1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Windows Security Alert! Do I have a virus?

Discussion in 'Malware and Virus Removal Archive' started by Cy22, 2010/05/04.

Page 2 of 2
  1. 2010/05/17
    Cy22

    Cy22 Inactive Thread Starter

    Joined:
    2010/01/03
    Messages:
    21
    Likes Received:
    0
    Hello again, http://www.windowsbbs.com/images/smilies/redface.gifSorry about not getting back but stuff came up and the computer seems to be working fine. Anyway, I ran the program suggested and hijackthis. Hijackthis seems to be coming up with some suggested files to fix but with a warning to have it analyzed by someone who knows what they are looking at. Posted below are the two files.

    QuickScan Beta 32-bit v0.9.9.21
    -------------------------------
    Scan date: Mon May 17 08:41:47 2010
    Machine ID: E4B9A892



    No infection found.
    -------------------



    Processes
    ---------
    <unsigned> InstallShield Update Service 616 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

    <verified> 872 C:\Program Files\HP\HP UT\bin\hppusg.exe
    <verified> hpwuSchd Application 748 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    <verified> AVG Internet Security 1436 C:\Program Files\AVG\AVG9\avgchsvx.exe
    <verified> AVG Internet Security 1564 C:\Program Files\AVG\AVG9\avgcsrvx.exe
    <verified> AVG Internet Security 3828 C:\Program Files\AVG\AVG9\avgcsrvx.exe
    <verified> AVG Internet Security 3532 C:\Program Files\AVG\AVG9\avgemc.exe
    <verified> AVG Internet Security 2300 C:\Program Files\AVG\AVG9\avgfws9.exe
    <verified> AVG Internet Security 3332 C:\Program Files\AVG\AVG9\avgnsx.exe
    <verified> AVG Internet Security 1444 C:\Program Files\AVG\AVG9\avgrsx.exe
    <verified> AVG Internet Security 2288 C:\Program Files\AVG\AVG9\avgwdsvc.exe
    <verified> Bonjour 2344 C:\Program Files\Bonjour\mDNSResponder.exe
    <verified> DivX Update 1160 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    <verified> EPSON Status Monitor 3 2396 C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    <verified> Firefox 3496 C:\Program Files\Mozilla Firefox\firefox.exe
    <verified> InstallShield Update Service 672 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    <verified> InstallShield Update Service 448 C:\program files\common files\installshield\updateservice\isuspm.exe
    <verified> iTunes 2964 C:\Program Files\iPod\bin\iPodService.exe
    <verified> iTunes 732 C:\Program Files\iTunes\iTunesHelper.exe
    <verified> Java(TM) Platform SE 6 U19 2604 C:\Program Files\Java\jre6\bin\jqs.exe
    <verified> Messenger Plus! 3 712 C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    <verified> Microsoft Search Enhancement Pack 3108 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    <verified> Microsoft® Windows® Operating System 320 C:\WINDOWS\Explorer.EXE
    <verified> Microsoft® Windows® Operating System 2588 C:\WINDOWS\System32\alg.exe
    <verified> Microsoft® Windows® Operating System 880 C:\WINDOWS\system32\csrss.exe
    <verified> Microsoft® Windows® Operating System 1292 C:\WINDOWS\system32\ctfmon.exe
    <verified> Microsoft® Windows® Operating System 960 C:\WINDOWS\system32\lsass.exe
    <verified> Microsoft® Windows® Operating System 948 C:\WINDOWS\system32\services.exe
    <verified> Microsoft® Windows® Operating System 780 C:\WINDOWS\System32\smss.exe
    <verified> Microsoft® Windows® Operating System 464 C:\WINDOWS\system32\spoolsv.exe
    <verified> Microsoft® Windows® Operating System 1756 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 2008 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 2908 C:\WINDOWS\System32\svchost.exe
    <verified> Microsoft® Windows® Operating System 2232 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 1132 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 3200 C:\WINDOWS\System32\svchost.exe
    <verified> Microsoft® Windows® Operating System 2744 C:\WINDOWS\System32\svchost.exe
    <verified> Microsoft® Windows® Operating System 1344 C:\WINDOWS\System32\svchost.exe
    <verified> Microsoft® Windows® Operating System 3404 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 1376 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 1220 C:\WINDOWS\system32\svchost.exe
    <verified> Microsoft® Windows® Operating System 904 C:\WINDOWS\system32\winlogon.exe
    <verified> Microsoft® Windows® Operating System 1008 C:\WINDOWS\system32\wscntfy.exe
    <verified> RealPlayer (32-bit) 3264 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    <verified> Windows Live Messenger 2084 C:\Program Files\Windows Live\Messenger\msnmsgr.exe


    Network activity
    ----------------
    Process firefox.exe (3496) connected on port 80 (HTTP) --> yo-in-f101.1e100.net
    Process firefox.exe (3496) connected on port 80 (HTTP) --> a96-16-228-20.deploy.akamaitechnologies.com
    Process firefox.exe (3496) connected on port 80 (HTTP) --> a72-247-53-115.deploy.akamaitechnologies.com

    Process svchost.exe (1220) listens on ports: 135 (RPC)
    Process svchost.exe (2008) listens on ports: 2869 (SSDP event notification, UPNP)


    Autoruns and critical files
    ---------------------------
    <unsigned> LimeWire C:\Program Files\LimeWire\LimeWire.exe
    <unsigned> crash_report.dll C:\WINDOWS\system32\crash_report.dll
    <unsigned> QuickTime C:\Program Files\QuickTime\qttask.exe
    <unsigned> SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

    <verified> C:\Program Files\HP\HP UT\bin\hppusg.exe
    <verified> hpwuSchd Application C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    <verified> ADeck Application C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    <verified> Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    <verified> Audible Download Manager C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    <verified> AVG Internet Security C:\WINDOWS\system32\avgrsstx.dll
    <verified> DivX Update C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    <verified> EPSON Status Monitor 3 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
    <verified> Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
    <verified> hp digital imaging - hp all-in-one seri C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    <verified> InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    <verified> InstallShield Update Service c:\progra~1\common~1\instal~1\update~1\isuspm.exe
    <verified> iTunes C:\Program Files\iTunes\iTunesHelper.exe
    <verified> Messenger Plus! 3 C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    <verified> Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\crypt32.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\shell32.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\upnpui.dll
    <verified> Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\wlnotify.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
    <verified> quickstart.exe C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    <verified> RealPlayer (32-bit) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    <verified> SDMessaging Application C:\Program Files\SmartDraw 2009\Messages\SDNotify.exe
    <verified> SuperAntiSpyware C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
    <verified> SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    <verified> UpdateTask.exe C:\Program Files\Ask.com\UpdateTask.exe
    <verified> WEP Application C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe
    <verified> Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    <verified> Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


    Browser plugins
    ---------------
    <unsigned> FFExternalAlert.dll C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{0fc64d74-ea76-49a3-b606-7801b5013798}\components\FFExternalAlert.dll
    <unsigned> FFExternalAlert.dll C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\FFExternalAlert.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    <unsigned> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    <unsigned> RadioWMPCore.dll C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\RadioWMPCore.dll
    <unsigned> RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
    <unsigned> RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
    <unsigned> RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
    <unsigned> RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

    <verified> 2007 Microsoft Office system C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
    <verified> AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
    <verified> Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
    <verified> Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
    <verified> Adobe® Flash® Player ActiveX C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
    <verified> ArmHelper Control C:\WINDOWS\Downloaded Program Files\armhelper.ocx
    <verified> AVG Internet Security c:\program files\avg\avg9\avgssie.dll
    <verified> AVG Security Toolbar c:\program files\avg\avg9\toolbar\ietoolbar.dll
    <verified> BejeweledTwist ActiveX Control Module C:\WINDOWS\Downloaded Program Files\bejeweledtwist.ocx
    <verified> BitDefender QuickScan C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    <verified> BitDefender QuickScan C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    <verified> Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
    <verified> Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    <verified> DivX Web Player C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    <verified> Games C:\WINDOWS\Downloaded Program Files\wwlaunch.ocx
    <verified> getPlusPlus for Adobe 16263 C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
    <verified> getPlusPlus for Adobe 16263 C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
    <verified> Google Update C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
    <verified> InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
    <verified> InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
    <verified> InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll
    <verified> Java Deployment Toolkit 6.0.190.4 C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
    <verified> Java(TM) Platform SE 6 U19 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    <verified> Messenger C:\Program Files\Messenger\msmsgs.exe
    <verified> Microsoft Office Live Plug-in for Firef C:\Program Files\Microsoft\Office Live\npOLW.dll
    <verified> Microsoft Search Enhancement Pack c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
    <verified> Microsoft® Windows Live Login Helper c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
    <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
    <verified> Monopoly Downtown C:\WINDOWS\Downloaded Program Files\monopoly.ocx
    <verified> Mozilla ActiveX control and plugin supp C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{0fc64d74-ea76-49a3-b606-7801b5013798}\components\npmozax.dll
    <verified> Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
    <verified> Musicnotes C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
    <verified> npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    <verified> npsoe.dll C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\plugins\npsoe.dll
    <verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    <verified> Office Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
    <verified> RealNetworks Rhapsody Player Engine C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
    <verified> RealPlayer Download and Record Plugin c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    <verified> RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
    <verified> RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
    <verified> Shockwave for Director C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
    <verified> Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
    <verified> Silverlight Plug-In C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
    <verified> SpinTopDRM Module C:\WINDOWS\Downloaded Program Files\CONFLICT.1\stg_drm.ocx
    <verified> SpinTopDRM Module C:\WINDOWS\Downloaded Program Files\stg_drm.ocx
    <verified> Toolbar c:\program files\ask.com\genericasktoolbar.dll
    <verified> Windows Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
    <verified> Windows Live Toolbar c:\program files\windows live\toolbar\wltcore.dll
    <verified> Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    <verified> Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll


    Missing files
    -------------
    File not found: C:\DOCUME~1\Cyril\LOCALS~1\Temp\catchme.sys
    referenced in: HKLM\System\ControlSet001\services\catchme\ "ImagePath "

    File not found: C:\WINDOWS\System32\hidserv.dll
    referenced in: HKLM\System\ControlSet001\services\HidServ\Parameters\ "ServiceDll "


    Scan
    ----
    <unsigned> MD5: 5cac3b0c55fffedf72ef6b6fa4651a4c C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{0fc64d74-ea76-49a3-b606-7801b5013798}\components\FFExternalAlert.dll
    <unsigned> MD5: ebebdbf1df7621623bbc5af82b533542 C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\FFExternalAlert.dll
    <unsigned> MD5: 696f6787818300362f15485d654f6887 C:\Documents and Settings\Cyril\Application Data\Mozilla\Firefox\Profiles\twq68gr9.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\RadioWMPCore.dll
    <unsigned> MD5: 0617536c5edaf36f301bd2b04c05e30f C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
    <unsigned> MD5: 77a9702b15f85eae57848fd0a64ac00e C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
    <unsigned> MD5: 60d2cfc4891b7208d11896299af26c80 C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
    <unsigned> MD5: 2b7f2dc5741bb18f7f5ec7558da68197 C:\Program Files\LimeWire\LimeWire.exe
    <unsigned> MD5: bbe68209b95398bdb49beccf983f9632 C:\Program Files\MessengerPlus! 3\Detoured.dll
    <unsigned> MD5: 26b018758226a5dc06de45496c394d40 C:\Program Files\Mozilla Firefox\freebl3.dll
    <unsigned> MD5: 9dfb30f203999a3ae0f258a33fa598f9 C:\Program Files\Mozilla Firefox\nssdbm3.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    <unsigned> MD5: dd33975dcfe8c020c07f6707f81a1d12 C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
    <unsigned> MD5: 01f0264937036bd962563f1adf35ce72 C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
    <unsigned> MD5: 1fd6c03c0001a5e1eaf61596c2502f0c C:\Program Files\Mozilla Firefox\softokn3.dll
    <unsigned> MD5: da548872c3126b09d7832b4abeb54116 C:\Program Files\QuickTime\Plugins\npqtplugin4.dll
    <unsigned> MD5: 3af1ae1e0360410be3a8630050a59b8a C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx
    <unsigned> MD5: 84f6b3ae2bbbfc146a27ede853eccb6b C:\Program Files\QuickTime\QTSystem\QTCF.dll
    <unsigned> MD5: 86d32bb043c88fd79194ff7ab2ab3434 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
    <unsigned> MD5: eadfcaf6888b10183a0ef881453fa0ba C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll
    <unsigned> MD5: 239eadd6b5ab68051c3dad1e9403b33d C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll
    <unsigned> MD5: 22e960972ef4b0618b9ac9a682575f22 C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx
    <unsigned> MD5: 47ce0350ae660f9ad0975692b6c85695 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx
    <unsigned> MD5: a45b03f379d124ea0c4b6390ea211b19 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx
    <unsigned> MD5: 21e38dd925ab33fba75cd1d8f7c2cc97 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.dll
    <unsigned> MD5: d3c20763228736bca5d8ed59ba9a11aa C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx
    <unsigned> MD5: 20880f723cfb89322d65fdbb8c3b52b2 C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.dll
    <unsigned> MD5: 7d472248ffd7305045b2a9360b1c8b6c C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx
    <unsigned> MD5: 1c9627f01660e6ae2ffed5d92395e656 C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx
    <unsigned> MD5: c267ef333321b5cb0831cefe26a4e2ae C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx
    <unsigned> MD5: be1e7b9158345f6ae54b54aa1fc4a37d C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx
    <unsigned> MD5: 01375df189d5dda6d866e5e791227499 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx
    <unsigned> MD5: 0fcaba8494b18001addf5fdf85baccac C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx
    <unsigned> MD5: 2f49a7525ee3ad59bdde915ae07113ad C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx
    <unsigned> MD5: f9c3cfe46e0aacac0f387e5625b7d0e6 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx
    <unsigned> MD5: 90abf1ec87ae325c9e836b9e05aac3f9 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx
    <unsigned> MD5: 1f2f8d43f8fc84cd3883aa20eda17f4c C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx
    <unsigned> MD5: 37b298befb4c1d1d7bc815e126d2f860 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx
    <unsigned> MD5: 2fc2677954876e6fe158147b9f04be98 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.dll
    <unsigned> MD5: 916590e4e64e5d02566632e5cdfee9e7 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx
    <unsigned> MD5: 1868b13184649bb03c6a05f7b20b91f2 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx
    <unsigned> MD5: c5227fdc50f1c0ee360c3b4b288a550f C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx
    <unsigned> MD5: 7b210ab791f6e8f337aacdd25d696ddf C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.qtx
    <unsigned> MD5: cffbab30329bb84205451900033a8f7c C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.dll
    <unsigned> MD5: 67e97d125afa402ac0278f940e1a2e1a C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.dll
    <unsigned> MD5: 55d7a219ad8d0db8980528944152a6fd C:\Program Files\QuickTime\qttask.exe
    <unsigned> MD5: a7416ce124ef1e6df0e88e583e238f20 C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
    <unsigned> MD5: 9005a51c551ed70f8bd0c02054b2bd58 C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
    <unsigned> MD5: 50f9124cb00860a39934283222e39990 C:\Program Files\Real\RealPlayer\browserrecord\rpmainbrowserrecordplugin.dll
    <unsigned> MD5: 89b0d5db4cafc9acc09a4863dd918158 C:\Program Files\Real\RealPlayer\browserrecord\thinshims\rpnpshimqt.dll
    <unsigned> MD5: 89b0d5db4cafc9acc09a4863dd918158 C:\Program Files\Real\RealPlayer\browserrecord\thinshims\rpnpshimswf.dll
    <unsigned> MD5: dd33975dcfe8c020c07f6707f81a1d12 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
    <unsigned> MD5: 01f0264937036bd962563f1adf35ce72 C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
    <unsigned> MD5: 482e8f6fd557d5a0df7363f72df145fe C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    <unsigned> MD5: 77a9702b15f85eae57848fd0a64ac00e C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
    <unsigned> MD5: ff885a5a7af62f47a5b97f385cfd4fbf C:\WINDOWS\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\interop.hpqusg.dll
    <unsigned> MD5: fc6427ffb3d95cf1bb9babe68baa8385 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
    <unsigned> MD5: c6a6bbf37263d7b17c842adb92d1f1ca C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
    <unsigned> MD5: 28766b0b79493832741cadb3717eec0c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
    <unsigned> MD5: cb4eb419ee75bd1679e64691de709d1a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
    <unsigned> MD5: 7f463ed611a7d56b114072c8f3cc7747 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
    <unsigned> MD5: 77ddf48fc522950c4438cdafba856705 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
    <unsigned> MD5: b9a6dde053d32ae313e7fd295f14fc7f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
    <unsigned> MD5: ea85d8bcd14e68d8f78be109bc0b2770 C:\WINDOWS\system32\crash_report.dll
    <unsigned> MD5: 3e9a33113d663d8bd5ed38858e669652 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll


    No file uploaded.

    Scan finished - communication took 2 sec
    Total traffic - 0.02 MB sent, 0.40 KB recvd
    Scanned 823 files and modules - 66 seconds

    ==============================================================================



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:43:55 AM, on 5/17/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\HP UT\bin\hppusg.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Program Files\AVG\AVG9\avgfws9.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG9\avgemc.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\common files\installshield\updateservice\isuspm.exe
    C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600 "
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe "
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT "
    O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/229?cbc0ed3a631848a19403c79c89e1f1c2
    O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/230?cbc0ed3a631848a19403c79c89e1f1c2
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
    O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
    O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} (BejeweledTwist Control) - http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
    O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} (Monopoly Control) - http://www.worldwinner.com/games/v46/monopoly/monopoly.cab
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Risk\Images\armhelper.ocx
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O21 - SSODL: crash_report - {495FE683-6249-4A05-8D1A-8F7CD8DF5A6D} - C:\WINDOWS\system32\crash_report.dll
    O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
    O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 9938 bytes
     
    Cy22,
    #21
  2. 2010/05/17
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Verify your Java version here: http://www.java.com/en/download/installed.jsp
    Update, if necessary.
    Uninstall all previous Java versions, through Add\Remove (Programs & Features in Vista).

    ==================================================================

    Please, uninstall MessengerPlus! 3 as is comes bundled with C2Media LOP adware.

    ==================================================================

    Other than that...


    Your computer is clean :)

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

    Turn off System Restore:

    - Windows XP:
    1. Click Start.
    2. Right-click the My Computer icon, and then click Properties.
    3. Click the System Restore tab.
    4. Check "Turn off System Restore ".
    5. Click Apply.
    6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
    7. Click OK.
    - Windows Vista and 7:
    1. Click Start.
    2. Right-click the Computer icon, and then click Properties.
    3. Click on System Protection under the Tasks column on the left side
    4. Click on Continue on the "User Account Control" window that pops up
    5. Under the System Protection tab, find Available Disks
    6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C: ")
    7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
    8. Click OK

    2. Restart computer.

    3. Turn System Restore on.

    4. Make sure, Windows Updates are current.

    [SIZE= "4"]5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately![/SIZE]

    6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    7. Run defrag at your convenience.

    8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    9. Please, let me know, how is your computer doing.
     
    broni,
    #22


  3. to hide this advert.

  4. 2010/05/23
    Cy22

    Cy22 Inactive Thread Starter

    Joined:
    2010/01/03
    Messages:
    21
    Likes Received:
    0
    Thank you Broni, My computer is working fine. I'm going to change the thread from active
     
    Cy22,
    #23
  5. 2010/05/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I'm glad to hear good news :)
    Good luck and stay safe :)
     
    broni,
    #24
Page 2 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...