0

Hi everyone,
I've decided to post an update of my problem here since i didn't get any replies in the other forum. I had a bunch of viruses on my computer so i downloaded the AVG Free antivirus program. It was able to get rid of most of the critical infections i think but there r still quite a few problems with my computer. Sometimes when i turn on my computer, my desktop will load but will freeze after all the icons load so i have to manually restart my computer couple times until it loads properly and doesn't freeze anymore. And everytime i startup, this message appears "RUNDLL Error loading C:/WINDOWS/system32/HBKrnl.dll the specified module could not be found." My entire computer has been working really slow as well and applications will often freeze for quite a while. Also when i try to turn off my computer from the start menu the desktop freezes as well and i have to manually turn it off again. Ok last problem i promise, and sometimes my computer just randomly crashes and this blue screen appears with this msg "A problem has been detected and windows has been shut down to prevent damage to your computer....Technical information STOP: 0x0000008E (0xC0000005, 0x80566A37, 0xF8220c7C, 0x00000000) Beginning dump of physical memory."
Sorry for rambling on, but i would really appreciate it if someone could help me with this. Below i've pasted a copy of my recent HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:14:02 PM, on 5/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O1 - Hosts: 124.238.254.113 www.10280011.com
O1 - Hosts: 124.238.254.113 10280011.com
O1 - Hosts: 124.238.254.113 www.10289900.com
O1 - Hosts: 124.238.254.113 10289900.com
O1 - Hosts: 124.238.254.113 www.78877788.com
O1 - Hosts: 124.238.254.113 78877788.com
O1 - Hosts: 124.238.254.113 www.11051122.com
O1 - Hosts: 124.238.254.113 11051122.com
O1 - Hosts: 124.238.254.113 1.ehai01.com
O1 - Hosts: 124.238.254.113 da.ehai01.com
O1 - Hosts: 124.238.254.113 ehai01.com
O1 - Hosts: 124.238.254.113 2008.sekart.cn
O1 - Hosts: 124.238.254.113 www.sekart.cn
O1 - Hosts: 124.238.254.113 sekart.cn
O1 - Hosts: 124.238.254.113 www.11309988.com
O1 - Hosts: 124.238.254.113 www.12100088.com
O1 - Hosts: 124.238.254.113 www.12108899.com
O1 - Hosts: 124.238.254.113 d2.llsging.com
O1 - Hosts: 124.238.254.113 llsging.com
O1 - Hosts: 124.238.254.113 dd.749571.com
O1 - Hosts: 124.238.254.113 749571.com
O1 - Hosts: 124.238.254.113 pr.749571.com
O1 - Hosts: 124.238.254.113 txwm1204.com
O1 - Hosts: 124.238.254.113 www.txwm1204.com
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LCIDConfig] C:\WINDOWS\lcidchng.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HB Kernel] RUNDLL32.EXE C:\WINDOWS\system32\HBKrnl.dll,DllRegisterServer
O4 - HKLM\..\Run: [fiosectc] C:\WINDOWS\fiosectc.exe
O4 - HKLM\..\Run: [lmuspnch] C:\WINDOWS\msnhgcgh.exe
O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe
O4 - HKLM\..\Run: [fmsbbqi] C:\WINDOWS\fmsbbqi.exe
O4 - HKLM\..\Run: [WINSvr64] C:\WINDOWS\WINSvr64.exe
O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{442B561C-E508-4113-9677-4143076BC5D9}: NameServer = 202.137.160.45 202.137.160.46
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Remote Procedure Call System(RPCS) (HideWin) - Unknown owner - C:\WINDOWS\system32\HideWin.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Telephonyl (WindowsC) - Conexant Systems - (no file)

--
End of file - 9115 bytes


Thanks soooo much!!

2
Contributors
5
Replies
6
Views
9 Years
Discussion Span
Last Post by rpggamergirl
0

Hi,

Please run Hijackthis and put a check next to these entries, close all other windows except Hijackthis and click "Fix Checked" button.
O1 - Hosts: 124.238.254.113 www.10280011.com
O1 - Hosts: 124.238.254.113 10280011.com
O1 - Hosts: 124.238.254.113 www.10289900.com
O1 - Hosts: 124.238.254.113 10289900.com
O1 - Hosts: 124.238.254.113 www.78877788.com
O1 - Hosts: 124.238.254.113 78877788.com
O1 - Hosts: 124.238.254.113 www.11051122.com
O1 - Hosts: 124.238.254.113 11051122.com
O1 - Hosts: 124.238.254.113 1.ehai01.com
O1 - Hosts: 124.238.254.113 da.ehai01.com
O1 - Hosts: 124.238.254.113 ehai01.com
O1 - Hosts: 124.238.254.113 2008.sekart.cn
O1 - Hosts: 124.238.254.113 www.sekart.cn
O1 - Hosts: 124.238.254.113 sekart.cn
O1 - Hosts: 124.238.254.113 www.11309988.com
O1 - Hosts: 124.238.254.113 www.12100088.com
O1 - Hosts: 124.238.254.113 www.12108899.com
O1 - Hosts: 124.238.254.113 d2.llsging.com
O1 - Hosts: 124.238.254.113 llsging.com
O1 - Hosts: 124.238.254.113 dd.749571.com
O1 - Hosts: 124.238.254.113 749571.com
O1 - Hosts: 124.238.254.113 pr.749571.com
O1 - Hosts: 124.238.254.113 txwm1204.com
O1 - Hosts: 124.238.254.113 www.txwm1204.com
O4 - HKLM\..\Run: [LCIDConfig] C:\WINDOWS\lcidchng.exe
O4 - HKLM\..\Run: [HB Kernel] RUNDLL32.EXE C:\WINDOWS\system32\HBKrnl.dll,DllRegisterServer
O4 - HKLM\..\Run: [fiosectc] C:\WINDOWS\fiosectc.exe
O4 - HKLM\..\Run: [lmuspnch] C:\WINDOWS\msnhgcgh.exe
O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe
O4 - HKLM\..\Run: [fmsbbqi] C:\WINDOWS\fmsbbqi.exe
O4 - HKLM\..\Run: [WINSvr64] C:\WINDOWS\WINSvr64.exe
O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe
O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe

Download Pocket Killbox.
http://www.atribune.org/downloads/KillBox.exe
*Select the "Delete on Reboot" option.
*Select "All Files"
*Copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\lcidchng.exe
C:\WINDOWS\system32\msxeg.exe
C:\WINDOWS\fiosectc.exe
C:\WINDOWS\msnhgcgh.exe
C:\WINDOWS\dionpis.exe
C:\WINDOWS\fmsbbqi.exe
C:\WINDOWS\system32\msxeg.exe
C:\WINDOWS\WINSvr64.exe
C:\WINDOWS\ptshell.exe

*Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
*If the computer doesn't restart, just restart manually.


Also run SUPERAntispyware:
http://www.superantispyware.com/
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
Load Superantispyware and click the "check for updates" button.
Once the update is finished, close SuperAntispyware again, and boot to Safe Mode to scan your pc.


* In Safe Mode, Start Superantispyware.
Click the "scan your computer" button.
Check "Perform Complete Scan" and then next.
Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
Make sure that they all have a check next to them and press next.
Click finish and you will be taken back to the main interface.
Click "Preferences" and then click the "statistics/logs" tab. Click the dated log and press view log and a text file will appear.

Please post back a fresh hijackthis log for review.

0

Hi,

Thanks so much for getting back to me so quickly. It took me a while but I did everything you said, though when i was pasting the files from the clipboard into killbox, it left out four of them

C:/WINDOWS/system32/msxeg.exe
C:/WINDOWS/fiosectc.exe
C:/WINDOWS/diopis.exe
C:/WINDOW/system32/msxeg.exe

I tried to add them but they just wouldn't paste, so I'm not sure what that would mean. But here is the new HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:28:34 AM, on 5/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - [url]http://go.divx.com/plugin/DivXBrowserPlugin.cab[/url]
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [url]http://www.adobe.com/products/acrobat/nos/gp.cab[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{442B561C-E508-4113-9677-4143076BC5D9}: NameServer = 202.137.160.45 202.137.160.46
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Remote Procedure Call System(RPCS) (HideWin) - Unknown owner - C:\WINDOWS\system32\HideWin.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Telephonyl (WindowsC) - Conexant Systems, Inc. - (no file)

--
End of file - 7785 bytes

And i'm also gonna give you the scan log from the superantispyware scan:

SUPERAntiSpyware Scan Log
[url]http://www.superantispyware.com[/url]

Generated 05/14/2008 at 02:19 AM

Application Version : 4.0.1154

Core Rules Database Version : 3459
Trace Rules Database Version: 1450

Scan type       : Complete Scan
Total Scan Time : 00:59:31

Memory items scanned      : 178
Memory threats detected   : 0
Registry items scanned    : 5220
Registry threats detected : 3
File items scanned        : 16213
File threats detected     : 177

Adware.Tracking Cookie
    C:\Documents and Settings\Compaq\Cookies\compaq@bs.serving-sys[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@statcounter[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@LPBofA1[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ad.yieldmanager[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.gamesbannernet[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adserver.00web[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@mediablvd[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@scanner.malware-scan[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@lstat.youku[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.burstnet[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@partypoker[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@http.edge.vru4[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@partner2profit[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@media.adrevolver[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.pointroll[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@msnportalbeetoffice2007.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@doubleclick[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@eas.apm.emediate[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@clickaider[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@acvs.mediaonenetwork[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@crackle[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.mediablvd[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@divx.adbureau[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@revsci[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@overture[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@custom21cntraffic.allyes[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-groupernetworks.hitbox[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@hitbox[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@statse.webtrendslive[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@stat.dealtime[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.us.e-planning[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@mediaonenetwork[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@burstnet[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@insightexpressai[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adopt.euroclick[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@h.starware[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@cgi-bin[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@find.verycd[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@tacoda[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@sec1.liveperson[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@tribalfusion[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@work[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@questionmarket[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@specificclick[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@advertising[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adrevolver[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@wotifcom.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-youtube.hitbox[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@click.cashengines[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@atdmt[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adbrite[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@2o7[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@atwola[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-warnerbrothers.hitbox[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@server.iad.liveperson[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@wat.mediablvd[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@stats.campaignvision.com[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.warezquality[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@smartmedia.allyes[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@partygaming.122.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@clickshift[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@accounts[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@snapfish.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@cbs.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@mbf.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@viacomedycentralrl.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@anad.tacoda[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@server.koadserver[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@kooxooxianlut2c.t2click[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@incutrack.getprice.com[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.ak.facebook[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.ezytrack[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@thinkmedia[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-mtv.hitbox[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@media.the-leaky-cauldron[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.associatedcontent[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg.hitbox[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adlegend[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@optimost[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@indextools[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@kontera[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adserver[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@usenext[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adsmediaonline[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@harpo.122.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-lionsgate.hitbox[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@try.starware[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@112.2o7[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adrevolver[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@viator.122.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@m1.webstats.motigo[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@pomohocpc.t2click[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@media.mtvnservices[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@click[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.abcmedianet[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@statsserver.contensis.co[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@adopt.specificclick[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-starcomworldwide.hitbox[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@clicktorrent[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ad1.clickhype[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@teenvogue[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.addynamix[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@media.sensis.com[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@apmebf[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.windowsmedia[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@3.adbrite[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ads.mediamayhemcorp[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@bizrate.co[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@xiti[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-dig.hitbox[2].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@www.calorie-count[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@ehg-hollywood.hitbox[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@multiply.112.2o7[1].txt
    C:\Documents and Settings\Compaq\Cookies\compaq@Medias[1].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@ads.ak.facebook[1].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@newcount[2].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@click[1].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@azjmp[2].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@specificclick[2].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@atwola[1].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@socialmedia[1].txt
    C:\Documents and Settings\Compaq\Local Settings\Temp\Cookies\compaq@a.websponsors[2].txt

Adware.180solutions/ZangoSearch
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#.Owner
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#{DECEAAA2-370A-49BB-9362-68C3A58DDC62}

Trojan.Downloader-Gen/Suspicious
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\1.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\2.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\3.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\4.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\5.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\6.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\8.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\7.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\9.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\A.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\B.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\C.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\D.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\E.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMP\F.TMP
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\OLU38T2R\4[1].EXE
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\SPI3CPUV\7[1].EXE
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\U3YRYD8T\6[1].EXE
    C:\DOCUMENTS AND SETTINGS\COMPAQ\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WDUJ0LYR\5[1].EXE
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP591\SNAPSHOT\MFEX-2.DAT
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP592\SNAPSHOT\MFEX-2.DAT
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP594\SNAPSHOT\MFEX-2.DAT
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP595\SNAPSHOT\MFEX-2.DAT
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP596\SNAPSHOT\MFEX-2.DAT
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP597\SNAPSHOT\MFEX-2.DAT
    C:\WINDOWS\SYSTEM32\UGCZ6.EXE

Trojan.Unclassified/QQLogin-B
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP598\A0329988.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP598\A0329989.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330089.DLL
    C:\WINDOWS\SYSTEM32\LOFSAJBO.DLL

Trojan.Unclassified/QQLogin-A
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP598\A0329990.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330027.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330047.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330041.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330057.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330073.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330086.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330099.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330105.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330106.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330137.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330138.DLL
    C:\WINDOWS\SYSTEM32\DFHTRHY.DLL
    C:\WINDOWS\SYSTEM32\DSCEF.DLL
    C:\WINDOWS\SYSTEM32\EKTVM.DLL
    C:\WINDOWS\SYSTEM32\FXGNFX.DLL

Trojan.Downloader-Gen/MSPlay-Fake
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{68DCCD3E-2073-4915-A5DC-A445A55876AD}\RP599\A0330117.DLL
    C:\WINDOWS\SYSTEM32\SYSWDPP.DLL

Trojan.Unclassified/BinCDWsa
    C:\WINDOWS\BINCDWSA.EXE

Trojan.Downloader-Gen
    C:\WINDOWS\FONTS\358272ECB0F4CB645BC7C0AD72A04876\SYSTEM\KB930.VXD

Trojan.Dropper/Multi-Packed
    C:\WINDOWS\SYSTEM32\MMFKKLJK1071.DLL
    C:\WINDOWS\SYSTEM32\MMSADZFB1045.DLL
    C:\WINDOWS\SYSTEM32\MMWLVAHB1017.DLL

Trojan.Unclassified/PTJH
    C:\WINDOWS\SYSTEM32\PTJHCHLP.DLL

If you could have another look i would really appreciate it. Thanks again for your help!:)

Edited by mike_2000_17: Fixed formatting

0

Hi,

I didn't realize I've listed twice msxeg.exe, but that's okay it now says 'file missing'

C:/WINDOWS/fiosectc.exe
C:/WINDOWS/diopis.exe
The above 2 files might no longer be present as hijackthis 04 lines won't show if the file is present or not, but since SUPERAntispyware didn't detect them then they're probably gone.


You can just fix this one entry in the Hijackthis.
O23 - Service: IE Security Service (msyaxk) - Unknown owner - C:\WINDOWS\system32\msxeg.exe (file missing)

Did SUPERAntispyware deleted all those that it detected?

How's the pc going?

0

Hi,

Thanks so much for all your help! I fixed the item u said on the HijackThis scan, and i'm pretty sure superanitspyware deleted all the threats. There were a bunch that were in the quarantine section, but i deleted all of those as well. My pc is much better now, so far none of the previous problems have popped up and everything's running normally now. Though there is one thing i noticed, my windows automatic updates option seems to be locked and i can't turn it on. But my computer has be asking me to download the newest updates, tho whenever i click download, the window freezes for a while and then disappears to the task bar where the download progress is always 0%. And there's no response when i click the icon on the task bar either. It's not affecting anything else rite now, but there are a bunch of security updates i think would be good to download. Do you have any idea how to solve this? Thanks again for all your help!

0

We should check if there are still some nasties hiding there, as there are many nasties that hides from the hijackthis scan.
You can run one of those online virus scanners, either BitDefender, TrendMicro or ActiveScan to see if they find something.

Or try Combofix.(use at your own risk)
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Re-enable all the programs that were disabled during the running of ComboFix..


Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.