Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Some Problems?

[Fixed] Hijackthis! Logs - Some Problems? posted in the Security & Safety forums; I only received a "Main.txt" ? Deckard's System Scanner v20071014.68 Run by Owner on 2008-06-23 11:01:51 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Owner.exe) ----------------------------------------------- Logfile of ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 06-23-2008
Terdogtanner's Avatar
Gold Member
My PC
 
Join Date: Jan 2008
Location: Phoenix, AZ
Posts: 345
PC Experience: Experienced
Terdogtanner - See this Members User comments on their Profile page Terdogtanner - See this Members User comments on their Profile page Terdogtanner - See this Members User comments on their Profile page
Send a message via AIM to Terdogtanner
Post Some Problems?
I only received a "Main.txt" ?


Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-23 11:01:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:52 AM, on 6/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\BigFix\BigFix.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://phoenix.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunKistEM] "C:\Program Files\Digital Media Reader\shwiconem.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - S-1-5-18 Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP Premium\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP Premium\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O16 - DPF: vzTCPConfig - http://www.verizon.net/checkmypc/fio...zTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.cox.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131fd.bay131.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft...?1183422235546
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162267301281
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://stercomm.webex.com/client/v_...ex/ieatgpc.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: winpdc32 - C:\WINDOWS\SYSTEM32\winpdc32.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9669 bytes

-- Files created between 2008-05-23 and 2008-06-23 -----------------------------

2008-06-23 10:48:35 0 d-------- C:\Program Files\HTMLPad 2008 <HTMLPA~1>
2008-06-23 10:48:35 0 d-------- C:\Documents and Settings\Owner\Application Data\Blumentals
2008-06-23 10:47:18 0 d-------- C:\Program Files\FDRLab
2008-06-23 07:04:21 0 d-------- C:\WINDOWS\system32\371186
2008-06-23 06:46:58 0 d-------- C:\Program Files\Witcobber
2008-06-23 06:32:26 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-06-23 05:18:22 0 d-------- C:\Program Files\Trojan Remover
2008-06-23 04:14:51 345 --ahs---- C:\WINDOWS\system32\rAdMVvut.ini2
2008-06-23 04:08:08 0 d-------- C:\Program Files\Vivendi
2008-06-22 21:01:20 482816 --a------ C:\WINDOWS\system32PGKJ.exe
2008-06-22 05:13:58 0 d-------- C:\Program Files\FriendBlasterPro
2008-06-22 05:07:34 0 d-------- C:\Program Files\BitTorrent
2008-06-22 02:17:23 0 d--hs---- C:\Program Files\HTV
2008-06-22 01:24:49 0 d-------- C:\Program Files\Olly
2008-06-21 13:59:32 0 d-------- C:\Documents and Settings\Owner\Application Data\Datarescue
2008-06-21 13:54:16 0 d-------- C:\Program Files\IDA
2008-06-21 13:25:53 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-21 13:22:04 0 dr------- C:\Documents and Settings\LocalService\My Documents
2008-06-21 13:21:30 0 dr-h----- C:\Documents and Settings\LocalService\Recent
2008-06-21 13:16:18 150179 --a------ C:\WINDOWS\hpwins05.dat
2008-06-21 11:21:26 0 d-------- C:\Documents and Settings\All Users\Application Data\TechSmith
2008-06-21 11:21:09 0 d-------- C:\Program Files\Common Files\TechSmith Shared
2008-06-21 11:21:04 0 d-------- C:\Program Files\TechSmith
2008-06-19 10:47:24 0 d-------- C:\Program Files\Belltech CaptureXT
2008-06-19 10:45:38 0 d-------- C:\Program Files\Crystal Button 2007
2008-06-19 10:44:26 212992 --a------ C:\WINDOWS\ALCHUNIN.EXE
2008-06-19 10:41:52 0 d-------- C:\Program Files\Advanced Business Card Maker
2008-06-19 10:40:09 0 d-------- C:\Program Files\Banner Maker Pro 6
2008-06-17 23:41:48 0 d-------- C:\Program Files\IncrediFlash Intro and Banner Studio 1.2
2008-06-17 22:46:12 0 d-------- C:\Program Files\ImTOO
2008-06-17 20:11:09 0 d-------- C:\Program Files\Alchemy Mindworks
2008-06-17 20:10:18 0 d-------- C:\Documents and Settings\Owner\Application Data\Alchemy Mindworks
2008-06-17 05:46:22 0 d-------- C:\WINDOWS\system32\349168
2008-06-17 05:46:17 33280 --a------ C:\WINDOWS\system32\winpdc32.dll
2008-06-17 01:59:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-06-17 01:58:06 0 d-------- C:\Program Files\Risk II
2008-06-17 01:02:31 0 d-------- C:\Program Files\Lemonade Tycoon 2
2008-06-17 00:54:35 0 d-------- C:\Program Files\ReflexiveArcade
2008-06-17 00:17:54 0 d-------- C:\Documents and Settings\Owner\Application Data\GeoVid
2008-06-17 00:14:56 60416 --a------ C:\WINDOWS\system32\dsetup.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Windows®>
2008-06-17 00:14:52 0 d-------- C:\Program Files\Common Files\GeoVid
2008-06-16 20:29:05 0 d-------- C:\Documents and Settings\Owner\Application Data\NeroDigital™
2008-06-16 07:06:38 0 d-------- C:\Documents and Settings\Owner\Application Data\Nero
2008-06-16 07:02:12 0 d-------- C:\Program Files\Common Files\Nero
2008-06-16 07:02:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-16 04:19:30 0 d-------- C:\Documents and Settings\Owner\Application Data\dvdcss
2008-06-16 04:12:03 45056 --a------ C:\WINDOWS\system32\WNASPI32.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-06-16 04:12:03 16512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-06-16 03:12:44 7296 --a------ C:\WINDOWS\system32\drivers\AMD64CAx86.sys <Not Verified; Alexey V.Voronin @ Hexy; AMD64 CPU Assistant x86 Driver>
2008-06-16 03:12:33 0 d-------- C:\Program Files\Alexey V.Voronin
2008-06-15 10:18:48 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-06-15 10:18:48 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-06-15 10:18:48 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-06-15 10:18:46 0 d-------- C:\Program Files\VSO
2008-06-15 10:16:06 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-15 10:16:06 47360 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-15 10:16:05 0 d-------- C:\Documents and Settings\Owner\Application Data\Vso
2008-06-15 05:49:19 0 d-------- C:\Program Files\DNA
2008-06-15 05:49:19 0 d-------- C:\Documents and Settings\Owner\Application Data\DNA
2008-06-15 05:37:55 0 d-------- C:\Documents and Settings\Owner\Application Data\BitTorrent
2008-06-14 16:57:54 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-14 16:37:41 0 d-------- C:\Program Files\Process Explorer
2008-06-14 16:25:06 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-14 16:24:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-14 00:24:57 0 d-------- C:\Documents and Settings\Owner\Application Data\HideIP
2008-06-14 00:04:03 0 d-------- C:\Documents and Settings\Owner\Application Data\Systweak
2008-06-13 20:49:10 0 d-------- C:\Documents and Settings\Owner\Application Data\Feedreader
2008-06-13 17:46:35 0 d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2008-06-13 03:36:51 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-06-13 02:25:39 0 d-------- C:\Documents and Settings\Owner\Application Data\WNR
2008-06-11 16:47:39 0 d-------- C:\Program Files\QuickPar
2008-06-11 14:00:38 888832 --a------ C:\WINDOWS\system32\securenet.dll
2008-06-11 03:28:55 0 d------c- C:\TEMP
2008-06-11 03:00:41 0 d-------- C:\Program Files\IrfanView
2008-06-11 00:31:24 0 d-------- C:\Documents and Settings\Owner\Application Data\DMCache
2008-06-10 18:08:53 0 d-------- C:\Program Files\Infogrames
2008-06-10 16:19:00 0 d-------- C:\Program Files\Rock Tour
2008-06-09 22:32:57 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-06-08 23:55:15 0 d-------- C:\Program Files\Hunting Unlimited 2008
2008-06-08 19:24:49 0 d-------- C:\Documents and Settings\Owner\Application Data\Thinking Minds Budiling Bytes
2008-06-08 17:29:32 32 --a------ C:\WINDOWS\go
2008-06-08 17:20:14 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-06-08 15:46:48 90112 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-06-08 15:46:10 0 d-------- C:\Program Files\The Rosetta Stone
2008-06-08 14:52:14 0 d-------- C:\Program Files\Stardock
2008-06-08 14:52:14 0 d-------- C:\Program Files\Common Files\Stardock
2008-06-06 18:50:53 0 d-------- C:\Program Files\LimeWire
2008-06-06 18:05:02 35363 --a------ C:\WINDOWS\system32\windrvNT.sys
2008-06-06 18:05:02 110592 --a------ C:\WINDOWS\system32\suppdll.dll
2008-06-06 18:04:59 0 d-------- C:\Program Files\Folder Lock
2008-06-05 19:54:56 0 d-------- C:\Program Files\HP
2008-06-05 16:15:21 112441 --a------ C:\WINDOWS\73185.exe
2008-06-04 14:24:10 720825 --a------ C:\WINDOWS\61176.exe
2008-06-04 02:17:06 0 d--hs---- C:\Documents and Settings\Owner\Application Data\.#
2008-05-30 22:45:34 0 d--hs---- C:\WINDOWS\ftpcache
2008-05-24 15:11:31 0 d-------- C:\WINDOWS\system32\Adobe


-- Find3M Report ---------------------------------------------------------------

2008-06-23 04:08:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-21 14:11:23 0 d--h----- C:\Documents and Settings\Owner\Application Data\IFLTemp
2008-06-21 11:21:09 0 d-------- C:\Program Files\Common Files
2008-06-20 10:28:35 0 d-------- C:\Program Files\SpywareBlaster
2008-06-18 21:45:18 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-06-18 21:33:42 0 d-------- C:\Program Files\Common Files\HP
2008-06-16 22:09:03 39386 --a------ C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-06-16 22:04:39 0 d-------- C:\Documents and Settings\Owner\Application Data\Web Page Maker V2
2008-06-15 23:48:23 0 d-------- C:\Documents and Settings\Owner\Application Data\Hamachi
2008-06-15 17:33:07 0 d-------- C:\Program Files\iTunes
2008-06-15 10:18:53 34 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.log
2008-06-15 10:18:50 1144 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.inf
2008-06-15 10:18:50 7887 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.cat
2008-06-14 21:05:22 0 d-------- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
2008-06-14 21:00:03 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-14 16:25:06 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-06-13 03:41:44 0 d-------- C:\Documents and Settings\Owner\Application Data\Talkback
2008-06-11 01:36:45 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-06-10 13:10:05 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-08 22:13:03 0 d-------- C:\Program Files\Net Tools
2008-06-08 18:29:51 0 d-------- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-05-29 11:23:03 0 d-------- C:\Documents and Settings\Owner\Application Data\mjusbsp
2008-05-22 13:18:17 0 d-------- C:\Documents and Settings\Owner\Application Data\Image Zone Express
2008-05-15 22:44:41 0 d-------- C:\Program Files\Google
2008-05-15 21:50:13 0 d-------- C:\Documents and Settings\Owner\Application Data\ESET
2008-05-01 17:58:17 0 d-------- C:\Program Files\AIM6
2008-04-25 00:27:20 0 d-------- C:\Documents and Settings\Owner\Application Data\DAEMON Tools
2008-04-24 21:56:07 0 d-------- C:\Program Files\AOD
2008-04-24 21:55:32 0 d-------- C:\Documents and Settings\Owner\Application Data\Aim
2008-04-16 02:11:04 4296 --a----c- C:\WINDOWS\mozver.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 01:56 PM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [09/13/2002 01:42 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/01/2006 05:22 PM]
"SunKistEM"="C:\Program Files\Digital Media Reader\shwiconem.exe" [10/18/2004 02:05 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [06/07/2003 04:32 AM]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [06/01/2006 05:22 PM]
"@"="" []
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [03/01/2008 04:54 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [01/15/2008 03:22 AM]
"AMD64 CPU Assistant"="" []
"HTV Agent"="C:\Program Files\HTV\HTV.exe" [01/13/2008 01:31 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 12:00 PM]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/14/2008 04:28 PM]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [06/15/2008 05:49 AM]

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [6/8/2008 2:52:14 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\BigFix.exe [10/4/2005 7:15:51 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\R oyale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale. theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"NoRemoteRecursiveEvents"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoSaveSettings"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winpdc32]
winpdc32.dll 06/17/2008 05:46 AM 33280 C:\WINDOWS\system32\winpdc32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\tuvVMdAr

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"HazardShield"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
HPService HPSLPSVC
hpdevmgmt hpqcxs08 hpqddsvc


[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\M]
AutoRun\command- M:\autorun.exe
phone\command- M:\autorun.exe




-- End of Deckard's System Scanner: finished at 2008-06-23 11:02:10 ------------


__________________


"I aced philosophy and mastered the art of spiritual phrase." D.P
  #2  
Old 06-24-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,610
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Some Problems?
Ok.Lets download ComboFix.exe. This will give me a better view to the files running and also hidden on your computer and also those in the registry..Please visit this webpage for downloading and instructions for running the tool:

Go here ======> A guide and tutorial on using ComboFix <====== Go here

Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use SP2

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should get a prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Mal use can cause serious computer problems

NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.


__________________
  • An Australian Member of
  • and
My real name is Eddy
Last edited by Pancake; 06-24-2008 at 03:12 AM.
  #3  
Old 06-24-2008
Terdogtanner's Avatar
Gold Member
My PC
 
Join Date: Jan 2008
Location: Phoenix, AZ
Posts: 345
PC Experience: Experienced
Terdogtanner - See this Members User comments on their Profile page Terdogtanner - See this Members User comments on their Profile page Terdogtanner - See this Members User comments on their Profile page
Send a message via AIM to Terdogtanner
Default Re: Some Problems?
Most of the time it's other people on the computer...anyways here's the logs

ComboFix 08-06-20.4 - Owner 2008-06-23 19:06:15.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.486 [GMT -7:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Owner\Application Data\.#
C:\Documents and Settings\Owner\Application Data\inst.exe
C:\WINDOWS\61176.exe
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\rAdMVvut.ini
C:\WINDOWS\system32\rAdMVvut.ini2
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2008-05-24 to 2008-06-24 )))))))))))))))))))))))))))))))
.

2008-06-23 18:31 . 2007-07-11 15:06 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
2008-06-23 16:33 . 2008-06-23 16:33 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Joost
2008-06-23 16:32 . 2008-06-23 16:33 <DIR> d-------- C:\Program Files\Joost
2008-06-23 11:00 . 2008-06-23 11:00 <DIR> d----c--- C:\Deckard
2008-06-23 10:48 . 2008-06-23 13:49 <DIR> d-------- C:\Program Files\HTMLPad 2008
2008-06-23 10:48 . 2008-06-23 10:48 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Blumentals
2008-06-23 10:47 . 2008-06-23 10:47 <DIR> d-------- C:\Program Files\FDRLab
2008-06-23 07:04 . 2008-06-23 07:04 <DIR> d-------- C:\WINDOWS\system32\371186
2008-06-23 06:46 . 2008-06-23 06:46 <DIR> d-------- C:\Program Files\Witcobber
2008-06-22 21:01 . 2008-06-22 21:01 482,816 --a------ C:\WINDOWS\system32PGKJ.exe
2008-06-22 21:01 . 2008-06-22 21:01 7,680 --a------ C:\WINDOWS\system32PGKJ.006
2008-06-22 21:01 . 2008-06-22 21:01 5,632 --a------ C:\WINDOWS\system32PGKJ.007
2008-06-22 21:01 . 2008-06-22 21:01 398 --a------ C:\WINDOWS\system32PGKJ.001
2008-06-22 02:17 . 2008-06-23 18:13 <DIR> d--hs---- C:\Program Files\HTV
2008-06-22 01:24 . 2008-06-22 01:27 <DIR> d-------- C:\Program Files\Olly
2008-06-21 13:59 . 2008-06-21 13:59 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Datarescue
2008-06-21 13:54 . 2008-06-23 05:08 <DIR> d-------- C:\Program Files\IDA
2008-06-21 11:21 . 2008-06-23 13:10 <DIR> d-------- C:\Program Files\TechSmith
2008-06-21 11:21 . 2008-06-21 11:21 <DIR> d-------- C:\Program Files\Common Files\TechSmith Shared
2008-06-21 11:21 . 2008-06-21 11:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TechSmith
2008-06-21 03:43 . 2008-02-28 13:26 1,414,440 --a------ C:\WINDOWS\system32\ShellManager310E2D762.dll
2008-06-21 03:43 . 2008-02-28 13:01 774,144 --a------ C:\WINDOWS\system32\NEROINSTAEC43759.DB
2008-06-19 10:45 . 2008-06-22 03:13 <DIR> d-------- C:\Program Files\Crystal Button 2007
2008-06-19 10:44 . 1999-03-15 16:39 212,992 --a------ C:\WINDOWS\ALCHUNIN.EXE
2008-06-19 10:41 . 2008-06-19 10:41 <DIR> d-------- C:\Program Files\Advanced Business Card Maker
2008-06-19 10:40 . 2008-06-23 05:08 <DIR> d-------- C:\Program Files\Banner Maker Pro 6
2008-06-17 22:46 . 2008-06-17 22:46 <DIR> d-------- C:\Program Files\ImTOO
2008-06-17 20:15 . 2008-06-17 20:15 42 --a------ C:\WINDOWS\AlchemyMindworksUpdateList.INI
2008-06-17 20:10 . 2008-06-19 21:23 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Alchemy Mindworks
2008-06-17 05:46 . 2008-06-23 15:03 <DIR> d-------- C:\WINDOWS\system32\349168
2008-06-17 05:46 . 2008-06-17 05:46 33,280 --a------ C:\WINDOWS\system32\winpdc32.dll
2008-06-17 01:59 . 2008-06-17 01:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-06-17 01:58 . 2008-06-19 21:11 <DIR> d-------- C:\Program Files\Risk II
2008-06-17 00:54 . 2008-06-17 00:54 <DIR> d-------- C:\Program Files\ReflexiveArcade
2008-06-17 00:17 . 2008-06-17 00:17 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\GeoVid
2008-06-17 00:14 . 2008-06-17 00:14 <DIR> d-------- C:\Program Files\Common Files\GeoVid
2008-06-17 00:14 . 2007-06-28 19:55 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-06-17 00:14 . 2005-06-07 16:11 60,416 --a------ C:\WINDOWS\system32\dsetup.dll
2008-06-16 20:29 . <DIR> C:\Documents and Settings\Owner\Application Data\NeroDigitalT
2008-06-16 07:06 . 2008-06-16 07:06 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Nero
2008-06-16 07:02 . 2008-06-21 03:46 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-06-16 07:02 . 2008-06-21 03:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-16 04:19 . 2008-06-21 02:13 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\dvdcss
2008-06-16 04:12 . 2008-05-05 23:01 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2008-06-16 04:12 . 2008-05-05 23:01 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-06-16 03:12 . 2008-06-16 03:12 <DIR> d-------- C:\Program Files\Alexey V.Voronin
2008-06-16 03:12 . 2008-06-16 03:12 7,296 --a------ C:\WINDOWS\system32\drivers\AMD64CAx86.sys
2008-06-15 17:33 . 2008-06-23 19:12 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-15 17:33 . 2008-06-15 17:33 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-15 10:18 . 2008-06-15 10:18 <DIR> d-------- C:\Program Files\VSO
2008-06-15 10:18 . 2006-09-29 11:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
2008-06-15 10:18 . 2006-09-29 11:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
2008-06-15 10:18 . 2006-09-29 11:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
2008-06-15 10:16 . 2008-06-23 07:00 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Vso
2008-06-15 10:16 . 2008-06-15 10:18 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-06-15 10:16 . 2008-06-15 10:18 47,360 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.sys
2008-06-15 05:37 . 2008-06-23 11:41 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\BitTorrent
2008-06-14 16:57 . 2008-06-14 16:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-14 16:37 . 2008-06-14 16:37 <DIR> d-------- C:\Program Files\Process Explorer
2008-06-14 16:25 . 2008-06-14 16:28 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-14 16:24 . 2008-06-23 13:09 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-14 00:53 . 2008-06-14 00:53 68 --a------ C:\WINDOWS\MyProg.ini
2008-06-14 00:41 . 2008-06-14 00:46 125 --a--c--- C:\ioSpecial.ini
2008-06-14 00:24 . 2008-06-14 00:38 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\HideIP
2008-06-14 00:04 . 2008-06-14 00:04 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Systweak
2008-06-13 20:49 . 2008-06-13 20:51 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Feedreader
2008-06-13 18:48 . 2008-06-13 18:48 11 --a------ C:\WINDOWS\system\DID.DRV
2008-06-13 18:48 . 2008-06-13 19:05 5 --a------ C:\WINDOWS\system\BBR.DRV
2008-06-13 17:46 . 2008-06-14 19:39 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2008-06-13 02:25 . 2008-06-13 02:25 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\WNR
2008-06-12 20:21 . 2008-06-12 20:30 2,479 --a------ C:\WINDOWS\proxyht.ini
2008-06-12 19:53 . 2008-06-13 22:16 415 --a------ C:\WINDOWS\Proxyrama.INI
2008-06-11 20:05 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-06-11 20:05 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-06-11 20:05 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-06-11 20:05 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-06-11 20:05 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-06-11 20:05 . 2006-09-28 16:04 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2008-06-11 20:05 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-06-11 20:05 . 2006-11-15 11:38 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-06-11 16:47 . 2008-06-14 16:45 <DIR> d-------- C:\Program Files\QuickPar
2008-06-11 14:00 . 2007-07-04 03:04 888,832 --a------ C:\WINDOWS\system32\securenet.dll
2008-06-11 04:07 . 2008-06-11 04:07 13,030 --a--c--- C:\PDOXUSRS.NET
2008-06-11 03:28 . 2008-06-15 23:40 <DIR> d----c--- C:\TEMP
2008-06-11 03:00 . 2008-06-11 03:00 <DIR> d-------- C:\Program Files\IrfanView
2008-06-11 00:31 . 2008-06-11 00:52 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\DMCache
2008-06-10 21:32 . 2008-06-13 06:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-09 22:32 . 2008-06-09 22:32 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-06-08 19:24 . 2008-06-08 19:24 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Thinking Minds Budiling Bytes
2008-06-08 17:29 . 2008-06-12 22:04 32 --a------ C:\WINDOWS\go
2008-06-08 15:46 . 2008-06-08 21:53 <DIR> d-------- C:\Program Files\The Rosetta Stone
2008-06-08 15:46 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-06-08 14:52 . 2008-06-23 18:31 <DIR> d-------- C:\Program Files\Stardock
2008-06-08 14:52 . 2008-06-08 14:52 <DIR> d-------- C:\Program Files\Common Files\Stardock
2008-06-06 18:50 . 2008-06-08 02:03 <DIR> d-------- C:\Program Files\LimeWire
2008-06-06 18:05 . 2004-05-10 12:42 110,592 --a------ C:\WINDOWS\system32\suppdll.dll
2008-06-06 18:05 . 2004-05-10 22:42 35,363 --a------ C:\WINDOWS\system32\windrvNT.sys
2008-06-06 18:04 . 2008-06-23 17:06 <DIR> d-------- C:\Program Files\Folder Lock
2008-06-05 16:15 . 2007-05-28 23:05 112,441 --a------ C:\WINDOWS\73185.exe
2008-06-04 02:16 . 2008-03-09 16:02 81,632 --a------ C:\WINDOWS\system32\FLKill.exe
2008-05-30 22:45 . 2008-05-30 22:45 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-05-24 15:11 . 2008-05-29 16:23 <DIR> d-------- C:\WINDOWS\system32\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-23 19:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-23 12:33 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-21 21:11 --------- d--h--w C:\Documents and Settings\Owner\Application Data\IFLTemp
2008-06-21 20:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2008-06-20 17:28 --------- d-----w C:\Program Files\SpywareBlaster
2008-06-19 04:45 --------- d-----w C:\Documents and Settings\Owner\Application Data\LimeWire
2008-06-19 04:33 --------- d-----w C:\Program Files\Common Files\HP
2008-06-17 05:09 39,386 ----a-w C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-06-17 05:04 --------- d-----w C:\Documents and Settings\Owner\Application Data\Web Page Maker V2
2008-06-17 03:29 --------- d-----w C:\Documents and Settings\Owner\Application Data\NeroDigital™
2008-06-16 06:48 --------- d-----w C:\Documents and Settings\Owner\Application Data\Hamachi
2008-06-16 06:42 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-06-16 00:33 --------- d-----w C:\Program Files\iTunes
2008-06-15 16:36 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-06-15 04:00 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-14 23:25 --------- d-----w C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-06-13 10:41 --------- d-----w C:\Documents and Settings\Owner\Application Data\Talkback
2008-06-11 08:36 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-06-10 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-10 20:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-09 01:29 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-05-29 18:23 --------- d-----w C:\Documents and Settings\Owner\Application Data\mjusbsp
2008-05-22 20:18 --------- d-----w C:\Documents and Settings\Owner\Application Data\Image Zone Express
2008-05-16 05:44 --------- d-----w C:\Program Files\Google
2008-05-16 04:50 --------- d-----w C:\Documents and Settings\Owner\Application Data\ESET
2008-05-16 04:48 --------- d-----w C:\Program Files\ESET
2008-05-16 04:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-05-16 04:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-05-11 08:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-02 00:58 --------- d-----w C:\Program Files\AIM6
2008-04-25 07:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Age of Empires 3
2008-04-25 07:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-04-25 07:27 --------- d-----w C:\Documents and Settings\Owner\Application Data\DAEMON Tools
2008-04-25 04:55 --------- d-----w C:\Documents and Settings\Owner\Application Data\Aim
2006-04-12 02:15 2,112 ----a-w C:\Documents and Settings\Owner\fet2_settings.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 12:00 15360]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-14 16:28 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56 64512]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-13 13:42 212992]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 17:22 7618560]
"SunKistEM"="C:\Program Files\Digital Media Reader\shwiconem.exe" [2004-10-18 14:05 135168]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 04:32 50688]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2006-06-01 17:22 86016]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-01 04:54 1443072]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"AMD64 CPU Assistant"="" []
"HTV Agent"="C:\Program Files\HTV\HTV.exe" [2008-01-13 13:31 525312]

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-06-08 14:52:14 3581680]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\BigFix.exe [2005-10-04 07:15:51 1742384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2008-06-23 18:34 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winpdc32]
winpdc32.dll 2008-06-17 05:46 33280 C:\WINDOWS\system32\winpdc32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo"= CSvidcap.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"HazardShield"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\WINDOWS\\system32\\ftp.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1140989139\\ee\\aolsoftware.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Documents and Settings\\Owner\\Application Data\\mjusbsp\\magicJack.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\IDA\\idag.exe"=
"C:\\Program Files\\IDA\\idag64.exe"=
"C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX3 2.sys [2006-10-17 20:22]
R2 CX88XBAR;AVerMedia AVerTV MPEG Crossbar (Dual-Input);C:\WINDOWS\system32\drivers\A88BarBB.sys [2005-03-03 11:52]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepK E.sys [2006-09-01 12:32]
R3 CXAVSAUD;AVerMedia AVerTV AvStream Audio Capture;C:\WINDOWS\system32\drivers\A88AudBB.sys [2005-03-03 11:53]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-01-02 02:12]
S2 HPSLPSVC;HP Network Devices Support;C:\WINDOWS\system32\svchost.exe [2004-08-10 12:00]
S3 0f5853;0f5853;C:\WINDOWS\system32\0f5853.sys [2008-01-17 03:20]
S3 AMD64CA;AMD64CA;C:\WINDOWS\System32\Drivers\AMD64C Ax86.sys [2008-06-16 03:12]
S3 GPCIEnu1;GPCIEnu1;C:\WINDOWS\system32\GPCIEnum.sys [2006-08-06 15:06]
S4 HazardShield;HazardShield;C:\WINDOWS\system32\hzrC ontroller.exe [2008-01-26 04:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\M]
\Shell\AutoRun\command - M:\autorun.exe
\Shell\phone\command - M:\autorun.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-06-17 18:25:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-24 02:01:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2005-11-11 17:38:08 C:\WINDOWS\Tasks\ISP signup reminder 1.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2005-11-11 17:38:09 C:\WINDOWS\Tasks\ISP signup reminder 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-23 19:12:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\winpdc32.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehmsas.exe
.
************************************************** ************************
.
Completion time: 2008-06-23 19:15:37 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-24 02:15:34

Pre-Run: 145,584,967,680 bytes free
Post-Run: 145,451,999,232 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windo ws XP Media Center Edition" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

307 --- E O F --- 2008-06-20 10:59:00



I can't run hijack this because of this error:
And Ive already tried reinstalling
And I receive another error with another application?


EDIT****
I fixed the VB runtime errors
I can now open my programs
Below is the hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:23:34 PM, on 6/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\explorer.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://phoenix.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunKistEM] "C:\Program Files\Digital Media Reader\shwiconem.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - S-1-5-18 Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP Premium\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP Premium\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O16 - DPF: vzTCPConfig - http://www.verizon.net/checkmypc/fio...zTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.cox.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131fd.bay131.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft...?1183422235546
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162267301281
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://stercomm.webex.com/client/v_...ex/ieatgpc.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: winpdc32 - C:\WINDOWS\SYSTEM32\winpdc32.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9607 bytes
Attached Images
File Type: jpg 6-23-2008 7-22-19 PM.jpg (23.3 KB, 4 views)
File Type: jpg 6-23-2008 8-01-16 PM.jpg (15.2 KB, 3 views)


__________________


"I aced philosophy and mastered the art of spiritual phrase." D.P
  #4  
Old 06-24-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,610
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Some Problems?
Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.


O20 - Winlogon Notify: winpdc32 - C:\WINDOWS\SYSTEM32\winpdc32.dll


Reboot.............

==============================


Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Open *notepad* and copy/paste the text in the quotebox below into it:


Killall::

File::
C:\WINDOWS\system32\winpdc32.dll

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winpdc32]



Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.




Refering to the picture above, drag CFScript.txt into ComboFix.exe


When finished, it shall produce a log for you at C:\ComboFix.txt

Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please.


*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Altering this script in any way could damage your computer*


__________________
  • An Australian Member of
  • and
My real name is Eddy
  #5  
Old 06-24-2008
Terdogtanner's Avatar
Gold Member
My PC
 
Join Date: Jan 2008
Location: Phoenix, AZ
Posts: 345
PC Experience: Experienced