Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Win32.TDSS.rtk - Request for Help

  1. #1
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default Win32.TDSS.rtk - Request for Help

    Hello. I am reposting this request for help after reviewing the applicable posting faq. The link to my original post is http://forums.spybot.info/showthread...413#post327413 and it contains my spybot s&d log containg the Win32.TDSS.rtk trojan error. I have tried to remove it with bot SB and AVG to no use.


    Here is the hijack this log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:53:07 PM, on 8/9/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ATKKBService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Creative\MediaSource5\CTDetctu.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Styler\Styler.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [Creative Detector U] "C:\Program Files\Creative\MediaSource5\CTDetctu.exe" /R
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Startup: Styler.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 12211 bytes

  2. #2
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,252

    Default

    Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
    "BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
    All advice given is taken at your own risk.
    Please make sure you have read this information so we are on the same page.

    You must have read and followed the "Before you Post" instructions.

    Let's chat just a moment, you have a nasty infection that is hard to remove, it is very important the directions are read and followed to the letter. What has me confused is you started by not reading "Before you Post" and even when tashi posted a link to the directions, TeaTimer that the directions plainly say needs to be disabled, is still running in the HJT log?
    Before you post a HJT log
    When Spybot-S&D is installed.
    TeaTimer needs to be disabled so that its protection does not interfere with fixes.
    If you will read the directions and follow them, I will do all I can to help remove the malware. Let's start like this:

    1) Disable TeaTimer as instructed.

    2) Post also an uninstall list: Open Hijackthis.
    Click the "Open the Misc Tools" section Button.
    Click the "Open Uninstall Manager" Button.
    Click the "Save list..." Button.
    Save it to your desktop. Copy and paste the contents into your reply.
    Image: http://img.bleepingcomputer.com/tuto...nstall-man.jpg

    3) Post a new HJT log.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #3
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default Request for Help

    Does anyone have any info that may help me on this issue?

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,482

    Default

    xcentrik

    Quote Originally Posted by xcentrik View Post
    Does anyone have any info that may help me on this issue?

    Quote Originally Posted by pskelley View Post
    Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
    "BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
    All advice given is taken at your own risk.
    Please make sure you have read this information so we are on the same page.

    You must have read and followed the "Before you Post" instructions.

    Let's chat just a moment, you have a nasty infection that is hard to remove, it is very important the directions are read and followed to the letter. What has me confused is you started by not reading "Before you Post" and even when tashi posted a link to the directions, TeaTimer that the directions plainly say needs to be disabled, is still running in the HJT log?


    If you will read the directions and follow them, I will do all I can to help remove the malware. Let's start like this:

    1) Disable TeaTimer as instructed.

    2) Post also an uninstall list: Open Hijackthis.
    Click the "Open the Misc Tools" section Button.
    Click the "Open Uninstall Manager" Button.
    Click the "Save list..." Button.
    Save it to your desktop. Copy and paste the contents into your reply.
    Image: http://img.bleepingcomputer.com/tuto...nstall-man.jpg

    3) Post a new HJT log.

    Thanks
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default New HJT Log

    Thank you very much for the quick help. Tea Timer has been disabled.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:40:43 AM, on 8/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\WINDOWS\ATKKBService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files\Microsoft

    Office\Office12\GrooveMonitor.exe
    C:\Program Files\Nero\Nero8\Nero

    BackItUp\NBService.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Adobe\Reader

    9.0\Reader\Reader_sl.exe
    C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\Common

    Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program

    Files\Creative\MediaSource5\CTDetctu.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Styler\Styler.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program

    Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Common

    Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\Common

    Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Common Files\Macrovision

    Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\trend

    micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Default_Page_URL =

    http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Default_Search_URL =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Start Page =

    http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection

    Wizard,ShellNext =

    http://go.microsoft.com/fwlink/?LinkId=74005
    R1 -

    HKCU\Software\Microsoft\Windows\CurrentVersion\Int

    ernet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AIM Toolbar Search Class -

    {03402f96-3dc7-4285-bc50-9e81fefafe43} -

    C:\Program Files\AIM Toolbar\aimtb.dll
    O2 - BHO: ContributeBHO Class -

    {074C1DC5-9320-4A9A-947D-C042949C6216} -

    C:\Program Files\Adobe\/Adobe Contribute

    CS3/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub -

    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -

    C:\Program Files\Common

    Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -

    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

    C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection -

    {53707962-6F74-2D53-2644-206D7942484F} -

    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper -

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -

    C:\Program Files\Microsoft

    Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper -

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

    C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper -

    {AE7CD045-E861-484f-8273-0445EE161910} -

    C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: AIM Toolbar Loader -

    {b0cda128-b425-4eef-a174-61a11ac5dbf8} -

    C:\Program Files\AIM Toolbar\aimtb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper -

    {DBC80044-A445-435b-BC74-9C25C1C588A9} -

    C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl -

    {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

    C:\Program

    Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: StylerToolBar -

    {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} -

    C:\Program Files\Styler\TB\StylerTB.dll
    O3 - Toolbar: Adobe PDF -

    {47833539-D0C5-4125-9FA8-0819E2EAAC93} -

    C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar -

    {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -

    C:\Program Files\Adobe\/Adobe Contribute

    CS3/contributeieplugin.dll
    O3 - Toolbar: AIM Toolbar -

    {61539ecd-cc67-4437-a03c-9aaccbd14326} -

    C:\Program Files\AIM Toolbar\aimtb.dll
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program

    Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program

    Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

    C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

    C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program

    Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program

    Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program

    Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program

    Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction

    Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program

    Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]

    "C:\Program Files\Adobe\Reader

    9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0]

    "C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM]

    C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VER

    SIO~2.EXE
    O4 - HKLM\..\Run: [UserFaultCheck]

    %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [ctfmon.exe]

    C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program

    Files\AIM6\aim6.exe" /d locale=en-US

    ee://aol/imApp
    O4 - HKCU\..\Run:

    [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10A

    A}] "C:\Program Files\Common

    Files\Nero\Lib\NMIndexStoreSvr.exe"

    ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [Creative Detector U]

    "C:\Program

    Files\Creative\MediaSource5\CTDetctu.exe" /R
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32

    advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

    (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix]

    regsvr32 /s /n /i:u shell32 (User 'NETWORK

    SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32

    advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

    (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32

    advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

    (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program

    Files\ERUNT\AUTOBACK.EXE
    O4 - Startup: Styler.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk =

    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &AIM Toolbar Search

    - C:\Documents and Settings\All Users\Application

    Data\AIM

    Toolbar\ieToolbar\resources\en-US\local\search.htm

    l
    O8 - Extra context menu item: Append to existing

    PDF - res://C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target

    to Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target

    to existing PDF - res://C:\Program

    Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected

    links to Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLi

    nks.html
    O8 - Extra context menu item: Convert selected

    links to existing PDF - res://C:\Program

    Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLin

    ks.html
    O8 - Extra context menu item: Convert selection to

    Adobe PDF - res://C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to

    existing PDF - res://C:\Program

    Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF

    - res://C:\Program Files\Adobe\Acrobat

    8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft

    Excel -

    res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: AIM Toolbar -

    {0b83c99c-1efa-4259-858f-bcb33e007a5b} -

    C:\Program Files\AIM Toolbar\aimtb.dll
    O9 - Extra button: Send to OneNote -

    {2670000A-7350-4f3c-8081-5663EE0C6C49} -

    C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote -

    {2670000A-7350-4f3c-8081-5663EE0C6C49} -

    C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research -

    {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

    C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) -

    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search &

    Destroy Configuration -

    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) -

    {e2e2dd38-d088-4134-82b7-f2ba38496583} -

    C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001

    - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

    C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O18 - Protocol: grooveLocalGWS -

    {88FED34C-F0CA-4636-A375-3CB6248B04CD} -

    C:\Program Files\Microsoft

    Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner -

    {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

    C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter -

    C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Lavasoft Ad-Aware Service

    (aawservice) - Lavasoft - C:\Program

    Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe

    Systems Incorporated - C:\Program Files\Common

    Files\Adobe\Adobe Version Cue

    CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: ATK Keyboard Service

    (ATKKeyboardService) - ASUSTeK COMPUTER INC. -

    C:\WINDOWS\ATKKBService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG

    Technologies CZ, s.r.o. -

    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service:

    ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762#

    # (Bonjour Service) - Apple Computer, Inc. -

    C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access -

    Creative Technology Ltd -

    C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service -

    Macrovision Europe Ltd. - C:\Program Files\Common

    Files\Macrovision Shared\FLEXnet

    Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager

    (IDriverT) - Macrovision Corporation - C:\Program

    Files\Common Files\InstallShield\Driver\11\Intel

    32\IDriverT.exe
    O23 - Service: Java Quick Starter

    (JavaQuickStarterService) - Sun Microsystems, Inc.

    - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Bluetooth Service

    (LBTServ) - Logitech, Inc. - C:\Program

    Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG

    - C:\Program Files\Nero\Nero8\Nero

    BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG -

    C:\Program Files\Common

    Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service

    (NVSvc) - NVIDIA Corporation -

    C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service -

    Prolific Technology Inc. -

    C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner -

    C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner -

    C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: Viewpoint Manager Service -

    Viewpoint Corporation - C:\Program

    Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 12149 bytes

  6. #6
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default HJT Uninstall List

    HJT Uninstall List:

    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    Ad-Aware
    Add or Remove Adobe Creative Suite 3 Master Collection
    Adobe After Effects CS3
    Adobe After Effects CS3 Presets
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe BridgeTalk Plugin CS3
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Contribute CS3
    Adobe Creative Suite 3 Master Collection
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe Dreamweaver CS3
    Adobe Encore CS3
    Adobe Encore CS3 Codecs
    Adobe ExtendScript Toolkit 2
    Adobe Extension Manager CS3
    Adobe Fireworks CS3
    Adobe Flash CS3
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 9 ActiveX
    Adobe Flash Video Encoder
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Illustrator CS3
    Adobe InDesign CS3
    Adobe InDesign CS3 Icon Handler
    Adobe Linguistics CS3
    Adobe MotionPicture Color Files
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Premiere Pro CS3
    Adobe Premiere Pro CS3 Functional Content
    Adobe Premiere Pro CS3 Third Party Content
    Adobe Reader 9
    Adobe Setup
    Adobe SING CS3
    Adobe Soundbooth CS3
    Adobe Soundbooth CS3 Codecs
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe Version Cue CS3 Server
    Adobe Video Profiles
    Adobe WAS CS3
    Adobe WinSoft Linguistics Plugin
    Adobe XMP DVA Panels CS3
    Adobe XMP Panels CS3
    AHV content for Acrobat and Flash
    AIM 6
    AIM Toolbar
    Alky for Applications (Windows XP)
    ASUS Gamer OSD
    ASUS Smart Doctor
    ASUS VideoSecurity Online
    AVG Free 8.5
    Call of Duty(R) 4 - Modern Warfare(TM)
    CCleaner (remove only)
    CDDRV_Installer
    Company of Heroes
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Company of Heroes - FAKEMSI
    Creative MediaSource 5
    Critical Update for Windows Media Player 11 (KB959772)
    Crysis(R)
    DAMN NFO Viewer v2.10.0032.RC3 (Remove Only)
    dBpoweramp DSP Effects
    dBpoweramp Music Converter
    Download Updater (AOL LLC)
    ERUNT 1.1j
    Fallout 3
    Gadget Installer
    Grand Theft Auto IV
    Half-Life(R) 2
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    IconPackager
    Java(TM) 6 Update 11
    Java(TM) 6 Update 6
    Java(TM) 6 Update 7
    KhalInstallWrapper
    LClock
    Logitech SetPoint
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Games for Windows - LIVE
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Office 2007 Recent Documents Gadget
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 SP1 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30304
    Mozilla Firefox (3.0.13)
    MSXML 4.0 SP2 (KB954430)
    Nero 8 Ultra Edition HD
    neroxml
    NVIDIA Drivers
    OpenOffice.org Installer 1.0
    PDF Settings
    PunkBuster Services
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    Realtek High Definition Audio Driver
    Resource Hacker 3.4.0
    Right Click Image Converter
    Rockstar Games Social Club
    Security Update for 2007 Microsoft Office System (KB951596)
    Security Update for 2007 Microsoft Office System (KB951944)
    Security Update for Microsoft Office Excel 2007 (KB951546)
    Security Update for Microsoft Office OneNote 2007 (KB950130)
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)
    Security Update for Microsoft Office Publisher 2007 (KB950114)
    Security Update for Microsoft Office system 2007 (KB951808)
    Security Update for Microsoft Office system 2007 (KB954326)
    Security Update for Microsoft Office Word 2007 (KB950113)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB973346)
    Spybot - Search & Destroy
    Steam(TM)
    Styler
    Team Fortress 2
    The Cleaner 5.2
    Trojan Remover 6.7.5
    Unlocker 1.8.5
    Update for Microsoft Office Outlook 2007 (KB952142)
    Update for Office 2007 (KB946691)
    Update for Outlook 2007 Junk Email Filter (kb956080)
    Update for Windows Internet Explorer 8 (KB969497)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Ventrilo Client
    Viewpoint Media Player
    Winamp
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows Sidebar
    WinRAR archiver
    World in Conflict
    World of Warcraft
    XviD MPEG-4 Video Codec

  7. #7
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default New issue

    Now it seems that Windows Antivirus Pro (which I don't remember having in my copy of XP) has detected many threats, and it wont let me run several applications, including hijack this. Is this part of the trojan? It wont let me disable this warning and it keeps promting me to buy the full version.

  8. #8
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default Issue

    Several new annoying malwares blocking use of many of all the programs are now appearing since I disabled Tea Timer, butit probably isn't a correlation. Again I thank you for all your help.

  9. #9
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,252

    Default

    PLEASE read the directions:
    Note: In notepad under Format, uncheck "Word Wrap" Produce all HJT logs like this, single spaced.
    single-spaced - (of type or print) not having a blank space between lines. Otherwise the log is hard to read.
    If you expect help, the "Before you Post" instructions MUST be read and followed to the letter, if you are not going to do that, let me know so I can close this thread.

    Thanks

    The computer should not be online unless you are there to follow my directions. We are making no progress because the directions are not being followed.
    Last edited by pskelley; 2009-08-11 at 19:01. Reason: as a reult of the last comment
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  10. #10
    Junior Member
    Join Date
    Aug 2009
    Posts
    23

    Default Update

    I am sorry, I thought I had wordwrap on already. I will make the change and repost when I get home. Please do not close the thread. If there are any other issues please let me know before I repost.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •