1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Help with HijackThis Log

Discussion in 'Virus & Other Malware Removal' started by iwishtoknow, Feb 10, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. iwishtoknow

    iwishtoknow Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    17
    I'm new to the forums and a friend said I should ask for help here since ya'll are just great :) I've been having problems with the computer for a while now. I have SBC Yahoo DSL and have Windows XP on a Sony Vaio PC.
    For a while the computer just slows down extremely and I'm unable to do much on it, Internet connection dies once in a while and even if I use the SBC Self Support Tool it ends up getting disconnected. I use Ad-Aware SE Personal, Spybot - Search & Destroy, and Yahoos security to scan the computer for anything, but sometimes it says that I have nothing, but then the computer does the Error Stop, shuts down and restarts on its own and I don't know how to fix it.
    I'm planning on going to Best Buy's and asking Geek Squad for help, but before I do that I wanted to get Tech Support Guy's opinion on what I can do. I download the HijackThis and here’s the log for it:



    Logfile of HijackThis v1.99.1
    Scan saved at 6:12:22 PM, on 2/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
    C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
    C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLHostManager.exe
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
    C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
    C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=...UktIQTMLB7GSh3H3HUIJFDc2nMiMMtxZnbIRxjLOGBAQ6
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: ngsh35.clsIS - {392BAF48-A26A-45B5-9263-97128E429268} - C:\WINDOWS\system32\ngsh35.dll (file missing)
    O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware347\bin\Starware347.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: Starware347 - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware347\bin\Starware347.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
    O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
    O4 - HKLM\..\Run: [VMConsole.exe] C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe /windowmin
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1130922493\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
    O4 - HKCU\..\Run: [BUILD BLEH] C:\DOCUME~1\huh\APPLIC~1\OOZEFI~1\Media Second.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
    O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130922925421
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148084934718
    O16 - DPF: {7759148D-4C31-44AC-B199-D8079E4C1C72} (DxInfo Control) - http://www.shaiya.com/download/directx_info/DxInfo_sonov_signed.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
    O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
    O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
    O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
     
  2. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Please Download NoLop to your desktop from

    http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item16

    First close any other programs you have running as this will require a reboot
    · Double click NoLop.exe to run it
    · Now click the button labelled "Search and Destroy"
    <<your computer will now be scanned for infected files>>
    · When scanning is finished you will be prompted to reboot only if infected, Click OK
    · Now click the "REBOOT" Button.
    · A Message should popup from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HijackThis log
    --If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program. -
    =========================
    Download Superantispyware (SAS)

    http://www.superantispyware.com/superantispywarefreevspro.html

    Install it and double-click the icon on your desktop to run it.
    · It will ask if you want to update the program definitions, click Yes.
    · Under Configuration and Preferences, click the Preferences button.
    · Click the Scanning Control tab.
    · Under Scanner Options make sure the following are checked:
    o Close browsers before scanning
    o Scan for tracking cookies
    o Terminate memory threats before quarantining.
    o Please leave the others unchecked.
    o Click the Close button to leave the control center screen.
    · On the main screen, under Scan for Harmful Software click Scan your computer.
    · On the left check C:\Fixed Drive.
    · On the right, under Complete Scan, choose Perform Complete Scan.
    · Click Next to start the scan. Please be patient while it scans your computer.
    · After the scan is complete a summary box will appear. Click OK.
    · Make sure everything in the white box has a check next to it, then click Next.
    · It will quarantine what it found and if it asks if you want to reboot, click Yes.
    · To retrieve the removal information for me please do the following:
    o After reboot, double-click the SUPERAntispyware icon on your desktop.
    o Click Preferences. Click the Statistics/Logs tab.
    o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    o It will open in your default text editor (such as Notepad/Wordpad).
    o Please highlight everything in the notepad, then right-click and choose copy.
    · Click close and close again to exit the program.
    · Please paste that information here for me with a new HijackThis log.
     
  3. iwishtoknow

    iwishtoknow Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    17
    Here's the HijackThis Log after the NoLop said it found no infections:

    Logfile of HijackThis v1.99.1
    Scan saved at 7:00:32 PM, on 2/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
    C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
    C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLHostManager.exe
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
    C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
    C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=...UktIQTMLB7GSh3H3HUIJFDc2nMiMMtxZnbIRxjLOGBAQ6
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: ngsh35.clsIS - {392BAF48-A26A-45B5-9263-97128E429268} - C:\WINDOWS\system32\ngsh35.dll (file missing)
    O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware347\bin\Starware347.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: Starware347 - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware347\bin\Starware347.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
    O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
    O4 - HKLM\..\Run: [VMConsole.exe] C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe /windowmin
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1130922493\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
    O4 - HKCU\..\Run: [BUILD BLEH] C:\DOCUME~1\huh\APPLIC~1\OOZEFI~1\Media Second.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
    O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130922925421
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148084934718
    O16 - DPF: {7759148D-4C31-44AC-B199-D8079E4C1C72} (DxInfo Control) - http://www.shaiya.com/download/directx_info/DxInfo_sonov_signed.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
    O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
    O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
    O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE


    I'm doing the Superantispyware next
     
  4. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Do the second half of my post and post the log from nolop
     
  5. iwishtoknow

    iwishtoknow Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    17
    I tried getting the NoLop Log, but I don't know how, I scanned again, it said No infection detected then after I pressed okay, the program closes. I'm not sure what I'm doing wrong sorry, but I was able to get the Superantispyware Log...

    Here's the Superantispyware Log:

    SUPERAntiSpyware Scan Log
    Generated 02/10/2007 at 09:20 PM

    Application Version : 3.5.1016

    Core Rules Database Version : 3182
    Trace Rules Database Version: 1192

    Scan type : Complete Scan
    Total Scan Time : 02:10:32

    Memory items scanned : 478
    Memory threats detected : 0
    Registry items scanned : 6120
    Registry threats detected : 35
    File items scanned : 137364
    File threats detected : 238

    Adware.Starware
    HKLM\Software\Classes\CLSID\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}
    HKCR\CLSID\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}
    HKCR\CLSID\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}
    HKCR\CLSID\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}\InprocServer32
    HKCR\CLSID\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}\InprocServer32#ThreadingModel
    C:\PROGRAM FILES\STARWARE347\BIN\STARWARE347.DLL
    HKLM\Software\Classes\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}
    HKCR\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}
    HKCR\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}
    HKCR\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}\Implemented Categories
    HKCR\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
    HKCR\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}\InprocServer32
    HKCR\CLSID\{4C1CAACF-1788-4613-A840-6BD943D4EE95}\InprocServer32#ThreadingModel
    HKLM\Software\Classes\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}
    HKCR\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}
    HKCR\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}
    HKCR\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}\Implemented Categories
    HKCR\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}\Implemented Categories\{00021494-0000-0000-C000-000000000046}
    HKCR\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}\InprocServer32
    HKCR\CLSID\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14}\InprocServer32#ThreadingModel
    HKLM\Software\Classes\CLSID\{9FB3908C-6565-4CB0-95F8-E9F85258723C}
    HKCR\CLSID\{9FB3908C-6565-4CB0-95F8-E9F85258723C}
    HKCR\CLSID\{9FB3908C-6565-4CB0-95F8-E9F85258723C}
    HKCR\CLSID\{9FB3908C-6565-4CB0-95F8-E9F85258723C}\InprocServer32
    HKCR\CLSID\{9FB3908C-6565-4CB0-95F8-E9F85258723C}\InprocServer32#ThreadingModel
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar#{9FB3908C-6565-4CB0-95F8-E9F85258723C}

    Adware.Tracking Cookie
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected]_6l6d[1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][4].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][3].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][5].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][3].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][4].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][3].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected]_5q6v[1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][1].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt
    C:\Documents and Settings\huh\Cookies\[email protected][2].txt

    Trojan.ESDWindowsIE
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\Implemented Categories
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\InprocServer32
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\InprocServer32#ThreadingModel
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\ProgID
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\Programmable
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\TypeLib
    HKCR\CLSID\{392BAF48-A26A-45B5-9263-97128E429268}\VERSION
    C:\PROGRAM FILES\YAHOO!\YPSR\QUARANTINE\PPQ15.TMP
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP358\A0087862.EXE

    Adware.Unknown Origin
    C:\PROGRAM FILES\COMMON FILES\OFMF\OFMFD\CLASS-BARREL
    C:\PROGRAM FILES\COMMON FILES\OFMF\OFMFD\VOCABULARY
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP343\A0082617.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP344\A0082635.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP344\A0082664.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP346\A0082712.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP347\A0082758.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP348\A0082870.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP349\A0082931.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP350\A0082988.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP351\A0083017.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP352\A0084134.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP352\A0087528.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP353\A0087592.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP353\A0087641.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP354\A0087679.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP356\A0087713.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP357\A0087732.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP357\A0087774.CFG
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP358\A0087851.CFG

    Adware.WhenU
    C:\PROGRAM FILES\MYEMOTICONS_WHENUSAVENOW_INSTALLER\MYEMOTICONS_WHENUSAVENOW_INSTALLER.EXE
     
  6. iwishtoknow

    iwishtoknow Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    17
    Said the message was to long so here's the new HijackThis Log after the Superantispyware:

    Logfile of HijackThis v1.99.1
    Scan saved at 9:30:01 PM, on 2/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
    C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
    C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
    C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
    C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
    C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLHostManager.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Common Files\AOL\1130922493\ee\AOLServiceHost.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=...UktIQTMLB7GSh3H3HUIJFDc2nMiMMtxZnbIRxjLOGBAQ6
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {392BAF48-A26A-45B5-9263-97128E429268} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
    O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
    O4 - HKLM\..\Run: [VMConsole.exe] C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe /windowmin
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1130922493\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
    O4 - HKCU\..\Run: [BUILD BLEH] C:\DOCUME~1\huh\APPLIC~1\OOZEFI~1\Media Second.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
    O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130922925421
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148084934718
    O16 - DPF: {7759148D-4C31-44AC-B199-D8079E4C1C72} (DxInfo Control) - http://www.shaiya.com/download/directx_info/DxInfo_sonov_signed.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
    O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
    O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
    O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
     
  7. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    IE - Block Third party cookies
    1. Click on the Tools button on the Internet Explorer tool bar.
    2. Highlight and click on Internet options at the bottom of the Tools menu.
    3. Select the Privacy Tab of the Internet Options menu.
    4. Select the Advanced... button at the bottom of the screen.
    5. Select override automatic cookie handling button.
    6. To block third party cookies select block under "Third-party cookies".
    7. Select "always allow session cookies".
    8. Click on the OK button at the bottom of the screen.
    ================

    You may want to print this or save it to notepad as we will go to safe mode.

    Fix these with HiJackThis – mark them, close IE, click fix checked

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w...ZnbIRxjLOGBAQ6

    O2 - BHO: (no name) - {392BAF48-A26A-45B5-9263-97128E429268} - (no file)

    O4 - HKCU\..\Run: [BUILD BLEH] C:\DOCUME~1\huh\APPLIC~1\OOZEFI~1\Media Second.exe

    DownLoad http://www.downloads.subratam.org/KillBox.zip or
    http://www.thespykiller.co.uk/files/killbox.exe

    Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

    Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

    C:\DOCUME~1\huh\APPLIC~1\OOZEFI~1

    Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

    START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

    Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

    Not all temp files will delete and that is normal
    Empty the recycle bin
    Boot and post a new hijack log from normal NOT safe mode

    Please give feedback on what worked/didn’t work and the current status of your system
     
  8. iwishtoknow

    iwishtoknow Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    17
    So far I've done the IE - Block Third party cookies and the first part of the HiJackThis, only I couldn't find the
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w...ZnbIRxjLOGBAQ6
    but I did find the other 2. I'm going to start the last part now.

    Okay tried doing the Killbox on Safe mode after downloading it from the http://www.downloads.subratam.org/KillBox.zip
    but all i kept getting was an error message:
    System Error &H800706BA (-2147023174). The RPC server is unavailable.

    I'm going to see if it works by getting it through the
    http://www.thespykiller.co.uk/files/killbox.exe
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
  10. iwishtoknow

    iwishtoknow Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    17
    alright i'm a do that right now, i tried the killbox from the exe link, but got the same message :( will do this new suggestion, thank you so much for the help MFDnSC

    forgot to ask, how do i use explorer to delete that folder? i wouldn't even know how to do that lol

    okay, did the system restore as you said and I removed Killbox from my desktop and i'm still looking if there is any of it left on my comp by using the computer search incase i missed anything.
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/543031

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice