 UIPopupHidden..., having problems and this keeps showing up... |
Welcome Guest to What the Tech! ( Log In | Register ) We specialize in the removal of malicious software (malware), but here you'll find free help and support for all your tech questions. We invite you to ask questions, share experiences, and learn. Explore our message boards, or register now to post messages of your own. Please Start Here. Register today (registration removes advertising)
  |
  May 6 2008, 10:52 AM
Post
#1
|
|
|
Authentic Member  Group: Authentic Member Posts: 52 Joined: 17-November 04 From: Canada Member No.: 18,591  |
Hello...could someone check my HJT log please? i think im infected with something, everytime i put in a url..it takes forever, the machine acts like its hung it takes forever to load anything and when i reboot i keep getting this End Now on a program i dont know of its called UIPOPUPHIDDEN..what is this?
here is a fresh log...please help!! thank you Snow  Logfile of HijackThis v1.99.1 Scan saved at 12:47, on 08-05-06 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Bell\Security Manager\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Documents and Settings\MOM\Desktop\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe C:\Program Files\Bell\Security Manager\Rps.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\BellCanada\McciTrayApp.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\PROGRA~1\Webshots\webshots.scr C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe C:\Program Files\Bell\Security Manager\rpsupdaterR.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Bell\Security Manager\PrtlAgt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe C:\sUBs\TSF\catchme.exe C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe" O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe" O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omah...a-ob-assets.cab O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.4.4.27/aces...s-ob-assets.cab O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.4.0.34/back...n-ob-assets.cab O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2.23/blac...k-ob-assets.cab O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0.41/vide...k-ob-assets.cab O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.4.0.34/cana...a-ob-assets.cab O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0.34/chec...s-ob-assets.cab O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.4.0.48/crib...e-ob-assets.cab O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.3.4.64/chec...g-ob-assets.cab O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.4.0.41/domi...o-ob-assets.cab O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/vide...e-ob-assets.cab O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.4.0.34/euch...e-ob-assets.cab O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.27/firs...2-ob-assets.cab O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.4.1.46/supe...o-ob-assets.cab O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/gree...k-ob-assets.cab O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.2.30/harv...t-ob-assets.cab O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.4.34/hear...s-ob-assets.cab O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.3.28/pool...l-ob-assets.cab O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.1.53/jigs...w-ob-assets.cab O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.4.3.36/gin/gin-ob-assets.cab O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.4.2.30/lott...o-ob-assets.cab O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.0.48/mahj...g-ob-assets.cab O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.2.23/paig...w-ob-assets.cab O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.4.1.53/free...l-ob-assets.cab O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.4.0.34/peng...s-ob-assets.cab O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.4.2.30/pino...e-ob-assets.cab O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.0.34/popf...u-ob-assets.cab O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.4.2.30/popp...a-ob-assets.cab O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.4.4.34/popp...2-ob-assets.cab O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.4.3.28/hots...k-ob-assets.cab O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.2.23/squa...s-ob-assets.cab O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.4.4.27/ride...e-ob-assets.cab O16 - DPF: SciFi Slots by pogo - http://game1.pogo.com/applet-6.4.1.46/slot...i-ob-assets.cab O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.4.0.41/spad...s-ob-assets.cab O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.34/spid...r-ob-assets.cab O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.4.0.41/sque...s-ob-assets.cab O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/swee...r-ob-assets.cab O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.4.0.41/swee...h-ob-assets.cab O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.4.4.27/hold...m-ob-assets.cab O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.3.28/peak...s-ob-assets.cab O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.4.0.34/turb...1-ob-assets.cab O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.4.4.27/word...2-ob-assets.cab O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.0.41/whac...n-ob-assets.cab O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.2.30/word...g-ob-assets.cab O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.0.34/worl...s-ob-assets.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {26098EA2-C95D-48EA-89B4-63C5A63BD42F} - http://www.pacimedia.com/install/pcs_0009.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - https://bonfire.puretracks.com/en/onager.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://activation.sympatico.ca/wizlet/Symp...nadaActiveX.cab O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F04FE050-90DE-4EDD-A719-7CF3EBA4175E} (DetectCtl Class) - http://transition.sympatico.ca/systemdetect.cab O16 - DPF: {F5078F32-C551-11D3-89B9-0000F81FE221} (XML DOM Document 3.0) - https://signup.msn.com/pages/msxml3.cab O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\MOM\Desktop\AVG Anti-Spyware 7.5\guard.exe O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe |
 |
 
|
|
May 11 2008, 01:07 AM
Post
#2
|
|
 Authentic Member  Group: Malware Team Posts: 235 Joined: 12-October 07 From: Puerto Rico Member No.: 73,451 Operating System: win xp |
Hello and Welcome to the forums!
My name is Gringo and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens. Please do not run any other tool untill instructed to do so! Please reply to this thread, do not start another! Please tell me about any problems that have occurred during the fix. Please tell me of any other symptoms you may be having as these can help also. Please try as much as possible not to run anything while executing a fix. Sorry about the delay in responding  The forums have been very busyIf you still need help, Scan again with HijackThis, and copy/paste" a new log file into this thread. Also please make an uninstall list and post that as well Make an uninstall list using HijackThis To access the Uninstall Manager you would do the following: 1. Start HijackThis 2. Click on the Config button 3. Click on the Misc Tools button 4. Click on the Open Uninstall Manager button. 5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in your next reply. Gringo |
|
|
|
|
May 11 2008, 06:49 AM
Post
#3
|
|
|
Authentic Member Group: Authentic Member Posts: 52 Joined: 17-November 04 From: Canada Member No.: 18,591 |
Hi Gringo, thank you for replying...i know you guys are very busy its much appreciated
i still have an annoyance which i cant seem to get rid of...the Combofix Icon on my desktop, i cant find the program on here, when i did try to download it all i got was the icon and when you click on it it says its being used by another person, now it wont let me delete the icon...i suspect that might be the cause of my machine loading mainpage very slow a google just spins for the longest time. here is the uninstall list Acoustica Effects Pack Adobe Flash Player ActiveX Adobe Flash Player Plugin Adobe Reader 7.0.9 Adobe Shockwave Player Apple Mobile Device Support Apple Software Update ATI Control Panel ATI Display Driver Authentium AntiVirus SDK - 2 AVG Anti-Spyware 7.5 Camera Driver CCScore Compatibility Pack for the 2007 Office system Corel WordPerfect Suite 8 Daycare Information System Plus ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSSONIC ESSTOOLS essvatgt ewido anti-malware fflink FL Studio 6 Frets On Fire Future Photo Print Wizard (Standalone) GdiplusUpgrade Guitar Pro 4 Demo HijackThis 2.0.2 Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB914440) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) HP Extended Capabilities 5.3 HP Imaging Device Functions 6.0 HP Photosmart Cameras 6.0 HP Photosmart Essential HP PSC & OfficeJet 5.3.B HP Solution Center and Imaging Support Tools 6.0 HP Update HydraVision Image Transfer ImageMixer for Sony Impulse 1.0 Indeo® Software Intel® PRO Network Adapters and Drivers Internet Check-Up iTunes J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 8 J2SE Runtime Environment 5.0 Update 9 Java™ 6 Update 2 Java™ 6 Update 3 Java™ SE Runtime Environment 6 Update 1 kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday K-Lite Codec Pack Kodak EasyShare software Logitech ImageStudio Logitech Print Service Macromedia Flash Player 8 Memories Disc Creator 2.0 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office PowerPoint Viewer 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Word 2002 Microsoft Works 2003 Setup Launcher Microsoft Works 7.0 Microsoft Works Suite Add-in for Microsoft Word MicroStaff WINASPI Mozilla Firefox (2.0.0.14) MPIO Software Installation MSN MSN Messenger 7.5 MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 Parser and SDK MySpaceIM netbrdg Netscape Browser (remove only) NTI CD & DVD-Maker 6 Gold OfotoXMI overland PerfectDisk PMP Transcoder Power Tab Editor 1.7 Power Tab Editor 1.7 PowerDVD PPSDKRedistributables QuickTax 2004 QuickTax 2005 QuickTax 2006 QuickTax 2007 QuickTime Radialpoint Security Services RealArcade RealPlayer Rhapsody Player Engine RPS Ad Blocker RPS AntiFraud RPS AntiSpyware RPS AntiVirus RPS App Detector RPS AsRealtime RPS Backup RPS Burn RPS Diagnostic Utility RPS Firewall RPS ParentalControl RPS Performance Tool RPS PopupBlocker RPS Privacy Manager RPS RpsCore RPS Security Cleanup RPS Zip Samsung YP-55 Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899588) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Security Update for Windows XP (KB911280) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB916281) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921503) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922760) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923694) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924191) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB924667) Security Update for Windows XP (KB925454) Security Update for Windows XP (KB925486) Security Update for Windows XP (KB925902) Security Update for Windows XP (KB926247) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB927779) Security Update for Windows XP (KB927802) Security Update for Windows XP (KB928255) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB929123) Security Update for Windows XP (KB930178) Security Update for Windows XP (KB931261) Security Update for Windows XP (KB931784) Security Update for Windows XP (KB932168) Security Update for Windows XP (KB933729) Security Update for Windows XP (KB935839) Security Update for Windows XP (KB935840) Security Update for Windows XP (KB936021) Security Update for Windows XP (KB938829) Security Update for Windows XP (KB941202) Security Update for Windows XP (KB941568) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB941644) Security Update for Windows XP (KB941693) Security Update for Windows XP (KB943055) Security Update for Windows XP (KB943460) Security Update for Windows XP (KB943485) Security Update for Windows XP (KB944653) Security Update for Windows XP (KB945553) Security Update for Windows XP (KB946026) Security Update for Windows XP (KB948590) Security Update for Windows XP (KB948881) SFR SHASTA skin0001 SKINXSDK Solitaire 25 Sony USB Driver Spybot - Search & Destroy 1.4 staticcr Sympatico Security Advisor 1.5.11 Sympatico Security Manager TabTrax Demo 1.9 tooltips Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB904942) Update for Windows XP (KB910437) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update for Windows XP (KB927891) Update for Windows XP (KB929338) Update for Windows XP (KB930916) Update for Windows XP (KB931836) Update for Windows XP (KB933360) Update for Windows XP (KB936357) Update for Windows XP (KB938828) Update for Windows XP (KB942763) VPRINTOL Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows Media Player 9 Hotfix [See KB885492 for more information] Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB885884 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB893086 Windows XP Service Pack 2 WIRELESS Yahoo! Browser Services Yahoo! Messenger yepp studio Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:48:50 AM, on 11/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Bell\Security Manager\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe C:\Program Files\Bell\Security Manager\Rps.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\BellCanada\McciTrayApp.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\PROGRA~1\Webshots\webshots.scr C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe C:\Program Files\Bell\Security Manager\rpsupdaterR.exe C:\Program Files\Bell\Security Manager\PrtlAgt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe" O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [OemReset] %systemroot%\OPTIONS\OEMRESET.EXE /AUDIT O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omah...a-ob-assets.cab O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.4.4.27/aces...s-ob-assets.cab O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.4.0.34/back...n-ob-assets.cab O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2.23/blac...k-ob-assets.cab O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0.41/vide...k-ob-assets.cab O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.4.0.34/cana...a-ob-assets.cab O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0.34/chec...s-ob-assets.cab O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.4.0.48/crib...e-ob-assets.cab O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.3.4.64/chec...g-ob-assets.cab O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.4.0.41/domi...o-ob-assets.cab O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/vide...e-ob-assets.cab O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.4.0.34/euch...e-ob-assets.cab O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.27/firs...2-ob-assets.cab O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.4.1.46/supe...o-ob-assets.cab O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/gree...k-ob-assets.cab O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.2.30/harv...t-ob-assets.cab O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.4.34/hear...s-ob-assets.cab O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.3.28/pool...l-ob-assets.cab O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.1.53/jigs...w-ob-assets.cab O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.4.3.36/gin/gin-ob-assets.cab O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.4.2.30/lott...o-ob-assets.cab O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.0.48/mahj...g-ob-assets.cab O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.2.23/paig...w-ob-assets.cab O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.4.1.53/free...l-ob-assets.cab O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.4.0.34/peng...s-ob-assets.cab O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.4.2.30/pino...e-ob-assets.cab O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.0.34/popf...u-ob-assets.cab O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.4.2.30/popp...a-ob-assets.cab O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.4.4.34/popp...2-ob-assets.cab O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.4.3.28/hots...k-ob-assets.cab O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.2.23/squa...s-ob-assets.cab O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.4.4.27/ride...e-ob-assets.cab O16 - DPF: SciFi Slots by pogo - http://game1.pogo.com/applet-6.4.1.46/slot...i-ob-assets.cab O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.4.0.41/spad...s-ob-assets.cab O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.34/spid...r-ob-assets.cab O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.4.0.41/sque...s-ob-assets.cab O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/swee...r-ob-assets.cab O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.4.0.41/swee...h-ob-assets.cab O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.4.4.27/hold...m-ob-assets.cab O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.3.28/peak...s-ob-assets.cab O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.4.0.34/turb...1-ob-assets.cab O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.4.4.27/word...2-ob-assets.cab O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.0.41/whac...n-ob-assets.cab O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.2.30/word...g-ob-assets.cab O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.0.34/worl...s-ob-assets.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://activation.sympatico.ca/wizlet/Symp...nadaActiveX.cab O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F04FE050-90DE-4EDD-A719-7CF3EBA4175E} (DetectCtl Class) - http://transition.sympatico.ca/systemdetect.cab O16 - DPF: {F5078F32-C551-11D3-89B9-0000F81FE221} (XML DOM Document 3.0) - https://signup.msn.com/pages/msxml3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C190CDEB-675B-448D-BFCD-6C45E54F9C7F}: NameServer = 207.164.234.129 207.164.234.193 O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe -- End of file - 14405 bytes thank you This post has been edited by Snow: May 11 2008, 06:54 AM |
|
|
|
|
May 11 2008, 09:53 PM
Post
#4
|
|
|
Authentic Member Group: Malware Team Posts: 235 Joined: 12-October 07 From: Puerto Rico Member No.: 73,451 Operating System: win xp |
Hello Snow QUOTE Hello...could someone check my HJT log please? i think im infected with something, everytime i put in a url..it takes forever, the machine acts like its hung it takes forever to load anything and when i reboot i keep getting this End Now on a program i dont know of its called UIPOPUPHIDDEN..what is this? Have been doing alot of research on this and have come up with a few things 1. this is caused by the antivirus and security programs that was installed by your ISP 2. the antivirus you have is not very well liked around 3. we can do this two ways if you want to keep the programs that you have now I will give you the information that i have found or if you want we can uninstall what you have and I can offer you some good free alternatives QUOTE i still have an annoyance which i cant seem to get rid of...the Combofix Icon on my desktop, i cant find the program on here, when i did try to download it all i got was the icon and when you click on it it says its being used by another person, now it wont let me delete the icon...i suspect that might be the cause of my machine loading mainpage very slow a google just spins for the longest time.
If you don't play all these games you can rerun hijackthis and put a checkmark next to all of these O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omah...a-ob-assets.cab <http://game1.pogo.com/applet-6.4.3.36/omaha/omaha-ob-assets.cab> O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.4.4.27/aces...s-ob-assets.cab <http://game1.pogo.com/applet-6.4.4.27/aces/aces-ob-assets.cab> O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.4.0.34/back...n-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.34/backgammon/backgammon-ob-assets.cab> O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2.23/blac...k-ob-assets.cab <http://game1.pogo.com/applet-6.4.2.23/blackjack/blackjack-ob-assets.cab> O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0.41/vide...k-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.41/videoblackjack/videoblackjack-ob-assets.cab> O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.4.0.34/cana...a-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.34/canasta/canasta-ob-assets.cab> O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0.34/chec...s-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.34/checkers2/checkers-ob-assets.cab> O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.4.0.48/crib...e-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.48/cribbage/cribbage-ob-assets.cab> O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.3.4.64/chec...g-ob-assets.cab <http://game1.pogo.com/applet-6.3.4.64/checkeredflag/checkeredflag-ob-assets.cab> O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.4.0.41/domi...o-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.41/domino/domino-ob-assets.cab> O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/vide...e-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.34/videopoker2/doubledeuce-ob-assets.cab> O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.4.0.34/euch...e-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.34/euchre/euchre-ob-assets.cab> O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.27/firs...2-ob-assets.cab <http://game1.pogo.com/applet-6.4.4.27/firstclass2/firstclass2-ob-assets.cab> O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.4.1.46/supe...o-ob-assets.cab <http://game1.pogo.com/applet-6.4.1.46/superbingo/superbingo-ob-assets.cab> O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/gree...k-ob-assets.cab <http://game1.pogo.com/applet-6.5.0.45/greenback/greenback-ob-assets.cab> O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.2.30/harv...t-ob-assets.cab <http://game1.pogo.com/applet-6.4.2.30/harvest/harvest-ob-assets.cab> O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.4.34/hear...s-ob-assets.cab <http://game1.pogo.com/applet-6.4.4.34/hearts/hearts-ob-assets.cab> O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.3.28/pool...l-ob-assets.cab <http://game1.pogo.com/applet-6.4.3.28/pool2/pool-ob-assets.cab> O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.1.53/jigs...w-ob-assets.cab <http://game1.pogo.com/applet-6.4.1.53/jigsaw/jigsaw-ob-assets.cab> O16 - DPF: Jungle Gin by pogo - <http://game1.pogo.com/applet-6.4.3.36/gin/gin-ob-assets.cab> O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.4.2.30/lott...o-ob-assets.cab <http://game1.pogo.com/applet-6.4.2.30/lottso/lottso-ob-assets.cab> O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.0.48/mahj...g-ob-assets.cab <http://game1.pogo.com/applet-6.4.0.48/mahjong/mahjong-ob-assets.cab> O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.2.23/paig...w-ob-assets.cab <http://game1.pogo.com/applet-6.4.2.23/paigow/paigow-ob-assets.cab> O16 - DPF: Payday FreeCell by pogo - |
