i need help(RESOLVED)

pinkangel · #1 (**permalink**) 04-06-2006, 02:39 AM

Hi everyone! hope someone can help me, i'm having problems with my pc and internet running so slowly, boot up takes ages, internet explorer takes ages to load up and so do any programmes i want to open. i have run spybot,adaware,mcafee antivirus and spyware but after a reboot things are just as slow, idon't know what is going on as it was great a day ago. here is a hijack this scan..

Logfile of HijackThis v1.97.7
Scan saved at 02:11:53, on 04/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\Explorer.EXE
d:\progra~1\mcafee\mcafee antispyware\massrv.exe
d:\program files\mcafee.com\agent\mcdetect.exe
d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
D:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
D:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
D:\WINDOWS\system32\pctspk.exe
d:\program files\mcafee.com\agent\mcagent.exe
d:\progra~1\mcafee.com\vso\mcvsescn.exe
D:\WINDOWS\System32\svchost.exe
D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
D:\progra~1\mcafee\MCAFEE~1\masalert.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe
D:\PROGRA~1\McAfee.com\PERSON~1\Mp***ent.exe
D:\Program Files\MRU-Blaster\scheduler.exe
D:\Program Files\Winamp\winamp.exe
d:\progra~1\mcafee.com\vso\mcvsftsn.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\XoftSpy\XoftSpy.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Gill\Angel's Documents\Downloads\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.co.uk/iesearch/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - d:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Fellowes Proxy] D:\WINDOWS\System32\r3proxy.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus1.exe"
O4 - HKLM\..\Run: [MPFExe] D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] d:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] d:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "D:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] D:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] D:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [_AntiSpyware] d:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PromptCast] D:\Program Files\PromptCast\PromptCast.exe
O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe /START
O4 - HKLM\..\RunOnce: [MRUBlaster] D:\Program Files\MRU-Blaster\indexcleaner.exe -CC
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O8 - Extra context menu item: &eBay Search - res://D:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download all by Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://D:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AOL Toolbar (HKLM)
O9 - Extra 'Tools' menuitem: AOL Toolbar (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {5554A026-7282-4C11-A8F1-652D0599CD02} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d...OPE_SILENT.cab
O16 - DPF: {77DD44BF-551D-4E3C-82CD-D637D5018D3C} - http://www.surveys.com/promptcast/In...ST%20SETUP.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/r...allCabinet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://spinpalace.microgaming.com/freeplay/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

i know some or alot of thing shouldn't be there but i don't know what, help will be greatly appreciated..

Neal · #2 (**permalink**) 04-06-2006, 04:18 AM

Welcome to DAL,

It looks like part of hijackthis log got cut off please re-post it please.

Also...

Please download, install, and update the NEW free version of Ewido trojan scanner:

When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".

When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

From the main ewido screen, click on update in the left menu, then click the Start update button.

After the update finishes (the status bar at the bottom will display "Update successful")

Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.

If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.

When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.

Post the log Ewido makes back here please and a new hijackthis log. Thanks.

Go here http://www.bitdefender.com/scan8/ie.html and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan" and grab a coffee.

When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop. Then click on the saved file and allow it to open with your browser. Go to Edit - Select All then copy/paste that log back here. Post back and let us know what it found (post the log).

And post a new HJT log also..

pinkangel · #3 (**permalink**) 04-06-2006, 12:18 PM

Thanks for your reply neal.. here is my hijack this log it's a bit longer this time..
now i'm off to do what you said and i'll post the logs when i can.

Logfile of HijackThis v1.99.1
Scan saved at 12:13:31, on 04/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\Explorer.EXE
d:\progra~1\mcafee\mcafee antispyware\massrv.exe
d:\program files\mcafee.com\agent\mcdetect.exe
d:\PROGRA~1\mcafee.com\vso\mcshield.exe
d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
d:\PROGRA~1\mcafee.com\vso\OasClnt.exe
D:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
D:\WINDOWS\System32\oodag.exe
d:\progra~1\mcafee.com\vso\mcvsescn.exe
D:\WINDOWS\system32\pctspk.exe
d:\program files\mcafee.com\agent\mcagent.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\MessengerPlus! 3\MsgPlus1.exe
D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
D:\progra~1\mcafee\MCAFEE~1\masalert.exe
D:\Program Files\PromptCast\PromptCast.exe
D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe
D:\Program Files\MRU-Blaster\scheduler.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\McAfee.com\PERSON~1\Mp***ent.exe
D:\Documents and Settings\Angel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.co.uk/iesearch/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - d:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Fellowes Proxy] D:\WINDOWS\System32\r3proxy.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus1.exe"
O4 - HKLM\..\Run: [MPFExe] D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] d:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] D:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "D:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] D:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] D:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [_AntiSpyware] d:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\RunOnce: [MRUBlaster] D:\Program Files\MRU-Blaster\indexcleaner.exe -CC
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PromptCast] D:\Program Files\PromptCast\PromptCast.exe
O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe /START
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O8 - Extra context menu item: &eBay Search - res://D:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download all by Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://D:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {5554A026-7282-4C11-A8F1-652D0599CD02} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d...OPE_SILENT.cab
O16 - DPF: {77DD44BF-551D-4E3C-82CD-D637D5018D3C} - http://www.surveys.com/promptcast/In...ST%20SETUP.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/r...allCabinet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://spinpalace.microgaming.com/freeplay/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: gdiwxp - gdiwxp.dll (file missing)
O20 - Winlogon Notify: intel3 - intel3.dll (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - d:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - d:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - d:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - D:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - D:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\System32\oodag.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe
O23 - Service: StyleXPService - Unknown owner - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Neal · #4 (**permalink**) 04-06-2006, 06:55 PM

Thanks for the log and will be watching for the others.

pinkangel · #5 (**permalink**) 04-06-2006, 07:14 PM

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 18:50:56, 04/06/2006
+ Report-Checksum: 5D2B4EEB

+ Scan result:

D:\BitLord Downloads\LimeWire Pro 4.9.29 Latest\setup.exe -> Trojan.KillAV.gf : Cleaned with backup

::Report End

Logfile of HijackThis v1.99.1
Scan saved at 19:12:12, on 04/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\Explorer.EXE
d:\progra~1\mcafee\mcafee antispyware\massrv.exe
d:\program files\mcafee.com\agent\mcdetect.exe
d:\PROGRA~1\mcafee.com\vso\mcshield.exe
d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
d:\PROGRA~1\mcafee.com\vso\OasClnt.exe
D:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
D:\WINDOWS\System32\oodag.exe
d:\progra~1\mcafee.com\vso\mcvsescn.exe
D:\WINDOWS\system32\pctspk.exe
d:\program files\mcafee.com\agent\mcagent.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\MessengerPlus! 3\MsgPlus1.exe
D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
D:\progra~1\mcafee\MCAFEE~1\masalert.exe
D:\Program Files\PromptCast\PromptCast.exe
D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe
D:\Program Files\MRU-Blaster\scheduler.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\McAfee.com\PERSON~1\Mp***ent.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
d:\progra~1\mcafee.com\vso\mcvsftsn.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\Angel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.co.uk/iesearch/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - d:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Fellowes Proxy] D:\WINDOWS\System32\r3proxy.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus1.exe"
O4 - HKLM\..\Run: [MPFExe] D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] d:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] d:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "D:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] D:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] D:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [_AntiSpyware] d:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\RunOnce: [MRUBlaster] D:\Program Files\MRU-Blaster\indexcleaner.exe -CC
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PromptCast] D:\Program Files\PromptCast\PromptCast.exe
O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe /START
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O8 - Extra context menu item: &eBay Search - res://D:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download all by Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://D:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {5554A026-7282-4C11-A8F1-652D0599CD02} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d...OPE_SILENT.cab
O16 - DPF: {77DD44BF-551D-4E3C-82CD-D637D5018D3C} - http://www.surveys.com/promptcast/In...ST%20SETUP.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/r...allCabinet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://spinpalace.microgaming.com/freeplay/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: gdiwxp - gdiwxp.dll (file missing)
O20 - Winlogon Notify: intel3 - intel3.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - d:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - d:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - d:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - D:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - D:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\System32\oodag.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe
O23 - Service: StyleXPService - Unknown owner - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

going to do the bitdefender scan now, i'll post the result later.. thanks for helping

Neal · #6 (**permalink**) 04-06-2006, 07:18 PM

okey dokey

pinkangel · #7 (**permalink**) 05-06-2006, 01:39 AM

BitDefender Online Scanner

Scan report generated at: Mon, Jun 05, 2006 - 01:12:59

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time
05:40:02

Files
403548

Folders
7787

Boot Sectors
4

Archives
5790

Packed Files
15165

Results

Identified Viruses
7

Infected Files
11

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
11

Engines Info

Virus Definitions
386449

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
40

Unpack plugins
4

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\Gill\Angel's Documents\Downloads\MsgPlus-301.exe
Infected with: Trojan.Swizzor.DP

C:\Documents and Settings\Gill\Angel's Documents\Downloads\MsgPlus-301.exe
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\MsgPlus-301.exe
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe=>wise0018
Infected with: Trojan.Dloader.HK

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe=>wise0018
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe=>wise0018
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe
Update failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe=>wise0019
Infected with: Dropped:Application.Adware.NewDotNet.A

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe=>wise0019
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe=>wise0019
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\68907.exe
Update failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0019
Infected with: Trojan.Dloader.HK

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0019
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0019
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe
Update failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0020
Infected with: Dropped:Application.Adware.NewDotNet.A

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0020
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0020
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe
Update failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0021
Infected with: Dropped:Application.ProcKill.Jk

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0021
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe=>wise0021
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\66429.exe
Update failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe=>wise0018
Infected with: Trojan.Dloader.HK

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe=>wise0018
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe=>wise0018
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe
Update failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe=>wise0019
Infected with: Dropped:Application.Adware.NewDotNet.A

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe=>wise0019
Disinfection failed

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe=>wise0019
Deleted

C:\Documents and Settings\Gill\Angel's Documents\Downloads\75712.exe
Update failed

D:\Documents and Settings\Angel\My Documents\Downloads\ScreenSavers\dolphinfree.exe=> wise0059
Detected with: Application.Adware.NewDotNet.Dropper

D:\Documents and Settings\Angel\My Documents\Downloads\ScreenSavers\dolphinfree.exe=> wise0059
Deleted

D:\Documents and Settings\Angel\My Documents\Downloads\ScreenSavers\dolphinfree.exe
Update failed

D:\Documents and Settings\Angel\My Documents\Downloads\ScreenSavers\dolphinfree.exe=> wise0060
Detected with: Application.Adware.NewDotNet.B.Dropper

D:\Documents and Settings\Angel\My Documents\Downloads\ScreenSavers\dolphinfree.exe=> wise0060
Deleted

D:\Documents and Settings\Angel\My Documents\Downloads\ScreenSavers\dolphinfree.exe
Update failed

D:\WINDOWS\system32\gdiw2k.sys
Infected with: Trojan.Spy.Goldun.DJ

D:\WINDOWS\system32\gdiw2k.sys
Disinfection failed

D:\WINDOWS\system32\gdiw2k.sys
Deleted

when the scan had finished it said my pc is still infected,bitdefender is great to find all of them after programmes i tried didn't..

new hjt log:

Logfile of HijackThis v1.99.1
Scan saved at 01:33:51, on 05/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\Explorer.EXE
d:\progra~1\mcafee\mcafee antispyware\massrv.exe
d:\program files\mcafee.com\agent\mcdetect.exe
d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
D:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
D:\WINDOWS\System32\oodag.exe
d:\progra~1\mcafee.com\vso\mcvsescn.exe
D:\WINDOWS\system32\pctspk.exe
d:\program files\mcafee.com\agent\mcagent.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\MessengerPlus! 3\MsgPlus1.exe
D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
D:\progra~1\mcafee\MCAFEE~1\masalert.exe
D:\Program Files\PromptCast\PromptCast.exe
D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe
D:\Program Files\MRU-Blaster\scheduler.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\McAfee.com\PERSON~1\Mp***ent.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
d:\progra~1\mcafee.com\vso\mcvsftsn.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Outlook Express\msimn.exe
d:\PROGRA~1\mcafee.com\vso\mcshield.exe
d:\PROGRA~1\mcafee.com\vso\OasClnt.exe
D:\Documents and Settings\Angel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.co.uk/iesearch/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - D:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - d:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Fellowes Proxy] D:\WINDOWS\System32\r3proxy.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus1.exe"
O4 - HKLM\..\Run: [MPFExe] D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] d:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] d:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "D:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] D:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] D:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [_AntiSpyware] d:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\RunOnce: [MRUBlaster] D:\Program Files\MRU-Blaster\indexcleaner.exe -CC
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PromptCast] D:\Program Files\PromptCast\PromptCast.exe
O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] D:\Program Files\McAfee\McAfee QuickClean\Plguni.exe /START
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O8 - Extra context menu item: &eBay Search - res://D:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download all by Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://D:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?ea0ef7f7ca9d4fc18a76d30ae86cba25
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {5554A026-7282-4C11-A8F1-652D0599CD02} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d...OPE_SILENT.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {77DD44BF-551D-4E3C-82CD-D637D5018D3C} - http://www.surveys.com/promptcast/In...ST%20SETUP.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/r...allCabinet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://spinpalace.microgaming.com/freeplay/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: gdiwxp - gdiwxp.dll (file missing)
O20 - Winlogon Notify: intel3 - intel3.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - d:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - d:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - d:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - d:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - D:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - D:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\System32\oodag.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe
O23 - Service: StyleXPService - Unknown owner - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Neal · #8 (**permalink**) 05-06-2006, 06:18 PM

HI,

Open Hijackthis.

Click the "Open the Misc Tools" section Button.

Click the "Open Uninstall Manager" Button.

Click the "Save list..." Button.

Save it to your desktop. Copy and paste the contents into your reply.

http://www.kaspersky.com/virusscanner

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

* The program will launch and then begin downloading the latest definition files:
* Once the files have been downloaded click on NEXT
* Now click on Scan Settings
* In the scan settings make sure that the following are selected:
o Scan using the following Anti-Virus database:
- Extended (if available otherwise Standard)
o Scan Options:
- Scan Archives
- Scan Mail Bases
* Click OK
*Now under select a target to scan:
o Select My Computer
* This program will start and scan your system.
* The scan will take a while so be patient and let it run.
* Once the scan is complete it will display if your system has been infected.
o Now click on the Save as Text button:
* Save the file to your desktop.
* Copy and paste that information in your next post.

pinkangel · #9 (**permalink**) 05-06-2006, 08:18 PM

Hello!
here is the list u asked for..

1Click DVD Copy 4.2.9.2
AC3Filter (remove only)
Ad-Aware SE Professional
Adensoft Audio MP3 Converter 1.0
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0.7
afreeCodecVT
AVG Anti-Virus 7.0
AVI & MPEG Splitter 1.48
Big Fish Games Toolbar
Boggle Supreme
Brave Dwarves Back For Treasures
Cake Mania
CCleaner (remove only)
Charm Tale
DivX
DivX Player
DriverGuide Toolkit
DVD Decrypter (Remove Only)
DVD Identifier
DVD Region+CSS Free 5.9.5.2
DVD Shrink 3.2
DVD43 v3.7.0
DVDFab Platinum 2.9.5.2
EasyPoint Mouse Software
eBay Toolbar
ewido anti-malware
Final Fantasy VII - Ultima Edition
Fish Tycoon
Free Download Manager 1.9
Gold Miner Special Edition
Gold Miner Vegas (remove only)
Google Talk (remove only)
Google Toolbar for Internet Explorer
Granny in Paradise
GSpot Codec Information Appliance
HijackThis 1.99.1
ICQ Toolbar
ICQ 5
InCD EasyWrite Reader
Insaniquarium Deluxe 1.0
InterVideo MP3 + DVD XPack
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
K-Lite Codec Pack 2.65 Full
Lexmark Skin: Kids
Lexmark Skin: Nature TV1
Lexmark Skin: PotatoSkin
Lexmark X1100 Series
LifeGlobe Goldfish Aquarium
LifeGlobe Sharks, Terrors of the Deep
LimeWire PRO 4.11.0
LiveUpdate
Macromedia Flash Player 8
Macromedia Shockwave Player
Magic Match
Mah Jong Adventures
Mahjong Garden To Go
Mahjong Halloween
Mahjong Quest
Mahjong Towers Eternity
MahJongg Fortuna Deluxe
McAfee AntiSpyware
McAfee Personal Firewall Plus
McAfee QuickClean 6.0
McAfee SecurityCenter
McAfee VirusScan
Messenger Plus! 3 & Sponsor
Microsoft .NET Framework 1.1
Microsoft Bootvis
Microsoft Office Excel Viewer 2003
Microsoft XML Parser and SDK
Mirror Magic
MRU-Blaster v1.5 (Database 3/28/2004)
Mystery Case Files - Prime Suspects (remove only)
Mystery Case Files Huntsville
Nero 6 Ultra Edition
Nero Reloaded PlugIn Pack 2.0.4 by GEAR
Nero Suite
Nic's XviD Decoder
O&O Defrag Professional Edition
P.I.E. Patch
PC Booster
PC Pitstop Optimize 1.0t
PeerGuardian 2.0
Plantasia
PlayOnline Viewer and Tetra Master
Popup Blocker (Windows Live Toolbar)
PromptCast
QuickTime
RealPlayer
Registry Mechanic 5.0
S3Display
S3Gamma2
S3Info2
S3Overlay
Saints & Sinners Bingo
Samsung Music Studio
Samsung PC Studio 2.1
Samsung USB Driver (MCCI 4.24)
Sandlot Games Client Services
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
SereneScreen Marine Aquarium 2
SereneScreen Marine Aquarium Time 2
SpeedFan (remove only)
SpeedTouch USB Software
Spybot - Search & Destroy 1.4
StartupMonitor
StyleXP (remove only)
Super TextTwist
Tabbed Browsing (Windows Live Toolbar)
Themexp.org File
TMPGEnc Plus 2.5
Ultimate Mahjong Demo
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Wanadoo Search Toolbar
Winamp (remove only)
Window Washer
Windows Driver Package - MSN (usbccgp) USB (04/19/2006 1.1.0.2)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Toolbar MSN Extension (Windows Live Toolbar)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinZip
WinZip Self-Extractor
Wonderland Secret Worlds
Word Search Deluxe
XoftSpy
XP Codec Pack
XviD MPEG-4 Video Codec
Yahoo! Install Manager
Yahoo! Messenger with BT Communicator
YP-T4

the kaspersky online virus scan is running now,i'll post the result when it's finished..hope this finds whatever is slowing my pc down.it's driving me crazy..

Neal · #10 (**permalink**) 05-06-2006, 10:38 PM

If I was you I would unistall Limewire.

LimeWire 4.9.28 is clean they say.

More info:

http://www.spywareinfo.com/articles/p2p/#limewire