Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer infected with viruses ( Spyware, Keyloggers, trojans)


  • Please log in to reply

#1
ComputerHasVirus

ComputerHasVirus

    New Member

  • Member
  • Pip
  • 1 posts
Hello, my computer is infected by an abundant amount of viruses. I recently did everything (almost) that was instructed on the sticky post.. (download Superantispyware and etc) and i also followed the steps of the Preventing future viruses ( something like that)). After a couple days of scanning, I'm still skeptical and I feel that my computer is still not clean from Keyloggers and trojans such as PSW. Onlinegames.... ( the spyware has variations ).

Here's the logs from Malwarebytes - AntiMalware (both quick scan and scan) , Superantispyware, and Hijackthis (also have uninstall list)

thanks a bunch. :) I'll try my best to reply as fast as i can... I can only reply during the morning hours (eastern time)
---------------------------------------------------------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.18
Database version: 889

7:44:35 AM 6/25/2008
mbam-log-6-25-2008 (07-44-35).txt

Scan type: Quick Scan
Objects scanned: 48296
Time elapsed: 10 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


----------------------------------------------

Malwarebytes' Anti-Malware 1.18
Database version: 889

9:53:34 AM 6/25/2008
mbam-log-6-25-2008 (09-53-34).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 193672
Time elapsed: 1 hour(s), 4 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
D:\WINDOWS1\system32\k11948817133.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\WINDOWS1\system32\k11973870334.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.

=======================================================

SUPERAntiSpyware Scan Log
Generated 06/25/2008 at 11:18 AM

Application Version : 3.6.1000

Core Rules Database Version : 3490
Trace Rules Database Version: 1481

Scan type : Complete Scan
Total Scan Time : 02:43:37

Memory items scanned : 478
Memory threats detected : 0
Registry items scanned : 5152
Registry threats detected : 0
File items scanned : 158979
File threats detected : 202

Adware.Tracking Cookie
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][3].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][bleep]white[1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected]_count[1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
D:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][3].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected]-dig.hitbox[2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][1].txt
D:\Documents and Settings\Kuang.KUANG-8F4ABAB47\Cookies\[email protected][2].txt

Trace.Known Threat Sources
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\012FWLQN\footer_cat[1].gif
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W1AJ4HYF\topimage3[1].jpg
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\K5Y7K9QF\spacer[2].gif
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8ZAZA9IL\div[1].gif

----------------------------------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:17:41 AM, on 6/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Ai Nap\AiNap.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\User Time Administrator\utcontr.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.china.com/zh_cn/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Nap\AiNap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [1utcontr.exe] C:\Program Files\User Time Administrator\utcontr.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8328 bytes

---------------------------------------------------------------------------------------------------------------------------------------------------------------------

Uninstall list from Hijackthis- I think this is the list,,, not 100% sure.
I have these programs installed on my computer.

Ad-Aware
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.1.0
Ai Nap
AIM 6
Apple Mobile Device Support
Apple Software Update
AVG Free 8.0
Counter-Strike
Counter-Strike: Source
Creative System Information
DivX Content Uploader
DivX Web Player
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Essential
HP Solution Center 7.0
HP Update
Java™ 6 Update 3
Java™ 6 Update 5
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0)
NVIDIA Drivers
Panda ActiveScan 2.0
QuickTime
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Sound Blaster X-Fi
SoundMAX
Source SDK Base
SPORE™ Creature Creator Trial Edition
SpywareBlaster 4.1
SpywareGuard v2.2
Steam
SUPERAntiSpyware Free Edition
System Requirements Lab
Team Fortress 2
TI Connect 1.6
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update Rollup 2 for Windows XP Media Center Edition 2005
Ventrilo Client
Windows Desktop Search
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
World of Warcraft
ZoneAlarm
ZoneAlarm Spy Blocker

Edited by ComputerHasVirus, 26 June 2008 - 07:40 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP