Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Pop ups and Cannot enable automatic update


  • Please log in to reply
1 reply to this topic

#1 chris233

chris233

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:43 AM

Posted 14 December 2008 - 03:03 PM

While I am on the internet random pop ups come up and they tend to be the same each time. One pop up for example keeps advertising for some antivirus software 360 i think. The other pop ups are just random advertisement. Also for some reason in the services window I cannot get Windows automatic update to start. It just goes back to disable whenever I change it to automatic and manual and then start it.

Log:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Christain at 2008-12-14 14:39:38
Microsoft Windows XP Professional Service Pack 1
System drive C: has 53 GB (90%) free of 59 GB
Total RAM: 703 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:39:47 PM, on 12/14/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Documents and Settings\Christain\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Christain.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: {d3292339-1d74-aad9-b574-165c4abc68c5} - {5c86cba4-c561-475b-9daa-47d19332923d} - C:\WINDOWS\System32\gzslxq.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\jkkKcDsp.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {D0DA532B-7903-4207-90C3-E14F5267714C} - C:\WINDOWS\System32\ddcCuRjH.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [60b72fec] rundll32.exe "C:\WINDOWS\System32\vlpwqlqi.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1229277062015
O20 - AppInit_DLLs: gzslxq.dll
O20 - Winlogon Notify: jkkKcDsp - C:\WINDOWS\SYSTEM32\jkkKcDsp.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 3340 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\iyoxvtzn.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5c86cba4-c561-475b-9daa-47d19332923d}]
C:\WINDOWS\System32\gzslxq.dll [2008-12-14 129024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
C:\WINDOWS\System32\jkkKcDsp.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0DA532B-7903-4207-90C3-E14F5267714C}]
C:\WINDOWS\System32\ddcCuRjH.dll [2008-12-14 302592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2002-08-29 842268]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-01-15 49152]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"60b72fec"=C:\WINDOWS\System32\vlpwqlqi.dll [2008-12-14 72704]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-14 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2002-08-20 1511453]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="gzslxq.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkKcDsp]
C:\WINDOWS\system32\jkkKcDsp.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=C:\WINDOWS\System32\jkkKcDsp.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\System32\ddcCuRjH

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-12-14 14:39:38 ----D---- C:\rsit
2008-12-14 13:41:30 ----D---- C:\WINDOWS\Sun
2008-12-14 13:40:51 ----A---- C:\WINDOWS\System32\javaws.exe
2008-12-14 13:40:51 ----A---- C:\WINDOWS\System32\javaw.exe
2008-12-14 13:40:51 ----A---- C:\WINDOWS\System32\java.exe
2008-12-14 13:40:51 ----A---- C:\WINDOWS\System32\deploytk.dll
2008-12-14 13:40:25 ----D---- C:\Program Files\Java
2008-12-14 13:38:41 ----D---- C:\Documents and Settings\Christain\Application Data\Sun
2008-12-14 13:22:59 ----D---- C:\Documents and Settings\Christain\Application Data\Adobe
2008-12-14 12:38:17 ----A---- C:\WINDOWS\System32\wuaueng.dll
2008-12-14 12:20:32 ----A---- C:\WINDOWS\System32\gzslxq.dll
2008-12-14 12:20:31 ----A---- C:\WINDOWS\System32\qhyrpaya.dll
2008-12-14 12:14:48 ----SH---- C:\WINDOWS\System32\iqlqwplv.ini
2008-12-14 12:14:45 ----A---- C:\WINDOWS\System32\vlpwqlqi.dll
2008-12-14 10:58:45 ----D---- C:\Program Files\Trend Micro
2008-12-14 09:39:06 ----A---- C:\WINDOWS\System32\6b94eb92-.txt
2008-12-14 09:38:43 ----ASH---- C:\WINDOWS\System32\HjRuCcdd.ini2
2008-12-14 09:38:43 ----ASH---- C:\WINDOWS\System32\HjRuCcdd.ini
2008-12-14 09:38:39 ----A---- C:\WINDOWS\System32\ddcCuRjH.dll
2008-12-14 09:35:48 ----A---- C:\WINDOWS\System32\yayyVliF.dll
2008-12-14 09:33:37 ----A---- C:\WINDOWS\System32\tuvVMEWq.dll
2008-12-14 09:33:35 ----A---- C:\WINDOWS\System32\jkkKcDsp.dll
2008-12-12 19:06:20 ----D---- C:\WINDOWS\System32\PreInstall
2008-12-12 19:06:17 ----A---- C:\WINDOWS\System32\spupdsvc.exe
2008-12-12 19:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-12 19:06:16 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-12 19:05:35 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-12 19:04:59 ----D---- C:\WINDOWS\System32\bits
2008-12-12 19:04:54 ----N---- C:\WINDOWS\System32\spmsg.dll
2008-12-12 19:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-12-12 19:04:25 ----N---- C:\WINDOWS\System32\xpob2res.dll
2008-12-12 19:04:25 ----N---- C:\WINDOWS\System32\bitsprx3.dll
2008-12-12 19:04:25 ----N---- C:\WINDOWS\System32\bitsprx2.dll
2008-12-12 19:04:25 ----A---- C:\WINDOWS\System32\winhttp.dll
2008-12-12 19:04:25 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2008-12-12 18:46:03 ----D---- C:\WINDOWS\System32\SoftwareDistribution
2008-12-12 18:44:25 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-12 18:44:18 ----A---- C:\WINDOWS\System32\wuweb.dll
2008-12-12 18:44:18 ----A---- C:\WINDOWS\System32\wups.dll
2008-12-12 18:44:18 ----A---- C:\WINDOWS\System32\wucltui.dll
2008-12-12 18:44:18 ----A---- C:\WINDOWS\System32\wuaueng1.dll
2008-12-12 18:44:18 ----A---- C:\WINDOWS\System32\wuauclt1.exe
2008-12-12 18:44:18 ----A---- C:\WINDOWS\System32\wuapi.dll
2008-12-12 18:34:06 ----A---- C:\WINDOWS\System32\MSVCR71.dll
2008-12-12 18:34:06 ----A---- C:\WINDOWS\System32\MSVCP71.dll
2008-12-12 18:34:06 ----A---- C:\WINDOWS\System32\MFC71.dll
2008-12-12 18:34:06 ----A---- C:\WINDOWS\System32\aswBoot.exe
2008-12-12 18:34:03 ----D---- C:\Program Files\Alwil Software
2008-11-26 12:38:53 ----D---- C:\WINDOWS\LastGood

======List of files/folders modified in the last 1 months======

2008-12-14 14:39:46 ----D---- C:\WINDOWS\Prefetch
2008-12-14 14:36:45 ----D---- C:\WINDOWS\system32
2008-12-14 13:41:30 ----D---- C:\WINDOWS
2008-12-14 13:40:57 ----SHD---- C:\WINDOWS\Installer
2008-12-14 13:40:53 ----D---- C:\WINDOWS\Temp
2008-12-14 13:40:25 ----RD---- C:\Program Files
2008-12-14 13:21:58 ----D---- C:\WINDOWS\System32\CatRoot2
2008-12-14 13:20:26 ----HD---- C:\WINDOWS\inf
2008-12-14 12:59:53 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-12-14 12:55:37 ----SD---- C:\Documents and Settings\Christain\Application Data\Microsoft
2008-12-14 12:51:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-14 12:17:31 ----D---- C:\WINDOWS\Debug
2008-12-14 12:16:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-14 12:10:53 ----D---- C:\WINDOWS\System32\config
2008-12-14 12:10:51 ----D---- C:\WINDOWS\System32\wbem
2008-12-14 12:10:50 ----D---- C:\WINDOWS\Registration
2008-12-14 12:09:56 ----D---- C:\WINDOWS\System32\Restore
2008-12-14 09:33:38 ----SD---- C:\WINDOWS\Tasks
2008-12-13 14:13:00 ----D---- C:\WINDOWS\System32\drivers
2008-12-13 14:11:38 ----A---- C:\test.txt
2008-12-12 19:06:01 ----A---- C:\WINDOWS\imsins.BAK
2008-12-12 18:46:11 ----D---- C:\WINDOWS\Help
2008-12-12 18:44:22 ----HD---- C:\Program Files\WindowsUpdate
2008-12-12 18:30:24 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2002-08-29 32512]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2008-11-26 50864]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2008-11-26 94032]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2008-11-26 23152]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-08-29 12160]
R3 USB_RNDIS;Arris Remote NDIS Network Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2002-08-29 11136]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2004-02-03 134144]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2004-05-24 141696]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2001-08-17 13952]
S3 Bridge;MAC Bridge; C:\WINDOWS\System32\DRIVERS\bridge.sys [2002-08-29 68864]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\System32\DRIVERS\bridge.sys [2002-08-29 68864]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MRVW245;Linksys Wireless-N USB Network Adapter WUSB300N; C:\WINDOWS\System32\DRIVERS\MRVW245.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-04-14 14432]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-14 152984]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]

-----------------EOF-----------------

INFO
info.txt logfile of random's system information tool 1.04 2008-12-14 14:39:51

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Advantage Biology and Chemistry-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67A95360-D4E0-11D4-9F17-00C0F0402C9B}\setup.exe"
Algebra 2 6.0-->"C:\WINDOWS\Algebra 2\uninstall.exe" "/U:C:\Program Files\Homeworkhelp.com\Algebra 2\irunin.xml"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Dirt Track Racing-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ratbag\Dirt Track Racing\Uninst.isu"
F1 Racing-->"C:\Program Files\F1 Racing\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x9
S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows XP Hotfix - KB842773-->C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe

=====HijackThis Backups=====

O4 - HKLM\..\Run: [Bar] C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\wemacnsoxr.tmp
O4 - HKLM\..\Run: [60b72fec] rundll32.exe "C:\WINDOWS\System32\rjnngseo.dll",b
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Kaspersky scan

KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, December 14, 2008
Operating System: Microsoft Windows XP Professional Service Pack 1 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, December 14, 2008 16:21:25
Records in database: 1460860


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
A:\
C:\
D:\
E:\

Scan statistics
Files scanned 31341
Threat name 1
Infected objects 2
Suspicious objects 0
Duration of the scan 00:41:37

File name Threat name Threats count
C:\Documents and Settings\Christain\Local Settings\Temp\der25.tmp Infected: not-a-virus:AdWare.Win32.Mirar.am 1

C:\Documents and Settings\Christain\Local Settings\Temp\Mirar_V77_LOG_IESC_AFF_ATD_TID_noMDNS_RPT_AVM_FLX_ADB_876984.exe Infected: not-a-virus:AdWare.Win32.Mirar.am 1

The selected area was scanned.

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:43 AM

Posted 23 December 2008 - 07:03 PM

Hello chris233

Welcome to BleepingComputer :thumbsup:
========================
If you are still in need of assistance please post a new Rsit log.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users