Hi our pc has been running slow. Our children have been playing alot of online games lately. Followed the malware removal instructions and here are my logs.
Thanks!
Marc
--------------------------------------
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/11/2007 at 10:41 AM
Application Version : 3.9.1008
Core Rules Database Version : 3342
Trace Rules Database Version: 1343
Scan type : Quick Scan
Total Scan Time : 00:33:25
Memory items scanned : 508
Memory threats detected : 0
Registry items scanned : 819
Registry threats detected : 0
File items scanned : 16098
File threats detected : 0
-----------------------------------------------------------------------------------------------------------------------------------
BitDefender Online Scanner - Real Time Virus Report
Generated at: Sun, Nov 11, 2007 - 10:07:01
Scan Info
Scanned Files 323176
Infected Files 4
Virus Detected
Win32.Yahaa.E@mm 1
Exploit.Iframe.Vulnerability 2
Win32.Worm.Klez.H 1
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
-------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:24:40 AM 11/11/2007
+ Scan result:
:mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.450:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.308:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.309:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.310:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.311:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.312:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.313:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.314:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.315:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.316:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.287:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.783:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.123:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.363:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.367:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.497:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.524:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.612:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.658:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.769:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.784:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.798:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.880:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.101:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Komtrack : Cleaned.
:mozilla.99:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Komtrack : Cleaned.
:mozilla.515:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.516:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.587:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.761:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.825:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ssl-hints.netflame[3].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.479:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.480:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.576:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.577:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.578:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.579:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.670:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.671:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.672:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.673:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.674:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.675:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.676:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.677:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.678:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.679:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.680:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.681:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.682:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.683:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.684:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.553:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.554:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.555:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.556:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.557:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.558:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.244:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.245:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.246:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.247:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.248:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.451:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.262:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.263:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.264:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.265:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.266:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.257:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.259:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.260:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.261:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.y72\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
-----------------------------------------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 11:36:53 AM, on 11/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\DMI\WIN32\bin\DellDmi.exe
C:\Program Files\Dell\OpenManage\Client\EventAgt.exe
C:\Program Files\Dell\OpenManage\Client\DLT.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\dmi\win32\bin\Win32sl.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Messianic Groups.lnk = C:\Program Files\MessianicGroups\wwim.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} (eshare communications NetAgent Customer ActiveX Control version 2) - http://tech-a.mhi.ao...s/custappx2.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.co...snmusax3503.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{55FFEBFF-EC2F-48DD-A6AF-B7099588E377}: NameServer = 85.255.116.45,85.255.112.172
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.45 85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.45 85.255.112.172
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ActionAgent - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: DellDmi - Dell Computer Corporation - C:\DMI\WIN32\bin\DellDmi.exe
O23 - Service: DEventAgent - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\EventAgt.exe
O23 - Service: DLT - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\DLT.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Win32Sl - Intel - C:\dmi\win32\bin\Win32sl.exe
1
Logs
Started by mpossoff, Nov 11 2007 04:55 PM
1 reply to this topic
#2 OFFLINE
-
- Members
-
- 108 posts
Advanced Member
- Gender:Male
- Location:New Hampshire, US
Posted 16 November 2007 - 10:42 AM
mpossoff,
------------------------------------------------------------
Download, Run FixWareout
You may want to print out these instructions for reference, since you will have to restart your computer during the fix.
Please download FixWareout from one of these sites:
http://downloads.sub.../Fixwareout.exe
http://www.bleepingc.../Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so.
Your system may take longer than usual to load; this is normal.
At the end of the fix, you may need to restart your computer again.
Finally, please post a fresh HijackThis log, along with the contents of the logfile C:\fixwareout\report.txt
Now lets check some settings on your system.
In the windows control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category, otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for Cable and DSL, and left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says "Obtain DNS servers automatically"
Press OK twice to get out of the properties screen and reboot if it asks.
That option might not be available on some systems.
Next go Start, Run and type cmd and hit OK
now type:
ipconfig /flushdns
(note that a space between ipconfig and / is needed)
then hit Enter, type exit and hit Enter again.
askey127
------------------------------------------------------------
Download, Run FixWareout
You may want to print out these instructions for reference, since you will have to restart your computer during the fix.
Please download FixWareout from one of these sites:
http://downloads.sub.../Fixwareout.exe
http://www.bleepingc.../Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so.
Your system may take longer than usual to load; this is normal.
At the end of the fix, you may need to restart your computer again.
Finally, please post a fresh HijackThis log, along with the contents of the logfile C:\fixwareout\report.txt
Now lets check some settings on your system.
In the windows control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category, otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for Cable and DSL, and left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says "Obtain DNS servers automatically"
Press OK twice to get out of the properties screen and reboot if it asks.
That option might not be available on some systems.
Next go Start, Run and type cmd and hit OK
now type:
ipconfig /flushdns
(note that a space between ipconfig and / is needed)
then hit Enter, type exit and hit Enter again.
askey127
