Post: need help, CPU at 100% and can't access my documents (winxp)
Options
02-14-2011, 05:26 PM
#11
microcell
Brute
Originally posted by anddrew
haven't tried safe mode but here is a log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:36, on 14/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Anon Proxy Server\htdocs\anon_proxy_server\pserver.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\My Documents\Downloads\HijackThis.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = You must login or register to view this content.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = You must login or register to view this content.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = You must login or register to view this content.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = You must login or register to view this content.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Plusmedia uk Toolbar - {193d7001-bd9f-48c2-b5c7-69775aa2201d} - C:\Program Files\Plusmedia_uk\tbPlu1.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Plusmedia uk - {193d7001-bd9f-48c2-b5c7-69775aa2201d} - C:\Program Files\Plusmedia_uk\tbPlu1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: AskBar BHO - {5A074B21-F830-49de-A31B-5BB9D7F6B407} - C:\Program Files\AskBar\bar\bin\askBar1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Ask Toolbar - {5A074B29-F830-49de-A31B-5BB9D7F6B407} - C:\Program Files\AskBar\bar\bin\askBar1.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: Plusmedia uk Toolbar - {193d7001-bd9f-48c2-b5c7-69775aa2201d} - C:\Program Files\Plusmedia_uk\tbPlu1.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [anon_proxy_server] "C:\Program Files\Anon Proxy Server\htdocs\anon_proxy_server\pserver.exe" -run
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-2885954465-1452761894-238777727-1010\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?'
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?'
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '
efault user'
O8 - Extra context menu item: &Save Image to Folder - res://C:\Program Files\AskBar\bar\bin\askBar.dll/saveimagetofolder.html
O8 - Extra context menu item: &Save Image to MyStuff - res://C:\Program Files\AskBar\bar\bin\askBar.dll/saveimages.html
O8 - Extra context menu item: &Save Link to Folder - res://C:\Program Files\AskBar\bar\bin\askBar.dll/saveltof.html
O8 - Extra context menu item: &Save Link to MyStuff - res://C:\Program Files\AskBar\bar\bin\askBar.dll/savelink.html
O8 - Extra context menu item: &Save Page to Folder... - res://C:\Program Files\AskBar\bar\bin\askBar.dll/savepagetofolder.html
O8 - Extra context menu item: &Save this Page to MyStuff - res://C:\Program Files\AskBar\bar\bin\askBar.dll/savewebpage.html
O8 - Extra context menu item: &Search - You must login or register to view this content.
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {****dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {****dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: You must login or register to view this content.
O15 - Trusted Zone: You must login or register to view this content.
O16 - DPF: CabBuilder - You must login or register to view this content.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - You must login or register to view this content.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - You must login or register to view this content.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - You must login or register to view this content.
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - You must login or register to view this content.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - You must login or register to view this content.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - You must login or register to view this content.
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - You must login or register to view this content.
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - You must login or register to view this content.
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - You must login or register to view this content.
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - You must login or register to view this content.
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - You must login or register to view this content.
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - You must login or register to view this content.
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - You must login or register to view this content.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - You must login or register to view this content.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - You must login or register to view this content.
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - You must login or register to view this content.
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O24 - Desktop Component 1: (no name) - You must login or register to view this content.
--
End of file - 14306 bytes
Scan saved at 17:15:36, on 14/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Anon Proxy Server\htdocs\anon_proxy_server\pserver.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\My Documents\Downloads\HijackThis.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = You must login or register to view this content.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = You must login or register to view this content.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = You must login or register to view this content.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = You must login or register to view this content.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Plusmedia uk Toolbar - {193d7001-bd9f-48c2-b5c7-69775aa2201d} - C:\Program Files\Plusmedia_uk\tbPlu1.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Plusmedia uk - {193d7001-bd9f-48c2-b5c7-69775aa2201d} - C:\Program Files\Plusmedia_uk\tbPlu1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: AskBar BHO - {5A074B21-F830-49de-A31B-5BB9D7F6B407} - C:\Program Files\AskBar\bar\bin\askBar1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Ask Toolbar - {5A074B29-F830-49de-A31B-5BB9D7F6B407} - C:\Program Files\AskBar\bar\bin\askBar1.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: Plusmedia uk Toolbar - {193d7001-bd9f-48c2-b5c7-69775aa2201d} - C:\Program Files\Plusmedia_uk\tbPlu1.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [anon_proxy_server] "C:\Program Files\Anon Proxy Server\htdocs\anon_proxy_server\pserver.exe" -run
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-2885954465-1452761894-238777727-1010\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?'
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?'
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '
efault user'O8 - Extra context menu item: &Save Image to Folder - res://C:\Program Files\AskBar\bar\bin\askBar.dll/saveimagetofolder.html
O8 - Extra context menu item: &Save Image to MyStuff - res://C:\Program Files\AskBar\bar\bin\askBar.dll/saveimages.html
O8 - Extra context menu item: &Save Link to Folder - res://C:\Program Files\AskBar\bar\bin\askBar.dll/saveltof.html
O8 - Extra context menu item: &Save Link to MyStuff - res://C:\Program Files\AskBar\bar\bin\askBar.dll/savelink.html
O8 - Extra context menu item: &Save Page to Folder... - res://C:\Program Files\AskBar\bar\bin\askBar.dll/savepagetofolder.html
O8 - Extra context menu item: &Save this Page to MyStuff - res://C:\Program Files\AskBar\bar\bin\askBar.dll/savewebpage.html
O8 - Extra context menu item: &Search - You must login or register to view this content.
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {****dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {****dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: You must login or register to view this content.
O15 - Trusted Zone: You must login or register to view this content.
O16 - DPF: CabBuilder - You must login or register to view this content.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - You must login or register to view this content.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - You must login or register to view this content.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - You must login or register to view this content.
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - You must login or register to view this content.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - You must login or register to view this content.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - You must login or register to view this content.
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - You must login or register to view this content.
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - You must login or register to view this content.
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - You must login or register to view this content.
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - You must login or register to view this content.
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - You must login or register to view this content.
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - You must login or register to view this content.
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - You must login or register to view this content.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - You must login or register to view this content.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - You must login or register to view this content.
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - You must login or register to view this content.
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O24 - Desktop Component 1: (no name) - You must login or register to view this content.
--
End of file - 14306 bytes
oki il take a look on th log in a bit, try safe mode in meanwhile and post results...
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
