homepage hijacked by nice.allxun

sid

sid

New Member
Hello everyone short time reader, first time poster. This place helped me pick my new comp:)

Anyway I have followed the three threads in the stiky, and my home page is still set to nice.allxun.com.

I cannot the fix the high-lighted problems in the hijackthislog :confused: :confused: :(

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
c:\windows\pmsgr.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX00.734\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nice.allxun.com
O1 - Hosts: 222.88.90.22 www.4199.com
O1 - Hosts: 222.88.90.22 4199.com
O1 - Hosts: 222.88.90.22 www.9505.com
O1 - Hosts: 222.88.90.22 9505.com
O1 - Hosts: 222.88.90.22 7939.com
O1 - Hosts: 222.88.90.22 www.7939.com
O1 - Hosts: 222.88.90.22 www.3448.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeEventObj Class - {0FAFD871-DFE0-496D-8953-0D5BA28E9766} - C:\Program Files\Internet Explorer\PLUGINS\AviPlayer.dll (file missing)
O2 - BHO: 360°²È«ÎÀÊ¿ - {8C7A85DB-99B6-4477-B14B-28FC27766244} - C:\WINDOWS\system32\fjzthwal.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


I managed to fix and remove;
O2 - BHO: 360°²È«ÎÀÊ¿ - {8C7A85DB-99B6-4477-B14B-28FC27766244} - C:\WINDOWS\system32\fjzthwal.dll

This is what happens;
hij1copy.jpg

hij2copy.jpg
 
This is my SREngLOG;

2006-12-02,06:00:43

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<{10A63082-0853-3081-0707-06050406003d}><"C:\Program Files\Common Files\{10A63082-0853-3081-0707-06050406003d}\Update.exe" te-110-12-0000050> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IntelAudioStudio><"C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY> [N/A]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation]
<nwiz><nwiz.exe /install> [N/A]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)NVIDIA Corporation]
<RemoteControl><"C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)N/A]
<SigmatelSysTrayApp><sttray.exe> [N/A]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
<Adobe Photo Downloader><"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"> [Adobe Systems Incorporated]
<!AVG Anti-Spyware><"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [Anti-Malware Development a.s.]
<WinampAgent><C:\Program Files\Winamp\winampa.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll> [Anti-Malware Development a.s.]

==================================
Startup Folders
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[AutoCAD Startup Accelerator]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk --> C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc]><N>
[Adobe Gamma]
<C:\Documents and Settings\User\Start Menu\Programs\Startup\Adobe Gamma.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
Services
[Adobe LM Service / Adobe LM Service]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[avast! iAVS4 Control Service / aswUpdSv]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><N/A>
[Autodesk Licensing Service / Autodesk Licensing Service]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[avast! Antivirus / avast! Antivirus]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><N/A>
[avast! Mail Scanner / avast! Mail Scanner]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard]
<C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Indexing Service / IndexingService]
<C:\WINDOWS\system32\cisrv.exe><N/A>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
Drivers
[avast! Asynchronous Virus Monitor / Aavmker4]
<C:\WINDOWS\SYSTEM32\DRIVERS\Aavmker4.SYS><ALWIL Software>
[avast! Standard Shield Support / aswMon2]
<C:\WINDOWS\SYSTEM32\DRIVERS\aswMon2.SYS><ALWIL Software>
[aswRdr / aswRdr]
<C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr.SYS><ALWIL Software>
[avast! Network Shield Support / aswTdi]
<C:\WINDOWS\SYSTEM32\DRIVERS\aswTdi.SYS><ALWIL Software>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver]
<\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln]
<System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express]
<system32\DRIVERS\e1e5132.sys><Intel Corporation>
[ENTECH / ENTECH]
<\??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS><EnTech Taiwan>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[inoxxpj / inoxxpjg]
<\SystemRoot\System32\DRIVERS\inoxxpjg.sys><N/A>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[Sonic Focus Plugin for Sigmatel HDA / sfng32]
<system32\drivers\sfng32.sys><Sonic Focus, Inc>
[SigmaTel High Definition Audio CODEC / STHDA]
<system32\drivers\sthda.sys><SigmaTel, Inc.>

==================================
Browser Add-ons
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeEventObj Class]
{0FAFD871-DFE0-496D-8953-0D5BA28E9766} <C:\Program Files\Internet Explorer\PLUGINS\AviPlayer.dll, N/A>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeEventObj Class]
{0FAFD871-DFE0-496D-8953-0D5BA28E9766} <C:\Program Files\Internet Explorer\PLUGINS\AviPlayer.dll, N/A>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Download with GetRight]
<C:\Program Files\GetRight\GRdownload.htm, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[Open with GetRight Browser]
<C:\Program Files\GetRight\GRbrowse.htm, N/A>

==================================
Running Processes
[PID: 616][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 700][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 920][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 988][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1084][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1208][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1248][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1436][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[PID: 1692][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 17.0.54.110]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[C:\WINDOWS\system32\nvwimg.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 1768][C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe] [Intel Corporation, 2.00.0131]
[C:\WINDOWS\system32\IASDLL.DLL] [Sonic Focus, Inc, 1, 0, 0, 12]
[C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.5143.0 nd491 cp1]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\SFIMLARK.DLL] [Sonic Focus, Inc, 1, 0, 1, 3]
[C:\WINDOWS\system32\IASMXDLL.DLL] [Sonic Focus, Inc, 1, 2, 0, 0]
[C:\WINDOWS\system32\IASBB.DLL] [Sonic Focus, Inc, 1, 0, 0, 1]
[PID: 1800][C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 6.00.1027]
[C:\Program Files\CyberLink DVD Solution\PowerDVD\CLRCEngine2.dll] [CyberLink Corp., 3.2.2021 ]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[PID: 1816][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [N/A, 5, 0, 0, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\Lang.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 889, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 889, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 889, 0]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 889, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 889, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 889, 0]
[PID: 1824][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[C:\WINDOWS\system32\nvshell.dll] [N/A, N/A]
[PID: 1868][C:\Program Files\QuickTime\qttask.exe] [Apple Computer, Inc., 7.1.3]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[PID: 1884][C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe] [Adobe Systems Incorporated, 3.0.0.49815]
[C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdboot.dll] [Adobe Systems Incorporated, 3.0.0.49815]
[C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[PID: 1900][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [Anti-Malware Development a.s., 7, 5, 0, 50]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [Anti-Malware Development a.s., 4, 2, 0, 15]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0]
[PID: 1908][C:\Program Files\Winamp\winampa.exe] [N/A, N/A]
[C:\Program Files\Winamp\NSCRT.dll] [Nullsoft, Inc., 7.10.0000]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[PID: 1936][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[PID: 1944][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.0.0812.00]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.163]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\devenum.dll] [N/A, N/A]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[C:\WINDOWS\system32\nvwimg.dll] [N/A, N/A]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.163]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466]
[PID: 532][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [N/A, N/A]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 889, 0]
[PID: 548][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [N/A, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 892, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, N/A]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 6, 763, 0]
[C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 7, 889, 0]
[PID: 628][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466]
[PID: 680][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8421]
[PID: 1148][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 2052][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2280][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 892, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\Lang.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\langmai.dll] [ALWIL Software, 4, 7, 889, 0]
[PID: 2332][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 889, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 892, 0]
[PID: 2824][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3668][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2628][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\WINDOWS\system32\nvwimg.dll] [N/A, N/A]
[C:\Program Files\GetRight\XX2GR.DLL] [Headlight Software, Inc., 6.0c]
[PID: 3020][C:\Program Files\GetRight\GETRIGHT.EXE] [Headlight Software, Inc., 6.0c]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 17.0.54.110]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.163]
[C:\Program Files\GetRight\ALClient.dll] [Icenet LLC, 1]
[PID: 3772][C:\Documents and Settings\User\Desktop\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\nview.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvwddi.dll] [NVIDIA Corporation, 6.14.10.8421]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScriptFile]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
N/A

==================================
 
1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
 
You must log in or register to reply here.
Back
Top