Posted May 25, 201212 yr FPCH Admin Hi,I run into an issue on my computer and I believe it's the result of a virus. I'm unable to access my program files, even as an administrator. Any help on this matter would be appreciated. I've enclosed a log generated by HijackThis, hopefully it's useful.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 2:05:29 PM, on 25/05/2012Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exeC:Program Files (x86)SkypePhoneSkype.exeC:Program Files (x86)Veoh NetworksVeohWebPlayerveohwebplayer.exeC:Program Files (x86)HPDigital Imagingbinhpqtra08.exeC:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXEC:UserssamDocumentsRCA DetectiveRCADetective.exeC:Program FilesCamera Assistant Software for Gatewaytraybar.exeC:Program Files (x86)CyberLinkPowerDVDPDVDServ.exeC:Program Files (x86)HPHP Software Updatehpwuschd2.exeC:Program Files (x86)Spyware TerminatorSpywareTerminatorShield.ExeC:Program Files (x86)iTunesiTunesHelper.exeC:Program Files (x86)AVGAVG2012avgtray.exeC:Program Files (x86)AVG Secure Searchvprot.exeC:Program Files (x86)Common FilesJavaJava Updatejusched.exeC:Program FilesCamera Assistant Software for GatewayCEC_MAIN.exeC:WindowsSysWOW64conime.exeC:Program Files (x86)HPDigital ImagingbinhpqSTE08.exeC:Program Files (x86)HPDigital Imagingbinhpqbam08.exeC:Program Files (x86)HPDigital Imagingbinhpqgpc01.exeC:Program Files (x86)HPDigital Imagingbinhpqdirec.exeC:Program Files (x86)Microsoft OfficeOffice12WINWORD.EXEC:Program Files (x86)Mozilla Firefoxfirefox.exeC:Program Files (x86)Mozilla Firefoxplugin-container.exeC:UserssamDesktopmp3DirectCut.exeC:Program Files (x86)Spyware TerminatorSpywareTerminatorUpdate.exeC:UserssamDownloadsHijackThis.exeC:WindowsSysWOW64NOTEPAD.EXEC:UserssamDesktopHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0809&m=md7811uR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.crawler.com/homepage.aspx?tbid=60446R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0809&m=md7811uR1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0809&m=md7811uR0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htmR1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 192.168.*.**.localR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = R3 - URLSearchHook: Veoh Web Player Toolbar - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:Program Files (x86)Veoh_Web_PlayertbVeoh.dllO1 - Hosts: ::1 localhostO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_printenhancer.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:Program Files (x86)AVGAVG2012avgdtiex.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program Files (x86)AVGAVG2012avgssie.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:Program Files (x86)AVG Secure Search10.2.0.3AVG Secure Search_toolbar.dllO2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dllO2 - BHO: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:Program Files (x86)Veoh_Web_PlayertbVeoh.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dllO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllO3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:Program Files (x86)Veoh NetworksVeoh Video CompassSearchRecsPlugin.dllO3 - Toolbar: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:Program Files (x86)Veoh_Web_PlayertbVeoh.dllO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:Program Files (x86)AVG Secure Search10.2.0.3AVG Secure Search_toolbar.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dllO4 - HKLM..Run: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRunO4 - HKLM..Run: [Camera Assistant Software] "C:Program FilesCamera Assistant Software for Gatewaytraybar.exe"O4 - HKLM..Run: [RemoteControl] "C:Program Files (x86)CyberLinkPowerDVDPDVDServ.exe"O4 - HKLM..Run: [LanguageShortcut] "C:Program Files (x86)CyberLinkPowerDVDLanguageLanguage.exe"O4 - HKLM..Run: [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exeO4 - HKLM..Run: [GrooveMonitor] "C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe"O4 - HKLM..Run: [AppleSyncNotifier] C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exeO4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottimeO4 - HKLM..Run: [spywareTerminator] "C:Program Files (x86)Spyware TerminatorSpywareTerminatorShield.exe"O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"O4 - HKLM..Run: [AVG_TRAY] "C:Program Files (x86)AVGAVG2012avgtray.exe"O4 - HKLM..Run: [vProt] "C:Program Files (x86)AVG Secure Searchvprot.exe"O4 - HKLM..Run: [ROC_roc_dec12] "C:Program Files (x86)AVG Secure SearchROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe"O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exeO4 - HKCU..Run: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /nosplash /minimizedO4 - HKCU..Run: [VeohPlugin] "C:Program Files (x86)Veoh NetworksVeohWebPlayerveohwebplayer.exe"O4 - HKCU..Run: [spywareTerminatorUpdate] "C:Program Files (x86)Spyware TerminatorSpywareTerminatorUpdate.exe"O4 - HKCU..Run: [Google Update] "C:UserssamAppDataLocalGoogleUpdateGoogleUpdate.exe" /cO4 - HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exeO4 - HKCU..Run: [uTorrent] "C:UserssamDesktopuTorrent.exe" /MINIMIZEDO4 - HKCU..Run: [uninstall_CToolbar] "C:UserssamAppDataLocalTempCUninst.exe" "/remove"O4 - HKCU..RunOnce: [FlashPlayerUpdate] C:WindowsSysWOW64MacromedFlashFlashUtil11f_Plugin.exe -update pluginO4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXEO4 - Startup: RCA Detective.lnk = C:UserssamDocumentsRCA DetectiveRCADetective.exeO4 - Global Startup: Bluetooth.lnk = ?O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program Files (x86)HPDigital Imagingbinhpqtra08.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~2MICROS~1Office12EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlO9 - Extra button: @C:Program Files (x86)Windows LiveCompanioncompanionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dllO9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dllO9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:Program Files (x86)AVGAVG2012avgdtiex.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~1Office12REFIEBAR.DLLO9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htmO9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htmO9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dllO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program Files (x86)AVGAVG2012avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLLO18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:Program Files (x86)Common FilesAVG Secure SearchViProtocolInstaller10.2.0ViProtocol.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dllO23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exeO23 - Service: Ati External Event Utility - Unknown owner - C:Windowssystem32Ati2evxx.exe (file missing)O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:Program Files (x86)AVGAVG2012AVGIDSAgent.exeO23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:Program Files (x86)AVGAVG2012avgwdsvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exeO23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)Gateway GamesGateway Game ConsoleGameConsoleService.exeO23 - Service: Google Update Service (gupdate1ca790ddc767a72) (gupdate1ca790ddc767a72) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exeO23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:Program Files (x86)O2Micro Flash Memory Card Drivero2flash.exeO23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:Program Files (x86)Spyware Terminatorsp_rsser.exeO23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater10.2.0ToolbarUpdater.exeO23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)O23 - Service: XAudioService - Unknown owner - C:Windowssystem32DRIVERSxaudio64.exe (file missing)--End of file - 17246 bytes View this thread Off Topic Forum - Unlike the Rest
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.