Hi,
Im sorry that there is so much time between my replies, I've been working weird hours.
I ran HiJackThis. The entrie below was not there to select....
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://softwarerefer...=...6Ojg5&lid=2I downloaded the SuperAntiSpyware. I set the desired scanner options. I ran a complete scan, made sure there was check marks beside all. Clicked Ok and the Yes for a reboot.
Here is the removal information...
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 01/10/2008 at 03:21 PM
Application Version : 3.9.1008
Core Rules Database Version : 3377
Trace Rules Database Version: 1371
Scan type : Complete Scan
Total Scan Time : 02:43:49
Memory items scanned : 545
Memory threats detected : 0
Registry items scanned : 6692
Registry threats detected : 27
File items scanned : 110238
File threats detected : 60
Adware.MyWebSearch
HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL
HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\TypeLib
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib
C:\_OTMOVEIT\MOVEDFILES\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE
Adware.Tracking Cookie
C:\Documents and Settings\Ali\Cookies\ali@mediaplex[1].txt
C:\Documents and Settings\Ali\Cookies\ali@statcounter[1].txt
C:\Documents and Settings\Ali\Cookies\ali@advertising[1].txt
C:\Documents and Settings\Ali\Cookies\ali@mywebsearch[3].txt
C:\Documents and Settings\Ali\Cookies\ali@casalemedia[2].txt
C:\Documents and Settings\Ali\Cookies\ali@adbrite[2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\ali@rambler[1].txt
C:\Documents and Settings\Ali\Cookies\ali@gomyhit[3].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\ali@hitbox[2].txt
C:\Documents and Settings\Ali\Cookies\ali@imrworldwide[2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\ali@tripod[2].txt
C:\Documents and Settings\Ali\Cookies\ali@tribalfusion[1].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][2].txt
C:\Documents and Settings\Ali\Cookies\ali@adlegend[1].txt
C:\Documents and Settings\Ali\Cookies\ali@trustedantivirus[9].txt
C:\Documents and Settings\Ali\Cookies\ali@gomyhit[2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][2].txt
C:\Documents and Settings\Ali\Cookies\ali@fastclick[2].txt
C:\Documents and Settings\Ali\Cookies\ali@serving-sys[1].txt
C:\Documents and Settings\Ali\Cookies\ali@atdmt[2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][3].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\ali@doubleclick[2].txt
C:\Documents and Settings\Ali\Cookies\ali@specificclick[2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][2].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][1].txt
C:\Documents and Settings\Ali\Cookies\ali@bluestreak[1].txt
C:\Documents and Settings\Ali\Cookies\
[email protected][3].txt
C:\Deckard\System Scanner\20080108141322\backup\DOCUME~1\Ali\LOCALS~1\Temp\Cookies\
[email protected][2].txt
C:\Deckard\System Scanner\20080108141322\backup\DOCUME~1\Ali\LOCALS~1\Temp\Cookies\ali@mywebsearch[2].txt
C:\Documents and Settings\Ali\Cookies\ali@mywebsearch[1].txt
Trojan.WinFixer 2006
HKCR\UWFX6PCheck.UWFX6PCheck.1
HKCR\UWFX6PCheck.UWFX6PCheck.1\CLSID
C:\WINDOWS\system32\drivers\d_kmd.sys
Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID
Desktop Hijacker.AboutYourPrivacy
C:\Documents and Settings\Ali\Desktop\Error Cleaner.url
C:\Documents and Settings\Ali\Desktop\Privacy Protector.url
C:\Documents and Settings\Ali\Desktop\Spyware&Malware Protection.url
C:\Documents and Settings\Ali\Favorites\Error Cleaner.url
C:\Documents and Settings\Ali\Favorites\Privacy Protector.url
C:\Documents and Settings\Ali\Favorites\Spyware&Malware Protection.url
C:\_OTMOVEIT\MOVEDFILES\WINDOWS\PRIVACY_DANGER\IMAGES\CAPT.GIF
C:\_OTMOVEIT\MOVEDFILES\WINDOWS\PRIVACY_DANGER\IMAGES\DANGER.JPG
C:\_OTMOVEIT\MOVEDFILES\WINDOWS\PRIVACY_DANGER\IMAGES\DOWN.GIF
Unclassified.Unknown Origin
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\BACKUPS\BACKUP-20080109-125507-181.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP905\A0128021.DLL
Adware.MovieLand/MediaPipe
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP838\A0106274.EXE
Trojan.Smitfraud Variant-Gen/IEDef
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP888\A0122219.DLL
Trojan.Unknown Origin
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP899\A0125467.ICO
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP899\A0125469.ICO
Trojan.Unclassified/ENSFOLR
C:\_OTMOVEIT\MOVEDFILES\WINDOWS\ENSFOLR.DLL
Here is a new DSS log..
Deckard's System Scanner v20071014.68
Run by Ali on 2008-01-11 13:07:20
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 254 MiB (512 MiB recommended).-- HijackThis (run as Ali.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:07:35 PM, on 11/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rogers\SelfHealing\rogersagent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Documents and Settings\Ali\Desktop\Deckard's System Scanner Download.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Ali.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.rogers.my.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\rogersagent.exe
O4 - HKCU\..\Run: [SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
O4 - HKCU\..\Run: [Update Manager] "C:\Program Files\Rogers\Update Manager\UpdateManager.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: My Little Pony Registration.lnk = D:\ATR1.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: Trivial Pursuit_ Unhinged Registration.lnk = C:\Documents and Settings\Ali\Local Settings\Temp\{50937CF3-9907-4235-935B-6883A181A5C7}\{4E61888C-3D42-4691-AD25-E9AF648EAB63}\ATR1.EXE
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Rogers Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ali\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=48835O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg...v45/yacscom.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebo...toUploader3.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1138905128578O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) -
http://chat.yahoo.com/cab/yacsui.cabO16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/...mjolauncher.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinn...ed/wwlaunch.cabO16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) -
http://www.worldwinn...v45/sol/sol.cabO16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) -
http://www.worldwinn...v46/wof/wof.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://cdn2.zone.msn...ro.cab34246.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://download.game...aploader_v6.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/...s/msnchat45.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
--
End of file - 14009 bytes
-- Files created between 2007-12-11 and 2008-01-11 -----------------------------
2008-01-10 12:28:59 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-10 12:28:37 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-10 12:28:36 0 d-------- C:\Documents and Settings\Ali\Application Data\SUPERAntiSpyware.com
2008-01-10 12:27:34 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-09 12:15:06 0 d-------- C:\Program Files\Trend Micro
2008-01-08 22:31:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-07 19:29:19 0 d-------- C:\WINDOWS\All Users
2008-01-07 16:38:10 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-07 16:38:10 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-07 16:38:10 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-07 16:38:10 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-01-07 16:38:10 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-07 16:38:10 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-06 20:03:28 4922 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-06 15:30:02 0 d-------- C:\Program Files\Enigma Software Group
2008-01-04 23:49:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-25 14:17:38 0 d-------- C:\Program Files\QuickTime
2007-12-25 14:10:36 0 d-------- C:\Program Files\Common Files\ArcSoft
2007-12-25 14:10:16 0 d-------- C:\Program Files\SanDisk
2007-12-25 09:27:40 0 d-------- C:\Program Files\World of Warcraft
2007-12-14 23:43:47 0 d-------- C:\Program Files\DellSupport
-- Find3M Report ---------------------------------------------------------------
2008-01-11 02:43:21 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-10 17:35:57 0 d-------- C:\Documents and Settings\Ali\Application Data\Adobe
2008-01-10 12:27:34 0 d-------- C:\Program Files\Common Files
2008-01-10 11:24:30 16128 --a------ C:\Documents and Settings\Ali\Application Data\wklnhst.dat
2008-01-06 22:27:14 0 d-------- C:\Program Files\Hasbro Interactive
2008-01-06 22:23:53 0 d-------- C:\Program Files\Kaleidoscope Mahjongg
2008-01-06 22:21:26 0 d-------- C:\Program Files\Java
2008-01-05 19:01:16 0 d-------- C:\Program Files\Atari
2008-01-05 18:59:53 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-05 18:38:21 0 d-------- C:\Program Files\Infogrames Interactive
2008-01-05 18:21:10 0 d-------- C:\Program Files\Yahoo!
2008-01-05 17:59:39 0 d-------- C:\Program Files\MUSICMATCH
2008-01-05 17:42:33 0 d-------- C:\Program Files\Google
2008-01-05 14:31:17 0 d-------- C:\Program Files\Sonic
2008-01-05 14:29:36 0 d-------- C:\Program Files\The Learning Company
2007-12-25 19:45:26 0 d-------- C:\Documents and Settings\Ali\Application Data\ArcSoft
2007-12-25 10:06:44 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2007-12-14 23:44:34 0 d--h----- C:\Documents and Settings\Ali\Application Data\Gtek
2007-12-14 21:04:14 0 d-------- C:\Documents and Settings\Ali\Application Data\Yahoo!
2007-12-05 09:00:28 0 d-------- C:\Program Files\Symantec
2007-12-05 08:49:49 0 d-------- C:\Program Files\UltimateViewer
2007-11-26 09:42:23 0 d-------- C:\Documents and Settings\Ali\Application Data\Google
2007-11-26 09:00:23 142888 --a------ C:\Documents and Settings\Ali\Application Data\GDIPFONTCACHEV1.DAT
2007-11-23 03:04:35 0 d-------- C:\Program Files\MSXML 4.0
2007-11-22 21:32:53 0 d-------- C:\Documents and Settings\Ali\Application Data\Mozilla
2007-11-22 21:27:50 0 d-------- C:\Documents and Settings\Ali\Application Data\SecondLife
2007-11-22 19:42:55 0 d-------- C:\Program Files\Common Files\Real
2007-11-22 19:42:54 0 d-------- C:\Program Files\Real
2007-11-22 19:42:37 0 d-------- C:\Documents and Settings\Ali\Application Data\Real
2007-11-22 19:41:49 0 d-------- C:\Program Files\Return to Castle Wolfenstein
2007-11-22 19:29:09 0 d-------- C:\Program Files\Common Files\AOL
2007-11-22 19:25:49 0 d-------- C:\Program Files\WordPerfect Office 12
2007-11-22 19:25:38 0 d-------- C:\Program Files\Print Workshop 2006 LE
2007-11-22 19:25:22 0 d-------- C:\Program Files\Kazaa
2007-11-22 19:25:15 0 d-------- C:\Program Files\Intel
2007-11-22 19:25:07 0 d-------- C:\Program Files\GameSpy Arcade
2007-11-22 19:25:06 0 d-------- C:\Program Files\FunWebProducts
2007-11-22 19:24:56 0 d-------- C:\Program Files\Common Files\aolshare
2007-11-22 19:24:47 0 d-------- C:\Program Files\AOL 9.0
2007-11-21 23:33:06 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-21 17:47:55 0 d-------- C:\Program Files\LimeWire
2007-11-21 13:20:32 0 d-------- C:\Program Files\MSN Messenger
2007-11-21 09:29:02 0 d-------- C:\Program Files\Rogers
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}"= C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL [ ]
[-HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}]
[HKEY_CLASSES_ROOT\bfgtoolbar.BFGTOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [14/10/2004 07:42 PM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [23/02/2005 04:19 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [27/07/2004 04:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [27/07/2004 04:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [27/01/2005 01:02 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11/05/2005 11:12 PM]
"BearShare"="C:\Program Files\BearShare\BearShare.exe" []
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [20/09/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [20/09/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [20/09/2005 09:36 AM]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [08/10/2004 11:52 AM]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [18/01/2005 05:47 PM]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [18/01/2005 05:37 PM]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [26/06/2007 01:48 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [10/01/2007 12:59 AM]
"osCheck"="C:\PROGRA~1\Symantec\osCheck.exe" [14/01/2007 02:11 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [12/03/2007 06:30 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:54 PM]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" []
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [18/01/2005 05:07 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [21/11/2007 12:52 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 05:00 AM]
"RogersAgent"="c:\Program Files\Rogers\SelfHealing\rogersagent.exe" [23/04/2007 03:51 PM]
"SHS"="C:\Program Files\Rogers\SelfHealing\SHS.exe" [12/10/2007 03:30 PM]
"Update Manager"="C:\Program Files\Rogers\Update Manager\UpdateManager.exe" [12/10/2007 03:30 PM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [12/09/2007 02:04 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 02:06 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 01:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2008-01-11 13:08:04 ------------
My PC seems a lot better now. It seems to be running slow, but all of the pop-up, random browser opening and warnings have stopped.
Can you give me any idea what I did to open my computer up to this. My child plays the online game "Runescape", should I be worried about accessing this site?
Thankyou, so much for all your help.