Reply.
I figured out what was causing my computer to not allow me to do anything. (it always used 100% of my CPU) It was some system scan thing from Norton. So I had to go into my Services, and disable it. Now I can actually get onto my computer, without having to wait an hour just for a program to finally open.
But I know I am still infected with some adware/spyware/viruses. So I did the ComboFix thing... and here is the log:
(I believe that I now have some new virus's and stuff....Great!!)
________________________________________________________
"MissLani" - 07-01-29 13:31:04 Service Pack 2
ComboFix 07-01-25 - Running from: "C:\Documents and Settings\MissLani\desktop"
Command switches used :: /v vtssr urqpqpq winyxm32
(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\vtssr.dll
C:\WINDOWS\system32\urqpqpq.dll
C:\WINDOWS\system32\winyxm32.dll
C:\WINDOWS\system32\rsstv.bak1
C:\WINDOWS\system32\rsstv.bak2
C:\WINDOWS\system32\rsstv.ini
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\unsvchosts.lzma
C:\WINDOWS\system32\wtssvcc.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\drivers\npf.sys
C:\DOCUME~1\LOCALS~1\Application Data\NetMon
C:\WINDOWS\TWlzc0xhbmk
C:\Program Files\Common Files\{30476~1
C:\Program Files\Common Files\{30476~2
C:\Program Files\Common Files\{E0476~2
C:\DOCUME~1\MissLani\Application Data\SearchToolbarCorp
C:\Program Files\InetGet2
C:\Program Files\Inetget2
C:\Program Files\network monitor
C:\Program Files\Network Monitor
C:\Program Files\VSAdd-in
C:\Program Files\Common Files\{E0476~1
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\Program Files\SCURIT~1
C:\qoobox\purity\Program Files\Common Files\ASKS~1
C:\qoobox\purity\Program Files\Common Files\ASKS~1\notepad.exe
C:\qoobox\purity\Program Files\Common Files\ASKS~1\?asks
C:\qoobox\purity\Program Files\Common Files\ASKS~1\?asks\!update-4300.0000
C:\qoobox\purity\Program Files\SCURIT~1\t?skmgr.exe
C:\qoobox\purity\WINDOWS\system32\SMANTE~1
((((((((((((((((((((((((((((((( Files Created from 2006-12-29 to 2007-01-29 ))))))))))))))))))))))))))))))))))
2007-01-29 13:38 <DIR> d-------- C:\WINDOWS\erdnt
2007-01-29 13:18 88,340 --a------ C:\WINDOWS\system32\vxhewnrp.exe
2007-01-29 13:18 44,165 --a------ C:\WINDOWS\system32\wbexycwd.dll
2007-01-29 13:18 118,804 --a------ C:\WINDOWS\system32\dcerbcvw.dll
2007-01-29 03:23 <DIR> d-------- C:\Program Files\Magic Ball 3
2007-01-29 01:51 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\Skype
2007-01-29 01:50 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-01-29 01:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Skype
2007-01-29 01:49 <DIR> d-------- C:\Program Files\Skype
2007-01-23 22:45 <DIR> d-------- C:\WINDOWS\pss
2007-01-23 22:44 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Application Data\Sony
2007-01-23 22:15 155,648 ---h----- C:\DOCUME~1\ALLUSE~1\Application Data\svchost.exe
2007-01-23 01:29 76,412 --a------ C:\WINDOWS\system32\putwsbpa.dll
2007-01-19 23:09 155,648 ---h----- C:\Program Files\Common Files\svchost.exe
2007-01-19 22:54 774,144 --a------ C:\Program Files\RngInterstitial.dll
2007-01-19 22:35 76,412 --a------ C:\WINDOWS\system32\jsnpkyqk.dll
2007-01-19 21:58 115,013 --a------ C:\tdd.exe
2007-01-19 21:56 151,552 --a------ C:\WINDOWS\nvchost.exe
2007-01-19 00:00 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\URSE Games
2007-01-18 23:52 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\Zak&Jack
2007-01-18 10:21 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-18 10:21 <DIR> d-------- C:\Program Files\Grisoft
2007-01-17 07:30 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\Google
2007-01-17 00:30 5,513 --a------ C:\WINDOWS\system32\drivers\musm3gld.sys
2007-01-17 00:00 0 --a------ C:\ryembqbd.exe
2007-01-16 23:58 0 --a------ C:\vimsflwp.exe
2007-01-16 23:58 0 --a------ C:\baiod.exe
2007-01-16 23:41 620,544 --a------ C:\WINDOWS\system32\stlpmt45.dll
2007-01-16 23:41 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2007-01-16 23:41 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
2007-01-16 23:41 1,497,088 --a------ C:\WINDOWS\system32\cc3260mt.dll
2007-01-16 23:41 <DIR> d-------- C:\Program Files\Common Files\AVSMedia
2007-01-16 23:41 <DIR> d-------- C:\Program Files\AVSMedia
2007-01-16 13:27 2,200 --a------ C:\xklxhlc.exe
2007-01-16 08:25 <DIR> d-------- C:\Program Files\TangleBee
2007-01-16 08:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\TangleBee
2007-01-16 06:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe Systems
2007-01-16 05:55 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-01-16 05:31 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\Corel
2007-01-16 05:30 <DIR> d-------- C:\Program Files\Common Files\Corel
2007-01-16 05:28 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-01-16 05:25 <DIR> d-------- C:\Program Files\Corel
2007-01-16 04:15 57,344 --a------ C:\WINDOWS\system32\packet.dll
2007-01-16 04:15 53,299 --a------ C:\WINDOWS\system32\pthreadVC.dll
2007-01-16 04:15 208,896 --a------ C:\WINDOWS\system32\wpcap.dll
2007-01-16 04:14 <DIR> d-------- C:\Program Files\ExploreAnywhere
2007-01-15 18:39 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\SurveilleTech
2007-01-15 18:33 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2007-01-15 16:09 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\MySpace
2007-01-15 16:08 <DIR> d-------- C:\Program Files\MySpace
2007-01-15 13:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\TangleBee - BigFish
2007-01-15 03:39 <DIR> d-------- C:\Program Files\Totem Treasure 2
2007-01-15 03:39 <DIR> d-------- C:\Program Files\Paparazzi
2007-01-15 03:39 <DIR> d-------- C:\Program Files\BFG
2007-01-14 22:19 <DIR> d-------- C:\Program Files\thriXXX
2007-01-14 12:21 <DIR> d-------- C:\Program Files\Mozilla Firefox
2007-01-12 18:08 520,192 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-01-12 18:08 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-12 18:08 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-01-12 18:08 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-12 18:03 806,912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-01-12 18:03 806,912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-01-12 18:03 790,528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-01-12 18:03 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-12 18:03 635,486 --a------ C:\WINDOWS\system32\DivX.dll
2007-01-12 18:03 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-01-12 18:03 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-01-12 18:03 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-01-12 18:03 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-01-12 18:03 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-01-12 18:03 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-01-12 18:03 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-01-12 03:52 <DIR> d-------- C:\WINDOWS\ie7updates
2007-01-11 18:19 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-01-11 18:19 118,784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-01-11 15:55 <DIR> d-------- C:\Program Files\Brain Booster
2007-01-10 01:19 <DIR> d-------- C:\Program Files\LEGO Chic Boutique
2007-01-10 01:18 <DIR> d-------- C:\Program Files\Bejeweled 2 Deluxe
2007-01-06 21:34 <DIR> d-------- C:\Program Files\DNA
2007-01-06 21:33 <DIR> d-------- C:\Program Files\Flower Shop Big City Break
2007-01-02 19:39 <DIR> d-------- C:\Program Files\Super Granny 3
2007-01-02 15:33 <DIR> d-------- C:\Program Files\Common Files\Broderbund
2007-01-02 15:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Broderbund Software
2007-01-01 23:21 1,056,768 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2007-01-01 23:21 <DIR> d-------- C:\Program Files\Ulead Systems
2007-01-01 23:14 <DIR> d-------- C:\WINDOWS\Noslip
2007-01-01 23:11 <DIR> d-------- C:\Downloads
2007-01-01 13:49 <DIR> d-------- C:\Program Files\SymNetDrv
2006-12-29 16:13 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\Real
2006-12-29 11:21 <DIR> d-------- C:\Program Files\Common Files\xing shared
2006-12-29 03:18 <DIR> d-------- C:\DOCUME~1\NETWOR~1\Application Data\Symantec
2006-12-29 03:08 <DIR> d-------- C:\Program Files\Norton AntiVirus
2006-12-29 03:07 91,904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-29 03:07 124,016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-29 03:07 <DIR> d-------- C:\DOCUME~1\MissLani\Application Data\Symantec
2006-12-29 03:05 <DIR> d-------- C:\Program Files\Symantec
2006-12-29 03:05 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2006-12-29 03:05 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Symantec
2006-12-29 03:03 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Google Updater
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-01-29 13:41 1048 --a------ C:\sccfg.sys
2007-01-29 03:20 -------- d-------- C:\Documents and Settings\MissLani\Application Data\skype
2007-01-29 01:47 -------- d-------- C:\Program Files\dap
2007-01-26 07:52 -------- d--h----- C:\Program Files\installshield installation information
2007-01-26 07:49 -------- d-------- C:\Program Files\bearshare
2007-01-23 23:19 -------- d-------- C:\Program Files\quicktime
2007-01-19 22:53 -------- d-------- C:\Program Files\winamp
2007-01-19 22:48 -------- d-------- C:\Program Files\real
2007-01-19 00:00 -------- d-------- C:\Documents and Settings\MissLani\Application Data\urse games
2007-01-18 23:52 -------- d-------- C:\Documents and Settings\MissLani\Application Data\zak&jack
2007-01-18 10:25 -------- d-------- C:\Program Files\divx
2007-01-16 16:52 -------- d-------- C:\Program Files\folder lock
2007-01-16 06:32 -------- d-------- C:\Documents and Settings\MissLani\Application Data\adobe
2007-01-16 05:56 -------- d-------- C:\Program Files\Common Files\adobe
2007-01-16 05:31 -------- d-------- C:\Documents and Settings\MissLani\Application Data\corel
2007-01-15 18:39 -------- d-------- C:\Documents and Settings\MissLani\Application Data\surveilletech
2007-01-15 16:09 -------- d-------- C:\Documents and Settings\MissLani\Application Data\myspace
2007-01-14 12:21 -------- d-------- C:\Documents and Settings\MissLani\Application Data\mozilla
2007-01-14 00:35 -------- d-------- C:\Documents and Settings\MissLani\Application Data\limewire
2007-01-05 07:42 -------- d-------- C:\Program Files\gamehouse
2007-01-02 15:32 -------- d-------- C:\Program Files\broderbund
2007-01-01 20:56 -------- d-------- C:\Documents and Settings\MissLani\Application Data\real
2007-01-01 16:36 966656 --a------ C:\WINDOWS\unrecode.exe
2007-01-01 16:36 966656 --a------ C:\WINDOWS\unnerovision.exe
2007-01-01 16:36 966656 --a------ C:\WINDOWS\unneroshowtime.exe
2007-01-01 16:36 966656 --a------ C:\WINDOWS\unneromediahome.exe
2007-01-01 16:36 966656 --a------ C:\WINDOWS\unnerobackitup.exe
2007-01-01 16:36 86016 --a------ C:\WINDOWS\unvise32qt.exe
2007-01-01 16:32 71680 --a------ C:\WINDOWS\st5unst.exe
2007-01-01 16:32 24064 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-01-01 16:26 531968 --a------ C:\WINDOWS\system32\rmactivate_isv.exe
2007-01-01 16:26 523776 --a------ C:\WINDOWS\system32\rmactivate.exe
2007-01-01 16:26 358400 --a------ C:\WINDOWS\system32\rmactivate_ssp.exe
2007-01-01 16:26 354816 --a------ C:\WINDOWS\system32\rmactivate_ssp_isv.exe
2007-01-01 15:38 51712 --a------ C:\WINDOWS\system32\migpwd.exe
2007-01-01 15:37 7540224 --a------ C:\WINDOWS\system32\logonuix.exe
2007-01-01 15:34 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2007-01-01 15:32 61440 --a------ C:\WINDOWS\system32\hpzinw12.exe
2007-01-01 15:29 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2007-01-01 15:24 28672 --a------ C:\WINDOWS\ciaunwdm.exe
2007-01-01 15:24 20480 --a------ C:\WINDOWS\system32\cliconfg.exe
2007-01-01 15:23 65536 --a------ C:\WINDOWS\system32\ati2mdxx.exe
2007-01-01 15:23 17408 --a------ C:\WINDOWS\system32\atiqipcl.exe
2006-12-30 07:10 12288 --a------ C:\WINDOWS\system32\msfeedssync.exe
2006-12-29 11:20 -------- d-------- C:\Program Files\Common Files\real
2006-12-29 11:13 -------- d-------- C:\Program Files\google
2006-12-29 11:08 299520 --a------ C:\WINDOWS\uninst.exe
2006-12-29 11:05 86016 -ra------ C:\WINDOWS\system32\cnmcp5u.exe
2006-12-29 11:03 306688 --a------ C:\WINDOWS\isuninst.exe
2006-12-29 03:32 69632 --a------ C:\WINDOWS\system32\hpzipm12.exe
2006-12-29 03:16 -------- d-------- C:\Documents and Settings\MissLani\Application Data\symantec
2006-12-27 00:56 -------- d-------- C:\Documents and Settings\MissLani\Application Data\nokia
2006-12-25 22:18 -------- d-------- C:\Program Files\epson
2006-12-21 08:18 -------- d-------- C:\Documents and Settings\MissLani\Application Data\pi eye games
2006-12-18 10:31 -------- d-------- C:\Program Files\rip 3 the last hero
2006-12-14 03:29 -------- d-------- C:\Documents and Settings\MissLani\Application Data\gtek
2006-12-13 03:16 -------- d-------- C:\Program Files\msxml 4.0
2006-12-11 13:51 -------- d-------- C:\Documents and Settings\MissLani\Application Data\image zone express
2006-12-11 13:37 -------- d-------- C:\Documents and Settings\MissLani\Application Data\hp
2006-12-11 13:33 -------- d-------- C:\Program Files\hp
2006-12-11 13:33 -------- d-------- C:\Program Files\Common Files\hp
2006-12-11 13:31 -------- d-------- C:\Program Files\hewlett-packard
2006-12-11 13:30 -------- d-------- C:\Program Files\Common Files\hewlett-packard
2006-12-11 05:06 -------- d-------- C:\Program Files\java
2006-12-11 02:47 -------- d-------- C:\Program Files\temple of tangram
2006-12-11 01:50 -------- d-------- C:\Documents and Settings\MissLani\Application Data\playfirst
2006-12-10 07:59 -------- d-------- C:\Program Files\pipeline
2006-12-10 07:58 -------- d-------- C:\Program Files\lggsm
2006-12-07 07:35 -------- d-------- C:\Documents and Settings\MissLani\Application Data\ahead
2006-12-03 10:53 -------- d-------- C:\Program Files\windows media connect 2
2006-12-03 02:20 22768 --a------ C:\WINDOWS\system32\drivers\usbsermpt.sys
2006-12-02 01:20 -------- d-------- C:\Program Files\saints and sinners bingo
2006-11-30 13:23 -------- d---s---- C:\Documents and Settings\MissLani\Application Data\microsoft
2006-11-29 22:37 -------- d-------- C:\Documents and Settings\MissLani\Application Data\nokia multimedia player
2006-11-25 23:11 121045 --a------ C:\Documents and Settings\MissLani\Application Data\nmm-metadata.db
2006-11-25 00:18 86 --ahs---- C:\Documents and Settings\MissLani\Application Data\desktop.ini
2006-11-08 00:28 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2006-11-07 22:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --a------ C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --a------ C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --a------ C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --a------ C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-06 11:35 519280 --a------ C:\WINDOWS\system32\secproc_isv.dll
2006-11-06 11:35 518768 --a------ C:\WINDOWS\system32\secproc.dll
2006-11-06 11:35 323696 --a------ C:\WINDOWS\system32\msdrm.dll
2006-11-06 11:35 192624 --a------ C:\WINDOWS\system32\secproc_ssp_isv.dll
2006-11-06 11:35 192624 --a------ C:\WINDOWS\system32\secproc_ssp.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-04 03:47 2207232 --a------ C:\WINDOWS\system32\kernel1.exe
2006-11-03 22:47 8464 --a------ C:\WINDOWS\system32\sporder.dll
2006-10-29 11:58 35363 --a------ C:\WINDOWS\system32\windrvnt.sys
2006-10-23 03:28 879 --a--c--- C:\Documents and Settings\MissLani\Application Data\adobedlm.log
2006-10-23 03:28 0 --a--c--- C:\Documents and Settings\MissLani\Application Data\dm.ini
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"DllRunning"="rundll32.exe \"C:\\WINDOWS\\system32\\dcerbcvw.dll\",setvm"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.2480\\GoogleToolbarNotifier.exe"
"WhenUSave"="\"C:\\Program Files\\Save\\Save.exe\""
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"BellesBeautyBoutiqueSetup.exe"="C:\\DOCUME~1\\MissLani\\MYDOCU~1\\MYCOMP~1\\BELLES~1.EXE /r"
"TangleBeeSetup.exe"="C:\\DOCUME~1\\MissLani\\Desktop\\TANGLE~2.EXE /r"
"Blar"="\"C:\\PROGRA~1\\COMMON~1\\ASKS~1\\notepad.exe\" -vt tzt"
"CursorXP"="C:\\Program Files\\CursorXP\\CursorXP.exe"
"Pnr"="C:\\Program Files\\s?curity\\t?skmgr.exe"
"STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DownloadAccelerator"="\"C:\\Program Files\\DAP\\DAP.EXE\" /STARTUP"
"LanguageShortcut"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"AtiCwd32"="Aticwd32.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"{E04762CB-0A61-1033-0503-050406240001}"="\"C:\\Program Files\\Common Files\\{E04762CB-0A61-1033-0503-050406240001}\\Update.exe\" mc-110-12-0000272"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk.disabled"
"item"="Adobe Reader Speed Launch.lnk"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Device Detector 3.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Device Detector 3.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Device Detector 3.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Device Detector 3.lnk.disabled"
"item"="Device Detector 3.lnk"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Google Updater.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Google Updater.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Google Updater.lnk.disabled"
"item"="Google Updater.lnk"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk.disabled"
"item"="HP Digital Imaging Monitor.lnk"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MissLani^Start Menu^Programs^Startup^Adobe Gamma.lnk.disabled]
"path"="C:\\Documents and Settings\\MissLani\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnk.disabledStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\MissLani\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk.disabled"
"item"="Adobe Gamma.lnk"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgas"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpWins]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ipwins"
"hkey"="HKLM"
"command"="C:\\Program Files\\Ipwindows\\ipwins.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogonStudio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="logonstudio"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\WinCustomize\\LogonStudio\\logonstudio.exe\" /RANDOM"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SNDMon"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPLpr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlogon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nvchost"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\nvchost.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{E04762CB-0A61-1033-0503-050406240001}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Update"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\{E04762CB-0A61-1033-0503-050406240001}\\Update.exe\" mc-110-12-0000272"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{E04762CB-0A62-1033-0503-050406240001}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Update"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\{E04762CB-0A62-1033-0503-050406240001}\\Update.exe\" mc-110-12-0000272"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load]
"cryptpa"=hex:21,df,db,f4,20
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"0aMCPClient"="{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"svchost.exe"="C:\\Program Files\\Common Files\\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - MissLani.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{7E47A932-A464-49FF-9403-38FB09B43DAF}.job
C:\WINDOWS\tasks\WebReg Officejet 5600 series.job
Completion time: 07-01-29 13:42:56
The I followed your directions, and here is the last HiJackThis Log:
Logfile of HijackThis v1.99.1
Scan saved at 13:54, on 07-01-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\MissLani\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\wbexycwd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: (no name) - {74DD705D-6834-439C-A735-A6DBE2677452} - (no file)
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\dcerbcvw.dll",setvm
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1161599833173
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
So there ya go. Now what goodies have taken over my computer?? Help. Thanks for your help!