Jump to content

Featured Replies

Posted
  • FPCH Admin

Hi,I run into an issue on my computer and I believe it's the result of a virus. I'm unable to access my program files, even as an administrator. Any help on this matter would be appreciated. I've enclosed a log generated by HijackThis, hopefully it's useful.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 2:05:29 PM, on 25/05/2012Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exeC:Program Files (x86)SkypePhoneSkype.exeC:Program Files (x86)Veoh NetworksVeohWebPlayerveohwebplayer.exeC:Program Files (x86)HPDigital Imagingbinhpqtra08.exeC:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXEC:UserssamDocumentsRCA DetectiveRCADetective.exeC:Program FilesCamera Assistant Software for Gatewaytraybar.exeC:Program Files (x86)CyberLinkPowerDVDPDVDServ.exeC:Program Files (x86)HPHP Software Updatehpwuschd2.exeC:Program Files (x86)Spyware TerminatorSpywareTerminatorShield.ExeC:Program Files (x86)iTunesiTunesHelper.exeC:Program Files (x86)AVGAVG2012avgtray.exeC:Program Files (x86)AVG Secure Searchvprot.exeC:Program Files (x86)Common FilesJavaJava Updatejusched.exeC:Program FilesCamera Assistant Software for GatewayCEC_MAIN.exeC:WindowsSysWOW64conime.exeC:Program Files (x86)HPDigital ImagingbinhpqSTE08.exeC:Program Files (x86)HPDigital Imagingbinhpqbam08.exeC:Program Files (x86)HPDigital Imagingbinhpqgpc01.exeC:Program Files (x86)HPDigital Imagingbinhpqdirec.exeC:Program Files (x86)Microsoft OfficeOffice12WINWORD.EXEC:Program Files (x86)Mozilla Firefoxfirefox.exeC:Program Files (x86)Mozilla Firefoxplugin-container.exeC:UserssamDesktopmp3DirectCut.exeC:Program Files (x86)Spyware TerminatorSpywareTerminatorUpdate.exeC:UserssamDownloadsHijackThis.exeC:WindowsSysWOW64NOTEPAD.EXEC:UserssamDesktopHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0809&m=md7811uR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.crawler.com/homepage.aspx?tbid=60446R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0809&m=md7811uR1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0809&m=md7811uR0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htmR1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 192.168.*.**.localR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = R3 - URLSearchHook: Veoh Web Player Toolbar - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:Program Files (x86)Veoh_Web_PlayertbVeoh.dllO1 - Hosts: ::1 localhostO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_printenhancer.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:Program Files (x86)AVGAVG2012avgdtiex.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program Files (x86)AVGAVG2012avgssie.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dllO2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:Program Files (x86)AVG Secure Search10.2.0.3AVG Secure Search_toolbar.dllO2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dllO2 - BHO: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:Program Files (x86)Veoh_Web_PlayertbVeoh.dllO2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dllO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllO3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:Program Files (x86)Veoh NetworksVeoh Video CompassSearchRecsPlugin.dllO3 - Toolbar: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:Program Files (x86)Veoh_Web_PlayertbVeoh.dllO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:Program Files (x86)AVG Secure Search10.2.0.3AVG Secure Search_toolbar.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dllO4 - HKLM..Run: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRunO4 - HKLM..Run: [Camera Assistant Software] "C:Program FilesCamera Assistant Software for Gatewaytraybar.exe"O4 - HKLM..Run: [RemoteControl] "C:Program Files (x86)CyberLinkPowerDVDPDVDServ.exe"O4 - HKLM..Run: [LanguageShortcut] "C:Program Files (x86)CyberLinkPowerDVDLanguageLanguage.exe"O4 - HKLM..Run: [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exeO4 - HKLM..Run: [GrooveMonitor] "C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe"O4 - HKLM..Run: [AppleSyncNotifier] C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exeO4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottimeO4 - HKLM..Run: [spywareTerminator] "C:Program Files (x86)Spyware TerminatorSpywareTerminatorShield.exe"O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"O4 - HKLM..Run: [AVG_TRAY] "C:Program Files (x86)AVGAVG2012avgtray.exe"O4 - HKLM..Run: [vProt] "C:Program Files (x86)AVG Secure Searchvprot.exe"O4 - HKLM..Run: [ROC_roc_dec12] "C:Program Files (x86)AVG Secure SearchROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe"O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exeO4 - HKCU..Run: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /nosplash /minimizedO4 - HKCU..Run: [VeohPlugin] "C:Program Files (x86)Veoh NetworksVeohWebPlayerveohwebplayer.exe"O4 - HKCU..Run: [spywareTerminatorUpdate] "C:Program Files (x86)Spyware TerminatorSpywareTerminatorUpdate.exe"O4 - HKCU..Run: [Google Update] "C:UserssamAppDataLocalGoogleUpdateGoogleUpdate.exe" /cO4 - HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exeO4 - HKCU..Run: [uTorrent] "C:UserssamDesktopuTorrent.exe" /MINIMIZEDO4 - HKCU..Run: [uninstall_CToolbar] "C:UserssamAppDataLocalTempCUninst.exe" "/remove"O4 - HKCU..RunOnce: [FlashPlayerUpdate] C:WindowsSysWOW64MacromedFlashFlashUtil11f_Plugin.exe -update pluginO4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXEO4 - Startup: RCA Detective.lnk = C:UserssamDocumentsRCA DetectiveRCADetective.exeO4 - Global Startup: Bluetooth.lnk = ?O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program Files (x86)HPDigital Imagingbinhpqtra08.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~2MICROS~1Office12EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlO9 - Extra button: @C:Program Files (x86)Windows LiveCompanioncompanionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dllO9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dllO9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:Program Files (x86)AVGAVG2012avgdtiex.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~1Office12REFIEBAR.DLLO9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htmO9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htmO9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dllO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program Files (x86)AVGAVG2012avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLLO18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:Program Files (x86)Common FilesAVG Secure SearchViProtocolInstaller10.2.0ViProtocol.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dllO23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exeO23 - Service: Ati External Event Utility - Unknown owner - C:Windowssystem32Ati2evxx.exe (file missing)O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:Program Files (x86)AVGAVG2012AVGIDSAgent.exeO23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:Program Files (x86)AVGAVG2012avgwdsvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exeO23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)Gateway GamesGateway Game ConsoleGameConsoleService.exeO23 - Service: Google Update Service (gupdate1ca790ddc767a72) (gupdate1ca790ddc767a72) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exeO23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:Program Files (x86)O2Micro Flash Memory Card Drivero2flash.exeO23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:Program Files (x86)Spyware Terminatorsp_rsser.exeO23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater10.2.0ToolbarUpdater.exeO23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)O23 - Service: XAudioService - Unknown owner - C:Windowssystem32DRIVERSxaudio64.exe (file missing)--End of file - 17246 bytes

 

View this thread

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...