System Hacked Into/Hijacked?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 32 bit
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+, x64 Family 15 Model 107 Stepping 1
Processor Count: 2
RAM: 1981 Mb
Graphics Card: NVIDIA GeForce 6150SE nForce 430, 64 Mb
Hard Drives: C: Total - 228136 MB, Free - 137626 MB; D: Total - 10239 MB, Free - 4299 MB;
Motherboard: Dell Inc., 0RY206
Antivirus: Norton 360, Updated and Enabled

Someone has e-mailed me and suggested my system has been hijacked by them. I did a scan using Loaris Trojan Remover and it reported that I was infected with a worm (Sohanad). System is slow and person who e-mailed me seems to have info that is stored on my system, that only I would know about.

Please Help! Thanks.

Here is the Hijackthis Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:56:52 PM, on 11/18/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\Program Files\Common Files\aol\1262709377\ee\aolsoftware.exe
C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Xfinity.com Toolbar - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll
O2 - BHO: Updater For Xfinity.com Toolbar 3.5 - {e6d0b79e-ecac-411b-8bf6-7a574981af30} - C:\Program Files\xfinitytb\auxi\xfinityAu.dll
O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Xfinity.com Toolbar - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [TMWebProtectTray] "C:\Program Files\Trend Micro\Web Protection Add-On\TMWebProtectTray.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-CHRJ2.exe" /REG /REGSVRMODE
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://icmsweb.starsinc.com/evolv_cs/smsx.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.1.246\SymcPCCULaunchSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.1.246\ccSvcHst.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Web Protection Add-On\TmProxy.exe
O23 - Service: Trend Micro Web Protection Add-On Service (TMWebProtect) - Trend Micro Inc. - C:\Program Files\Trend Micro\Web Protection Add-On\TMWebProtect.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10554 bytes
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
After you received that unsolicited E-mail, did you reply to it and allow someone to remote-access your computer?

-------------------------------------------------------

While I'm reviewing your HiJackThis scan log, do the following:

Start HiJackThis, but don't run a scan.

Click on the "Open The Misc Tools Section" button.

Click on the "Open Uninstall Manager" button.

Click on the "Save List" button.

Save the "uninstall_list.txt" file somewhere.

It'll then open in Notepad.

Return here to your thread, then copy-and-paste the entire file here.

--------------------------------------------------------
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
Start HiJackThis, then click "Do a system scan only".

When the scan is finished, put a checkmark in these log entries:

R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll

R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Xfinity.com Toolbar - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll

O2 - BHO: Updater For Xfinity.com Toolbar 3.5 - {e6d0b79e-ecac-411b-8bf6-7a574981af30} - C:\Program Files\xfinitytb\auxi\xfinityAu.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Xfinity.com Toolbar - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll

O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll

O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)


After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

Close HiJackThis, then restart the computer.

--------------------------------------------------
 

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
The e-mail was not unsolicited -- it's someone I know but not well. I have only been communicating with this person using my YAHOO e-mail account (no IM's just e-mail to this person's g-mail account). This person has recently been e-mailing me suggesting they hacked into/hijacked my system. I have been communicating with this person since about October.
Uninstall log pasted below. THANKS VERY MUCH!

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.5
Advanced SystemCare 5
AOL Install
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bing Rewards Client Installer
Bonjour
Browser Address Error Redirector
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
Comcast Desktop Software (v1.2.0.9)
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
D3DX10
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center
Desktop Doctor
Digital Line Detect
DivX Web Player
Download Updater (AOL LLC)
eMusic Download Manager 4.1.3.1
Funambol Outlook Sync Client 7.2.2
Google Chrome
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Internet Explorer (Enable DEP)
Internet Service Offers Launcher
IObit Malware Fighter
IObit Toolbar v4.8
iTunes
Java(TM) 6 Update 27
Junk Mail filter update
Loaris Trojan Remover 1.2
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
Do the following in the order that I've listed them.

It's going to take you awhile, so I'll check back with you in the morning. (y)

-----------------------------------------------------

Click Start - Run, then type in

%temp%

and then click OK.

Click Start - Run, then type in

c:\windows\temp

and then click OK.

Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

After you're done, restart the computer.

-----------------------------------------------------

Go to Control Panel - Programs And Features, then uninstall:

Advanced SystemCare 5(by IObit)

IObit Malware Fighter

IObit Toolbar 4.8

Loran Trojan Remover 1.2


After they've all been uninstalled, restart the computer.

-----------------------------------------------------

Download and save the free version of

Malwarebytes Anti-Malware 1.51.2.1300

SUPERAntiSpyware 5.0.0.1136

then close all open windows first, then install them.

Make sure to update their definition files during the install process.

After they've been installed, restart the computer.

-----------------------------------------------------

Start Malwarebytes Anti-Malware.

Click "Scanner(tab) - Perform quick scan - Scan".

If infections or problems are found during the scan, the number of them will be highlighted in red.

When the scan is finished, click "Show Results".

Make sure that EVERYTHING is selected, then click "Remove Selected".

If you're prompted to restart to finish the removal process, click "Yes".

Start Malwarebytes Anti-Malware again.

Click "Logs"(tab).

Highlight the scan log entry, then click "Open".

When the scan log appears in Notepad, copy-and-paste it here.

-----------------------------------------------------

Start SUPERAntiSpyware.

Select the "Quick Scan" option, then click "Scan your Computer".

If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

When the scan is finished and the scan summary window appears, click "Continue".

Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

Click "OK - Finish".

If you're prompted to restart to finish the removal process, do so.

Start SUPERAntiSpyware again.

Click "View Scan Logs".

Highlight the scan log entry, then click "View Selected Log".

When the scan log appears in Notepad, copy-and-paste it here.

-----------------------------------------------------
 

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
Hi,
Thanks again for your help. I did everything you said. Below are the Malwarebytes and Superantispyware scan logs you requested. ALSO: I had my computer disconnected from the internet/modem for a few hours after I performed the functions you instructed me to do. When I turned it back on, I had an alert from Norton 360 stating that TWO viruses had been discovered during the idle scan process (THE VIRUSES WERE QUARANTINED). The two viruses that Norton 360 detected were both Trojan.gen.2 contained in c:\users\d\downloads\gmer (1) zip
They did not turn up in the Malwarebytes or Superantispyware scans.
THANKS!

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8191
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
11/18/2011 9:27:56 PM
mbam-log-2011-11-18 (21-27-56).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 327641
Time elapsed: 2 hour(s), 52 minute(s), 45 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/18/2011 at 06:29 PM
Application Version : 5.0.1136
Core Rules Database Version : 7965
Trace Rules Database Version: 5777
Scan type : Quick Scan
Total Scan Time : 00:10:24
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 684
Memory threats detected : 0
Registry items scanned : 30308
Registry threats detected : 0
File items scanned : 7086
File threats detected : 17
Adware.Tracking Cookie
C:\Users\D\AppData\Local\Temp\Cookies\X3AIGT3G.txt [ /mm.chitika.net ]
C:\Users\D\AppData\Local\Temp\Cookies\SEUJETXA.txt [ /at.atwola.com ]
C:\Users\D\AppData\Local\Temp\Cookies\1D0S0NHY.txt [ /cdn.at.atwola.com ]
C:\Users\D\AppData\Local\Temp\Cookies\V82GZIP8.txt [ /adserver.adtechus.com ]
C:\Users\D\AppData\Local\Temp\Cookies\ILRRPF16.txt [ /legolas-media.com ]
C:\Users\D\AppData\Local\Temp\Cookies\B7PO9GZE.txt [ /ar.atwola.com ]
C:\Users\D\AppData\Local\Temp\Cookies\H83TSVVE.txt [ /tacoda.at.atwola.com ]
C:\Users\D\AppData\Local\Temp\Cookies\PRVQYQFE.txt [ /liveperson.net ]
C:\Users\D\AppData\Local\Temp\Cookies\EZWPE364.txt [ /atwola.com ]
C:\Users\D\AppData\Local\Temp\Cookies\IKB52LWP.txt [ /liveperson.net ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\6U9VEIKR.txt [ Cookie:[email protected]/ ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\T5MO5NWD.txt [ Cookie:[email protected]/pagead/conversion/1070847646/ ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\P33R2GPL.txt [ Cookie:[email protected]/ ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\6US8L61N.txt [ Cookie:[email protected]/ ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\RNE1CF5S.txt [ Cookie:[email protected]/ ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\9R0JBHA0.txt [ Cookie:[email protected]/hc/19452074 ]
C:\USERS\D\AppData\Roaming\Microsoft\Windows\Cookies\Low\W0XZTSRV.txt [ Cookie:[email protected]/ ]
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
I need you to follow the below instructions and submit a new "uninstall_list.txt" log.

The first you submitted is incomplete and is missing everything below

Loaris Trojan Remover 1.2

-------------------------------------------------------

Start HiJackThis, but don't run a scan.

Click on the "Open The Misc Tools Section" button.

Click on the "Open Uninstall Manager" button.

Click on the "Save List" button.

Save the "uninstall_list.txt" file somewhere.

It'll then open in Notepad.

Return here to your thread, then copy-and-paste the entire file here.

---------------------------------------------------------
 

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
Here's the uninstall list -- Thanks.

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.5
AOL Install
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bing Rewards Client Installer
Bonjour
Browser Address Error Redirector
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
Comcast Desktop Software (v1.2.0.9)
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
D3DX10
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center
Desktop Doctor
Digital Line Detect
DivX Web Player
Download Updater (AOL LLC)
eMusic Download Manager 4.1.3.1
Funambol Outlook Sync Client 7.2.2
Google Chrome
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Internet Explorer (Enable DEP)
Internet Service Offers Launcher
iTunes
Java(TM) 6 Update 27
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Fix it Center
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft VC9 runtime libraries
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Modem Diagnostic Tool
Mozilla Firefox 8.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
Music, Photos & Videos Launcher
NetWaiting
Norton 360
Norton PC Checkup
NVIDIA Drivers
NVIDIANetworkDiagnostic
OGA Notifier 2.0.0048.0
Product Documentation Launcher
QuickTime
Realtek High Definition Audio Driver
RTC Client API v1.2
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Segoe UI
Sonic Activation Module
SUPERAntiSpyware
Symantec Technical Support Web Controls
Trend Micro Web Protection Add-On
TweakNow PowerPack 2011
TweakNow SecureDelete
Uninstall AOL Emergency Connect Utility 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Messenger
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Center
Windows Mobile Device Center Driver Update
WinPcap 4.1.1
Xfinity.com Toolbar 3.5
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
You haven't advised me if you completed the instructions in post #3.

---------------------------------------------------------

Let me review your now-complete "uninstall_list.txt" log, then I'll get back to you.

--------------------------------------------------------
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
Go to Control Panel - Programs And Features, then uninstall:

Bing Bar

CCleaner
(unless you REALLY know how to use it safely)

Google Toolbar For Internet Explorer(unless you actually need and use it)

Microsoft Default Manager

TweakNow PowerPack 2011

TweakNow SecureDelete

Viewpoint Media Player

Xfinity.com Toolbar


Note: Stay away from cleaner/optimizer/booster/tuneup/tweak type programs, especially the ones that "fix" and "clean" the registry. They do little-to-nothing to improve speed, but what they can do is damage Windows and some of your programs.

-----------------------------------------------------------------------------------

Adobe Shockwave Player 11.5 needs to be updated to Adobe Shockwave Player 11.6.3.633

Java(TM) 6 Update 27 needs to be updated to Java Runtime Environment 6 Update 29

Mozilla Firefox 8.0 needs to be updated to Mozilla Firefox 8.0.1

-----------------------------------------------------------------------------------
 

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
Hi, Yes completed all of the previous steps. I'm now going to uninstall the programs you advised me to. Thanks
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,728
Advise me when you're completely done with post #11.

-------------------------------------------------------
 

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
I could not locate microsoft definition manager but uninstalled the rest of them
 

dramstad

Thread Starter
Joined
Nov 18, 2011
Messages
68
MS DEFAULT Manager was not on uninstall list but did show up when I searched in start menu ... should I uninstall from here?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top