Jump to content


Oh boy another virus

Started by boomtown, Sep 09 2006 08:52 PM

  • You cannot reply to this topic
22 replies to this topic

#1 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 09 September 2006 - 08:52 PM

I have ran some of the programs that you guys have requested, I have ran smitfraudfix and got rid of that (i hope),Im sick of these popups and want them gone here is my HJT scan.



Logfile of HijackThis v1.99.1
Scan saved at 3:46:05 PM, on 9/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5A3E92BD-BA07-4622-A318-0A6FAC03B068} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: opnmjhh - C:\WINDOWS\SYSTEM32\opnmjhh.dll
O20 - Winlogon Notify: urqnnnn - urqnnnn.dll (file missing)
O20 - Winlogon Notify: winjgf32 - C:\WINDOWS\SYSTEM32\winjgf32.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

#2 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 09 September 2006 - 09:40 PM

Your pretty heavily infected. Lets try some scanners first:

Download Superantispyware
  • Load Superantispyware and click the check for updates button.
  • Once the update is finished click the scan your computer button.
  • Check Perform Complete Scan and then next.
  • Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
  • Make sure that they all have a check next to them and press next.
  • Click finish and you will be taken back to the main interface.
  • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  • Copy and paste the log onto the forum.
Download Ewido Anti-Spyware
  • Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
  • After the update finishes (the status bar at the bottom will display "Update successful")
  • Click on the Scanner tab at the top and then click on Complete System Scan
  • Ewido will list any infections found on the left, when the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will then display "All actions have been applied" on the right.
  • Click on "Save Report", then "Save Report As". This will create a text file which you can then save to the Desktop and post back
After you run both programs reboot and then come back here and post the log for ewido, superantispyware, and a fresh hijackthis log.

#3 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 12:39 AM

OK i have done as you said here is the new hijack this

Logfile of HijackThis v1.99.1
Scan saved at 7:36:55 PM, on 9/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Downloads\hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll
O2 - BHO: (no name) - {DF0726E5-5F93-4EC0-9887-E84BA10632A8} - C:\WINDOWS\system32\jkhfc.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: urqnnnn - urqnnnn.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

here is the superantispyware
SUPERAntiSpyware Scan Log
Generated 09/09/2006 at 05:48 PM

Core Rules Database Version : 2847
Trace Rules Database Version: 1028

Memory threats detected : 0
Registry threats detected : 2
File threats detected : 161

Adware.Tracking Cookie
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stats2.clicktracks[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@hc2.humanclick[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@realmedia[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@analytics.clickpathmedia[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@data1.perf.overture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@52580280[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@serving-sys[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@hotlog[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@trafficmp[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@48286427[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@rambler[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@c1.zedo[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1072376409[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adv.surinter[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@server2.bkvtrack[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@overture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cgi-bin[3].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@79635536[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ads.addynamix[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@exitexchange[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@msnportal.112.2o7[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@statcounter[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@e-2dj6wjkykodzilp.stats.esomniture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@maxis.112.2o7[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@webstat[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@qnsr[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@44743272[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@6844036[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cgi-bin[4].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@38247244[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stat.dealtime[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.gamestracker.co[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@perf.overture[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@revenue[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1066513847[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@2o7[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@89178482[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@tribalfusion[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cgi-bin[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adopt.euroclick[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@questionmarket[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stat.onestat[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@sales.liveperson[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@emarketmakers[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@revsci[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@xiti[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stats.gamestop[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1070882974[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ad1.clickhype[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@zedo[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@server.iad.liveperson[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@e-2dj6wjk4gnajggo.stats.esomniture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@mb[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@9758056[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@28463524[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@z1.adserver[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ad.yieldmanager[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@data3.perf.overture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adserver[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@nextag[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@tripod[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@bluestreak[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@m1.webstats4u[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@as1.falkag[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adserver.mpogonline[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@advert.runescape[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@sonymediasoftware.122.2o7[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.ppctracking[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@roiservice[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@yadro[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@weborama[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1072732759[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@admarketplace[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@data4.perf.overture[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ez-tracks[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@counter.surfcounters[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@edge.ru4[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@c2.gostats[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@e-2dj6wfloqlazseq.stats.esomniture[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1072365378[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@hit.stat[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.oday-warez[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cgi-bin[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@e-2dj6wjkokoc5cfo.stats.esomniture[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@apmebf[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adbrite[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cpvfeed[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@gettyimages.122.2o7[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@icc.intellisrv[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ads.pointroll[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1071361547[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@msninvite.112.2o7[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@optimost[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.christiantracker[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@clicksor[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@microsoftwlmessengermkt.112.2o7[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@estat[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@spylog[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1069715555[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@eztracks.aavalue[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.game-advertising-online[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@keywordmax[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@gamesell[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@tacoda[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@gamestracker.uk.intellitxt[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@15358151[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@mb[3].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@as-us.falkag[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@toplist[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@mb[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1071332492[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@bizrate[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@e-2dj6wglykicjwdp.stats.esomniture[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adultfriendfinder[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ad[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@LPearthlink2[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@indextools[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1072734479[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@collegeboundnetwork.122.2o7[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@site[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1072286550[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@e-2dj6wfmywhdzmfp.stats.esomniture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@data2.perf.overture[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1071048697[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1071401469[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cgi-bin[6].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@aaotracker[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@ad.zanox[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.netdebit-counter[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@partner2profit[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1066658392[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@wda[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@1065498840[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.burstbeacon[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.paintball-discounters[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.burstnet[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@wda[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@as-eu.falkag[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@www.ez-tracks[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@clickbank[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@adlegend[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stats[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@list[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@usenext[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@75701581[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@webstats4u[2].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stats1.reliablestats[1].txt
C:\Documents and Settings\BLACKBART\Cookies\blackbart@stats[1].txt

Trojan.Malware
HKCR\MezziaCodec.Chl
HKCR\MezziaCodec.Chl\CLSID

Adware.Director
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\Activate.exe
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\Update.exe.tcf
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\Update.exe2173.tcf
C:\System Volume Information\_restore{678FAEC1-1E0A-442D-9BDF-C47213765B94}\RP327\A0114955.exe

Adware.ToolBar888
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\MyToolBar.dll
C:\System Volume Information\_restore{678FAEC1-1E0A-442D-9BDF-C47213765B94}\RP327\A0114956.DLL

Unclassified.Removed
C:\Documents and Settings\BLACKBART\Local Settings\Temp\{A6DE5434-CD4B-4712-9D0E-23574812D642}\{1DB34951-555C-4178-9461-BD7CEC96BAB4}\removeD.exe
C:\Documents and Settings\BLACKBART\Local Settings\Temp\{C5F414A1-231B-43FB-8E9A-57860D7800BB}\{1DB34951-555C-4178-9461-BD7CEC96BAB4}\removeD.exe

Trojan.Freeprod
C:\Documents and Settings\BLACKBART\Local Settings\Temporary Internet Files\Content.IE5\3DR17CDW\wlzip32[1].exe.tcf
C:\Documents and Settings\BLACKBART\Local Settings\Temporary Internet Files\Content.IE5\D0FL40SB\wlzip32[1].exe.tcf
C:\WINDOWS\Temp\win22.tmp.exe.tcf

Adware.WhenU
C:\Program Files\DAEMON Tools\SetupDTSB.exe.tcf
C:\System Volume Information\_restore{678FAEC1-1E0A-442D-9BDF-C47213765B94}\RP306\A0102581.exe
and here is the ewido

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:26:13 PM 9/9/2006

+ Scan result:



C:\Program Files\vmntoolbar\vmntoolbar.dll -> Adware.BHO : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00025311 -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00025312 -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00025392.TCF -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00025313 -> Adware.Softomate : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00025366 -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Sandlot Shared\slghex.dll.tcf -> Adware.SpywareStorm : Cleaned with backup (quarantined).
C:\Downloads\Beetle Bomp + Serpengo+ Bone Out from Boneville + Zuma Deluxe + Lemonade Tycoon 2 [found with kelforum.com ].rar/Creatures The Albian Years PC Game [by PeerFactor.fr].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Program Files\vmntoolbar\uninstall.exe -> Adware.VMN : Cleaned with backup (quarantined).
HKU\S-1-5-21-1757981266-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8FB8EB3-183B-4598-924D-86F0E5E37085} -> Adware.WhyPPC : Cleaned with backup (quarantined).
C:\Program Files\eMule\Temp\024.part/Trojan Hunter 4.5.924\TrojanHunter 4.5.924 crack\THGuard.exe -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win27.tmp.exe -> Downloader.Obfuscated.a : Cleaned with backup (quarantined).
C:\Downloads\guild_wars_keygen.exe -> Dropper.Pakes : Cleaned with backup (quarantined).
C:\Documents and Settings\BLACKBART\Desktop\WILLS STUFF\KILLERS TFD.EXE.exe -> Dropper.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\BLACKBART\Desktop\WILLS STUFF\Trainer Maker Kit\static.dat -> Dropper.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\BLACKBART\Desktop\WILLS STUFF\tfd.exe -> Dropper.Small : Cleaned with backup (quarantined).
C:\old stuff\Will's Stuff\Will's Stuff\Trainer Maker Kit\static.dat -> Dropper.Small : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\popcaploader.dll.tcf -> Not-A-Virus.Downloader.Win32.PopCap.b : Ignored.
C:\old stuff\Will's Stuff\Will's Stuff\chams n stuff.rar/WoRmX.exe -> Not-A-Virus.HackTool.Win32.Injecter.e : Ignored.
C:\old stuff\Will's Stuff\Will's Stuff\chams n stuff.rar/inject h.exe -> Not-A-Virus.HackTool.Win32.Injecter.e : Ignored.
C:\old stuff\Will's Stuff\Will's Stuff\chams n stuff\WoRmX.exe -> Not-A-Virus.HackTool.Win32.Injecter.e : Ignored.
C:\old stuff\Will's Stuff\Will's Stuff\chams n stuff\inject h.exe -> Not-A-Virus.HackTool.Win32.Injecter.e : Ignored.
C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored.
C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored.
C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored.
C:\RECYCLER\NPROTECT\00025550.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4110 : Ignored.
:mozilla.319:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.395:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.531:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.63:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.65:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.66:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.67:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.68:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.69:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.789:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00025309 -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00025323 -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00025324 -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00025327 -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00025345 -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT\00025361 -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\BLACKBART\Cookies\blackbart@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\BLACKBART\Cookies\blackbart@planetfungames.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\RECYCLER\NPROTECT\00025372 -> TrackingCookie.Aavalue : Cleaned.
:mozilla.216:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.217:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.218:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.485:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.677:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.678:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\RECYCLER\NPROTECT\00025314 -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.143:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.144:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
C:\RECYCLER\NPROTECT\00025326 -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.308:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.309:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.310:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.311:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.312:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.313:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.77:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.78:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.79:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.80:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.81:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.76:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.120:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.114:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.92:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.95:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.96:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.97:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.432:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.435:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.436:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.303:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
C:\RECYCLER\NPROTECT\00025334 -> TrackingCookie.Clickhype : Cleaned.
:mozilla.232:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.233:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.494:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.495:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.566:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.567:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.568:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.569:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.573:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.574:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.706:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.707:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.279:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.549:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\BLACKBART\Cookies\blackbart@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\RECYCLER\NPROTECT\00025308 -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.51:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.140:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.713:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\RECYCLER\NPROTECT\00025301 -> TrackingCookie.Esomniture : Cleaned.
C:\RECYCLER\NPROTECT\00025318 -> TrackingCookie.Esomniture : Cleaned.
C:\RECYCLER\NPROTECT\00025339 -> TrackingCookie.Esomniture : Cleaned.
C:\RECYCLER\NPROTECT\00025346 -> TrackingCookie.Esomniture : Cleaned.
C:\RECYCLER\NPROTECT\00025362 -> TrackingCookie.Esomniture : Cleaned.
C:\RECYCLER\NPROTECT\00025376 -> TrackingCookie.Esomniture : Cleaned.
:mozilla.513:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\RECYCLER\NPROTECT\00025287 -> TrackingCookie.Euroclick : Cleaned.
:mozilla.169:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.170:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.171:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.172:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.53:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.54:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.55:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.56:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.57:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.222:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.31:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.32:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.36:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.41:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.45:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.591:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.639:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.265:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.46:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.47:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.48:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.554:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.559:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.625:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.626:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.630:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.638:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.650:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.359:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.360:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.361:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.362:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.660:C:\Documents and Settings\BLACKBART\Application Data\Mozilla\Firefox\Profiles\c37570oj.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\BLACKBART\Local Settings\Temp\NoadwareBkupTemp\blackbart@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.882:C:\Documents and Settings&

#4 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 01:01 AM

Please download VundoFix.exe
to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt into your next reply
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above
instructions starting from "Click the Scan for Vundo button." when
VundoFix appears at reboot.

In your next post post the vundofix log and a new hijackthis log.

#5 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 02:22 AM

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:03:36 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\winjgf32.dll
C:\WINDOWS\system32\winjgf32.dll Could not be deleted.

Attempting to delete C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:13:47 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\winjgf32.dll
C:\WINDOWS\system32\winjgf32.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:24:03 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:34:14 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:43:20 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 8:57:00 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 9:08:41 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!


Logfile of HijackThis v1.99.1
Scan saved at 9:22:03 PM, on 9/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll
O2 - BHO: (no name) - {DCE8E4E8-6045-4421-950A-381D7F574F64} - C:\WINDOWS\system32\jkhfc.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: urqnnnn - urqnnnn.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

it wont go away, ive tried the vundo thing numerous times now.

#6 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 02:26 AM

Try running it in safe mode. Post the log that it creates afterwards.
If this doesn't work we will have to try something else.

#7 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 02:43 AM

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:03:36 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\winjgf32.dll
C:\WINDOWS\system32\winjgf32.dll Could not be deleted.

Attempting to delete C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:13:47 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\winjgf32.dll
C:\WINDOWS\system32\winjgf32.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:24:03 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:34:14 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:43:20 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 8:57:00 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 9:08:41 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 9:31:05 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

nope what next lol.


VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:03:36 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\winjgf32.dll
C:\WINDOWS\system32\winjgf32.dll Could not be deleted.

Attempting to delete C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll
C:\Program Files\Common Files\{E07A3840-08A2-1033-1207-051204050001}\services.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:13:47 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\winjgf32.dll
C:\WINDOWS\system32\winjgf32.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:24:03 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:34:14 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 4:43:20 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 8:57:00 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 9:08:41 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.1.4

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 9:31:05 PM 9/9/2006

Listing files found while scanning....

C:\WINDOWS\system32\opnmjhh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\opnmjhh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

nope what next lol.

#8 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 03:11 AM

Download Killbox from Here

Click killbox.exe

Select the option "Delete on reboot".

Click the button: All Files (Important!)
Now it should flash green.

Next copy the contents of the code box to clipboard by left clicking and covering the text then right click inside the highlighted area and choose Copy:
C:\WINDOWS\system32\opnmjhh.dll
C:\WINDOWS\system32\winjgf32.dll

After copying the above text to Clipboard click File on the killbox menu bar and choose Paste From Clipboard

Then press the Delete File button (Red Circle with a White X).
Killbox will tell you that all listed files will be removed on next reboot and asks if you would like to Reboot now, click YES
If you don't get that message, reboot manually.

Your computer should reboot now.

Post a new hijack this log after the reboot.

#9 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 03:30 AM

have u got msn or yahoo so u can walk me thru some stuff to try, that cant delete, alos do i need to make backups?

#10 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 03:32 AM

I only have aim. If you have that then PM me your screen name.

#11 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 03:40 AM

Logfile of HijackThis v1.99.1
Scan saved at 10:39:33 PM, on 9/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Downloads\hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {2B699739-C952-4543-817B-8E9A3DB59ECE} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: urqnnnn - urqnnnn.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

#12 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 04:02 AM

Post new log after what we tried.

#13 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 04:50 AM

Logfile of HijackThis v1.99.1
Scan saved at 11:49:19 PM, on 9/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Program Files\Trillian\trillian.exe
C:\Downloads\hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {77F122AF-2682-4CBC-92A2-B6A8078FD8B1} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: urqnnnn - urqnnnn.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

#14 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 05:02 AM

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)

O2 - BHO: (no name) - {77F122AF-2682-4CBC-92A2-B6A8078FD8B1} - C:\WINDOWS\system32\jkhfc.dll

O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL (file missing)

O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll

O20 - Winlogon Notify: urqnnnn - urqnnnn.dll (file missing)

O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

#15 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 05:12 AM

Logfile of HijackThis v1.99.1
Scan saved at 12:11:05 AM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Downloads\hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {3A61AC3F-FBFD-4548-9740-43C163EA9406} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

#16 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 05:27 AM

post log now

#17 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 05:27 AM

Logfile of HijackThis v1.99.1
Scan saved at 12:27:22 AM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\hijackthis\bbb.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {3A61AC3F-FBFD-4548-9740-43C163EA9406} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

#18 OFFLINE   rridgely

    I hate computers

  • Moderators
  • 8,858 posts
  • Gender:Male

Posted 10 September 2006 - 05:35 AM

Post those logs from the scans I told you to run.
Good luck.

(To those reading who think I've lost my mind we did a lot of stuff on aim. Thats why things look out of order/strange)

#19 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 10:33 AM

OK, 5am and bit defender finished here it what it said

BitDefender Online Scanner



Scan report generated at: Sun, Sep 10, 2006 - 05:27:58





Scan path: A:\;C:\;D:\;E:\;F:\;G:\;I:\;







Statistics

Time
04:49:16

Files
1735490

Folders
9336

Boot Sectors
2

Archives
11383

Packed Files
184888




Results

Identified Viruses
22

Infected Files
106

Suspect Files
2

Warnings
0

Disinfected
0

Deleted Files
204




Engines Info

Virus Definitions
453569

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\BLACKBART\Desktop\WILLS STUFF\ezguitartabsfree.exe=>wise0048
Detected with: Application.Adware.NewDotNet.B.Dropper

C:\Documents and Settings\BLACKBART\Desktop\WILLS STUFF\ezguitartabsfree.exe=>wise0048
Deleted

C:\Documents and Settings\BLACKBART\Desktop\WILLS STUFF\ezguitartabsfree.exe
Update failed

C:\Documents and Settings\BLACKBART\Local Settings\Temporary Internet Files\Content.IE5\D0FL40SB\35[1].htm
Infected with: Exploit.Html.Codebase.Exec.C

C:\Documents and Settings\BLACKBART\Local Settings\Temporary Internet Files\Content.IE5\D0FL40SB\35[1].htm
Disinfection failed

C:\Documents and Settings\BLACKBART\Local Settings\Temporary Internet Files\Content.IE5\D0FL40SB\35[1].htm
Deleted

C:\Documents and Settings\BLACKBART\Recent\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar.lnk=>C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar=>Win XP-2003 Activation-Genuine Advantage Crack-Keygen\WPA.exe
Infected with: Virtool.Wpakill.A

C:\Documents and Settings\BLACKBART\Recent\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar.lnk=>C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar=>Win XP-2003 Activation-Genuine Advantage Crack-Keygen\WPA.exe
Disinfection failed

C:\Documents and Settings\BLACKBART\Recent\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar.lnk=>C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar=>Win XP-2003 Activation-Genuine Advantage Crack-Keygen\WPA.exe
Deleted

C:\Documents and Settings\BLACKBART\Recent\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar.lnk=>C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar
Update failed

C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\XP Product Activation for Updates\WinXP-2K3-Anti-Product Activation-Patch 1.2.zip=>WPA_Kill.exe
Infected with: Trojan.Tool.Wpakill.A

C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\XP Product Activation for Updates\WinXP-2K3-Anti-Product Activation-Patch 1.2.zip=>WPA_Kill.exe
Disinfection failed

C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\XP Product Activation for Updates\WinXP-2K3-Anti-Product Activation-Patch 1.2.zip=>WPA_Kill.exe
Deleted

C:\Downloads\Bill Gates Toolkit Reloaded!!!\UltimateWindows\XP Product Activation for Updates\WinXP-2K3-Anti-Product Activation-Patch 1.2.zip
Updated

C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar=>Win XP-2003 Activation-Genuine Advantage Crack-Keygen\WPA.exe
Infected with: Virtool.Wpakill.A

C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar=>Win XP-2003 Activation-Genuine Advantage Crack-Keygen\WPA.exe
Disinfection failed

C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar=>Win XP-2003 Activation-Genuine Advantage Crack-Keygen\WPA.exe
Deleted

C:\Downloads\Win XP-2003 Activation-Genuine Advantage Crack-Keygen.rar
Update failed

C:\old stuff\drivers for everything\PC drivers and stuff\Drivers for modems\5600.exe=>wise0070=>wise0008
Detected with: Application.Bookmarkexpress.A

C:\old stuff\drivers for everything\PC drivers and stuff\Drivers for modems\5600.exe=>wise0070=>wise0008
Disinfection failed

C:\old stuff\drivers for everything\PC drivers and stuff\Drivers for modems\5600.exe=>wise0070=>wise0008
Deleted

C:\old stuff\drivers for everything\PC drivers and stuff\Drivers for modems\5600.exe=>wise0070
Update failed

C:\old stuff\drivers for everything\PC drivers and stuff\voodoo 5500 bios flash stuff\recover.zip=>MAKEDISK.COM
Infected with: BAT.Revenge

C:\old stuff\drivers for everything\PC drivers and stuff\voodoo 5500 bios flash stuff\recover.zip=>MAKEDISK.COM
Disinfection failed

C:\old stuff\drivers for everything\PC drivers and stuff\voodoo 5500 bios flash stuff\recover.zip=>MAKEDISK.COM
Deleted

C:\old stuff\drivers for everything\PC drivers and stuff\voodoo 5500 bios flash stuff\recover.zip
Updated

C:\old stuff\FFDOWNLOADS\PC PROGRAMS\pirate.zip=>pirate.exe
Infected with: Joke.Pirated

C:\old stuff\FFDOWNLOADS\PC PROGRAMS\pirate.zip=>pirate.exe
Disinfection failed

C:\old stuff\FFDOWNLOADS\PC PROGRAMS\pirate.zip=>pirate.exe
Deleted

C:\old stuff\FFDOWNLOADS\PC PROGRAMS\pirate.zip
Updated

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\antiwpav1.6winxp2k3.zip=>WPA_Kill.exe
Infected with: Virtool.Wpakill.G

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\antiwpav1.6winxp2k3.zip=>WPA_Kill.exe
Disinfection failed

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\antiwpav1.6winxp2k3.zip=>WPA_Kill.exe
Deleted

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\antiwpav1.6winxp2k3.zip
Updated

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\windows2003andwindowsxpsp2antiproductactivationcrack.zip=>WPA_Kill.exe
Infected with: Trojan.Tool.Wpakill.A

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\windows2003andwindowsxpsp2antiproductactivationcrack.zip=>WPA_Kill.exe
Disinfection failed

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\windows2003andwindowsxpsp2antiproductactivationcrack.zip=>WPA_Kill.exe
Deleted

C:\old stuff\Will's Stuff\maybackup\Cracks\w\win CRACKS\windows2003andwindowsxpsp2antiproductactivationcrack.zip
Updated

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\01E9031B=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\01E9031B=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\01E9031B=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\0293262A=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\0293262A=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\0293262A=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\0E236229=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\0E236229=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\0E236229=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\14736B70=>(Quarantine-2)
Infected with: Trojan.Downloader.Horst.B

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\14736B70=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\14736B70=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\15FE6CBD.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\15FE6CBD.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\15FE6CBD.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\16B51BF4.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\16B51BF4.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\16B51BF4.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\17EA6A68=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\17EA6A68=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\17EA6A68=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\19B41E28=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AHK

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\19B41E28=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\19B41E28=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\1BF36E7A=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\1BF36E7A=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\1BF36E7A=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\1D7A59A5.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.ADE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\1D7A59A5.tmp=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\1D7A59A5.tmp=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\23120994=>(Quarantine-2)
Infected with: Dropped:Trojan.Keylogger.Ardamax.D

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\23120994=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\23120994=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\23153390=>(Quarantine-2)
Infected with: Dropped:Trojan.Keylogger.Ardamax.D

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\23153390=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\23153390=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\25445A26=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\25445A26=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\25445A26=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\26664552=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AHK

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\26664552=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\26664552=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2A341271=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2A341271=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2A341271=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2B9C19A3.exe=>(Quarantine-2)
Infected with: Trojan.Medbot.B

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2B9C19A3.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2B9C19A3.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2BAD6B91.exe=>(Quarantine-2)
Infected with: Trojan.Medbot.B

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2BAD6B91.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\2BAD6B91.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\30D41625=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\30D41625=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\30D41625=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\328F39E2=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\328F39E2=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\328F39E2=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33E635EA=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33E635EA=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33E635EA=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33E95FE7=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33E95FE7=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33E95FE7=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33ED09E3=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33ED09E3=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33ED09E3=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33F033DF=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33F033DF=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33F033DF=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33F35DDC=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33F35DDC=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33F35DDC=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33FA31D5=>(Quarantine-2)
Infected with: Trojan.Downloader.Horst.B

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33FA31D5=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\33FA31D5=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\340005CD=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\340005CD=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\340005CD=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\3D9057DC.exe=>(Quarantine-2)
Infected with: Virtool.Cracksearch.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\3D9057DC.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\3D9057DC.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\3EF334CF.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.ADE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\3EF334CF.tmp=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\3EF334CF.tmp=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\485B042A=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\485B042A=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\485B042A=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\490150EC.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\490150EC.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\490150EC.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\499E303F.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\499E303F.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\499E303F.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\53EC4028=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\53EC4028=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\53EC4028=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\548663ED.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\548663ED.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\548663ED.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\56556D65=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AHK

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\56556D65=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\56556D65=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\593B0491=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\593B0491=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\593B0491=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\59525D4D=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\59525D4D=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\59525D4D=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\599E73C4=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\599E73C4=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\599E73C4=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\5B0F4E3E=>(Quarantine-2)
Infected with: Trojan.Mailer.Exmo.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\5B0F4E3E=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\5B0F4E3E=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\5F7C7C27=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\5F7C7C27=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\5F7C7C27=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\601C085F=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\601C085F=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\601C085F=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6330649B=>(Quarantine-2)
Infected with: Trojan.Mailer.Exmo.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6330649B=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6330649B=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\67884302.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\67884302.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\67884302.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6B0C3826=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6B0C3826=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6B0C3826=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6F5900B6=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6F5900B6=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\6F5900B6=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\72A676DD=>(Quarantine-2)
Infected with: Trojan.Proxy.Hoerst.AF

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\72A676DD=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\72A676DD=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\73A85F23=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\73A85F23=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\73A85F23=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\79A328D1.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\79A328D1.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\79A328D1.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\79DA7294.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\79DA7294.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\79DA7294.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\7B817547=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\7B817547=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\Quarantine\7B817547=>(Quarantine-2)
Deleted

C:\Program Files\ZakFromAnotherPlanet\Yazak Chat\ZakFileShare.exe
Suspected of: Generic.Malware.FC.A3BD7ECC

C:\Program Files\ZakFromAnotherPlanet\Yazak Chat\ZakFileShare.exe
Disinfection failed

C:\Program Files\ZakFromAnotherPlanet\Yazak Chat\ZakFileShare.exe
Deleted

C:\RECYCLER\NPROTECT\00038621=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\RECYCLER\NPROTECT\00038621=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038621=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038622=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\RECYCLER\NPROTECT\00038622=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038622=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038623=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\RECYCLER\NPROTECT\00038623=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038623=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038624=>(Quarantine-2)
Infected with: Trojan.Downloader.Horst.B

C:\RECYCLER\NPROTECT\00038624=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038624=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038625.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\RECYCLER\NPROTECT\00038625.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038625.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038626.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\RECYCLER\NPROTECT\00038626.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038626.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038627=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\RECYCLER\NPROTECT\00038627=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038627=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038628=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AHK

C:\RECYCLER\NPROTECT\00038628=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038628=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038629=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\RECYCLER\NPROTECT\00038629=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038629=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038630=>(Quarantine-2)
Infected with: Dropped:Trojan.Keylogger.Ardamax.D

C:\RECYCLER\NPROTECT\00038630=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038630=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038634=>(Quarantine-2)
Infected with: Dropped:Trojan.Keylogger.Ardamax.D

C:\RECYCLER\NPROTECT\00038634=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038634=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038635=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\RECYCLER\NPROTECT\00038635=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038635=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038636=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AHK

C:\RECYCLER\NPROTECT\00038636=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038636=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038637=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\RECYCLER\NPROTECT\00038637=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038637=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038638.exe=>(Quarantine-2)
Infected with: Trojan.Medbot.B

C:\RECYCLER\NPROTECT\00038638.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038638.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038639.exe=>(Quarantine-2)
Infected with: Trojan.Medbot.B

C:\RECYCLER\NPROTECT\00038639.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038639.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038640=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\RECYCLER\NPROTECT\00038640=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038640=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038641=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\RECYCLER\NPROTECT\00038641=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038641=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038642=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\RECYCLER\NPROTECT\00038642=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038642=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038643=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\RECYCLER\NPROTECT\00038643=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038643=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038644=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\RECYCLER\NPROTECT\00038644=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038644=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038645=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\RECYCLER\NPROTECT\00038645=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038645=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038646=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\RECYCLER\NPROTECT\00038646=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038646=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038647=>(Quarantine-2)
Infected with: Trojan.Downloader.Horst.B

C:\RECYCLER\NPROTECT\00038647=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038647=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038648=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\RECYCLER\NPROTECT\00038648=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038648=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038649.exe=>(Quarantine-2)
Infected with: Virtool.Cracksearch.A

C:\RECYCLER\NPROTECT\00038649.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038649.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038650=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\RECYCLER\NPROTECT\00038650=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038650=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038651.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\RECYCLER\NPROTECT\00038651.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038651.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038652.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\RECYCLER\NPROTECT\00038652.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038652.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038653=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\RECYCLER\NPROTECT\00038653=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038653=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038654.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\RECYCLER\NPROTECT\00038654.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038654.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038655=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AHK

C:\RECYCLER\NPROTECT\00038655=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038655=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038656=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AE

C:\RECYCLER\NPROTECT\00038656=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038656=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038657=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\RECYCLER\NPROTECT\00038657=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038657=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038658=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\RECYCLER\NPROTECT\00038658=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038658=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038659=>(Quarantine-2)
Infected with: Trojan.Mailer.Exmo.A

C:\RECYCLER\NPROTECT\00038659=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038659=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038660=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\RECYCLER\NPROTECT\00038660=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038660=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038661=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.AIJ

C:\RECYCLER\NPROTECT\00038661=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038661=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038662=>(Quarantine-2)
Infected with: Trojan.Mailer.Exmo.A

C:\RECYCLER\NPROTECT\00038662=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038662=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038663.exe=>(Quarantine-2)
Infected with: Virtool.Wpakill.A

C:\RECYCLER\NPROTECT\00038663.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038663.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038664=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\RECYCLER\NPROTECT\00038664=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038664=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038665=>(Quarantine-2)
Infected with: Trojan.Downloader.Medbod.C

C:\RECYCLER\NPROTECT\00038665=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038665=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038666=>(Quarantine-2)
Infected with: Trojan.Proxy.Hoerst.AF

C:\RECYCLER\NPROTECT\00038666=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038666=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038667=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AN

C:\RECYCLER\NPROTECT\00038667=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038667=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038668.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\RECYCLER\NPROTECT\00038668.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038668.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038669.exe=>(Quarantine-2)
Infected with: Backdoor.Agent.AAY

C:\RECYCLER\NPROTECT\00038669.exe=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038669.exe=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00038670=>(Quarantine-2)
Infected with: Trojan.Proxy.Horst.AV

C:\RECYCLER\NPROTECT\00038670=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00038670=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00039132.EXE
Suspected of: Generic.Malware.FC.A3BD7ECC

C:\RECYCLER\NPROTECT\00039132.EXE
Disinfection failed

C:\RECYCLER\NPROTECT\00039132.EXE
Deleted



hope this helps us get rid of this thing :blink:











oh, heres another

BitDefender Online Scanner - Real Time Virus Report



Generated at: Sun, Sep 10, 2006 - 05:32:56


--------------------------------------------------------------------------------





Scan Info



Scanned Files
1737482

Infected Files
108








Virus Detected



Trojan.Medbot.B
4

Joke.Pirated
1

Trojan.Downloader.Horst.B
4

Trojan.Proxy.Horst.AN
12

Virtool.Wpakill.G
1

Application.Bookmarkexpress.A
1

Application.Adware.NewDotNet.B.Dropper
1

Trojan.Proxy.Hoerst.AF
2

Dropped:Trojan.Keylogger.Ardamax.D
4

Virtool.Cracksearch.A
2

Trojan.Proxy.Horst.AV
12

Trojan.Proxy.Horst.AE
12

Trojan.Downloader.Medbod.C
8

Trojan.Downloader.Agent.ADE
2

Trojan.Downloader.Agent.AIJ
8

BAT.Revenge
1

Generic.Malware.FC.A3BD7ECC
2

Trojan.Downloader.Agent.AHK
6

Virtool.Wpakill.A
10

Exploit.Html.Codebase.Exec.C
1

Trojan.Mailer.Exmo.A
4

Trojan.Tool.Wpakill.A
2

Backdoor.Agent.AAY
8
-----------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 5:34:46 AM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\hijackthis\bbb.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {3A61AC3F-FBFD-4548-9740-43C163EA9406} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-00500

#20 OFFLINE   boomtown

    Member

  • Members
  • PipPip
  • 45 posts
  • Gender:Male

Posted 10 September 2006 - 10:52 AM

Not sure but i think i got it with unlocker, i hit unlock explorer.exe then unlocked the iexplorer.exe and told killbox to delete it upon reboot, i dont see the jkf file. new hjt log is here

Logfile of HijackThis v1.99.1
Scan saved at 5:49:56 AM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\DW6000 Monitor\service\dw6000service.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
c:\Program Files\HughesNet Tools\bin\mpbtn.exe
C:\Downloads\hijackthis\bbb.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhughesnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.101:6881
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\opnmjhh.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P62 "Auto EPSON Stylus Photo R200 Series (Copy 1) on Sniper-moms-pc" /O25 "\\SNIPER-MOMS-PC\EPSONSty" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P56 "\\SNIPER-MOMS-PC\EPSON Stylus Photo R200 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DW6000 Monitor.lnk = C:\Program Files\DW6000 Monitor\monitor\dw6000monitor.exe
O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkhfc - C:\WINDOWS\system32\jkhfc.dll (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DW6000 Service (DW6000Service) - Unknown owner - C:\Program Files\DW6000 Monitor\service\dw6000service.exe" -service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)
Back to Spyware Hell


  1. Piriform Community Forums
  2. Computer Help and Discussion
  3. Spyware Hell