Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

combofix and HijackThis logs. Also uninstall list

Started by uberbrent , Jan 17 2008 06:58 PM

  • Please log in to reply

#1
uberbrent
Posted 17 January 2008 - 06:58 PM

uberbrent

    New Member

  • Member
  • Pip
  • 1 posts
I had a lot of popups from outerinfo. I followed the directions on your site to get rid of it and here are my logs.






ComboFix 08-01-18.3 - NCS Customer 2008-01-17 18:34:10.1 - NTFSx86
Running from: C:\Documents and Settings\NCS Customer\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\NCS Customer\My Documents\WNSXS~1
C:\Program Files\Words
C:\Program Files\Words\list.txt
C:\WINDOWS\system32\pac.txt

.
((((((((((((((((((((((((( Files Created from 2007-12-18 to 2008-01-18 )))))))))))))))))))))))))))))))
.

2008-01-17 18:31 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-17 18:28 . 2007-10-31 05:12 3,590,656 --------- C:\WINDOWS\system32\SET6B8.tmp
2008-01-17 18:28 . 2007-10-10 18:56 1,159,680 --------- C:\WINDOWS\system32\SET6B2.tmp
2008-01-17 18:28 . 2007-10-10 18:56 824,832 --------- C:\WINDOWS\system32\SET6B0.tmp
2008-01-17 18:28 . 2007-10-10 18:55 459,264 --------- C:\WINDOWS\system32\SET6BA.tmp
2008-01-17 18:28 . 2007-10-10 18:55 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-01-17 18:28 . 2007-10-10 18:56 232,960 --------- C:\WINDOWS\system32\SET6B1.tmp
2008-01-17 18:28 . 2007-10-10 18:55 105,984 --------- C:\WINDOWS\system32\SET6B3.tmp
2008-01-17 18:28 . 2007-10-10 18:55 52,224 --------- C:\WINDOWS\system32\SET6B9.tmp
2008-01-17 18:28 . 2007-10-10 18:55 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-01-17 18:24 . 2008-01-17 18:24 759 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-01-17 18:17 . 2006-06-03 06:40 33,792 -----c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-01-17 18:17 . 2008-01-17 18:24 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-01-17 18:16 . 2006-03-23 23:37 49,152 --a------ C:\WINDOWS\system32\SET5F9.tmp
2008-01-17 18:11 . 2008-01-17 18:18 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-17 15:23 . 2008-01-17 15:23 <DIR> d-------- C:\Documents and Settings\NCS Customer\Application Data\Bitdefender
2008-01-17 14:52 . 2008-01-17 15:28 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-01-17 14:47 . 2008-01-17 14:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-01-17 14:38 . 2008-01-17 14:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-17 14:30 . 2008-01-17 16:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-17 13:35 . 2008-01-17 13:35 24 --a------ C:\WINDOWS\AM_D0.PRF
2008-01-16 18:05 . 2008-01-16 18:05 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-01-16 03:11 . 2006-08-21 04:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-01-16 03:11 . 2006-08-21 04:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-01-16 03:11 . 2006-08-21 07:21 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-01-16 03:05 . 2008-01-16 03:05 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-01-15 17:13 . 2008-01-15 17:13 <DIR> d-------- C:\Documents and Settings\NCS Customer\Application Data\DivX
2008-01-15 12:13 . 2007-10-25 22:34 8,460,288 --a------ C:\WINDOWS\system32\SET604.tmp
2008-01-15 12:13 . 2007-10-25 22:34 8,460,288 -----c--- C:\WINDOWS\system32\dllcache\SET606.tmp
2008-01-15 12:13 . 2007-07-09 08:09 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-15 12:13 . 2007-10-29 05:04 350,720 --a------ C:\WINDOWS\system32\SET605.tmp
2008-01-15 11:53 . 2008-01-15 12:33 <DIR> d-------- C:\Program Files\BitLord
2008-01-15 11:49 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-15 11:49 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-14 23:07 . 2008-01-14 23:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-01-14 23:06 . 2008-01-14 23:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-01-14 21:43 . 2008-01-14 21:43 <DIR> d-------- C:\WINDOWS\provisioning
2008-01-14 21:39 . 2008-01-14 21:39 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-01-14 21:30 . 2008-01-14 21:31 <DIR> d-------- C:\Documents and Settings\NCS Customer\Application Data\Yahoo!
2008-01-14 21:27 . 2008-01-14 21:27 <DIR> d-------- C:\WINDOWS\EHome
2008-01-14 21:22 . 2008-01-14 21:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-01-14 21:10 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-01-14 21:10 . 2004-08-04 00:56 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2008-01-14 21:10 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-01-14 21:10 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-01-14 19:50 . 2008-01-14 19:50 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-14 19:35 . 2004-08-04 02:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-01-14 18:17 . 2004-08-04 02:56 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2008-01-14 18:17 . 2004-08-04 02:56 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2008-01-14 18:17 . 2004-08-04 02:56 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2008-01-14 18:15 . 2007-04-23 05:14 364,160 --a--c--- C:\WINDOWS\system32\dllcache\update.sys
2008-01-14 18:08 . 2005-10-20 17:20 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2008-01-14 18:03 . 2008-01-14 23:08 <DIR> d-------- C:\Program Files\Common Files\logishrd
2008-01-14 18:03 . 2004-08-04 02:56 294,912 --a------ C:\WINDOWS\system32\msh263.drv
2008-01-14 18:03 . 2004-08-04 02:56 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-01-14 18:03 . 2004-08-04 02:56 47,616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2008-01-14 18:03 . 2001-08-17 22:36 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll
2008-01-14 18:03 . 2001-08-17 22:36 8,192 --a--c--- C:\WINDOWS\system32\dllcache\tsbyuv.dll
2008-01-14 17:35 . 2008-01-17 18:29 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-01-14 17:35 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-14 17:33 . 2008-01-14 17:33 <DIR> d-------- C:\WINDOWS\system32\bits
2008-01-14 17:33 . 2004-08-04 02:56 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2008-01-14 17:33 . 2004-08-04 02:56 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-01-14 17:33 . 2004-08-04 02:56 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-01-14 17:33 . 2004-08-04 02:56 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-01-14 17:28 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-01-14 17:28 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-01-14 17:28 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-01-14 17:28 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-01-14 17:28 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-01-14 17:28 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-01-14 17:28 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-01-14 17:28 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-01-14 17:28 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-01-14 17:21 . 2008-01-14 23:06 <DIR> d-------- C:\Program Files\Logitech
2008-01-14 17:18 . 2008-01-17 15:30 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-14 17:18 . 2008-01-14 17:18 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-14 17:07 . 2004-08-04 01:07 59,264 --a------ C:\WINDOWS\system32\drivers\usbaudio.sys
2008-01-13 15:31 . 2004-08-04 02:56 2,113,536 --a------ C:\WINDOWS\system32\dxdiagn.dll
2008-01-13 15:27 . 2008-01-13 15:30 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2008-01-12 22:12 . 2008-01-12 22:15 <DIR> d-------- C:\WINDOWS\system32\edcA01
2008-01-12 22:12 . 2008-01-12 22:12 <DIR> d-------- C:\Temp\Ryuan1
2008-01-12 22:12 . 2008-01-12 22:12 <DIR> d-------- C:\Temp
2008-01-12 22:10 . 2008-01-15 17:11 <DIR> d-------- C:\Program Files\DivX
2008-01-12 22:06 . 2008-01-12 22:06 <DIR> d-------- C:\WINDOWS\Sun
2008-01-12 20:25 . 2008-01-12 20:25 <DIR> d-------- C:\Documents and Settings\NCS Customer\Application Data\Aim
2008-01-12 20:23 . 2008-01-14 20:27 <DIR> d-------- C:\Program Files\Viewpoint
2008-01-12 20:23 . 2008-01-12 20:23 <DIR> d-------- C:\Program Files\AOD
2008-01-12 20:23 . 2008-01-12 20:25 <DIR> d-------- C:\Program Files\AIM
2008-01-12 19:54 . 2008-01-12 19:54 <DIR> d-------- C:\Program Files\iTunes
2008-01-12 19:54 . 2008-01-12 19:54 <DIR> d-------- C:\Program Files\iPod
2008-01-12 19:54 . 2008-01-12 19:54 <DIR> d-------- C:\Documents and Settings\NCS Customer\Application Data\Apple Computer
2008-01-12 19:52 . 2008-01-12 19:53 <DIR> d-------- C:\Program Files\QuickTime
2008-01-12 19:52 . 2008-01-12 19:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-12 19:51 . 2008-01-12 19:51 <DIR> d-------- C:\Program Files\Apple Software Update
2008-01-12 19:51 . 2008-01-12 19:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-12 19:46 . 2008-01-12 22:10 1,292 --a------ C:\WINDOWS\mozver.dat
2008-01-12 19:13 . 2008-01-12 19:13 0 --a------ C:\WINDOWS\nsreg.dat
2008-01-12 19:04 . 2008-01-14 21:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-12 18:38 . 2003-12-11 11:15 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-17 07:02 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-01-15 04:07 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-14 22:38 --------- d-----w C:\Program Files\Google
2008-01-04 21:58 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-01-04 21:58 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-01-04 21:58 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2006-10-03 07:43 2,402,550 ----a-w C:\WINDOWS\inf\SET647.tmp
2004-05-26 18:41 1,067,932 ----a-w C:\Program Files\setupistation.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\PROGRA~1\AIM\aim.exe" [2006-08-01 15:35 67112]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-01-14 17:24 171448]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2004-02-10 09:55 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2004-02-10 09:51 118784]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe" [2004-02-22 22:44 32881]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-02-29 15:44 66680]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38 241664]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 01:12 488984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 01:13 774168]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-04-02 16:48 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NoIE4StubProcessing"="C:\WINDOWS\system32\reg.exe" [2004-08-04 02:56 50176]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe" [2007-02-03 10:23 430080]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 05:19:24]
Push Client.LNK - C:\Interwise\Student\pull.exe [2004-05-18 13:44:50]
TabUserW.exe.lnk - C:\WINDOWS\system32\Wtablet\TabUserW.exe [2003-12-04 15:48:40]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
--a------ 2004-03-02 10:49 86016 c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-12-11 10:56 286720 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2003-04-24 18:53 54784 C:\WINDOWS\SOUNDMAN.EXE


*Newly Created Service* - HTTPFILTER
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-01-13 00:51:59 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-14 12:30:00 C:\WINDOWS\Tasks\Windows Update.job"
- C:\WINDOWS\system32\wupdmgr.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-18 18:45:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-18 18:47:13
ComboFix-quarantined-files.txt 2008-01-18 23:47:09
.
2008-01-17 23:34:45 --- E O F ---











Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:35:52 PM, on 1/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Interwise\Student\pull.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Push Client.LNK = C:\Interwise\Student\pull.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/potd_x.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1200349701812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1200353204140
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 9986 bytes













And here is my uninstall list from HijackThis as well.












Accelerated Reader 6.0
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
Agere Systems PCI Soft Modem
AOL Instant Messenger
Apple Software Update
BitDefender Free Edition v10
BitLord 1.1
CCleaner (remove only)
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Finale NotePad 2004
Google Toolbar for Internet Explorer
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
HP Image Zone 3.5
HP PSC & OfficeJet 3.5
HP Software Update
Intel Application Accelerator
Intel® Extreme Graphics Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
Interwise Outlook AddIn
Interwise Participant
iTunes
Java 2 Runtime Environment, SE v1.4.2_04
LiveUpdate 2.0 (Symantec Corporation)
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera Driver
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Windows Journal Viewer
Mozilla Firefox (2.0.0.11)
MSXML 4.0 SP2 (KB936181)
MVision
Pen Tablet
QuickTime
Realtek AC'97 Audio
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Spybot - Search & Destroy
Symantec AntiVirus
TeLL me More e-learning
The Imagination Station (remove only)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885626
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinZip
Yahoo! Anti-Spy
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Toolbar
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP