hijack scan log

jackibell · January 13, 2011

i have no clue what i am doing...

is this what i am supposed to provide and if yes, what does it mean? thank you and please forgive my ignorance...

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/1/2010 12:11:36 PM

System Uptime: 1/12/2011 6:28:04 AM (20 hours ago)

Motherboard: Dell Inc. | | 0RF703

Processor: Intel® Core2 CPU 6400 @ 2.13GHz | Microprocessor | 2126/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 698 GiB total, 688.667 GiB free.

D: is CDROM ()

E: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Broadcom NetXtreme 57xx Gigabit Controller

Device ID: PCI\VEN_14E4&DEV_167A&SUBSYS_01DA1028&REV_02\4&21E4E6E0&0&00E4

Manufacturer: Broadcom

Name: Broadcom NetXtreme 57xx Gigabit Controller

PNP Device ID: PCI\VEN_14E4&DEV_167A&SUBSYS_01DA1028&REV_02\4&21E4E6E0&0&00E4

Service: b57w2k

==== System Restore Points ===================

RP1: 10/18/2010 11:40:44 PM - System Checkpoint

RP2: 10/18/2010 11:40:59 PM - Advanced SystemCare RestorePoint

RP3: 10/19/2010 12:31:46 AM - Installed DesktopEarth

RP4: 10/20/2010 12:40:37 AM - System Checkpoint

RP5: 10/20/2010 5:29:18 PM - Removed DesktopEarth

RP6: 10/22/2010 7:54:16 PM - System Checkpoint

RP7: 10/23/2010 8:41:53 PM - System Checkpoint

RP8: 10/23/2010 11:51:27 PM - Installed Adobe Reader 9.4.0.

RP9: 10/25/2010 12:23:24 AM - System Checkpoint

RP10: 10/28/2010 4:05:04 PM - Avg Update

RP11: 10/29/2010 5:00:45 PM - System Checkpoint

RP12: 10/30/2010 5:58:20 PM - System Checkpoint

RP13: 10/31/2010 6:56:32 PM - System Checkpoint

RP14: 11/1/2010 7:09:54 PM - System Checkpoint

RP15: 11/2/2010 8:20:36 PM - System Checkpoint

RP16: 11/3/2010 8:39:59 PM - System Checkpoint

RP17: 11/4/2010 10:17:34 PM - System Checkpoint

RP18: 11/5/2010 10:33:03 PM - System Checkpoint

RP19: 11/6/2010 9:46:50 PM - System Checkpoint

RP20: 11/7/2010 10:56:01 PM - System Checkpoint

RP21: 11/8/2010 11:44:02 PM - System Checkpoint

RP22: 11/9/2010 9:17:45 AM - Avg Update

RP23: 11/9/2010 9:18:19 AM - Avg Update

RP24: 11/9/2010 11:55:43 PM - Software Distribution Service 3.0

RP25: 11/11/2010 12:52:18 AM - System Checkpoint

RP26: 11/12/2010 1:47:29 AM - System Checkpoint

RP27: 11/13/2010 2:47:29 AM - System Checkpoint

RP28: 11/14/2010 3:47:29 AM - System Checkpoint

RP29: 11/15/2010 4:47:29 AM - System Checkpoint

RP30: 11/16/2010 5:47:29 AM - System Checkpoint

RP31: 11/17/2010 5:59:29 AM - System Checkpoint

RP32: 11/18/2010 9:31:56 PM - System Checkpoint

RP33: 11/19/2010 10:00:17 PM - System Checkpoint

RP34: 11/20/2010 10:56:06 PM - System Checkpoint

RP35: 11/21/2010 11:06:11 PM - System Checkpoint

RP36: 11/23/2010 12:25:47 AM - System Checkpoint

RP37: 11/24/2010 1:15:51 AM - System Checkpoint

RP38: 11/24/2010 8:49:14 AM - Avg Update

RP39: 11/24/2010 8:51:33 AM - Avg Update

RP40: 11/27/2010 3:40:02 PM - System Checkpoint

RP41: 11/29/2010 3:25:22 PM - System Checkpoint

RP42: 11/30/2010 9:19:08 AM - Installed Serif PhotoPlus 9.0

RP43: 11/30/2010 5:27:49 PM - IObit Uninstaller RestorePoint

RP44: 11/30/2010 5:28:25 PM - Removed Corel Paint Shop Pro Photo X2.

RP45: 12/1/2010 9:30:08 PM - System Checkpoint

RP46: 12/3/2010 12:01:22 PM - System Checkpoint

RP47: 12/4/2010 12:27:44 PM - System Checkpoint

RP48: 12/5/2010 1:08:38 PM - System Checkpoint

RP49: 12/5/2010 2:30:02 PM - Installed Mystical Demo.

RP50: 12/6/2010 3:02:44 PM - System Checkpoint

RP51: 12/7/2010 3:31:27 PM - System Checkpoint

RP52: 12/8/2010 6:37:03 PM - System Checkpoint

RP53: 12/10/2010 9:33:32 PM - System Checkpoint

RP54: 12/11/2010 10:05:04 PM - System Checkpoint

RP55: 12/12/2010 12:27:44 AM - Installed HTC Driver Installer.

RP56: 12/12/2010 12:28:12 AM - Installed HTC Sync.

RP57: 12/12/2010 12:56:52 AM - Removed HTC Sync.

RP58: 12/12/2010 12:59:47 AM - Installed Windows XP Wdf01007.

RP59: 12/12/2010 1:09:27 AM - Installed HTC Driver Installer.

RP60: 12/12/2010 1:09:54 AM - Installed HTC Sync.

RP61: 12/13/2010 1:14:19 AM - System Checkpoint

RP62: 12/14/2010 1:18:53 AM - System Checkpoint

RP63: 12/15/2010 2:18:53 AM - System Checkpoint

RP64: 12/15/2010 3:00:13 AM - Software Distribution Service 3.0

RP65: 12/16/2010 3:33:33 AM - System Checkpoint

RP66: 12/17/2010 4:23:36 AM - System Checkpoint

RP67: 12/17/2010 6:17:36 PM - Installed AD100 Pro Loader

RP68: 12/19/2010 7:04:33 PM - System Checkpoint

RP69: 12/20/2010 7:19:24 PM - System Checkpoint

RP70: 12/21/2010 11:40:33 PM - System Checkpoint

RP71: 12/23/2010 11:38:43 PM - System Checkpoint

RP72: 12/26/2010 9:59:26 AM - System Checkpoint

RP73: 12/27/2010 10:00:08 AM - System Checkpoint

RP74: 12/28/2010 10:06:07 AM - System Checkpoint

RP75: 12/29/2010 10:48:06 AM - System Checkpoint

RP76: 12/30/2010 11:48:06 AM - System Checkpoint

RP77: 12/31/2010 12:48:06 PM - System Checkpoint

RP78: 1/1/2011 1:31:17 PM - System Checkpoint

RP79: 1/2/2011 1:35:57 PM - System Checkpoint

RP80: 1/3/2011 1:45:18 PM - System Checkpoint

RP81: 1/4/2011 2:29:09 PM - System Checkpoint

RP82: 1/5/2011 3:17:09 PM - System Checkpoint

RP83: 1/6/2011 3:45:32 PM - System Checkpoint

RP84: 1/7/2011 4:39:50 PM - System Checkpoint

RP85: 1/8/2011 5:26:48 PM - System Checkpoint

RP86: 1/9/2011 5:55:49 PM - System Checkpoint

RP87: 1/10/2011 6:55:49 PM - System Checkpoint

RP88: 1/11/2011 7:55:49 PM - System Checkpoint

RP89: 1/11/2011 9:55:33 PM - Installed Windows XP KB2419632.

RP90: 1/12/2011 12:57:43 AM - Removed Windows Live ID Sign-in Assistant

RP91: 1/12/2011 1:54:15 AM - Software Distribution Service 3.0

RP92: 1/13/2011 12:44:29 AM - IObit Uninstaller RestorePoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer

AD100 Pro Loader

Adobe Reader 9.4.0

Advanced SystemCare 3

AVG 9.0

Broadcom Gigabit Integrated Controller

BufferChm

Copy

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DJ_AIO_03_F4200_ProductContext

DJ_AIO_03_F4200_Software

DJ_AIO_03_F4200_Software_Min

eSupportQFolder

F4200

F4200_Help

FTDI USB Serial Converter Drivers

Google Chrome

Google Earth Plug-in

Google Update Helper

GPBaseService

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB981793)

HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Solution Center 10.0

HP Update

HPProductAssistant

HTC Driver Installer

HTC Sync

Intel® Graphics Media Accelerator Driver

IObit Security 360

Java Auto Updater

Java 6 Update 22

LightMachine 1.05 (Plugin Demo)

Microsoft Application Error Reporting

Microsoft IntelliType Pro 7.1

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox (3.6.13)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystical Demo

OpenOffice.org 3.2

PhotoFreebies 2.0

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Scan

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Serif PhotoPlus 9.0

SolutionCenter

SoundMAX

Sprint SmartView

Status

Toolbox

TrayApp

UnloadSupport

Update for Windows Internet Explorer 8 (KB975364)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

WebReg

Windows Driver Package - Advanced Diagnostics AD100 Pro Driver Package (05/19/2006 2.00.00)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

==== Event Viewer Messages From Past Week ========

1/9/2011 1:53:46 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.

1/7/2011 7:23:52 AM, error: Dhcp [1002] - The IP address lease 99.201.221.141 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 99.200.200.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 9:49:00 AM, error: Dhcp [1002] - The IP address lease 99.201.102.217 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.208.155.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 9:44:15 PM, error: Dhcp [1002] - The IP address lease 173.97.16.219 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 99.201.221.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 8:48:57 AM, error: Dhcp [1002] - The IP address lease 99.201.90.36 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 99.201.102.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 7:48:53 AM, error: Dhcp [1002] - The IP address lease 68.240.218.196 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 99.201.90.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 6:18:49 AM, error: Dhcp [1002] - The IP address lease 184.208.214.148 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 68.240.218.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 4:48:45 AM, error: Dhcp [1002] - The IP address lease 184.208.96.232 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.208.214.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 4:29:46 PM, error: Dhcp [1002] - The IP address lease 68.240.67.234 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 173.97.16.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 3:48:42 AM, error: Dhcp [1002] - The IP address lease 173.135.243.216 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.208.96.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 2:48:39 AM, error: Dhcp [1002] - The IP address lease 108.126.180.40 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 173.135.243.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 2:29:43 PM, error: Dhcp [1002] - The IP address lease 173.139.173.225 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 68.240.67.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 2:25:52 PM, error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

1/6/2011 2:25:52 PM, error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

1/6/2011 2:07:16 PM, error: Dhcp [1002] - The IP address lease 99.200.139.126 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 173.139.255.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 12:48:32 AM, error: Dhcp [1002] - The IP address lease 108.105.244.11 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 70.3.85.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 11:49:08 AM, error: Dhcp [1002] - The IP address lease 184.250.208.3 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 99.200.139.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 10:49:04 AM, error: Dhcp [1002] - The IP address lease 184.208.155.74 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.250.208.253 (The DHCP Server sent a DHCPNACK message).

1/6/2011 1:48:36 AM, error: Dhcp [1002] - The IP address lease 70.3.85.137 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 108.126.180.253 (The DHCP Server sent a DHCPNACK message).

1/13/2011 2:32:57 AM, error: Service Control Manager [7034] - The AVG E-mail Scanner service terminated unexpectedly. It has done this 2 time(s).

1/13/2011 2:31:10 AM, error: Service Control Manager [7034] - The IS360service service terminated unexpectedly. It has done this 2 time(s).

1/13/2011 2:31:10 AM, error: Service Control Manager [7034] - The AVG E-mail Scanner service terminated unexpectedly. It has done this 1 time(s).

1/13/2011 2:31:10 AM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

1/12/2011 9:38:34 AM, error: Dhcp [1002] - The IP address lease 184.251.203.231 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 68.240.175.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 6:28:25 AM, error: Dhcp [1002] - The IP address lease 173.139.42.247 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.251.203.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 5:38:05 PM, error: Dhcp [1002] - The IP address lease 184.251.138.61 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 108.105.197.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 12:51:21 AM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

1/12/2011 12:50:51 AM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).

1/12/2011 12:50:28 AM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

1/12/2011 12:50:12 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

1/12/2011 12:08:53 PM, error: Dhcp [1002] - The IP address lease 99.201.176.176 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.251.138.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 11:08:43 AM, error: Dhcp [1002] - The IP address lease 68.240.175.88 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 99.201.176.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 1:56:54 AM, error: Dhcp [1002] - The IP address lease 184.220.181.183 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 173.139.42.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 1:38:58 PM, error: Service Control Manager [7034] - The IS360service service terminated unexpectedly. It has done this 1 time(s).

1/12/2011 1:30:26 AM, error: Dhcp [1002] - The IP address lease 184.208.132.81 for the Network Card with network address 00A0D5FFFF85 has been denied by the DHCP server 184.220.181.253 (The DHCP Server sent a DHCPNACK message).

1/12/2011 1:04:57 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service helpsvc with arguments "" in order to run the server: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

==== End Of File ===========================

DDS (Ver_10-12-12.02) - NTFSx86

Run by User1 at 2:39:59.26 on Thu 01/13/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.473 [GMT -6:00]

AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\alg.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\AVG\AVG9\avgam.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\explorer.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Documents and Settings\User1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User1\My Documents\Downloads\dds.scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.com

uDefault_Page_URL = hxxp://www.msn.com

uWindow Title = Internet Explorer, optimized for Bing and MSN

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [Google Update] "c:\documents and settings\user1\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"

mRun: [iObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart

IE: &Search

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262372683406

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: avgrsstarter - avgrsstx.dll

Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user1\applic~1\mozilla\firefox\profiles\yfa4vmxr.default\

FF - prefs.js: browser.startup.homepage - hxxp://discountelectronics.com/home/

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - plugin: c:\documents and settings\user1\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg9\Firefox

FF - Ext: InvisibleHand: canitbecheaper@trafficbroker.co.uk - %profile%\extensions\canitbecheaper@trafficbroker.co.uk

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 3000000

FF - user.js: content.maxtextrun - 4095

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 1000000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 1000000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 1000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-10-17 52872]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-10-17 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-10-17 29584]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-10-17 243024]

R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-10-18 921952]

R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-10-18 308136]

R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-11-22 312152]

S0 cerc6;cerc6; [x]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-8 136176]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2010-12-12 24576]

=============== Created Last 30 ================

2011-01-12 07:17:10 -------- d-----w- c:\windows\system32\NtmsData

2011-01-12 06:57:46 -------- d-----w- c:\windows\system32\appmgmt

2011-01-07 04:26:37 -------- d-----w- c:\program files\Microsoft

2011-01-07 04:23:36 -------- d-sh--w- c:\documents and settings\user1\IECompatCache

2010-12-24 20:21:29 -------- d-----w- c:\program files\Adobe Flash Player

2010-12-24 20:00:10 25048 ----a-w- c:\program files\mozilla firefox\components\browserdirprovider.dll

2010-12-24 20:00:10 140248 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll

2010-12-20 16:03:28 317440 ----a-w- c:\windows\IsUninst.exe

2010-12-20 16:02:43 -------- d-----w- c:\documents and settings\user1\WINDOWS

2010-12-20 15:41:44 -------- d-----w- c:\docume~1\user1\applic~1\ThePluginSite

2010-12-18 00:17:37 -------- d-----w- c:\program files\Advanced Diagnostics

2010-12-18 00:16:46 47249 ----a-w- c:\windows\system32\drivers\ftdibus.sys

2010-12-18 00:16:46 188416 ----a-w- c:\windows\system32\ftdiunin.exe

2010-12-18 00:16:46 176128 ----a-w- c:\windows\system32\ftd2xx.dll

2010-12-18 00:16:46 106496 ----a-w- c:\windows\system32\ftbusui.dll

==================== Find3M ====================

2010-11-30 04:53:41 2516 --sha-w- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys

2010-11-30 04:47:47 88 --sh--r- c:\docume~1\alluse~1\applic~1\DBDFCA2B82.sys

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll

2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll

2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

2010-10-18 15:08:00 12536 ----a-w- c:\windows\system32\avgrsstx.dll

============= FINISH: 2:40:28.78 ===============

Superdave · January 14, 2011

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

What makes you think your computer is infected? Any symptoms?

It would appear that you AVG is out-of-date. Please update it asap.

Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the desktop.

**************************************************************

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

************************************************

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

************************************************

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1

Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.

* Open the Security Check folder and double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Sign In

hijack scan log

Recommended Posts

jackibell

Link to comment

Share on other sites

Superdave

Link to comment

Share on other sites

Archived

Browse

Activity