Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijack Log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Hijack Log

Unread postby chardma3 » October 18th, 2010, 8:55 am

Hi,
Just wondering if you could help me with a few issues.
Upon reboot an ArcSoft Daemon error message comes up. What is this and can I get rid of it?
Also Divx is always coming up with an error message- maybe it wants to update and can't.
Lastly,every now and then I get a blue screen and upon reboot a microsoft help page tells me that i may need to update my video card drivers which seems fairly straightforward.
Is there any other superfluous stuff that i can get rid of? For example programs that i have since uninstalled but still seem to be showing up in the log? Or things in the systray that need not be running in the background?
Any help would be great.
Thanks
__________________ _ _

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:24:44 PM, on 18/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\BisonCam\BisonHK.exe
C:\WINDOWS\BisonCam\DeLay.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Emotum\Mobile Broadband\Mobile.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\BitTorrent\bittorrent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.softpedia.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tyda.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Softpedia
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dictionary.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BisonHK] C:\WINDOWS\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [DeLay] C:\WINDOWS\BisonCam\DeLay.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Emotum Mobile Broadband] C:\Program Files\Emotum\Mobile Broadband\Mobile.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Seagate Product Registration.lnk = C:\Documents and Settings\Valued Customer\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} (PrinterHelpEtcActiveX Control) - http://www.samsungdp.com/printerhelp/Ac ... rinter.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4912804885
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553552100} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C370E04-4AFF-460E-BE19-F95B14F528A9}: NameServer = 195.54.122.211 195.54.122.221
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Media Jukebox 14 Service - J. River, Inc. - C:\Program Files\J River\Media Jukebox 14\JRService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 14616 bytes
___________________ _ _

Uninstall List
ABBYY FineReader 6.0 Sprint
Acrobat.com
Acrobat.com
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Color Video Profiles CS CS4
Adobe Contribute CS4
Adobe Creative Suite 4 Master Collection
Adobe Creative Suite 4 Master Collection
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Analyzed
Apple Software Update
ASIO4ALL
ASIOWmpPlg
Ask Toolbar
BisonCam
BitTorrent
BurnInTest v5.3 Pro
Celtx (2.7)
Connect
Coupon Printer for Windows
Deckadance
Digidesign Audio Drivers 7.1
DirectVobSub (remove only)
DivX Content Uploader
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
ffdshow [rev 1723] [2007-12-24]
FL Studio 9
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP Update
IL Download Manager
InterLok Driver Kit
Java(TM) 6 Update 21
Junk Mail filter update
kuler
Magic ISO Maker v5.5 (build 0281)
Media Jukebox 14
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Motorola SM56 Data Fax Modem
MP3 Converter Simple
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
neroxml
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia Software Updater
Novation Bass-Station VSTi v1.10
NVIDIA Drivers
NVIDIA PhysX
OGA Notifier 2.0.0048.0
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
PoiZone
Realtek High Definition Audio Driver
REALTEK RTL8187B Wireless LAN Driver
Rob Papen Albino 3
Sawer
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB982132)
Segoe UI
Sentinel Protection Installer 7.2.2
Sentinel Virtual Dongle v1.01
Sibelius Scorch (ActiveX Only)
Spybot - Search & Destroy
Suite Shared Configuration CS4
Synaptics Pointing Device Driver
System Requirements Lab
Telenor Stay Connected
Toxic Biohazard
TVersity Codec Pack 1.2
TVersity Media Server 1.0.0.8 RC5
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2410711)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2345886)
VC80CRTRedist - 8.0.50727.4053
VCRedistSetup
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Mobile® Device Handbook
Windows XP Service Pack 3
WinFast Codec-TS SDK
WinFast De-interlace SDK
WinFast Multimedia Driver Installation
WinFast PVR2
WinFast TT-SB SDK
WinRAR archiver
Xilisoft DVD to DivX Converter
Xilisoft MPEG to DVD Converter
chardma3
Active Member
 
Posts: 2
Joined: October 18th, 2010, 8:05 am
Advertisement
Register to Remove

Re: Hijack Log

Unread postby askey127 » October 20th, 2010, 7:06 pm

Hi chardma3,
Quite a bit to do here, but you can handle it. Just one step at a time.
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs
It is posted here: http://malwareremoval.com/forum/viewtopic.php?p=491394#p491394
As a condition of receiving our help, I have included the P2P program Bittorrent in the removal instructions below, so we are not wasting our time.
If you have used this, you can be fairly confident this is a principal reason your computer is infected

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze, Shareaza, Bitlord.
Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Some of the recent infections can turn your machine into a doorstop.
-----------------------------------------------------------
Remove Registry items with HighjackThis. Start HijackThis. (Right-click and "Run as administrator" in Vista/Win7)
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Dictionary.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :
Ask Toolbar
BitTorrent
Coupon Printer for Windows
Spybot - Search & Destroy

Take extra care in answering questions posed by any Uninstaller.

If the Spybot Uninstaller asks whether you want to remove all files and settings, answer YES. If it reports that it cannot remove all files, that's OK.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine Again
---------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a couple minutes or less, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Save the Installer to your desktop.
-----------------------------------------------
Run, Update, Scan with Antivir
Double Click the Avira Antivir Installer on your desktop, Install the program, Have it update itself, and run a full scan.
Have it fix anything it finds.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.

So we are looking for the contents of the log CKFiles.txt and the log from Antivir.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Hijack Log

Unread postby chardma3 » October 21st, 2010, 8:18 pm

Here is the avira log.
I wish to use the dictionary toolbar. Is it ok to reinstall it?
Thanks


Avira AntiVir Personal
Report file date: Thursday, 21 October 2010 23:12

Scanning for 2959698 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : CLAIRE

Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 1/04/2010 11:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 1/04/2010 11:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 7/03/2010 17:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 08:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 18:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 16:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 15:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 5/03/2010 10:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 21:04:43
VBASE006.VDF : 7.10.7.218 2294784 Bytes 2/06/2010 21:05:11
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 21:06:10
VBASE008.VDF : 7.10.11.133 3454464 Bytes 13/09/2010 21:06:49
VBASE009.VDF : 7.10.11.134 2048 Bytes 13/09/2010 21:06:49
VBASE010.VDF : 7.10.11.135 2048 Bytes 13/09/2010 21:06:49
VBASE011.VDF : 7.10.11.136 2048 Bytes 13/09/2010 21:06:50
VBASE012.VDF : 7.10.11.137 2048 Bytes 13/09/2010 21:06:50
VBASE013.VDF : 7.10.11.165 172032 Bytes 15/09/2010 21:06:53
VBASE014.VDF : 7.10.11.202 144384 Bytes 18/09/2010 21:06:54
VBASE015.VDF : 7.10.11.231 129024 Bytes 21/09/2010 21:06:56
VBASE016.VDF : 7.10.12.4 126464 Bytes 23/09/2010 21:06:58
VBASE017.VDF : 7.10.12.38 146944 Bytes 27/09/2010 21:07:00
VBASE018.VDF : 7.10.12.64 133120 Bytes 29/09/2010 21:07:01
VBASE019.VDF : 7.10.12.99 134144 Bytes 1/10/2010 21:07:03
VBASE020.VDF : 7.10.12.122 131584 Bytes 5/10/2010 21:07:05
VBASE021.VDF : 7.10.12.148 119296 Bytes 7/10/2010 21:07:07
VBASE022.VDF : 7.10.12.175 142848 Bytes 11/10/2010 21:07:09
VBASE023.VDF : 7.10.12.198 131584 Bytes 13/10/2010 21:07:15
VBASE024.VDF : 7.10.12.216 133120 Bytes 14/10/2010 21:07:18
VBASE025.VDF : 7.10.12.238 137728 Bytes 18/10/2010 21:07:19
VBASE026.VDF : 7.10.12.254 129536 Bytes 20/10/2010 21:07:21
VBASE027.VDF : 7.10.12.255 2048 Bytes 20/10/2010 21:07:21
VBASE028.VDF : 7.10.13.0 2048 Bytes 20/10/2010 21:07:22
VBASE029.VDF : 7.10.13.1 2048 Bytes 20/10/2010 21:07:22
VBASE030.VDF : 7.10.13.2 2048 Bytes 20/10/2010 21:07:22
VBASE031.VDF : 7.10.13.15 99840 Bytes 21/10/2010 21:07:24
Engineversion : 8.2.4.84
AEVDF.DLL : 8.1.2.1 106868 Bytes 21/10/2010 21:08:21
AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 21/10/2010 21:08:21
AESCN.DLL : 8.1.6.1 127347 Bytes 21/10/2010 21:08:15
AESBX.DLL : 8.1.3.1 254324 Bytes 21/10/2010 21:08:23
AERDL.DLL : 8.1.9.2 635252 Bytes 21/10/2010 21:08:14
AEPACK.DLL : 8.2.3.11 471416 Bytes 21/10/2010 21:08:09
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 21/10/2010 21:07:57
AEHEUR.DLL : 8.1.2.36 2974072 Bytes 21/10/2010 21:07:56
AEHELP.DLL : 8.1.14.0 246134 Bytes 21/10/2010 21:07:38
AEGEN.DLL : 8.1.3.23 401779 Bytes 21/10/2010 21:07:36
AEEMU.DLL : 8.1.2.0 393588 Bytes 21/10/2010 21:07:34
AECORE.DLL : 8.1.17.0 196982 Bytes 21/10/2010 21:07:32
AEBB.DLL : 8.1.1.0 53618 Bytes 21/10/2010 21:07:30
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 11:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 11:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 15:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 1/04/2010 11:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 1/04/2010 11:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 1/04/2010 11:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 08:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 11:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 14:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 13:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 9/04/2010 13:14:29

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Thursday, 21 October 2010 23:12

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version\version
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version\version
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'iexplore.exe' - '121' Module(s) have been scanned
Scan process 'iexplore.exe' - '115' Module(s) have been scanned
Scan process 'OfficeLiveSignIn.exe' - '30' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '108' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '61' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '70' Module(s) have been scanned
Scan process 'avcenter.exe' - '81' Module(s) have been scanned
Scan process 'FNPLicensingService.exe' - '15' Module(s) have been scanned
Scan process 'Acrobat.exe' - '97' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'sched.exe' - '53' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '56' Module(s) have been scanned
Scan process 'DivXUpdate.exe' - '58' Module(s) have been scanned
Scan process 'SCServer.exe' - '43' Module(s) have been scanned
Scan process 'iexplore.exe' - '138' Module(s) have been scanned
Scan process 'iexplore.exe' - '86' Module(s) have been scanned
Scan process 'wlcomm.exe' - '73' Module(s) have been scanned
Scan process 'rapimgr.exe' - '50' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '31' Module(s) have been scanned
Scan process 'Mobile.exe' - '83' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '138' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'wcescomm.exe' - '51' Module(s) have been scanned
Scan process 'WFWIZ.exe' - '51' Module(s) have been scanned
Scan process 'jusched.exe' - '21' Module(s) have been scanned
Scan process 'HPWuSchd2.exe' - '26' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '41' Module(s) have been scanned
Scan process 'NokiaMServer.exe' - '36' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '49' Module(s) have been scanned
Scan process 'rundll32.exe' - '38' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '34' Module(s) have been scanned
Scan process 'DeLay.exe' - '6' Module(s) have been scanned
Scan process 'BisonHK.exe' - '45' Module(s) have been scanned
Scan process 'rundll32.exe' - '39' Module(s) have been scanned
Scan process 'DTVSchdl.exe' - '26' Module(s) have been scanned
Scan process 'SynTPStart.exe' - '37' Module(s) have been scanned
Scan process 'wscntfy.exe' - '26' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'Explorer.EXE' - '172' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'SeaPort.exe' - '48' Module(s) have been scanned
Scan process 'jqs.exe' - '33' Module(s) have been scanned
Scan process 'MMERefresh.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'ACService.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '65' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '38' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '74' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '498' files ).


Starting the file scan:

Begin scan in 'C:\' <Maxwell>


End of the scan: Friday, 22 October 2010 02:01
Used time: 2:48:52 Hour(s)

The scan has been done completely.

19108 Scanned directories
942949 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
942949 Files not concerned
5139 Archives were scanned
0 Warnings
0 Notes
832681 Objects were scanned with rootkit scan
3 Hidden objects were found
chardma3
Active Member
 
Posts: 2
Joined: October 18th, 2010, 8:05 am

Re: Hijack Log

Unread postby askey127 » October 22nd, 2010, 7:35 am

chardma3,
Any toolbar from Ask.com will be a spyware/adware toolbar and is not recommended.
Some antivirus/antispyware programs remove it without asking.
You might take a look at this one: http://www.download3k.com/Internet/Brow ... olbar.html

Please post the results file from CKScanner, named CKFiles.txt

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Hijack Log

Unread postby askey127 » October 25th, 2010, 7:45 am

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 287 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware