Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't install Avast, AVG

Started by jc1cell , Feb 12 2009 09:18 PM

  • Please log in to reply

#1
jc1cell
Posted 12 February 2009 - 09:18 PM

jc1cell

    New Member

  • Member
  • Pip
  • 3 posts
Hello All,

Several days ago I noticed that the Avast I had installed was getting a package broken error when updating the application itself. I decided to remove it and try installing it again. That is when I noticed the problem I'm having. I double click to install and it states there's an error unpacking. After a couple of tries I gave up and tried installing Commodo AV and I was happy that it worked...but the next day I was getting an error when it tried to run the manual scan. I looked in the forums and noticed it's a common problem but some suggested the system may not be clean. Then I uninstalled and tried installing AVG and with that one I get an error stating that the file is corrupt after extracting it. So then I worried and came here.

I already read: http://www.geekstogo...-Log-t2852.html

and followed the steps in the first four links...the third didn't run.

Link 1 ran excellent, found nothing ( I think). Link 2, well, the first step ran fine. I chose to skip step 2 (ComboFix) since it stated I may not need to run it. So I followed the Super Anti Spyware steps and I had problems installing that also. So I ran ComboFix without any issues and once restarted everything I was able to install Spyware. Ran that and found some issues, remove (quarintined) and restarted. Ran link 3 and found nothing. Ran hijack this and have the log.

So now I'm confident since Spyware, the others should run. Well, that didn't happen. So I'm back to square one. I think I followed procedure quite well and will go ahead and paste the logs for all the items that have been run on the system. Hope this helps pinpoint.

---------------------------------------------------------------------------------

MBAM LOG

Malwarebytes' Anti-Malware 1.34
Database version: 1756
Windows 5.1.2600 Service Pack 3

2/12/2009 8:26:52 PM
mbam-log-2009-02-12 (20-26-52).txt

Scan type: Quick Scan
Objects scanned: 78005
Time elapsed: 6 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

---------------------------------------------------------------------------------

COMBO FIX LOG

ComboFix 09-02-12.03 - Design Station 2009-02-12 20:46:44.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2761 [GMT -5:00]
Running from: c:\documents and settings\Design Station\Desktop\Geeks to go Virus Removal\ComboFix.exe
FW: ZoneAlarm Firewall *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wanpacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2009-01-13 to 2009-02-13 )))))))))))))))))))))))))))))))
.

2009-02-12 20:35 . 2009-02-12 20:37 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-12 20:18 . 2009-02-12 20:18 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-12 20:18 . 2009-02-12 20:18 <DIR> d-------- c:\documents and settings\Design Station\Application Data\Malwarebytes
2009-02-12 20:18 . 2009-02-12 20:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-12 20:18 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-12 20:18 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-12 19:36 . 2008-04-13 19:12 22,528 --a------ c:\windows\system32\wsock32.dlb
2009-02-12 19:35 . 2009-02-12 20:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\BOC427
2009-02-12 19:35 . 2008-07-14 05:09 212,728 --a------ c:\windows\CMDLIC.DLL
2009-02-12 19:35 . 2008-07-14 05:09 205,560 --a------ c:\windows\UNBOC.EXE
2009-02-12 19:35 . 2009-02-12 20:49 9,646 --a------ c:\windows\BOC427.INI
2009-02-11 23:03 . 2009-02-12 20:05 <DIR> d-------- c:\program files\COMODO
2009-02-10 19:37 . 2009-02-10 19:37 <DIR> d-------- c:\program files\NVIDIA Corporation
2009-02-10 19:37 . 2005-04-05 14:22 100,096 -ra------ c:\windows\system32\drivers\NVTCP.SYS
2009-02-10 19:37 . 2009-02-10 19:37 1,024 --a------ C:\.rnd
2009-02-10 19:37 . 2009-02-10 19:37 22 --a------ c:\windows\FileName
2009-02-10 19:23 . 2002-09-17 12:55 3,548 --a------ c:\windows\system32\drivers\WinFlash.sys
2009-02-10 19:06 . 2004-10-13 04:30 23,612 --a------ c:\windows\system32\FlashMenu.sys
2009-02-10 19:00 . 2009-02-10 19:06 <DIR> d-------- c:\program files\ABIT
2009-02-10 19:00 . 2003-04-07 14:42 7,296 --------- c:\windows\system32\drivers\Wbhwdoct.sys
2009-02-10 18:52 . 2009-02-10 19:16 <DIR> d-------- c:\windows\NV21321364.TMP
2009-02-07 12:54 . 2009-02-07 13:07 <DIR> d-------- c:\documents and settings\Design Station\.VirtualBox
2009-02-07 12:54 . 2009-01-21 19:14 129,552 --a------ c:\windows\system32\VBoxNetFltNotify.dll
2009-02-07 12:54 . 2009-01-21 19:13 100,560 --a------ c:\windows\system32\drivers\VBoxDrv.sys
2009-02-07 12:54 . 2009-01-21 19:13 87,312 --a------ c:\windows\system32\drivers\VBoxNetFlt.sys
2009-02-07 12:54 . 2009-01-21 19:13 41,680 --a------ c:\windows\system32\drivers\VBoxUSBMon.sys
2009-02-07 12:53 . 2009-02-07 12:53 <DIR> d-------- c:\program files\Sun
2009-02-07 08:39 . 2009-02-07 08:39 25 --a------ c:\windows\system32\'
2009-02-07 08:38 . 2005-06-10 22:02 12,800 --a------ c:\windows\system32\vncdrv.dll
2009-02-07 08:38 . 2004-06-26 13:22 6,016 --a------ c:\windows\system32\drivers\vnccom.SYS
2009-02-07 08:38 . 2004-06-26 13:21 5,760 --a------ c:\windows\system32\vnchelp.dll
2009-02-07 08:38 . 2004-06-26 13:22 4,736 --a------ c:\windows\system32\drivers\vncdrv.sys
2009-02-05 11:56 . 2009-02-05 11:56 <DIR> d-------- c:\program files\gs
2009-02-05 11:53 . 2009-02-05 11:53 <DIR> d-------- c:\documents and settings\Design Station\.scribus
2009-02-05 11:52 . 2009-02-05 11:52 <DIR> d-------- c:\program files\Scribus 1.3.3.12
2009-02-02 18:46 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2009-01-29 21:35 . 2009-02-12 20:50 <DIR> d-------- c:\program files\Blue Coat K9 Web Protection
2009-01-13 18:39 . 2009-01-13 18:39 72,992 --a------ c:\windows\system32\drivers\bckd.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 23:55 --------- d-----w c:\program files\Mozilla Thunderbird
2009-02-12 02:40 --------- d-----w c:\program files\uTorrent
2009-02-11 00:38 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-11 00:00 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-08 17:49 --------- d-----w c:\documents and settings\Design Station\Application Data\OpenOffice.org2
2009-01-06 21:19 --------- d-----w c:\program files\PSP Pandora Deluxe
2008-12-20 04:58 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-14 19:39 --------- d-----w c:\program files\Java
2008-01-24 02:01 882 ----a-w c:\program files\Common Files\tempeml.html
2006-05-31 13:14 108,056 ----a-w c:\program files\Common Files\secman.dll
2006-03-11 23:09 626,176 ----a-w c:\program files\Common Files\osmax.ocx
2008-10-23 19:28 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008102320081024\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-11 406016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"BOC-427"="c:\progra~1\Comodo\CBOClean\BOC427.exe" [2008-07-14 351480]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 c:\windows\soundman.exe]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Design Station^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\Design Station\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClamWin]
--a------ 2008-11-04 07:35 86016 c:\program files\ClamWin\bin\ClamTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 00:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Microsoft Office Groove Audit Service"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Utilities\\Utilities to Keep\\torrent client\\utorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Design Station\\Desktop\\torrents\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2009-01-13 72992]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-02-07 100560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2009-02-07 41680]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [2008-11-21 1078560]
R2 BOCore;BOCore;c:\program files\COMODO\CBOClean\BOCore.exe [2009-02-12 73464]
R3 BENDER;Pinnacle AV/DV2 Capture;c:\windows\system32\drivers\bender.sys [2008-07-21 200320]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2009-02-07 87312]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37be24a7-c20d-11dc-952d-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe root.ini

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7db3e03c-da84-11dc-a9a0-00508d81ac48}]
\Shell\AutoRun\command - I:\2.exe
\Shell\open\Command - I:\2.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7db3f702-da84-11dc-a9a0-00508d81ac48}]
\Shell\AutoRun\command - xyw9tmdj.com
\Shell\explore\Command - xyw9tmdj.com
\Shell\open\Command - xyw9tmdj.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{928a29d0-ea2e-11dd-9085-00508d81ac48}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
.
Contents of the 'Scheduled Tasks' folder

2009-02-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\Design Station\Application Data\Mozilla\Firefox\Profiles\nl2t17wg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\Google\Google Updater\2.2.1273.1045\npCIDetect12.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 20:49:45
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,f5,bf,63,83,df,
46,34,de,e2,63,26,f1,3f,c8,ff,68,f3,ff,63,10,2f,57,70,18,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,3a,21,c8,82,05,
ad,cf,ba,6a,9c,d6,61,af,45,84,18,c3,ef,86,bf,58,60,3d,30,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,64,97,f8,5a,70,
f4,31,16,ff,7c,85,e0,43,d4,0e,fe,23,b4,99,4a,27,64,cd,a7,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,e8,30,77,bc,d0,
14,69,46,86,8c,21,01,be,91,eb,e7,78,33,95,ba,a1,83,ab,dd,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,26,d3,60,58,f1,
19,16,c6,f5,1d,4d,73,a8,13,5c,05,5e,2a,b5,b9,97,83,d7,37,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,85,f6,22,37,f5,
29,3f,82,df,20,58,62,78,6b,cf,c8,5c,eb,9e,12,e8,05,30,41,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,a1,3c,2b,38,8c,
aa,32,5a,fb,a7,78,e6,12,2f,9a,ea,ae,a7,02,39,fc,fc,df,b7,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,cf,0f,2e,1f,dc,
2a,e8,f4,01,3a,48,fc,e8,04,4a,f1,82,ec,f4,0e,1a,44,e1,03,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,4c,97,53,ba,ca,
50,90,a2,f6,0f,4e,58,98,5b,89,c9,86,ef,52,92,9e,81,8b,ec,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,bd,b1,9a,a0,76,
b2,60,82,3d,ce,ea,26,2d,45,aa,78,d5,48,ab,de,cd,42,cd,94,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,7f,12,0d,75,c3,
0d,05,63,2a,b7,cc,b5,b9,7f,41,e7,37,70,e2,0b,72,8d,15,b1,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,01,b7,68,89,9a,
85,46,6b,6c,43,2d,1e,aa,22,2f,9c,25,16,0a,6e,96,bd,88,56,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1188)
c:\windows\system32\nvappfilter.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\windows\system32\ASTSRV.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
.
**************************************************************************
.
Completion time: 2009-02-12 20:55:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-13 01:55:34

Pre-Run: 26,105,311,232 bytes free
Post-Run: 28,986,388,480 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

285 --- E O F --- 2009-02-11 00:14:32


---------------------------------------------------------------------------------

SUPER ANTI SPYWARE LOG

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/12/2009 at 10:06 PM

Application Version : 4.25.1012

Core Rules Database Version : 3755
Trace Rules Database Version: 1719

Scan type : Complete Scan
Total Scan Time : 01:00:52

Memory items scanned : 447
Memory threats detected : 0
Registry items scanned : 6572
Registry threats detected : 0
File items scanned : 156775
File threats detected : 44

Adware.Tracking Cookie
C:\Documents and Settings\Design Station\Cookies\design_station@imrworldwide[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@atwola[1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@adbrite[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@revsci[1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@questionmarket[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@toplist[1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@statcounter[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@adecn[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@advertising[1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@revenue[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@mediacoderhq[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@windowsmedia[1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][3].txt
C:\Documents and Settings\Design Station\Cookies\design_station@mediaplex[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@specificclick[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@clickbank[1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@2o7[1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@kontera[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@overture[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@tribalfusion[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@weborama[2].txt
C:\Documents and Settings\Design Station\Cookies\design_station@casalemedia[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][1].txt
C:\Documents and Settings\Design Station\Cookies\design_station@adinterax[2].txt
C:\Documents and Settings\Design Station\Cookies\[email protected][2].txt

Adware.OuterInfo-Installer
C:\DOCUMENTS AND SETTINGS\DESIGN STATION\DESKTOP\GEEKS TO GO VIRUS REMOVAL\OIUNINSTALLER.EXE

---------------------------------------------------------------------------------

HIJACK THIS LOG

You will find that I removed the HJT version line. This is because it's an older version and I had problems installing the newer suggested version. Please see "PS" at end of post. BTW it is HijackThis v1.99.1 which you can view in a file I attached.

Scan saved at 10:26:08 PM, on 2/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Unknown owner - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

---------------------------------------------------------------------------------

HIJACK THIS UNINSTALL LIST

ABITEQ
Acrobat.com
Acrobat.com
Add or Remove Adobe Creative Suite 3 Design Premium
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Design Premium
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9
Adobe Setup
Adobe Setup
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
AviSynth 2.5
Blue Coat® K9 Web Protection 4.0.288
BOClean
Bonjour
BurnAware Free 2.1.5
BurnAware Free Edition
ClamWin Free Antivirus 0.94.1
Color Efex Pro 3.0 Complete
DiscAPI (Studio 10)
DScaler 5 Mpeg Decoders
DVD Decrypter (Remove Only)
FileZilla Client 3.0.5.2
Filter Forge Freepack 1 - Metals 1.010
FlashMenu
FocalPoint 1.0
FontHit Font Tools
Free Mp3 Wma Converter V 1.7.2
Genuine Fractals 5.0
Google Earth
Google Updater
GPL Ghostscript 8.64
GPL MPEG-1/2 DirectShow Decoder Filter
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
ISO Recorder
iTunes
IZArc 3.5 beta 3
Java™ 6 Update 11
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 4
Java™ 6 Update 5
Java™ 6 Update 7
MagicDisc 2.5.74
MagicDisc 2.7.97
Malwarebytes' Anti-Malware
Media Lab SiteGrinder 2 (Basic & Pro)
MediaCoder 0.6.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Virtual PC 2007
Mozilla Firefox (3.0.6)
Mozilla Thunderbird (2.0.0.19)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
Network Chemistry RogueScanner GUI
nik Sharpener Pro 2.0 Complete
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
OpenOffice.org 2.4
PDF Settings
PDFCreator
PDFCreator Toolbar
Pinnacle device drivers
Pinnacle Hollywood FX for Studio
Pinnacle Instant DVD Recorder
proDAD Heroglyph 2.0
PSP Video Express(remove only)
QuickTime
RAPID (Studio 10)
Realtek AC'97 Audio
Scribus 1.3.3.12
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SmartSound Quicktracks Plugin
Startup Manager 2.4
Strata 3D CX 5.5
Strata 3D Texture Scripts for Ps CS3
Strata 3D[in] Plugins - CX 5.5
Studio 10
Studio 10 Bonus DVD
Sun xVM VirtualBox
SUPERAntiSpyware Free Edition
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VC 9.0 Runtime
Vertus Fluid Mask 3 2.100.1-RC1
Viveza
Winamp
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
Wisdom-soft ScreenHunter 4.0 Plus
YouSendIt Express
ZoneAlarm
ZoneAlarm Spy Blocker

---------------------------------------------------------------------------------

I think I followed all the instructions properly and posted the necessary logs. I sure hope you can help. I haven't had many problems with virus and trojans and such so I was really amazed to find this problem. I'll be waiting for any comments from the G2G pros on this.

Thanx in advance.
jc

PS. So I try and post this message and it tells me that my HJT app is outdated. That I should download and install a newer available version. So I download and install and get an error. All images of the errors are loaded. The funny thing is Commodo installs fine still. Weird.

Attached Thumbnails

  • Avast_error.jpg
  • AVG.jpg
  • Hijack_This.jpg
  • HJT_a.jpg

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP