Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Want to say thanks!
I have got another computer however, and this ones realllyyy slow and loaded with all sorts of rubbish softwares. I dont know which ones to delete and which ones to keep. Most of the times i dont delete them in case other important windows softwares start to malfunction ( it happened once before when i uninstalled norton i think). So yeah this computer is well slow and its most probably a nesting ground for malwares and spywares and so on.
I have followed all the ''before u post your hijackthis logs'' steps, downloaded ATFcleaner and ran that, downloaded malwarebytes and scanned the system with that, found a couple of infections, deleted them. Also ran HijackThis and got the log, which i am gonna post below.
Could you please tell me any further steps that i need to take and also which softwares i can remove from this system safely? Thanks. Really appreciate your efforts man.
My HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 15:57:57, on 24/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\COMPAQ\CPQINET\CPQInet.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.presar.../srchredir2.dll?
c=3C01&lc=0809&s=search&ap=b204
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = 60.208.64.177:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {00407B69-3B29-4AC2-98BF-7999AC07467A} -
(no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-
7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0
\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {144C0D53-A7AA-46F3-B655-90FA4C347AA1} -
(no file)
O2 - BHO: (no name) - {15FEE496-CDD0-468A-9182-BAE8FF3451AA}
- (no file)
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-
000000000000} - C:\Program Files\Common Files\ReGet
Shared\Catcher.dll
O2 - BHO: (no name) - {1A2BAE59-2A27-4356-8DD6-175B7A35B229} -
(no file)
O2 - BHO: (no name) - {2295D587-1F1F-46AB-A0E1-3D395AAA9029} -
(no file)
O2 - BHO: (no name) - {2C114700-A1D0-4B38-90A0-1FAE7BC66193} -
(no file)
O2 - BHO: (no name) - {2CED0917-F106-4D7A-BE28-81458160C549} -
(no file)
O2 - BHO: (no name) - {2E801EEA-8505-4446-B669-8482086A1EF1} -
(no file)
O2 - BHO: (no name) - {3475BF32-38F6-4B70-9EC4-73DBF2D42F0D} -
(no file)
O2 - BHO: (no name) - {37458183-DD8B-4FF9-A79E-8CDF42896563} -
(no file)
O2 - BHO: (no name) - {3A9DB4A6-E29C-4AE8-9C44-B058941EB5D0}
- (no file)
O2 - BHO: (no name) - {42A64A3F-C28D-41B7-90FF-FBDD03F3EBE2}
- (no file)
O2 - BHO: (no name) - {4501E05F-E0B8-4FCC-9513-059EE3A1D728} -
(no file)
O2 - BHO: (no name) - {4CD1A1E1-2031-472E-9A9A-EEC2698AC3E9}
- (no file)
O2 - BHO: (no name) - {4F392267-B6EF-4CA4-8AAF-ED1749373D34} -
(no file)
O2 - BHO: (no name) - {610DCB11-58EE-4FAC-91A1-2F62E6E7FC8A}
- (no file)
O2 - BHO: (no name) - {61B7CF66-2E6C-4384-9BC0-E9BA6C2D3D6C}
- (no file)
O2 - BHO: (no name) - {65B03447-D095-428B-B6FF-5236CBD7A209} -
(no file)
O2 - BHO: (no name) - {66AE2F28-F579-43D9-9938-4505B3840A55} -
(no file)
O2 - BHO: (no name) - {6A3995D8-0E7C-445D-9F03-2104752614C8} -
(no file)
O2 - BHO: (no name) - {6C78A124-AD16-4DE9-8D72-CEF30903B883} -
(no file)
O2 - BHO: (no name) - {6CB3CB69-A491-4DC6-987E-A3A0A968B18B}
- (no file)
O2 - BHO: (no name) - {6E534804-782C-4613-9085-2EE3A885AF2C} -
(no file)
O2 - BHO: (no name) - {7234F4D3-FABF-4DAB-ACF6-2E44AD51F22E}
- (no file)
O2 - BHO: (no name) - {72924C96-0059-43A6-B3F6-A5546707A2E3} -
(no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {77D5C4D1-6D0C-4B17-8725-A1CB396C50E0}
- (no file)
O2 - BHO: (no name) - {7C227956-D1F1-4D5D-B0D5-2F541A7B1D3C}
- (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} -
(no file)
O2 - BHO: (no name) - {83930191-B0E7-47FE-8DDC-1C44F02945F9} -
(no file)
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} -
C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: (no name) - {85B406C2-9D6F-495C-A48F-6B01B128EE9D} -
(no file)
O2 - BHO: wssclient - {8D99D2A3-317C-4929-8A5D-21140259D93A} -
c:\PROGRA~1\wss.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-
8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9ACD96C1-754A-4557-8C13-2725253B3536} -
(no file)
O2 - BHO: (no name) - {9C9ABD32-87DC-4327-BEAE-
E3CCC73F93A5} - (no file)
O2 - BHO: (no name) - {A2C8C327-9822-4537-B8C0-B0590CCCAA10}
- (no file)
O2 - BHO: (no name) - {A332DE9A-BC6B-4AF9-9A59-388FAF93E681}
- (no file)
O2 - BHO: (no name) - {A47862A2-4AE6-4572-9026-4C41D347D4B4} -
(no file)
O2 - BHO: (no name) - {A7853404-E817-4419-9311-B947CCC3098E} -
(no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
(no file)
O2 - BHO: (no name) - {ADAA7F86-3933-42D2-9E68-04C859A07FAD} -
(no file)
O2 - BHO: (no name) - {B1AB473F-3436-49DA-9E87-3410DDADAD94}
- (no file)
O2 - BHO: (no name) - {B3811E84-5EE5-4C03-991C-D79A47CCBC81}
- (no file)
O2 - BHO: (no name) - {B9357E5D-25D8-4EE7-BC25-EDED800AE258}
- (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872}
- (no file)
O2 - BHO: (no name) - {C06646C3-E962-442B-91AA-584F09497A25} -
(no file)
O2 - BHO: (no name) - {CB63A18C-8E76-4C6F-9E34-678064B1BC72} -
(no file)
O2 - BHO: (no name) - {CCDCA588-8904-4600-8462-22CAC96B4E2C}
- (no file)
O2 - BHO: (no name) - {D59AF09B-95EE-4D3D-8A3E-D400450C4874}
- (no file)
O2 - BHO: (no name) - {DEE59238-A9FF-43BF-AE59-F26949979E70} -
(no file)
O2 - BHO: (no name) - {DF01E5DC-82A6-4944-B696-DA3311787905} -
(no file)
O2 - BHO: (no name) - {E56F7F2C-859F-4DF3-AAA9-85C91DA45028} -
(no file)
O2 - BHO: (no name) - {ED6DBF7B-D30A-4657-BF4A-673C61D13F78}
- (no file)
O2 - BHO: (no name) - {F88AE11E-175F-45D3-A673-FC483680AE41} -
(no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-
7859DF00B1D6} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655}
- (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-
56DD725F1215} - C:\Program Files\ReGetDx\iebar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-
10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-
CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy
Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
/STARTUP
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Disc Detector] C:\Program
Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32
\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [ms ownage] winPE.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriveDiscoveryMemoryResident] C:\Program
Files\NotsoSoftware\DriveDiscovery\NSSMR.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!
\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus!
3\MsgPlus.exe" /WinStart
O4 - Startup: AdsGone.lnk = C:\Program Files\AdsGone\adsgone.exe
O4 - Global Startup: AdsGone 2006.lnk = C:\Program
Files\AdsGone\adsgone.exe
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program
Files\Common Files\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe -
C:\Program Files\Common Files\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Download Link Using Mega Manager... -
C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List -
res://C:\Program Files\Canon\Easy-
WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print -
res://C:\Program Files\Canon\Easy-
WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program
Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program
Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-
11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05
\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-
f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file
missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-
4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-
81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-
BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file
missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: MS&N Messenger Service - {FB5F1910-
F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.answers.com
O15 - Trusted Zone: www.bollywoodheaven.com
O15 - Trusted Zone: http://www.google.co.uk
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows
Genuine Advantage Validation Tool) -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java
Plug-in 1.5.0_10) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java
Plug-in 1.5.0_11) -
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awvepa - C:\WINDOWS\Fonts\awvepa.dll (file
missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32
\WgaLogon.dll
O20 - Winlogon Notify: winstd32 - winstd32.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner -
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file
missing)
O23 - Service: Symantec Password Validation Service (ccPwdSvc) -
Unknown owner - C:\Program Files\Common Files\Symantec
Shared\ccPwdSvc.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative
Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050
\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -
Unknown owner - C:\Program Files\Norton SystemWorks\Norton
AntiVirus\navapsvc.exe (file missing)
O23 - Service: Norton Internet Security Service (NISSERV) - Unknown
owner - C:\Program Files\Norton Internet Security\NISSERV.EXE (file
missing)
O23 - Service: Norton Internet Security Accounts Manager (NISUM) -
Unknown owner - C:\Program Files\Norton Internet Security\NISUM.EXE
(file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown
owner - C:\Program Files\Norton SystemWorks\Norton
Utilities\NPROTECT.EXE (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental)
(rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f
"%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file
missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown
owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
(file missing)
O23 - Service: Speed Disk service - Unknown owner - C:\PROGRA~1
\NORTON~1\SPEEDD~1\nopdb.exe (file missing)
O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) -
Unknown owner - C:\Program Files\Norton Internet
Security\SymProxySvc.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Unknown owner -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe (file missing)
O23 - Service: System Out (SystemOutService) - Unknown owner -
C:\WINDOWS\system32\systemout.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
