\WINDOWS\SOUNDMAN.EXE]
"SynTPEnh"="E:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-18 22:07]
"Wireless Console 2"="E:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-12 08:07]
"TkBellExe"="E:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-19 11:38]
"RemoteControl"="E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-11 21:01]
"NeroFilterCheck"="E:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 10:40]
"HControl"="E:\WINDOWS\ATK0100\HControl.exe" [2006-01-05 07:56]
"SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"Lto Manager"="E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe" [2006-04-13 10:59]
"Adobe Reader Speed Launcher"="E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"LXCFCATS"="E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [2005-07-20 13:47]
"QuickTime Task"="E:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 20:15]
"!AVG Anti-Spyware"="E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]
"Windows Defender"="E:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"kis"="E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe" [2006-02-28 08:00]
"Yahoo! Pager"="E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-07-16 15:17]
"H/PC Connection Agent"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 19:44]
"BitTorrent"="E:\Program Files\BitTorrent\bittorrent.exe" [2007-03-01 19:11]
"swg"="E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-30 10:04]
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
HP Photosmart Premier Fast Start.lnk - E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-23 19:39:30]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
R2 sbbotdi;sbbotdi;\??\E:\PROGRA~1\SPEEDB~1\sbbotdi.sys
R2 ugiipqd;Unigraphics Plot Server (ugiipqd);E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\E:\WINDOWS\system32\ASNDIS5.SYS
R3 HSFHWSIS;HSFHWSIS;E:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys
S2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);"E:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe"
S3 FXDRV;FXDRV;\??\D:\Fxdrv.sys
S3 MSIRCOMM;Microsoft IR Communications Driver;E:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
.
Contents of the 'Scheduled Tasks' folder
"2007-09-17 07:00:00 E:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job"
- E:\Program Files\AntiSpywareApp\AntiSpyware.exe
"2007-09-13 18:44:02 E:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- E:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-17 15:22:06 E:\WINDOWS\Tasks\MP Scheduled Scan.job"
- E:\Program Files\Windows Defender\MpCmdRun.exe
"2007-09-06 07:00:00 E:\WINDOWS\Tasks\RegCure.job"
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-17 11:21:24
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-17 11:26:50 - machine was rebooted
E:\ComboFix-quarantined-files.txt ... 2007-09-17 11:26
.
--- E O F ---
Thank You!
ComboFix 07-09-17.2 - "mihai" 2007-09-17 11:10:59.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.474 [GMT -4:00]
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\Abbr
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\ActivationCode
E:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\ProductCode
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007\Reinstall or Uninstall WinAntiVirus Pro 2007.lnk
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007\WinAntiVirus Pro 2007 Manual.lnk
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WinAntiVirus Pro 2007\WinAntiVirus Pro 2007.lnk
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\history.db
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\Logs\wa7Support.log
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\Logs\winav.log
E:\DOCUME~1\anca\APPLIC~1\WinAntiVirus Pro 2007\PGE.dat
E:\DOCUME~1\anca\err.log
E:\DOCUME~1\anca\ResErrors.log
E:\DOCUME~1\anca\STARTM~1\Programs\Startup\info.exe
E:\DOCUME~1\gabi\APPLIC~1\WinAntiVirus Pro 2007
E:\DOCUME~1\gabi\APPLIC~1\WinAntiVirus Pro 2007\Logs\winav.log
E:\DOCUME~1\gabi\err.log
E:\DOCUME~1\gabi\ResErrors.log
E:\DOCUME~1\gabi\STARTM~1\Programs\Startup\info.exe
E:\DOCUME~1\mihai\err.log
E:\DOCUME~1\mihai\ResErrors.log
E:\DOCUME~1\mihai\STARTM~1\Programs\WebMediaPlayer
E:\DOCUME~1\mihai\STARTM~1\Programs\WebMediaPlayer\WebMediaPlayer.lnk
E:\DOCUME~1\mihai\STARTM~1\Programs\WebMediaPlayer\Website.lnk
E:\Program Files\Common Files\companion wizard
E:\Program Files\Common Files\Companion Wizard\CompWiz.xml
E:\Program Files\Common Files\companion wizard\CompWiz.xml
E:\Program Files\Common Files\winantivirus pro 2007
E:\Program Files\Common Files\WinAntiVirus Pro 2007\err.log
E:\Program Files\Common Files\winantivirus pro 2007\err.log
E:\UGA6P
E:\WINDOWS\explore.exe
E:\WINDOWS\pack.epk
E:\WINDOWS\system32\gogpasppop.dat
E:\WINDOWS\system32\gogpasppop_nav.dat
E:\WINDOWS\system32\gogpasppop_navps.dat
E:\WINDOWS\system32\nvs2.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_FOPF
-------\LEGACY_FOPN
((((((((((((((((((((((((( Files Created from 2007-08-17 to 2007-09-17 )))))))))))))))))))))))))))))))
.
2007-09-17 11:09 51,200 --a------ E:\WINDOWS\NirCmd.exe
2007-09-17 10:22 187,184 --a------ E:\DOCUME~1\mihai\pskill.exe
2007-09-17 10:19 187,184 --a------ E:\pskill.exe
2007-09-17 10:01 <DIR> d-------- E:\Program Files\Trend Micro
2007-09-16 12:52 <DIR> d-------- E:\WINDOWS\BDOSCAN8
2007-09-16 12:35 <DIR> d-------- E:\Program Files\Enigma Software Group
2007-09-16 11:31 8,295,200 --ahs---- E:\WINDOWS\system32\drivers\fidbox.dat
2007-09-16 11:31 15,648 --ahs---- E:\WINDOWS\system32\drivers\fidbox2.dat
2007-09-16 11:31 <DIR> d-------- E:\Program Files\Kaspersky Lab
2007-09-16 11:24 <DIR> d-------- E:\Program Files\XoftSpySE
2007-09-16 06:19 <DIR> d-------- E:\Program Files\Windows Live Safety Center
2007-09-13 20:18 <DIR> d-------- E:\Program Files\Windows Defender
2007-09-12 18:29 10,872 --a------ E:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-12 18:19 <DIR> d-------- E:\DOCUME~1\mihai\APPLIC~1\AntiSpyware
2007-09-11 20:20 8,704 --a------ E:\WINDOWS\system32\SpOrder.dll
2007-09-11 15:46 <DIR> d-------- E:\DOCUME~1\NETWOR~1\APPLIC~1\Google
2007-09-11 15:21 626,688 --a------ E:\WINDOWS\system32\msvcr80.dll
2007-09-11 14:21 39,424 --a------ E:\WINDOWS\system32\vtr.dll
2007-09-04 20:40 <DIR> d-------- E:\Program Files\AdVantage
2007-08-31 16:08 <DIR> d-------- E:\WINDOWS\MACROMED
2007-08-31 16:08 <DIR> d-------- E:\WINDOWS\A3W_DATA
2007-08-25 10:16 <DIR> d-------- E:\WINDOWS\MaxTV
2007-08-25 10:16 <DIR> d-------- E:\Program Files\DMV
2007-08-25 09:10 <DIR> d-------- E:\DOCUME~1\mihai\APPLIC~1\Unreal Streaming
2007-08-23 15:47 <DIR> d-------- E:\Program Files\iTunes
2007-08-23 15:47 <DIR> d-------- E:\Program Files\iPod
2007-08-18 10:31 <DIR> d-------- E:\Program Files\Get-Torrent
2007-08-18 10:31 <DIR> d-------- E:\DOCUME~1\mihai\APPLIC~1\Get-Torrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-17 11:17 3056 --ahs---- E:\WINDOWS\system32\drivers\fidbox2.idx
2007-09-17 11:17 14768 --ahs---- E:\WINDOWS\system32\drivers\fidbox.idx
2007-09-16 12:15 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\BitTorrent
2007-09-13 06:51 --------- d-------- E:\Program Files\Lx_cats
2007-09-06 06:09 801144 --a------ E:\WINDOWS\system32\aswBoot.exe
2007-09-06 06:03 23152 --a------ E:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-05 18:55 --------- d-------- E:\Program Files\BitTorrent
2007-09-04 20:46 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\BSplayer
2007-08-15 09:27 --------- d-------- E:\Program Files\MSXML 4.0
2007-08-03 21:10 --------- dr-h----- E:\DOCUME~1\mihai\APPLIC~1\yahoo!
2007-08-01 11:08 --------- d-------- E:\Program Files\TVUPlayer
2007-08-01 11:08 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\TVU Networks
2007-07-30 19:19 92504 --a------ E:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ E:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ E:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ E:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ E:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 271224 --a------ E:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ E:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ E:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ E:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ E:\WINDOWS\system32\wups.dll
2007-07-22 08:18 --------- d-------- E:\Program Files\DivX
2007-07-22 08:18 --------- d-------- E:\DOCUME~1\mihai\APPLIC~1\Talkback
2007-07-21 09:25 --------- d-------- E:\Program Files\Yahoo!
2007-07-19 16:05 --------- d-------- E:\DOCUME~1\gabi\APPLIC~1\CyberLink
2007-07-09 15:07 524288 --a------ E:\WINDOWS\system32\DivXsm.exe
2007-07-09 15:07 3596288 --a------ E:\WINDOWS\system32\qt-dx331.dll
2007-07-09 15:07 200704 --a------ E:\WINDOWS\system32\ssldivx.dll
2007-07-09 15:07 1044480 --a------ E:\WINDOWS\system32\libdivx.dll
2007-07-09 15:05 823296 --a------ E:\WINDOWS\system32\divx_xx0c.dll
2007-07-09 15:05 823296 --a------ E:\WINDOWS\system32\divx_xx07.dll
2007-07-09 15:05 802816 --a------ E:\WINDOWS\system32\divx_xx11.dll
2007-07-09 15:05 740442 --a------ E:\WINDOWS\system32\DivX.dll
2007-07-09 15:05 73728 --a------ E:\WINDOWS\system32\dpl100.dll
2007-07-09 15:05 593920 --a------ E:\WINDOWS\system32\dpuGUI11.dll
2007-07-09 15:05 57344 --a------ E:\WINDOWS\system32\dpv11.dll
2007-07-09 15:05 53248 --a------ E:\WINDOWS\system32\dpuGUI10.dll
2007-07-09 15:05 344064 --a------ E:\WINDOWS\system32\dpus11.dll
2007-07-09 15:05 294912 --a------ E:\WINDOWS\system32\dpu11.dll
2007-07-09 15:05 294912 --a------ E:\WINDOWS\system32\dpu10.dll
2007-07-09 15:05 196608 --a------ E:\WINDOWS\system32\dtu100.dll
2007-07-09 15:05 124472 --a------ E:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-07-09 15:05 12288 --a------ E:\WINDOWS\system32\DivXWMPExtType.dll
2007-06-26 02:08 1104896 --a------ E:\WINDOWS\system32\msxml3.dll
2007-06-19 09:31 282112 --a------ E:\WINDOWS\system32\gdi32.dll
2005-09-23 18:49 12288 --a------ E:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 08:43]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 03:00 E:\WINDOWS\SOUNDMAN.EXE]
"SynTPEnh"="E:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-18 22:07]
"Wireless Console 2"="E:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-12 08:07]
"TkBellExe"="E:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-19 11:38]
"RemoteControl"="E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-11 21:01]
"NeroFilterCheck"="E:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 10:40]
"HControl"="E:\WINDOWS\ATK0100\HControl.exe" [2006-01-05 07:56]
"SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"Lto Manager"="E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe" [2006-04-13 10:59]
"Adobe Reader Speed Launcher"="E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"LXCFCATS"="E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [2005-07-20 13:47]
"QuickTime Task"="E:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 20:15]
"!AVG Anti-Spyware"="E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]
"Windows Defender"="E:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"kis"="E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe" [2006-02-28 08:00]
"Yahoo! Pager"="E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-07-16 15:17]
"H/PC Connection Agent"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 19:44]
"BitTorrent"="E:\Program Files\BitTorrent\bittorrent.exe" [2007-03-01 19:11]
"swg"="E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-30 10:04]
E:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
HP Photosmart Premier Fast Start.lnk - E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-23 19:39:30]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
R2 sbbotdi;sbbotdi;\??\E:\PROGRA~1\SPEEDB~1\sbbotdi.sys
R2 ugiipqd;Unigraphics Plot Server (ugiipqd);E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\E:\WINDOWS\system32\ASNDIS5.SYS
R3 HSFHWSIS;HSFHWSIS;E:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys
S2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);"E:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe"
S3 FXDRV;FXDRV;\??\D:\Fxdrv.sys
S3 MSIRCOMM;Microsoft IR Communications Driver;E:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
.
Contents of the 'Scheduled Tasks' folder
"2007-09-17 07:00:00 E:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job"
- E:\Program Files\AntiSpywareApp\AntiSpyware.exe
"2007-09-13 18:44:02 E:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- E:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-17 15:22:06 E:\WINDOWS\Tasks\MP Scheduled Scan.job"
- E:\Program Files\Windows Defender\MpCmdRun.exe
"2007-09-06 07:00:00 E:\WINDOWS\Tasks\RegCure.job"
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-17 11:21:24
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-17 11:26:50 - machine was rebooted
E:\ComboFix-quarantined-files.txt ... 2007-09-17 11:26
.
--- E O F ---
Thank You!
Hi,
Anyway, let's deal with the rest now..
Go to software > add/remove programs and uninstall AntiSpyware
Reboot afterwards.
After reboot, Navigate to and delete next folders and files if still present:
Files:
E:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job
E:\WINDOWS\system32\vtr.dll
Folders:
E:\Program Files\AntiSpywareApp
E:\DOCUMENTS AND SETTINGS\mihai\APPLICATION DATA\AntiSpyware
E:\Qoobox
Post a new HijackThislog in your next reply.
QUOTE
It's fun because I don't have a key for Kaspersky and it don't let me uninstall asking me the key!!!!!!!!!!!!!
Is it a trial you installed? Or a hacked/cracked version? Anyway, if you want to uninstall it - I suggest you contact Kaspersky support for this... or post in their forums hereAnyway, let's deal with the rest now..
Go to software > add/remove programs and uninstall AntiSpyware
Reboot afterwards.
After reboot, Navigate to and delete next folders and files if still present:
Files:
E:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job
E:\WINDOWS\system32\vtr.dll
Folders:
E:\Program Files\AntiSpywareApp
E:\DOCUMENTS AND SETTINGS\mihai\APPLICATION DATA\AntiSpyware
E:\Qoobox
Post a new HijackThislog in your next reply.
New Hijackthis Logs
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:10, on 2007-09-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
E:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Windows Defender\MSASCui.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\BitTorrent\bittorrent.exe
E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\PROGRA~1\SPEEDB~1\VideoAccelerator.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://simionfamily.wetpaint.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Lto Manager] "E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCFCATS] rundll32 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [kis] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///E:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///E:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///E:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///E:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1177557833906
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://msweb01.co.wake.nc.us/viewer/active...tivexviewer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcf_device - - E:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - E:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - E:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
--
End of file - 10242 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:10, on 2007-09-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
E:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Windows Defender\MSASCui.exe
E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\BitTorrent\bittorrent.exe
E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\PROGRA~1\SPEEDB~1\VideoAccelerator.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://simionfamily.wetpaint.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Lto Manager] "E:\Program Files\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCFCATS] rundll32 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [kis] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///E:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///E:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///E:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///E:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1177557833906
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://msweb01.co.wake.nc.us/viewer/active...tivexviewer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcf_device - - E:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - E:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - E:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - E:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
--
End of file - 10242 bytes
Hi,
This looks Ok again.. although I recommend you to check and fix next entry in HijackThis since it's not a good idea to let p2p programs startup with Windows:
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
Let me know in your next reply how things are now.
This looks Ok again.. although I recommend you to check and fix next entry in HijackThis since it's not a good idea to let p2p programs startup with Windows:
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
Let me know in your next reply how things are now.
QUOTE(miekiemoes @ Sep 17 2007, 08:38 PM) 
Hi,
This looks Ok again.. although I recommend you to check and fix next entry in HijackThis since it's not a good idea to let p2p programs startup with Windows:
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
Let me know in your next reply how things are now.
This looks Ok again.. although I recommend you to check and fix next entry in HijackThis since it's not a good idea to let p2p programs startup with Windows:
O4 - HKCU\..\Run: [BitTorrent] "E:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
Let me know in your next reply how things are now.
YOUR HELP WAS ABSOLUTLY GREAT!
THANK YOU!
Glad I could help. 
Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Happy Surfing again!
Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Happy Surfing again!
Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.