Spyhunter found Zlob, Many scans show no evidence

Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

Spyhunter found Zlob, Many scans show no evidence, win explorer stops working, slow perform, things dont work right

Options

mc73 View Member Profile	Oct 12 2008, 05:32 AM Post #1
New Member Posts: 1 OS: windows vista, 32 bit	I have spent weeks trying many scans and fixes, updates and downloads trying to identify and/or fix these persistant problems. Updated Java and windows update , ran Malarebytes, Karspersky online, AVG, Ad-aware, Spybot, Windows defender, Spyware Terminator, Superantispyware, Malicious Software removal tool, used ccleaner and I believe ATF or something like that. Still I get many 404 errors, redirects, at one time I had to go into registry to unblock certain functions to get me to be able try to repair this mess. Even my toolbar is white (not my choice) its supposed to be aero. Mouse is also not right. Freecell is messed up, windows defender ill not let me stop programs from loading at startup. I am afraid to get online to log in to do my banking. Please, I hope this will get to you. I tried before, but could not find it. I hope I can find an answer this time. Here ( I hope) is my hjt log.Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:02:08 AM, on 10/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\agrsmsvc.exe C:\Windows\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Tablet.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe C:\Windows\system32\WTablet\TabUserW.exe C:\Windows\system32\Tablet.exe C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\RtHDVCpl.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\NetZero\exec.exe C:\Program Files\NetZero\exec.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\NetZero\qsacc\x1exec.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\Free Download Manager\fdm.exe C:\Windows\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\Notepad.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.computers.us.fujitsu.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NetZero\SearchEnh1.dll O1 - Hosts: ::1 localhost O2 - BHO: Pop-up Blocker - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\X1IEBHO.dll O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Display All Images with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/228" O8 - Extra context menu item: Display Image with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/227" O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll O9 - Extra 'Tools' menuitem: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O15 - Trusted Zone: .netzero.com O15 - Trusted Zone: .netzero.net O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...S/wlscctrl2.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BBA24FB6-48FE-4241-BF85-5F3EEAFDC0F3}: NameServer = 64.136.52.73 64.136.44.73 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe (file missing) O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\system32\Tablet.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 13062 bytes

« Next Oldest · Malware Removal - HijackThis� Logs Go Here · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies / Views	Topic Information
Malware Removal - HijackThis� Logs Go Here Scans show no malware, but i know it is infected	0 / 167	16th April 2006 - 12:49 PM Kevin76 started - last by Kevin76
Malware Removal - HijackThis� Logs Go Here laptop running VERY slow after many scans and removals...	0 / 129	22nd May 2008 - 09:31 AM jfrog started - last by jfrog
Malware Removal - HijackThis� Logs Go Here computer running slow scans show multiple viruses	1 / 145	6th July 2008 - 05:51 PM jlgizee started - last by Rorschach112
Malware Removal - HijackThis� Logs Go Here Radio playing but no programs open. Ran Scans, but no malware or viru	6 / 83	19th November 2008 - 12:23 PM Avs19 started - last by Rorschach112