1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Norton 360 Popup Email Errors Logs Posted

Discussion in 'Virus & Other Malware Removal' started by fishnrap, Jan 11, 2011.

Thread Status:
Not open for further replies.
  1. fishnrap

    fishnrap Thread Starter

    Joined:
    Jan 11, 2011
    Messages:
    2
    I installed Norton 360 and it removed several trojens from my system. One day after installing, I started getting error pop ups. The heading on them is norton 360, followed with a big red X Email Error, each error is for a different reason and the from and to address are also different. The subject line seems to mostly be about viagra. The email system, Outlook Express, does not have to be open for this to occur. When you click ok on one, it goes away and another appears in a never endless fashion. It seems something is trying to send this spam using my computer.

    Computer Info:
    Tech Support Guy System Info Utility version 1.0.0.1
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz, x86 Family 15 Model 2 Stepping 9
    Processor Count: 1
    RAM: 1535 Mb
    Graphics Card: NVIDIA GeForce FX 5200 , 128 Mb
    Hard Drives: C: Total - 305242 MB, Free - 265402 MB;
    Motherboard: Dell Computer Corp., 0GH001, , ..CN481113A900QP.
    Antivirus: Norton 360, Updated: Yes, On-Demand Scanner: Enabled
    Highjackthis.log
    Logfile of HijackThis v1.99.1
    Scan saved at 8:03:11 PM, on 1/10/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Weldy\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
    C:\Program Files\hijackthis\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.1.0.32\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Weldy\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} -
    O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} (VersionControl Class) - http://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/wuweb_site.cab?1260679939334
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1260679916444
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/install/gtdownde.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15105/CTPID.cab
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
    O20 - Winlogon Notify: PFW - UmxWnp.Dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CCALib8 - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: GoToAssist - Unknown owner - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe" Start=service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton 360 (N360) - Unknown owner - C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe" /s "N360" /m "C:\Program Files\Norton 360\Engine\4.1.0.32\diMaster.dll" /prefetch:1 (file missing)
    O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    DD.txt Log:

    DDS (Ver_10-12-12.01) - NTFSx86
    Run by Weldy at 20:05:23.28 on Mon 01/10/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.719 [GMT -5:00]
    AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton 360 *Enabled*
    ============== Running Processes ===============
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Weldy\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\system32\svchost.exe -k HPService
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Documents and Settings\Weldy\Desktop\dds.pif
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://www.yahoo.com/
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uInternet Settings,ProxyOverride = *.local
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Octoshape Streaming Services] "c:\documents and settings\weldy\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [CTDVDDet] c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDet.EXE
    mRun: [BCMSMMSG] BCMSMMSG.exe
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    uPolicies-explorer: NoThumbnailCache = 1 (0x1)
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    ============= SERVICES / DRIVERS ===============

    =============== Created Last 30 ================
    2011-01-11 00:26:17 20 ----a-w- c:\windows\system32\drivers\SMR161.dat
    2011-01-11 00:26:13 76920 ----a-w- c:\windows\system32\drivers\SMR161.SYS
    2011-01-10 23:20:59 -------- d-----w- c:\docume~1\weldy\applic~1\SUPERAntiSpyware.com
    2011-01-10 23:20:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
    2011-01-10 23:20:45 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-01-10 20:54:04 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2011-01-10 20:54:04 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2011-01-10 20:54:04 -------- d-----w- c:\program files\Symantec
    2011-01-10 20:54:04 -------- d-----w- c:\program files\common files\Symantec Shared
    2011-01-10 20:53:54 501888 ----a-w- c:\windows\system32\drivers\n360\0401000.020\cchpx86.sys
    2011-01-10 20:53:54 43696 ----a-w- c:\windows\system32\drivers\n360\0401000.020\srtspx.sys
    2011-01-10 20:53:54 362032 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symtdi.sys
    2011-01-10 20:53:54 340016 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symtdiv.sys
    2011-01-10 20:53:54 328752 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symds.sys
    2011-01-10 20:53:54 325680 ----a-w- c:\windows\system32\drivers\n360\0401000.020\srtsp.sys
    2011-01-10 20:53:54 172592 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symefa.sys
    2011-01-10 20:53:54 116784 ----a-w- c:\windows\system32\drivers\n360\0401000.020\ironx86.sys
    2011-01-10 20:53:33 -------- d-----w- c:\windows\system32\drivers\n360\0401000.020
    2011-01-10 20:53:07 -------- d-----w- c:\windows\system32\drivers\N360
    2011-01-10 20:53:03 -------- d-----w- c:\program files\Norton 360
    2011-01-10 20:50:24 -------- d-----w- c:\program files\NortonInstaller
    2011-01-10 20:28:35 -------- d-----w- c:\docume~1\weldy\locals~1\applic~1\NPE
    2011-01-10 18:35:08 -------- d-----w- c:\docume~1\weldy\applic~1\Tific
    2011-01-09 19:51:26 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{7c27d9be-78f8-4665-a35b-8c7e3adab4d6}\mpengine.dll
    2011-01-09 19:32:59 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
    2011-01-09 19:32:48 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
    2011-01-09 19:32:48 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2011-01-09 19:32:45 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
    2011-01-09 19:06:25 -------- d-----w- c:\docume~1\weldy\locals~1\applic~1\Octoshape
    2011-01-09 19:05:06 45568 -c----w- c:\windows\system32\dllcache\wab.exe
    2011-01-09 17:36:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
    2011-01-09 17:31:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
    ==================== Find3M ====================
    2011-01-09 17:12:42 0 ----a-w- c:\windows\Unehoxoqiraceve.bin
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
    2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
    2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
    ============= FINISH: 20:06:33.89 ===============

    Attach.txt Log:


    DDS (Ver_10-12-12.01) - NTFSx86
    Run by Weldy at 20:05:23.28 on Mon 01/10/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.719 [GMT -5:00]
    AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton 360 *Enabled*
    ============== Running Processes ===============
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Weldy\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\system32\svchost.exe -k HPService
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Documents and Settings\Weldy\Desktop\dds.pif
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://www.yahoo.com/
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uInternet Settings,ProxyOverride = *.local
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Octoshape Streaming Services] "c:\documents and settings\weldy\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [CTDVDDet] c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDet.EXE
    mRun: [BCMSMMSG] BCMSMMSG.exe
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    uPolicies-explorer: NoThumbnailCache = 1 (0x1)
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    ============= SERVICES / DRIVERS ===============

    =============== Created Last 30 ================
    2011-01-11 00:26:17 20 ----a-w- c:\windows\system32\drivers\SMR161.dat
    2011-01-11 00:26:13 76920 ----a-w- c:\windows\system32\drivers\SMR161.SYS
    2011-01-10 23:20:59 -------- d-----w- c:\docume~1\weldy\applic~1\SUPERAntiSpyware.com
    2011-01-10 23:20:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
    2011-01-10 23:20:45 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-01-10 20:54:04 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2011-01-10 20:54:04 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2011-01-10 20:54:04 -------- d-----w- c:\program files\Symantec
    2011-01-10 20:54:04 -------- d-----w- c:\program files\common files\Symantec Shared
    2011-01-10 20:53:54 501888 ----a-w- c:\windows\system32\drivers\n360\0401000.020\cchpx86.sys
    2011-01-10 20:53:54 43696 ----a-w- c:\windows\system32\drivers\n360\0401000.020\srtspx.sys
    2011-01-10 20:53:54 362032 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symtdi.sys
    2011-01-10 20:53:54 340016 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symtdiv.sys
    2011-01-10 20:53:54 328752 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symds.sys
    2011-01-10 20:53:54 325680 ----a-w- c:\windows\system32\drivers\n360\0401000.020\srtsp.sys
    2011-01-10 20:53:54 172592 ----a-r- c:\windows\system32\drivers\n360\0401000.020\symefa.sys
    2011-01-10 20:53:54 116784 ----a-w- c:\windows\system32\drivers\n360\0401000.020\ironx86.sys
    2011-01-10 20:53:33 -------- d-----w- c:\windows\system32\drivers\n360\0401000.020
    2011-01-10 20:53:07 -------- d-----w- c:\windows\system32\drivers\N360
    2011-01-10 20:53:03 -------- d-----w- c:\program files\Norton 360
    2011-01-10 20:50:24 -------- d-----w- c:\program files\NortonInstaller
    2011-01-10 20:28:35 -------- d-----w- c:\docume~1\weldy\locals~1\applic~1\NPE
    2011-01-10 18:35:08 -------- d-----w- c:\docume~1\weldy\applic~1\Tific
    2011-01-09 19:51:26 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{7c27d9be-78f8-4665-a35b-8c7e3adab4d6}\mpengine.dll
    2011-01-09 19:32:59 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
    2011-01-09 19:32:48 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
    2011-01-09 19:32:48 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2011-01-09 19:32:45 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
    2011-01-09 19:06:25 -------- d-----w- c:\docume~1\weldy\locals~1\applic~1\Octoshape
    2011-01-09 19:05:06 45568 -c----w- c:\windows\system32\dllcache\wab.exe
    2011-01-09 17:36:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
    2011-01-09 17:31:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
    ==================== Find3M ====================
    2011-01-09 17:12:42 0 ----a-w- c:\windows\Unehoxoqiraceve.bin
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
    2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
    2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
    ============= FINISH: 20:06:33.89 ===============

    ark.txt Log:

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-11 00:25:01
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 ST3320613AS rev.CC2F
    Running: 429dczpg.exe; Driver: C:\DOCUME~1\Weldy\LOCALS~1\Temp\ufryyaow.sys

    ---- System - GMER 1.0.15 ----
    SSDT 89F49B00 ZwAlertResumeThread
    SSDT 89F495F0 ZwAlertThread
    SSDT 89D9BD88 ZwAllocateVirtualMemory
    SSDT 89F3BEB0 ZwAssignProcessToJobObject
    SSDT 89DD30B0 ZwConnectPort
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xB03BB210] <-- ROOTKIT !!!
    SSDT 89F4AFC0 ZwCreateMutant
    SSDT 89F867B0 ZwCreateSymbolicLinkObject
    SSDT 8A0855C0 ZwCreateThread
    SSDT 89F3BF90 ZwDebugActiveProcess
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xB03BB490] <-- ROOTKIT !!!
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xB03BB9F0] <-- ROOTKIT !!!
    SSDT 89D9B968 ZwDuplicateObject
    SSDT 89D9AA18 ZwFreeVirtualMemory
    SSDT 8A036F28 ZwImpersonateAnonymousToken
    SSDT 89F49A20 ZwImpersonateThread
    SSDT 89FBB6C8 ZwLoadDriver
    SSDT 8A092008 ZwMapViewOfSection
    SSDT 89F4AEE0 ZwOpenEvent
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwOpenKey [0xB03BB7A0] <-- ROOTKIT !!!
    SSDT 89D9CAC8 ZwOpenProcess
    SSDT 89D9BE78 ZwOpenProcessToken
    SSDT 8A035EB0 ZwOpenSection
    SSDT 89D9BA58 ZwOpenThread
    SSDT 89FD7A00 ZwProtectVirtualMemory
    SSDT 89F496B0 ZwResumeThread
    SSDT 89D9A4C0 ZwSetContextThread
    SSDT 89D9A6A8 ZwSetInformationProcess
    SSDT 89E27B40 ZwSetSystemInformation
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xB03BBC40] <-- ROOTKIT !!!
    SSDT 8A035F90 ZwSuspendProcess
    SSDT 89F491C0 ZwSuspendThread
    SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB020A620] <-- ROOTKIT !!!
    SSDT 89F49280 ZwTerminateThread
    SSDT 89D9A798 ZwUnmapViewOfSection
    SSDT 89D9AC40 ZwWriteVirtualMemory
    ---- Kernel code sections - GMER 1.0.15 ----
    .text jcdadbrl.sys F740300E 4 Bytes JMP F7404A09 jcdadbrl.sys
    .text jcdadbrl.sys F7403013 65 Bytes JMP F7403D7D jcdadbrl.sys
    .text jcdadbrl.sys F7403055 68 Bytes CALL F7404FF4 jcdadbrl.sys
    .text jcdadbrl.sys F740309A 200 Bytes [D0, C9, F9, 8A, 4D, 02, F5, ...]
    .text jcdadbrl.sys F7403163 7 Bytes [66, 89, 0C, 24, E8, B6, 0A]
    .text ...
    ? C:\WINDOWS\system32\drivers\jcdadbrl.sys A device attached to the system is not functioning.
    ? SYMDS.SYS The system cannot find the file specified. !
    ? SYMEFA.SYS The system cannot find the file specified. !
    PAGE Ntfs.sys BA781E55 4 Bytes CALL 8A234461
    .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9B8C340, 0xFD75F, 0xF8000020]
    .text C:\WINDOWS\System32\nv4_disp.dll section is writeable [0xBF012300, 0x2342C0, 0xF8000020]
    ? C:\DOCUME~1\Weldy\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !
    ---- User code sections - GMER 1.0.15 ----
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[376] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD145 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254696 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3264] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E5370 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    ---- User IAT/EAT - GMER 1.0.15 ----
    IAT C:\Program Files\Internet Explorer\iexplore.exe[3264] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
    ---- Devices - GMER 1.0.15 ----
    Device 8A258E00
    Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
    Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
    AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
    AttachedDevice FLTMGR.SYS (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    ---- Services - GMER 1.0.15 ----
    Service (*** hidden *** ) [BOOT] jcdadbrl <-- ROOTKIT !!!
    ---- Registry - GMER 1.0.15 ----
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{065EC2E5-38EE-7C49-5DA8-72D6F91B1D97}
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{065EC2E5-38EE-7C49-5DA8-72D6F91B1D97}@oadjjkfcaojopegdpnbokfodcfpjoh 0x64 0x61 0x64 0x64 ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{065EC2E5-38EE-7C49-5DA8-72D6F91B1D97}@oapjjilbccindlmmfkjafjikfacike 0x69 0x61 0x6F 0x63 ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{065EC2E5-38EE-7C49-5DA8-72D6F91B1D97}@najkllefpondkjebkhefjgemifhl 0x6A 0x61 0x65 0x64 ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A50EB32-66C0-13C9-CF1F-C17B4074808F}
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A50EB32-66C0-13C9-CF1F-C17B4074808F}@oaamkbikacjoeolmmpeobdifgambdk 0x64 0x61 0x61 0x6B ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A50EB32-66C0-13C9-CF1F-C17B4074808F}@oamkkfhkfegofipabchohknpbkjcbb 0x6A 0x61 0x6C 0x6A ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A50EB32-66C0-13C9-CF1F-C17B4074808F}@naokahccbbnocaifcccnekfoggmj 0x6A 0x61 0x62 0x6B ...
    ---- EOF - GMER 1.0.15 ----
     
  2. fishnrap

    fishnrap Thread Starter

    Joined:
    Jan 11, 2011
    Messages:
    2
    Used the Utility, hitmanpro.exe to remove the problem
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/973935

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice