Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Having issues on boot and applications. [RESOLVED]


  • This topic is locked This topic is locked

#1
BrandonKeith

BrandonKeith

    Member

  • Member
  • PipPip
  • 35 posts
having some troubles with my comp seeming like the processor is bogging down :tazz: while i'm doing anything... never happend before.. did all the stuff all ready on the basic removal page.. not the first time i've been here, then turned off file indexing. didn't really see any improvement. i haven't down loaded anything in a while and this started happening about a month ago with the video.. also when i turn my comp on, everything is cool until the logon screen.. once i log on it's like my comp takes a major pooh... i can't open anything or do anything for all most 2 minutes.. this never use to happen before.. i've all ready posted a topic in the xp/2k forum and CRANKY told me i have malware and to post my hijack log here..

here's the link to my other topic.
http://www.geekstogo...ION-t51111.html

also here is my new hijack this log.. i've done the basic stuff, i didn't do an online scan last time, so i just did one and have 2 java files that are infected and uncleanable as far as trent says.. can't quite figure how anything ended up there being as though i never really see java run... anyway, here's my log..


Scan saved at 2:55:44 AM, on 8/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SONY\sHotKey\sHotKey.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgrounds.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe



edit: august 9, 7:38pm

also, just did a MicroWorld scan. My god this can't be good.. and just saw the new net stuff in my hijack log... please help...

File C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
File C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
Object "Quicken Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "New.net Startup Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "iSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\drivers\pxhelp20.sys". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\Default.rul". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\InterVideo\Common\Bin\IVIPromotion.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Documents and Settings\Administrator\Local Settings\Temp\MFILES\info.txt". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Documents and Settings\Administrator\Local Settings\Temp\MFILES\ISSMOD.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Real\GToolbar\BarControl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227CF05-1F01-11D6-A4E5-00E02921EA26}" refers to invalid object "PLGLCTR.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf50-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "SEM.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf51-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "PLGLCTR.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf53-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf54-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf55-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf56-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf57-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf58-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf59-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf5a-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf5b-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf5c-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf80-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{02391F44-2767-4E6A-A484-9B47B506F3A4}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{075BB8A1-B7D8-11D2-A1C6-00609778EA66}" refers to invalid object "C:\WINDOWS\system32\mp4sds32.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{078C3DAA-9E58-4D42-9E1C-7C8EE79539C5}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0C0423F7-7A04-4D32-9BDC-006DB1D0A1E2}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0D568FFD-296A-4906-B2AA-0ACEC8C15B2C}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0DED49D5-A8B7-4d5d-97A1-12B0C195874D}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0F8E3D73-57CD-4F51-8805-256906F56960}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\FWDAdSet.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{10686BC1-2199-11D6-A4E5-00E02921EA26}" refers to invalid object "chkfrnd.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{11FB1B30-ABB9-4A77-A237-538C7F465EEC}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1BC5B47C-5D81-4370-8A72-B8A9B2B610D9}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1E3C6834-7B22-4787-AE1C-A750D0FA0D6B}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2313B221-9F3C-405E-B143-AB47887C3121}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{24D10ECA-8DD5-4A48-99D3-334C3DD9B6F6}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{26D18B46-800B-4C55-977F-B69E45064ED8}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}" refers to invalid object "C:\PROGRA~1\AWS\WEATHE~1\MINIBU~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{31D94EC3-16B4-4398-92A3-04974163124E}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{324463FD-4238-4B56-93AD-09337F0AC59F}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3B27374C-5310-48ED-B8B5-291E7FE4B838}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3C2BCF9E-CE40-4A3D-B79C-46B873BD43CE}" refers to invalid object "C:\Program Files\MoodLogic\IMix\mL_Mixer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3F01122F-0C9A-4621-A7FD-99C6EFAE8363}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{430106F1-5EF4-4D2E-8C52-7E3CEAB65DBD}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{444BEA16-E6DF-45AF-A4D4-B0F81ABA7CA0}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{44BE1747-DC65-4261-904F-17CA43E212B4}" refers to invalid object "D:\launch.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{45D66640-2199-11D6-A4E5-00E02921EA26}" refers to invalid object "cookie.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}" refers to invalid object "C:\Program Files\DefilerPak\CoreAAC.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477AC035-C5D3-43CC-A24C-5925D217C252}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4B8AD1AA-41BD-4584-8B07-ABC94A21CDDD}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\FWDEng.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4C171D40-8277-11D5-AD55-00010333D0AD}" refers to invalid object "C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4CC764A2-B256-4DA9-94FB-537D633E7DCE}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4D42EA2E-9D32-4b07-AE00-8797C6B1BAA3}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{513CA31C-93BB-422A-A5FD-63A8B7D21CE0}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{51FC6685-6FA7-45CF-86E1-9605B9080F73}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{56336BCA-3D8A-11d6-A00B-0050DA18DE71}" refers to invalid object "C:\DOCUME~1\Brandon\LOCALS~1\Temp\InfoWindow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{598EBA02-B49A-11D2-A1C1-00609778EA66}" refers to invalid object "C:\WINDOWS\system32\mp4sds32.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5FAD1E5E-E7DE-434F-B2AE-EE9244BDA638}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{63ba30ae-7909-11d4-919b-006008c0a5c6}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{642D692A-C61C-4241-AF83-4FD8BDD715B2}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{65BEE5C4-37C8-447F-9707-CD7B21AD67E4}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{68B957A0-C4DA-11D6-A4E5-00E02921EA26}" refers to invalid object "NeoMic.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{68b957a1-c4da-11d6-a4e5-00e02921ea26}" refers to invalid object "NeoMic.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}" refers to invalid object "C:\Program Files\DefilerPak\CoreAAC.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{703EFEAB-7F84-4BE9-B978-FF4C6A8BA794}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{75838A0D-B431-4C31-9487-C5A96DD39EF4}" refers to invalid object "C:\WINDOWS\system32\mp4sds32.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{75CB2D18-1182-44F0-B510-491D7817F4CB}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{77983549-FFDA-4A88-B48F-B924E8D1F01C}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{80385330-087A-4d61-8956-BAEEE05CA33C}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{814FE9E3-E0BA-4FAF-B5DA-8F7B1AB1F4B1}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8633B121-42DC-4A78-A8BD-651357771E77}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{889EF574-0656-4B52-9091-072E52BB1B80}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{895C2476-7DDA-440E-B300-208DA45DCF18}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8A32E183-25EB-402F-82D5-D3E75215BF3F}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8CAE96B7-85B1-4605-B23C-17FF5262B296}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8EABEED3-993D-4FC9-BDC9-132DE204F606}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{90A23A0D-C222-4016-A99A-57E56BD44877}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{915E0060-918C-4A02-A585-1B912BA71CEE}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{92A77B10-8C47-4A73-8822-F13D5F5E2AC2}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{947D05CA-CE16-40EE-9031-2C3C57F00AE6}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9866EF5C-22AD-4E7A-AEDA-92BB953E8556}" refers to invalid object "C:\Program Files\MoodLogic\IMix\mL_Mixer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}" refers to invalid object "C:\DOCUME~1\Brandon\LOCALS~1\Temp\CmdLineExt02.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9AF35C01-638C-4DAC-B39A-3E552035B5BC}" refers to invalid object "C:\Program Files\MoodLogic\Sony Shooter\VBPlShooter.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9C4B87BB-1C6D-4C1D-9447-A054C17BA247}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9FDAD0C2-9FB3-47A4-8B30-C4FA2FADC9E9}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A5B2CD2A-AA46-4DA8-8D06-AB56938DEC0A}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A6616B31-4860-41E2-98E3-CA7649AF172F}" refers to invalid object "D:\launch.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A758E17B-86ED-498E-8C00-4BE44CFDDCAB}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AB97AFC3-D08E-4E2D-98E0-AEE6D4634BA4}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AD221EED-B528-4A12-B15B-3C58F9640A37}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0121D00-1FBF-11d6-A4E5-00E02921EA26}" refers to invalid object "cookie.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BA20AECE-61D3-4912-BE15-DCACAB97D094}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}" refers to invalid object "C:\Program Files\DefilerPak\CoreAAC.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C19543F1-160B-4582-B385-857A0C5A0448}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C4F11413-9084-45EB-B1FA-103F67E98F4E}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C5379125-FD36-4277-A7CD-FAB469EF3A2F}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C6041B9F-116B-4108-B343-45A979B506F8}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D24F6664-A567-46A9-8B51-7AFE94407329}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D8E1617B-A1A1-4958-AD02-08D5AD9C5B6A}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DB73AEF3-2E2E-430F-9E49-5F3943BD53B1}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DBB0E655-B5DF-4DF7-9A12-D0E577650655}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DD5F1BAF-BEA2-48B2-97D2-F0622A0AB79D}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DD86AC17-BF44-431F-BA3E-923388D0F7EA}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\fwRemoteCfg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E0FCD4C3-D347-42D2-90BB-FA8856DADBF6}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E1186645-3752-406C-A3B1-3E95D62964DB}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E70B4BA0-1F20-11d6-A4E5-00E02921EA26}" refers to invalid object "chkfrnd.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EBB3ED10-209D-11D6-A4E5-00E02921EA26}" refers to invalid object "SEM.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EBB3ED11-209D-11D6-A4E5-00E02921EA26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EF904337-9862-40DA-B448-C65F2D3F47DC}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F07E245F-5A1F-4D1E-8BFF-DC31D84A55AB}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F18B8B3D-5FD0-4b3a-B66D-F37282201298}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F423C50C-E0E0-45DE-9285-634EE1B87A2B}" refers to invalid object "C:\Program Files\MoodLogic\IMix\mL_Mixer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F54A208E-A072-4040-9F82-ADB9EAC503E4}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F60E244C-46A8-4188-9C21-30A3B87CE452}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\FWDEng.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F9F17F21-1E3E-42BB-8DA3-FC51C616C2C5}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FD0A5AF3-B41D-11d2-9C95-00C04F7971E0}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FD2280A8-51A4-11D2-A601-3078302C2030}" refers to invalid object "C". Action Taken: No Action Taken.
Entry "HKCR\Context.test" refers to invalid object "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}". Action Taken: No Action Taken.
Entry "HKCR\Context.test.1" refers to invalid object "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSP" refers to invalid object "{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSPDMOProp_Chorus.1" refers to invalid object "{6F63B172-5543-4593-91CE-EDBA65B9FACDB}". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\SpyDoctor.EBankProblem" refers to invalid object "{AE612304-E8F9-45D9-A444-32409D33E954}". Action Taken: No Action Taken.
Entry "HKCR\SpyDoctor.QuarantinedItemProxy" refers to invalid object "{C2CE6266-0404-4C54-96B4-8829852E3537}". Action Taken: No Action Taken.
Entry "HKCR\SpyDoctor.ScripterProxy" refers to invalid object "{9FEF02F5-B3B8-4D7B-8939-72A1C989D1B9}". Action Taken: No Action Taken.
Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.
File C:\WINDOWS\NDNuninstall6_38.exe tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
File C:\WINDOWS\system32\wintcpmod.exe infected by "Trojan.Win32.Pakes" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Brandon\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3c936701-385e4e39.zip infected by "Trojan-Downloader.Java.OpenStream.w" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Brandon\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-2a14d203-47e876e6.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus! Action Taken: No Action Taken.
File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File C:\Program Files\NewDotNet\uninstall6_38.exe tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1701668E tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\287463E9 tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\28770DE6 tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55B05414.exe tagged as not-a-virus:PSWTool.Win32.Brutus. No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5CCF7B5A.exe tagged as not-a-virus:PSWTool.Win32.Brutus. No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6828102B tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\682B3A27 tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.d". Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6AAE5EB9.class infected by "Trojan.Java.ClassLoader.h" Virus! Action Taken: No Action Taken.
File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6AB108B6.class infected by "Trojan.Java.ClassLoader.d" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\NDNuninstall6_38.exe tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
File C:\WINDOWS\system32\wintcpmod.exe infected by "Trojan.Win32.Pakes" Virus! Action Taken: No Action Taken. ;) :) :(

Edited by BrandonKeith, 10 August 2005 - 09:16 AM.

  • 0

Advertisements


#2
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Hi BrandonKeith,

First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing NewDotNet.

To Get rid of NewDotNet, go to:

Start > Control Panel > Add or Remove Programs and remove the following:

New.Net Applications or New.Net Domains (anything that says New.Net)

If it is not there, go here and follow Procedure 4: NewDotNet Removal Procedure 4.

In the event that you lose Internet access after removing New.Net, please double-click LSPFix.exe that you downloaded earlier. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do.
  • 0

#3
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
ok, i've got that gone now.. didn't have any issues with losing my net.. another prob popped up today to.. i turned on my comp, and now the start bar will disappear after i log on for about 2 mins or so and my comp is still doing it's bogging down thing, but now.. my cd roms are gone.. i've got 2 dvd's and a virtual and i go over to my hardware manager and it's got the conflict exclamation mark next to all of them.. i don't get it.. i tried rolling back drivers, looking for updates.. uninstalling and reinstalling.. i really have no idea what's up.. anyway.. what's the next thing we're getting off this messed comp..?

Brandon

Oh.. fresh hijack log...





Logfile of HijackThis v1.99.1
Scan saved at 11:23:32 PM, on 8/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SONY\sHotKey\sHotKey.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgrounds.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

Edited by BrandonKeith, 11 August 2005 - 12:24 AM.

  • 0

#4
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Hi BrandonKeith

That log looks clean. In the MWAV there are several viruses to delete, most of which are in Java cache, so cleaning the cache would take care of it.

Navigate to and delete these two files, the second one is the Newdotnet uninstaller, it might be gone, but better let's check.

C:\WINDOWS\system32\wintcpmod.exe
C:\WINDOWS\NDNuninstall6_38.exe

Next, go into the Control Panel and double-click the Java icon.(coffee cup)

3. Under Temporary Internet Files, click the Delete Files button.

There are three options on this window to clear the cache - leave ALL 3 checked.
1. Downloaded Applets
2. Downloaded Applications
3. Other Files

4. Click OK on Delete Temporary Files window.
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

5. Click OK to leave the Java Control Panel.

As for your other problems, especially disappearing of drives, clearing the paging file might be a cure. For that you will have to make a simple registry edit, I hope you are comfortable going into the registry. In any event, you should back up the registry prior to any editing.

See this page for how to clear the paging file. It also links to the original Microsoft article.

Hope this helps..

Regards,

Armodeluxe
  • 0

#5
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
ok, problems i'm having is that i can't find those .exe files i am going to try clearing the paging file.. i heard that whatever is causing the problems could be related to my drives disappearing.. anyway, i hope you guys have any better ideas then i do..


edit: ok, i did the page file mod to my registry, no improvement, drives are still missing and i'm about to back up my important files on my back up comp then do a restore.. only question i have is can i restore this comp without crossing over the infected files..


oh, and fresh log...



Logfile of HijackThis v1.99.1
Scan saved at 11:58:51 PM, on 8/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SONY\sHotKey\sHotKey.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgrounds.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

Edited by BrandonKeith, 12 August 2005 - 12:59 AM.

  • 0

#6
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Let me ask the experts for ideas, I'll get back to you.
  • 0

#7
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Please download RootKitRevealer from here:
http://www.sysintern...kitrevealer.zip
Unzip it to the desktop, run it, and click Scan. This will generate a log file; please post the entire contents of the log file here for me to see.
  • 0

#8
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
this is all i got...




HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\ 2/19/2005 6:14 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 8/11/2005 9:29 PM 0 bytes Hidden from Windows API.
C:\Documents and Settings\Brandon\Application Data\Mozilla\Firefox\Profiles\v76tl6yj.default\Cache\C93F5F6Cd01 8/12/2005 4:04 AM 23.44 KB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\Brandon\Local Settings\Temp\~DFA9A5.tmp 8/12/2005 12:41 PM 16.00 KB Hidden from Windows API.
C:\Documents and Settings\Brandon\Local Settings\Temp\~DFA9B1.tmp 8/12/2005 12:41 PM 512 bytes Hidden from Windows API.
C:\Documents and Settings\Brandon\Local Settings\Temporary Internet Files\Content.IE5\4P27KPIJ\CAKP6BK5.HTM 8/12/2005 12:41 PM 1.15 KB Hidden from Windows API.
C:\Documents and Settings\Brandon\Recent\RootkitRevealer.chm.lnk 8/12/2005 12:41 PM 524 bytes Hidden from Windows API.
  • 0

#9
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Not much wrong in there..let's try emptying the java cache and temp files using a cleaning program.

Please download CCleaner from here:
http://www.ccleaner.com
Install and run it, and clean out your Temporary and Temporary Internet Files (as well as anything else you may want to clean out.) Just make sure under the Applications tab Firefox cache and Sun Java are checked and don't use the issues tab as it's known to bring out false positives.

Next, let's check your system files with XP's file checking utility.

Click Start
Select Run
At the prompt type sfc /scannow Please note that there is a single space between sfc and /scannow.

Typing this will start the program, and a box should appear telling you how much longer the process should take.

Sometimes the scan will prompt you for your Windows XP disc upon starting the scan. if this happens please make sure that you can view protected files:My Computer
Tools
Folder Options
View
"Uncheck" Hide protected operating system files.
Then rerun the scan. If this still asks you to put in your windows XP CD, and you do not have the CD (If you bought it preinstalled) post back for more tips, otherwise enter Windows CD.

Once the scan is complete:

Check your Windows Updates! After using the File Protection Service, you might need to reapply some updates.

Please reboot, and let me know if anything has changed.

Also, please rehide the protected files:My Computer
Tools
Folder Options
View
"Check" Hide protected operating system files.
For your disappearing drives problem we found this page. You could try pursuing the advices there.

http://www.pcreview....ead-1578136.php

Finally, I'd like to check for hidden data streams.
  • Open HiJackThis
  • Click on the "Config..." button on the bottom right
  • Click on the tab "Misc Tools"
  • Click on "Open ADS Spy.."
  • Click on "Scan"
  • Click on "Save Log..."
  • Copy and paste the List from the notepad into your next post

  • 0

#10
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
well, here's my log.. my comp asks me for my xp cd 2 but A. my drives are missing/ corrupt, and B. preinstalled but probably going to pay the stupid 17 bucks to sony for the discs.. anyway.. here's my log..



C:\Documents and Settings\All Users\Application Data\Sony Corporation\Click to DVD\2.0\Music\Short\ShakeHard_ses\ShakeHard.ses : Afp_AfpInfo (32 bytes)
C:\Documents and Settings\All Users\Documents\anime\Cowboy Bebop\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\All Users\Documents\anime\Hack Sign\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\All Users\Documents\anime\Trigun Needs Repair\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\All Users\Documents\Crimsonland\images\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Application Data\Microsoft\eHome\mcl_images\ehthumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Application Data\Yahoo! Messenger\spook_cutlass\receive\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\Asian\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\BF2 stuff\vtl-bf2k.exe : SummaryInformation (88 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\BF2 stuff\vtl-bf2k.exe : {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\forzen throne\Bum Fight\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\forzen throne\pics\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\forzen throne\Red Dwarf\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\forzen throne\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\forzen throne\unfinished\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\mwav.exe : SummaryInformation (88 bytes)
C:\Documents and Settings\Brandon\Desktop\BRANDONS BACKUP\mwav.exe : {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} (0 bytes)
C:\Documents and Settings\Brandon\Local Settings\Application Data\Microsoft\ehome\Image.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\Local Settings\Application Data\Microsoft\ehome\Video.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\My Documents\Battlefield 2\LogoCache\funnyspot.net\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\My Documents\EasyInfo\images\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\My Documents\My Music\iTunes\iTunes Music\Anybody Killa\Dirty History\17 2 Whom This May Concern.m4a : SummaryInformation (88 bytes)
C:\Documents and Settings\Brandon\My Documents\My Music\iTunes\iTunes Music\Anybody Killa\Dirty History\17 2 Whom This May Concern.m4a : {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} (0 bytes)
C:\Documents and Settings\Brandon\My Documents\My Pictures\krys\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\My Documents\My Pictures\Me\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Brandon\My Documents\My Pictures\Thumbs.db : encryptable (0 bytes)
C:\Program Files\World of Warcraft\Documentation\Images\buttons\Thumbs.db : encryptable (0 bytes)
C:\Program Files\World of Warcraft\Documentation\Images\Thumbs.db : encryptable (0 bytes)
C:\Program Files\World of Warcraft\Documentation\Images\titles\Thumbs.db : encryptable (0 bytes)
C:\Program Files\Yahoo!\Messenger\Media\misc\Thumbs.db : encryptable (0 bytes)
C:\Program Files\Yahoo!\Messenger\Profiles\spook_cutlass\My Icons\Thumbs.db : encryptable (0 bytes)
C:\Program Files\Yahoo!\Messenger\YView\Thumbs.db : encryptable (0 bytes)
C:\Video\Thumbs.db : encryptable (0 bytes)
C:\WINDOWS\muninst.exe : SummaryInformation (88 bytes)
C:\WINDOWS\muninst.exe : {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} (0 bytes)
C:\WINDOWS\SONYSYS\ICONS\Thumbs.db : encryptable (0 bytes)
C:\WINDOWS\system32\Thumbs.db : encryptable (0 bytes)
  • 0

Advertisements


#11
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Well, that log is clean also..

The problems you are having are not malware related as we rid of the few you had and I'm exhausting ideas..I'd suggest you post back in the Windows forum and state that you got a clean bill from the Malware Forum..I will keep this thread open and should you decide to do a system restore, please post a new HijackThis log and I'll take a look at it.

I wish you luck in solving your problems, and if you do please inform how you went around doing that..

Regards,

Armodeluxe
  • 0

#12
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
All righty.. i'm going to finish up with backing up my important files on my storage comp and then I'm going to run one more micro-world scan and then probably do a system restore..
  • 0

#13
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
here's my log from micro world and there's still 3 spywares on my comp from what i can tell in the log and it looks like one or two in the list have pathways to the drivers file in my system 32 file. not sure if i'm even reading it right, anyway, tell me if any of this helps...




Object "Quicken Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "iSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\drivers\pxhelp20.sys". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\Default.rul". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\InterVideo\Common\Bin\IVIPromotion.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Documents and Settings\Administrator\Local Settings\Temp\MFILES\info.txt". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Documents and Settings\Administrator\Local Settings\Temp\MFILES\ISSMOD.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Real\GToolbar\BarControl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227CF05-1F01-11D6-A4E5-00E02921EA26}" refers to invalid object "PLGLCTR.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf50-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "SEM.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf51-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "PLGLCTR.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf53-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf54-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf55-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf56-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf57-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf58-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf59-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf5a-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf5b-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf5c-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0227cf80-1f01-11d6-a4e5-00e02921ea26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{02391F44-2767-4E6A-A484-9B47B506F3A4}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{075BB8A1-B7D8-11D2-A1C6-00609778EA66}" refers to invalid object "C:\WINDOWS\system32\mp4sds32.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{078C3DAA-9E58-4D42-9E1C-7C8EE79539C5}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0C0423F7-7A04-4D32-9BDC-006DB1D0A1E2}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0D568FFD-296A-4906-B2AA-0ACEC8C15B2C}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0DED49D5-A8B7-4d5d-97A1-12B0C195874D}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0F8E3D73-57CD-4F51-8805-256906F56960}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\FWDAdSet.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{10686BC1-2199-11D6-A4E5-00E02921EA26}" refers to invalid object "chkfrnd.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{11FB1B30-ABB9-4A77-A237-538C7F465EEC}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1BC5B47C-5D81-4370-8A72-B8A9B2B610D9}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1E3C6834-7B22-4787-AE1C-A750D0FA0D6B}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}" refers to invalid object "C:\abu\Comct232.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2313B221-9F3C-405E-B143-AB47887C3121}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{24D10ECA-8DD5-4A48-99D3-334C3DD9B6F6}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{26D18B46-800B-4C55-977F-B69E45064ED8}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{307A6C42-0000-0010-8000-00AA00389B71}" refers to invalid object "c:\program files\warcraft iii\blizzard.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{31D94EC3-16B4-4398-92A3-04974163124E}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{324463FD-4238-4B56-93AD-09337F0AC59F}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3B27374C-5310-48ED-B8B5-291E7FE4B838}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3C2BCF9E-CE40-4A3D-B79C-46B873BD43CE}" refers to invalid object "C:\Program Files\MoodLogic\IMix\mL_Mixer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3F01122F-0C9A-4621-A7FD-99C6EFAE8363}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{430106F1-5EF4-4D2E-8C52-7E3CEAB65DBD}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{444BEA16-E6DF-45AF-A4D4-B0F81ABA7CA0}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{44BE1747-DC65-4261-904F-17CA43E212B4}" refers to invalid object "D:\launch.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{45D66640-2199-11D6-A4E5-00E02921EA26}" refers to invalid object "cookie.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}" refers to invalid object "C:\Program Files\DefilerPak\CoreAAC.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477AC035-C5D3-43CC-A24C-5925D217C252}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4B8AD1AA-41BD-4584-8B07-ABC94A21CDDD}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\FWDEng.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4C171D40-8277-11D5-AD55-00010333D0AD}" refers to invalid object "C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4CC764A2-B256-4DA9-94FB-537D633E7DCE}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4D42EA2E-9D32-4b07-AE00-8797C6B1BAA3}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{513CA31C-93BB-422A-A5FD-63A8B7D21CE0}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{51FC6685-6FA7-45CF-86E1-9605B9080F73}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{56336BCA-3D8A-11d6-A00B-0050DA18DE71}" refers to invalid object "C:\DOCUME~1\Brandon\LOCALS~1\Temp\InfoWindow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{598EBA02-B49A-11D2-A1C1-00609778EA66}" refers to invalid object "C:\WINDOWS\system32\mp4sds32.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5FAD1E5E-E7DE-434F-B2AE-EE9244BDA638}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{63ba30ae-7909-11d4-919b-006008c0a5c6}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{642D692A-C61C-4241-AF83-4FD8BDD715B2}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{65BEE5C4-37C8-447F-9707-CD7B21AD67E4}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{68B957A0-C4DA-11D6-A4E5-00E02921EA26}" refers to invalid object "NeoMic.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{68b957a1-c4da-11d6-a4e5-00e02921ea26}" refers to invalid object "NeoMic.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}" refers to invalid object "C:\Program Files\DefilerPak\CoreAAC.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{703EFEAB-7F84-4BE9-B978-FF4C6A8BA794}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{75838A0D-B431-4C31-9487-C5A96DD39EF4}" refers to invalid object "C:\WINDOWS\system32\mp4sds32.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{75CB2D18-1182-44F0-B510-491D7817F4CB}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{77983549-FFDA-4A88-B48F-B924E8D1F01C}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{80385330-087A-4d61-8956-BAEEE05CA33C}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{814FE9E3-E0BA-4FAF-B5DA-8F7B1AB1F4B1}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8633B121-42DC-4A78-A8BD-651357771E77}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{889EF574-0656-4B52-9091-072E52BB1B80}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{895C2476-7DDA-440E-B300-208DA45DCF18}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8A32E183-25EB-402F-82D5-D3E75215BF3F}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8CAE96B7-85B1-4605-B23C-17FF5262B296}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8EABEED3-993D-4FC9-BDC9-132DE204F606}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{90A23A0D-C222-4016-A99A-57E56BD44877}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{915E0060-918C-4A02-A585-1B912BA71CEE}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{92A77B10-8C47-4A73-8822-F13D5F5E2AC2}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{947D05CA-CE16-40EE-9031-2C3C57F00AE6}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9866EF5C-22AD-4E7A-AEDA-92BB953E8556}" refers to invalid object "C:\Program Files\MoodLogic\IMix\mL_Mixer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}" refers to invalid object "C:\DOCUME~1\Brandon\LOCALS~1\Temp\CmdLineExt02.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9AF35C01-638C-4DAC-B39A-3E552035B5BC}" refers to invalid object "C:\Program Files\MoodLogic\Sony Shooter\VBPlShooter.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9C4B87BB-1C6D-4C1D-9447-A054C17BA247}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9FDAD0C2-9FB3-47A4-8B30-C4FA2FADC9E9}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A5B2CD2A-AA46-4DA8-8D06-AB56938DEC0A}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A6616B31-4860-41E2-98E3-CA7649AF172F}" refers to invalid object "D:\launch.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A758E17B-86ED-498E-8C00-4BE44CFDDCAB}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AB97AFC3-D08E-4E2D-98E0-AEE6D4634BA4}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AD221EED-B528-4A12-B15B-3C58F9640A37}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0121D00-1FBF-11d6-A4E5-00E02921EA26}" refers to invalid object "cookie.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BA20AECE-61D3-4912-BE15-DCACAB97D094}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}" refers to invalid object "C:\Program Files\DefilerPak\CoreAAC.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C19543F1-160B-4582-B385-857A0C5A0448}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C4F11413-9084-45EB-B1FA-103F67E98F4E}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C5379125-FD36-4277-A7CD-FAB469EF3A2F}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C6041B9F-116B-4108-B343-45A979B506F8}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D24F6664-A567-46A9-8B51-7AFE94407329}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D8E1617B-A1A1-4958-AD02-08D5AD9C5B6A}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DB73AEF3-2E2E-430F-9E49-5F3943BD53B1}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DBB0E655-B5DF-4DF7-9A12-D0E577650655}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DD5F1BAF-BEA2-48B2-97D2-F0622A0AB79D}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DD86AC17-BF44-431F-BA3E-923388D0F7EA}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\fwRemoteCfg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E0FCD4C3-D347-42D2-90BB-FA8856DADBF6}" refers to invalid object "m2tsplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E1186645-3752-406C-A3B1-3E95D62964DB}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E70B4BA0-1F20-11d6-A4E5-00E02921EA26}" refers to invalid object "chkfrnd.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EBB3ED10-209D-11D6-A4E5-00E02921EA26}" refers to invalid object "SEM.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EBB3ED11-209D-11D6-A4E5-00E02921EA26}" refers to invalid object "msdvplg.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EF904337-9862-40DA-B448-C65F2D3F47DC}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F07E245F-5A1F-4D1E-8BFF-DC31D84A55AB}" refers to invalid object "C:\WINDOWS\system32\OggDS.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F18B8B3D-5FD0-4b3a-B66D-F37282201298}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F423C50C-E0E0-45DE-9285-634EE1B87A2B}" refers to invalid object "C:\Program Files\MoodLogic\IMix\mL_Mixer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F54A208E-A072-4040-9F82-ADB9EAC503E4}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F60E244C-46A8-4188-9C21-30A3B87CE452}" refers to invalid object "C:\Program Files\Common Files\FTL Shared\FWDEng.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F9F17F21-1E3E-42BB-8DA3-FC51C616C2C5}" refers to invalid object "C:\Program Files\StreamCast\Morpheus\M5Shell.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FD0A5AF3-B41D-11d2-9C95-00C04F7971E0}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FD2280A8-51A4-11D2-A601-3078302C2030}" refers to invalid object "C". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSP" refers to invalid object "{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSPDMOProp_Chorus.1" refers to invalid object "{6F63B172-5543-4593-91CE-EDBA65B9FACDB}". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\MiniBugTransporter.MiniBugTransporterX" refers to invalid object "{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}". Action Taken: No Action Taken.
Entry "HKCR\MiniBugTransporter.MiniBugTransporterX.1" refers to invalid object "{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}". Action Taken: No Action Taken.
Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.
  • 0

#14
BrandonKeith

BrandonKeith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
ok, well, don't worry about it anymore guys.. i just wiped the hard drive and reinstalled windows.. if anything pops up i'll be sure to come back.. as for now.. everything's good..

thanks for the ideas and help..

Brandon :tazz:
  • 0

#15
Armodeluxe

Armodeluxe

    Member 2k

  • Retired Staff
  • 2,744 posts
Hi BrandonKeith,

I'm sorry to hear of your decision, but it's your decision and I respect that. Here in the Malware Removal forum we never suggest reformat as an option as it is the easy way out, but sometimes users will prefer to do that.

Here are some tips to maintain a clean computer:

Now you should go get a firewall. Don't rely on the Windows firewall as it monitors only incoming traffic. Pick one of these, they are all free.
Kerio
Zonealarm
Sygate

Visit Windows Update regularly to get the latest security updates.You can also enable automatic updates.Your antivirus software and antispyware programs should also be updated regularly. Make a habit of running scans on a timely basis. Be careful about what you download, scan every file before clicking on it.

Additional programs to consider:

Spywareblaster Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.Restricts the actions of potentially unwanted sites in Internet Explorer.
Spywareguard An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware!
IE/Spyad
Adds a list of malicious sites to your Restricted Sites Zone.
Firefox An alternate browser safer than IE

A good article to read:
So how did I get infected in the first place?

Regards,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP