Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Pc Is Infected With Spyware


  • This topic is locked This topic is locked
2 replies to this topic

#1 s@m

s@m

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 11 July 2008 - 02:44 AM

Guyz,

PC Description: Hp-compaq V6000 LT

recently i have downloaded some video player (i cant remember the name nor i cant find it any wer in my pc). since then my antivirus Avast shouts with virus found and cleaned. i also have CA anti virus.

recently after i have read to clean this type of spywares i have installed spybot and HijakThis.

am in a situation wer i cant even take a backup of my files.

i have tried with microsoft pc scan. but my virus doesnt allow it. also, its not allowing my windows updates to install. all i can see in my Blue desktop with My desktop says "Warning! Spyware detected on your computer".

Pleas find my Hijackthis and spybot logs below.

HijackThis logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:48:37 PM, on 7/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\CA\eTrust Internet Security Suite\cctray\cctray.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {A6066D13-8760-4280-8546-E17EC511708C} - C:\WINDOWS\system32\ssqNHxyY.dll (file missing)
O2 - BHO: (no name) - {AE99EB12-A2D7-42D7-8BC2-754431199E2F} - C:\WINDOWS\system32\wvUkkIYr.dll (file missing)
O2 - BHO: (no name) - {C2BD28CC-AA6E-4D4C-AD92-8438854670FE} - C:\WINDOWS\system32\urqRJBRh.dll (file missing)
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\eTrust Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [6e4707ea] rundll32.exe "C:\WINDOWS\system32\ymvgijrn.dll",b
O4 - HKLM\..\Run: [lphc9l4j0ee5o] C:\WINDOWS\system32\lphc9l4j0ee5o.exe
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Arvind\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [JustVoip] "C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-420412701-3183639619-700505171-1006\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User '?')
O4 - HKUS\S-1-5-21-420412701-3183639619-700505171-1006\..\Run: [VoipCheapCom] "C:\Arvind\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized (User '?')
O4 - HKUS\S-1-5-21-420412701-3183639619-700505171-1006\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized (User '?')
O4 - HKUS\S-1-5-21-420412701-3183639619-700505171-1006\..\Run: [JustVoip] "C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe" -nosplash -minimized (User '?')
O4 - HKUS\S-1-5-21-420412701-3183639619-700505171-1006\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?')
O4 - HKUS\S-1-5-21-420412701-3183639619-700505171-1006\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://asia-ml02.asia.csc.com/iNotes6W.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E336402-1363-4518-8DB1-CC12D2B46076}: NameServer = 203.145.184.32,203.145.184.13
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CD1AC10-E46A-401E-8153-B297E8C16B48}: NameServer = 203.145.184.32,203.145.184.13
O20 - Winlogon Notify: wvUkkIYr - wvUkkIYr.dll (file missing)
O21 - SSODL: CheckAlrt - {0cf4e3a1-5da1-49ff-9f9e-868ff5716105} - C:\WINDOWS\Resources\CheckAlrt.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

--
End of file - 11984 bytes


------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Spybot log:


7/5/2008 12:05:56 PM Allowed (based on authenticode whitelist) value "Spybot - Search & Destroy" (new data: ""C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck") added in System Startup global entry!
7/5/2008 12:35:06 PM Allowed (based on user decision) value "{0edc6c20-a31c-11db-8ab9-0800200c9a66}" (new data: "") deleted in Browser Helper Object!
7/5/2008 12:35:09 PM Allowed (based on user decision) value "{3AAC4C68-AFC8-11DB-80EF-8AF955D89593}" (new data: "") deleted in Browser Helper Object!
7/5/2008 12:35:12 PM Allowed (based on user decision) value "{f015f320-ab08-11db-abbd-0800200c9a66}" (new data: "") deleted in Browser Helper Object!
7/5/2008 1:53:48 PM Denied (based on user decision) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/5/2008 7:15:39 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/6/2008 12:58:39 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/6/2008 1:21:36 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/6/2008 10:25:16 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/6/2008 10:42:04 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/6/2008 11:17:09 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/6/2008 11:20:06 AM Denied (based on user decision) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:07 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:09 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:10 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:11 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:12 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:13 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:14 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:15 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:17 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:18 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:19 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:20 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:21 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:22 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:23 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:24 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:26 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:27 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:28 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:29 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:30 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:31 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:32 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:33 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:35 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:36 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:37 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:49 AM Denied (based on user decision) value "6e4707ea" (new data: "") deleted in System Startup global entry!
7/6/2008 11:20:49 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:50 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:51 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:52 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:53 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:54 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:55 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:57 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:58 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:20:59 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:00 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:01 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:02 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:03 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:04 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:05 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:07 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:08 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:09 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:12 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:13 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:14 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:15 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:16 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:17 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:18 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:20 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:21 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:22 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:23 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:24 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:25 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:26 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:27 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:28 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:29 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:30 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:31 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:32 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:33 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:34 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:35 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:36 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:37 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:39 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:40 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:41 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:42 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:44 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:45 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:46 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:49 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:51 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:52 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:53 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:55 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:56 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 11:21:59 AM Denied (based on user blacklist) value "{7D909F7F-0C2D-4F0F-B96E-FF6265A87A29}" (new data: "") added in Browser Helper Object!
7/6/2008 9:40:21 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/7/2008 9:57:22 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/7/2008 7:46:23 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/7/2008 10:14:33 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/7/2008 10:17:19 PM Denied (based on user decision) value "lphc9l4j0ee5o" (new data: "") deleted in System Startup global entry!
7/7/2008 10:56:34 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/7/2008 11:26:32 PM Denied (based on user decision) value "KernelFaultCheck" (new data: "%systemroot%\system32\dumprep 0 -k") added in System Startup global entry!
7/7/2008 11:26:32 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/9/2008 8:39:37 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/9/2008 9:54:48 PM Allowed (based on user decision) value "Yahoo! Pager" (new data: ""C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet") changed in System Startup user entry!
7/10/2008 1:03:56 AM Allowed (based on user decision) value "{5ED80217-570B-4DA9-BF44-BE107C0EC166}" (new data: "") added in ActiveX Distribution Unit!
7/10/2008 8:41:12 AM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/10/2008 9:06:22 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/10/2008 9:35:42 PM Denied (based on user blacklist) value "Spybot - Search & Destroy" (new data: "") deleted in System Startup global entry!
7/10/2008 10:31:43 PM Allowed (based on user decision) value "Yahoo! Pager" (new data: ""C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet") changed in System Startup user entry!


Please Please Please help me out of this.

Thanks,

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 02 August 2008 - 04:01 PM

Hello s@m

Welcome to BleepingComputer :thumbsup:
========================
If you are still in need of assistance please post a new Hijackthis log.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 16 August 2008 - 08:41 AM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users