Free Malware Removal Forum

[belcant2]

Hi I have some strange thigs happening on my computer. Malwarebytes did pick up trojan BHO and deleted it but I am still having the same problems. Such as a popup sugesting I enter my adsl info and I also get "unknow software exception" when I open a a media file or even a drive. Here is my hijackthis log and uninstal list.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:33:41, on 2010-6-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\kingsoft\AQ100\kaqsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\A0380mon.exe
C:\WINDOWS\system32\DHTray.exe
C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxeserv.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Common Files\Java\Java Update\jaucheck.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [A0380mon] C:\WINDOWS\system32\A0380mon.exe
O4 - HKLM\..\Run: [DHTray] C:\WINDOWS\system32\DHTray.exe
O4 - HKLM\..\Run: [wdcertm_ccb] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?SystemRoot%\Installer\{AC76BA86-7AD7-1033-7B44-A70001000000}\SC_Reader.exe
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O15 - Trusted Zone: http://www.bankofchina.com
O15 - Trusted Zone: http://www.boc.cn
O15 - Trusted Zone: http://*.icbc.com.cn
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://site.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - https://pbank.95559.com.cn/personbank/o ... nkcomm.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kingsoft Basic Service (kaccore) - Kingsoft Corporation - C:\Program Files\Kingsoft\KAC\Service\kaccore.exe
O23 - Service: Kingsoft AQ100 Service - Kingsoft Corporation - C:\Program Files\kingsoft\AQ100\kaqsvc.exe
O23 - Service: Kingsoft Antivirus XEngine Service(Beta) (KxEServBeta) - Kingsoft Corporation - C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxeserv.exe
O23 - Service: WatchData ccb V3.2 (WDMonitorCCB) - Beijing WatchData System Co., Ltd. - C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 4959 bytes



2007 Office system 兼容包
ACDSee 5.0.1 PowerPack
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Adobe Shockwave Player 11.5
Any Video Converter 3.0.5
a-squared Anti-Dialer 3.0
a-squared Anti-Malware 4.5
AviSynth 2.5
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB915865)
InternetCalls
Java(TM) 6 Update 20
Junk Mail filter update
LanguageNow - Translit. Chinese
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CHS
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CHS
Microsoft .NET Framework 3.5 Language Pack SP1 - chs
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 语言包 - 简体中文
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2003 稿纸加载项
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.3)
MSVCRT
RealPlayer
RegCure 1.5.0.0
Segoe UI
SiteHound for FireFox 2.0.0
Skype? 4.1
Startup Optimizer 1.6
USB PC CAM-168
USB2.0 PC Camera Driver
VC80CRTRedist - 8.0.50727.4053
VeryPDF PDF2Word v3.0
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.3
Window Washer
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Mail
Windows Live Messenger
Windows Live Messenger 保护盾 2.0
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
Windows Live 登录助手
Windows Live 家庭安全设置
Windows Live 软件包
Windows Live 软件包
Windows Live 上载工具
Windows Live 照片库
Windows Media Format Runtime
Windows Media Player 10
Windows XP 安全更新 (KB961501)
Windows XP 安全更新 (KB969898)
Windows XP 安全更新 (KB970238)
Windows XP 更新 (KB961503)
Windows XP 修补程序 (KB932716-v2)
WinRAR archiver
XML Paper Specification Shared Components Language Pack 1.0
μTorrent
阿里旺旺2009 SP3 卖家版
极品五笔 2009
交行网银安全输入软件 3.0
金山软件基础服务
金山在线杀毒
腾讯QQ2009
迅雷 5.8.13.699
雅虎通
一键GHOST v2008.08.08 奥运版
中国建设银行E路护航网银安全组件安装程序 2.0
中国建设银行网银盾
中国银行网上银行安全控件 1.0400

[MWR 3 day Mod]

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.

[NonSuch]

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.