|
| ||
| Help! Viruses causing many problems on my computer! Hi everyone, I've decided to post an update of my problem here since i didn't get any replies in the other forum. I had a bunch of viruses on my computer so i downloaded the AVG Free antivirus program. It was able to get rid of most of the critical infections i think but there r still quite a few problems with my computer. Sometimes when i turn on my computer, my desktop will load but will freeze after all the icons load so i have to manually restart my computer couple times until it loads properly and doesn't freeze anymore. And everytime i startup, this message appears "RUNDLL Error loading C:/WINDOWS/system32/HBKrnl.dll the specified module could not be found." My entire computer has been working really slow as well and applications will often freeze for quite a while. Also when i try to turn off my computer from the start menu the desktop freezes as well and i have to manually turn it off again. Ok last problem i promise, and sometimes my computer just randomly crashes and this blue screen appears with this msg "A problem has been detected and windows has been shut down to prevent damage to your computer....Technical information STOP: 0x0000008E (0xC0000005, 0x80566A37, 0xF8220c7C, 0x00000000) Beginning dump of physical memory." Sorry for rambling on, but i would really appreciate it if someone could help me with this. Below i've pasted a copy of my recent HijackThis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:14:02 PM, on 5/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\HPConfig.exe C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\carpserv.exe C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O1 - Hosts: 124.238.254.113 www.10280011.com O1 - Hosts: 124.238.254.113 10280011.com O1 - Hosts: 124.238.254.113 www.10289900.com O1 - Hosts: 124.238.254.113 10289900.com O1 - Hosts: 124.238.254.113 www.78877788.com O1 - Hosts: 124.238.254.113 78877788.com O1 - Hosts: 124.238.254.113 www.11051122.com O1 - Hosts: 124.238.254.113 11051122.com O1 - Hosts: 124.238.254.113 1.ehai01.com O1 - Hosts: 124.238.254.113 da.ehai01.com O1 - Hosts: 124.238.254.113 ehai01.com O1 - Hosts: 124.238.254.113 2008.sekart.cn O1 - Hosts: 124.238.254.113 www.sekart.cn O1 - Hosts: 124.238.254.113 sekart.cn O1 - Hosts: 124.238.254.113 www.11309988.com O1 - Hosts: 124.238.254.113 www.12100088.com O1 - Hosts: 124.238.254.113 www.12108899.com O1 - Hosts: 124.238.254.113 d2.llsging.com O1 - Hosts: 124.238.254.113 llsging.com O1 - Hosts: 124.238.254.113 dd.749571.com O1 - Hosts: 124.238.254.113 749571.com O1 - Hosts: 124.238.254.113 pr.749571.com O1 - Hosts: 124.238.254.113 txwm1204.com O1 - Hosts: 124.238.254.113 www.txwm1204.com O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LCIDConfig] C:\WINDOWS\lcidchng.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HB Kernel] RUNDLL32.EXE C:\WINDOWS\system32\HBKrnl.dll,DllRegisterServer O4 - HKLM\..\Run: [fiosectc] C:\WINDOWS\fiosectc.exe O4 - HKLM\..\Run: [lmuspnch] C:\WINDOWS\msnhgcgh.exe O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe O4 - HKLM\..\Run: [fmsbbqi] C:\WINDOWS\fmsbbqi.exe O4 - HKLM\..\Run: [WINSvr64] C:\WINDOWS\WINSvr64.exe O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{442B561C-E508-4113-9677-4143076BC5D9}: NameServer = 202.137.160.45 202.137.160.46 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Remote Procedure Call System(RPCS) (HideWin) - Unknown owner - C:\WINDOWS\system32\HideWin.exe (file missing) O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Telephonyl (WindowsC) - Conexant Systems - (no file) -- End of file - 9115 bytes Thanks soooo much!! |
| ||
| Re: Help! Viruses causing many problems on my computer! Hi, Please run Hijackthis and put a check next to these entries, close all other windows except Hijackthis and click "Fix Checked" button. O1 - Hosts: 124.238.254.113 www.10280011.com O1 - Hosts: 124.238.254.113 10280011.com O1 - Hosts: 124.238.254.113 www.10289900.com O1 - Hosts: 124.238.254.113 10289900.com O1 - Hosts: 124.238.254.113 www.78877788.com O1 - Hosts: 124.238.254.113 78877788.com O1 - Hosts: 124.238.254.113 www.11051122.com O1 - Hosts: 124.238.254.113 11051122.com O1 - Hosts: 124.238.254.113 1.ehai01.com O1 - Hosts: 124.238.254.113 da.ehai01.com O1 - Hosts: 124.238.254.113 ehai01.com O1 - Hosts: 124.238.254.113 2008.sekart.cn O1 - Hosts: 124.238.254.113 www.sekart.cn O1 - Hosts: 124.238.254.113 sekart.cn O1 - Hosts: 124.238.254.113 www.11309988.com O1 - Hosts: 124.238.254.113 www.12100088.com O1 - Hosts: 124.238.254.113 www.12108899.com O1 - Hosts: 124.238.254.113 d2.llsging.com O1 - Hosts: 124.238.254.113 llsging.com O1 - Hosts: 124.238.254.113 dd.749571.com O1 - Hosts: 124.238.254.113 749571.com O1 - Hosts: 124.238.254.113 pr.749571.com O1 - Hosts: 124.238.254.113 txwm1204.com O1 - Hosts: 124.238.254.113 www.txwm1204.com O4 - HKLM\..\Run: [LCIDConfig] C:\WINDOWS\lcidchng.exe O4 - HKLM\..\Run: [HB Kernel] RUNDLL32.EXE C:\WINDOWS\system32\HBKrnl.dll,DllRegisterServer O4 - HKLM\..\Run: [fiosectc] C:\WINDOWS\fiosectc.exe O4 - HKLM\..\Run: [lmuspnch] C:\WINDOWS\msnhgcgh.exe O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe O4 - HKLM\..\Run: [fmsbbqi] C:\WINDOWS\fmsbbqi.exe O4 - HKLM\..\Run: [WINSvr64] C:\WINDOWS\WINSvr64.exe O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe Download Pocket Killbox. http://www.atribune.org/downloads/KillBox.exe *Select the "Delete on Reboot" option. *Select "All Files" *Copy the file names below to the clipboard by highlighting them and pressing Control-C: C:\WINDOWS\lcidchng.exe C:\WINDOWS\system32\msxeg.exe C:\WINDOWS\fiosectc.exe C:\WINDOWS\msnhgcgh.exe C:\WINDOWS\dionpis.exe C:\WINDOWS\fmsbbqi.exe C:\WINDOWS\system32\msxeg.exe C:\WINDOWS\WINSvr64.exe C:\WINDOWS\ptshell.exe *Return to Killbox, go to the File menu, and choose "Paste from Clipboard". *Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt. *If the computer doesn't restart, just restart manually. Also run SUPERAntispyware: http://www.superantispyware.com/ http://www.superantispyware.com/down...NTISPYWAREFREE Load Superantispyware and click the "check for updates" button. Once the update is finished, close SuperAntispyware again, and boot to Safe Mode to scan your pc. * In Safe Mode, Start Superantispyware. Click the "scan your computer" button. Check "Perform Complete Scan" and then next. Superantispyware will now scan your computer and when its finished it will list all the infections it has found. Make sure that they all have a check next to them and press next. Click finish and you will be taken back to the main interface. Click "Preferences" and then click the "statistics/logs" tab. Click the dated log and press view log and a text file will appear. Please post back a fresh hijackthis log for review. |
| ||
| Re: Help! Viruses causing many problems on my computer! Hi, Thanks so much for getting back to me so quickly. It took me a while but I did everything you said, though when i was pasting the files from the clipboard into killbox, it left out four of them C:/WINDOWS/system32/msxeg.exe C:/WINDOWS/fiosectc.exe C:/WINDOWS/diopis.exe C:/WINDOW/system32/msxeg.exe I tried to add them but they just wouldn't paste, so I'm not sure what that would mean. But here is the new HijackThis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:28:34 AM, on 5/14/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\HPConfig.exe C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\carpserv.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{442B561C-E508-4113-9677-4143076BC5D9}: NameServer = 202.137.160.45 202.137.160.46 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Remote Procedure Call System(RPCS) (HideWin) - Unknown owner - C:\WINDOWS\system32\HideWin.exe (file missing) O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Telephonyl (WindowsC) - Conexant Systems, Inc. - (no file) -- End of file - 7785 bytes And i'm also gonna give you the scan log from the superantispyware scan: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/14/2008 at 02:19 AM Application Version : 4.0.1154 Core Rules Database Version : 3459 Trace Rules Database Version: 1450 Scan type : Complete Scan Total Scan Time : 00:59:31 Memory items scanned : 178 Memory threats detected : 0 Registry items scanned : 5220 Registry threats detected : 3 File items scanned : 16213 File threats detected : 177 Adware.Tracking Cookie C:\Documents and Settings\Compaq\Cookies\compaq@bs.serving-sys[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@statcounter[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@LPBofA1[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@ad.yieldmanager[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.gamesbannernet[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@adserver.00web[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@mediablvd[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@scanner.malware-scan[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@lstat.youku[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.burstnet[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@partypoker[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@http.edge.vru4[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@partner2profit[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@media.adrevolver[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.pointroll[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@msnportalbeetoffice2007.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@doubleclick[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@eas.apm.emediate[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@clickaider[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@acvs.mediaonenetwork[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@crackle[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.mediablvd[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@divx.adbureau[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@revsci[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@overture[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@msnportal.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@custom21cntraffic.allyes[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-groupernetworks.hitbox[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@hitbox[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@statse.webtrendslive[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@stat.dealtime[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.us.e-planning[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@mediaonenetwork[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@burstnet[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@insightexpressai[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adopt.euroclick[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@h.starware[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@cgi-bin[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@find.verycd[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@tacoda[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@sec1.liveperson[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@tribalfusion[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@work[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@questionmarket[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@specificclick[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@advertising[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@adrevolver[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@wotifcom.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-youtube.hitbox[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@click.cashengines[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@atdmt[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adbrite[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@2o7[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@atwola[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-warnerbrothers.hitbox[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@server.iad.liveperson[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@wat.mediablvd[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@stats.campaignvision.com[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.warezquality[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@smartmedia.allyes[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@partygaming.122.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@clickshift[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@accounts[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@snapfish.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@cbs.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@mbf.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@viacomedycentralrl.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@anad.tacoda[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@server.koadserver[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@kooxooxianlut2c.t2click[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@incutrack.getprice.com[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.ak.facebook[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.ezytrack[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@thinkmedia[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-mtv.hitbox[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@media.the-leaky-cauldron[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.associatedcontent[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg.hitbox[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adlegend[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@optimost[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@indextools[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@kontera[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adserver[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@usenext[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adsmediaonline[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@harpo.122.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-lionsgate.hitbox[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@try.starware[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@112.2o7[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adrevolver[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@viator.122.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@m1.webstats.motigo[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@pomohocpc.t2click[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@media.mtvnservices[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@click[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.abcmedianet[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@statsserver.contensis.co[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@adopt.specificclick[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-starcomworldwide.hitbox[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@clicktorrent[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ad1.clickhype[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@teenvogue[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.addynamix[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@media.sensis.com[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@apmebf[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.windowsmedia[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@3.adbrite[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ads.mediamayhemcorp[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@bizrate.co[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@xiti[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-dig.hitbox[2].txt C:\Documents and Settings\Compaq\Cookies\compaq@www.calorie-count[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@ehg-hollywood.hitbox[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@multiply.112.2o7[1].txt C:\Documents and Settings\Compaq\Cookies\compaq@Medias[1].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@ads.ak.facebook[1].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@newcount[2].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@click[1].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@azjmp[2].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@specificclick[2].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@atwola[1].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@socialmedia[1].txt C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@a.websponsors[2].txt Adware.180solutions/ZangoSearch HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#.Owner HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#{DECEAAA2-370A-49BB-9362-68C3A58DDC62} Trojan.Downloader-Gen/Suspicious C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\1.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\2.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\3.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\4.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\5.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\6.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\8.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\7.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\9.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\A.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\B.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\C.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\D.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\E.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\F.TMP C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\OLU38T2R\4[1].EXE C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SPI3CPUV\7[1].EXE C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\U3YRYD8T\6[1].EXE C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WDUJ0LYR\5[1].EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP591\SNAPSHOT\MFEX-2.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP592\SNAPSHOT\MFEX-2.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP594\SNAPSHOT\MFEX-2.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP595\SNAPSHOT\MFEX-2.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP596\SNAPSHOT\MFEX-2.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP597\SNAPSHOT\MFEX-2.DAT C:\WINDOWS\SYSTEM32\UGCZ6.EXE Trojan.Unclassified/QQLogin-B C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP598\A0329988.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP598\A0329989.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330089.DLL C:\WINDOWS\SYSTEM32\LOFSAJBO.DLL Trojan.Unclassified/QQLogin-A C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP598\A0329990.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330027.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330047.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330041.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330057.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330073.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330086.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330099.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330105.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330106.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330137.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330138.DLL C:\WINDOWS\SYSTEM32\DFHTRHY.DLL C:\WINDOWS\SYSTEM32\DSCEF.DLL C:\WINDOWS\SYSTEM32\EKTVM.DLL C:\WINDOWS\SYSTEM32\FXGNFX.DLL Trojan.Downloader-Gen/MSPlay-Fake C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330117.DLL C:\WINDOWS\SYSTEM32\SYSWDPP.DLL Trojan.Unclassified/BinCDWsa C:\WINDOWS\BINCDWSA.EXE Trojan.Downloader-Gen C:\WINDOWS\FONTS\358272ECB0F4CB645BC7C0AD72A04876\SYSTEM\KB930.VXD Trojan.Dropper/Multi-Packed C:\WINDOWS\SYSTEM32\MMFKKLJK1071.DLL C:\WINDOWS\SYSTEM32\MMSADZFB1045.DLL C:\WINDOWS\SYSTEM32\MMWLVAHB1017.DLL Trojan.Unclassified/PTJH C:\WINDOWS\SYSTEM32\PTJHCHLP.DLL If you could have another look i would really appreciate it. Thanks again for your help!:) |
| ||
| Re: Help! Viruses causing many problems on my computer! Hi, I didn't realize I've listed twice msxeg.exe, but that's okay it now says 'file missing' C:/WINDOWS/fiosectc.exe C:/WINDOWS/diopis.exe The above 2 files might no longer be present as hijackthis 04 lines won't show if the file is present or not, but since SUPERAntispyware didn't detect them then they're probably gone. You can just fix this one entry in the Hijackthis. O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe (file missing) Did SUPERAntispyware deleted all those that it detected? How's the pc going? |
| ||
| Re: Help! Viruses causing many problems on my computer! Hi, Thanks so much for all your help! I fixed the item u said on the HijackThis scan, and i'm pretty sure superanitspyware deleted all the threats. There were a bunch that were in the quarantine section, but i deleted all of those as well. My pc is much better now, so far none of the previous problems have popped up and everything's running normally now. Though there is one thing i noticed, my windows automatic updates option seems to be locked and i can't turn it on. But my computer has be asking me to download the newest updates, tho whenever i click download, the window freezes for a while and then disappears to the task bar where the download progress is always 0%. And there's no response when i click the icon on the task bar either. It's not affecting anything else rite now, but there are a bunch of security updates i think would be good to download. Do you have any idea how to solve this? Thanks again for all your help! |
| ||
| Re: Help! Viruses causing many problems on my computer! We should check if there are still some nasties hiding there, as there are many nasties that hides from the hijackthis scan. You can run one of those online virus scanners, either BitDefender, TrendMicro or ActiveScan to see if they find something. Or try Combofix.(use at your own risk) Please download ComboFix by sUBs: http://download.bleepingcomputer.com/sUBs/ComboFix.exe You must download it to and run it from your Desktop Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix. Double click combofix.exe & follow the prompts. When finished, it will produce a log. Please save that log and attach it in your next reply. Re-enable all the programs that were disabled during the running of ComboFix.. Note: Do not mouse-click combofix's window while it is running. That may cause it to stall. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. |
| All times are GMT -4. The time now is 12:50 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC