Can someone look at my hijackthis log file?

bakuryu

It's very unlikely that you have installed the sound driver in a temporary folder. So fix those entries and also clear your hosts file as mentioned before.

__________________
Please don't click here

Wolfie276

C:\Users\Jay Dawg\Desktop\LOTRO-US-Book10-Downloader-FreeTrial-LowRes.exe
O4 - HKLM\..\Run: [explore] C:\Windows\system32\explore.exe

O1 - Hosts: 123.251.143.110 www.ghfhj.com
O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com
O1 - Hosts: 123.251.143.110 www.1.com
O1 - Hosts: 123.251.143.110 www.3.com
O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com
O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfafsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfagsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasgdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdhfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfjd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfkd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfld.com
O1 - Hosts: 123.251.143.110 www.asdfasdf,d.com
O1 - Hosts: 123.251.143.110 www.asxdfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdzfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdcfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfvasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfabsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasndfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdmfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.11asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.as222dfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfa33sdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasd44fd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd5.com
O1 - Hosts: 123.251.143.110 www.as66dfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdf77asdfd.com
O1 - Hosts: 123.251.143.110 www.asdf8asdfd.com
O1 - Hosts: 123.251.143.110 www.asdf9asdfd.com
O1 - Hosts: 123.251.143.110 www.asdf0asdfd.com
O1 - Hosts: 123.251.143.110 www.asdf-asdfd.com
O1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.com
O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com
O1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.com
O1 - Hosts: 61.157.217.210 Live Search
O1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfeasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfrrasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfttasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfyyasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfaiisdfd.com
O1 - Hosts: 123.251.143.110 www.asdfaoosdfd.com
O1 - Hosts: 123.251.143.110 www.asdfappsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasssdfd.com
O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdeefasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfffasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.com
O1 - Hosts: 123.251.143.110 www.asnnndfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfaffsdfd.com
O1 - Hosts: 123.251.143.110 www.asdhhfasdfd.com
O1 - Hosts: 61.157.217.210 AntiSpyware For Windows® - FREE SCAN!

cant seem not to place these as suspects

__________________
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(" )_(" ) signature to help him gain world domination.

http://www.youtube.com/watch?v=ZXD4N_Mi1iE&fmt=22# Freelancer Evolving

jayinwww

I'm on vista do I still download the windows xp recovery?

Strider

No, you may proceed without that. Some infections that can't be removed from Windows need the recovery console installed.

__________________
Want to ask a question? Try This! A guide on how to post a question, reply to a post etc.

jayinwww

ok computer is running a lot better still my mouse clicks automatically for some reason at different times.

hijack file now is...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:12:47 PM, on 12/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\Explorer.exe
C:\Program Files\Turbine\The Lord of the Rings Online\TurbineInvoker.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (file missing)
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5029 bytes

Combo fix file is...

ComboFix 08-12-11.06 - Jay Dawg 2008-12-12 14:31:23.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.284 [GMT -5:00]
Running from: c:\users\Jay Dawg\Downloads\Fix.exe
.
The following files were disabled during the run:
c:\windows\system32\eNetHook.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-11-12 to 2008-12-12 )))))))))))))))))))))))))))))))
.

2008-12-13 01:14 . 2008-12-13 01:22 <DIR> d-------- c:\users\Jay Dawg\{a5687a07-f2e9-41d5-959d-cdfc8358a6f6}
2008-12-13 01:13 . 2008-12-12 04:40 <DIR> d-------- C:\!KillBox
2008-12-13 01:08 . 2007-10-11 20:55 1,279,000 --a------ c:\windows\System32\drivers\LV302V32.SYS
2008-12-13 01:08 . 2007-10-11 21:00 490,008 --a------ c:\windows\System32\LVUI2.dll
2008-12-13 01:08 . 2007-10-11 21:00 465,432 --a------ c:\windows\System32\LVUI2RC.dll
2008-12-13 01:08 . 2007-10-11 20:57 416,280 --a------ c:\windows\System32\lvcodec2.dll
2008-12-13 01:08 . 2007-10-11 20:57 195,096 --a------ c:\windows\System32\lvci1150.dll
2008-12-13 01:08 . 2007-10-11 20:11 59,500 --a------ c:\windows\System32\lvcoinst.ini
2008-12-13 01:08 . 2007-10-11 21:00 41,752 --a------ c:\windows\System32\drivers\LVUSBSta.sys
2008-12-13 01:08 . 2007-10-11 20:18 21,138 --a------ c:\windows\System32\Repository.reg
2008-12-13 01:08 . 2007-10-11 20:55 13,848 --a------ c:\windows\System32\drivers\lv302af.sys
2008-12-13 01:01 . 2008-12-13 01:35 <DIR> d-------- c:\users\All Users\Logishrd
2008-12-13 01:01 . 2008-12-13 01:35 <DIR> d-------- c:\programdata\Logishrd
2008-12-13 01:00 . 2008-12-13 01:00 <DIR> d-------- c:\users\All Users\Logitech
2008-12-13 01:00 . 2008-12-13 01:00 <DIR> d-------- c:\programdata\Logitech
2008-12-13 01:00 . 2008-12-13 01:00 <DIR> d-------- c:\program files\Logitech
2008-12-13 01:00 . 2008-12-13 01:21 <DIR> d-------- c:\program files\Common Files\LogiShrd
2008-12-12 13:27 . 2008-12-12 13:27 361,984 --a------ c:\windows\System32\IPSECSVC.DLL
2008-12-12 13:27 . 2008-12-12 13:27 272,896 --a------ c:\windows\System32\polstore.dll
2008-12-12 13:27 . 2008-12-12 13:27 61,440 --a------ c:\windows\System32\winipsec.dll
2008-12-12 13:27 . 2008-12-12 13:27 28,672 --a------ c:\windows\System32\FwRemoteSvr.dll
2008-12-12 13:25 . 2008-12-12 13:25 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-12-12 13:25 . 2008-12-12 13:25 205,824 --a------ c:\windows\System32\msoeacct.dll
2008-12-12 13:25 . 2008-12-12 13:25 160,768 --a------ c:\windows\System32\PortableDeviceTypes.dll
2008-12-12 13:25 . 2008-12-12 13:25 95,232 --a------ c:\windows\System32\PortableDeviceClas***tension.d ll
2008-12-12 13:25 . 2008-12-12 13:25 87,040 --a------ c:\windows\System32\msoert2.dll
2008-12-12 13:25 . 2008-12-12 13:25 39,424 --a------ c:\windows\System32\ACCTRES.dll
2008-12-12 13:23 . 2008-12-12 13:23 194,560 --a------ c:\windows\System32\WebClnt.dll
2008-12-12 13:23 . 2008-12-12 13:23 110,080 --a------ c:\windows\System32\drivers\mrxdav.sys
2008-12-12 13:21 . 2008-12-12 13:21 297,472 --a------ c:\windows\System32\gdi32.dll
2008-12-12 13:20 . 2008-12-12 13:20 1,060,920 --a------ c:\windows\System32\drivers\ntfs.sys
2008-12-12 13:20 . 2008-12-12 13:20 41,984 --a------ c:\windows\System32\drivers\monitor.sys
2008-12-12 13:15 . 2008-12-12 13:15 211,456 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-12-12 13:14 . 2008-12-12 13:14 4,247,552 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-12 13:14 . 2008-12-12 13:14 1,687,040 --a------ c:\windows\System32\gameux.dll
2008-12-12 13:14 . 2008-12-12 13:14 303,616 --a------ c:\windows\System32\wmpeffects.dll
2008-12-12 13:14 . 2008-12-12 13:14 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-12 13:13 . 2008-12-12 13:13 2,027,520 --a------ c:\windows\System32\win32k.sys
2008-12-12 13:13 . 2008-12-12 13:13 1,194,496 --a------ c:\windows\System32\msxml3.dll
2008-12-12 13:13 . 2008-12-12 13:13 2,048 --a------ c:\windows\System32\msxml3r.dll
2008-12-12 13:12 . 2008-12-12 13:12 8,147,968 --a------ c:\windows\System32\wmploc.DLL
2008-12-12 13:12 . 2008-12-12 13:12 356,864 --a------ c:\windows\System32\MediaMetadataHandler.dll
2008-12-12 13:12 . 2008-12-12 13:12 7,680 --a------ c:\windows\System32\spwmp.dll
2008-12-12 13:12 . 2008-12-12 13:12 4,096 --a------ c:\windows\System32\msdxm.ocx
2008-12-12 13:12 . 2008-12-12 13:12 4,096 --a------ c:\windows\System32\dxmasf.dll
2008-12-12 13:11 . 2008-12-12 13:11 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-12 12:42 . 2008-12-12 12:42 45,112 --a------ c:\windows\System32\drivers\pciidex.sys
2008-12-12 12:42 . 2008-12-12 12:42 21,560 --a------ c:\windows\System32\drivers\atapi.sys
2008-12-12 12:41 . 2008-12-12 12:41 211,000 --a------ c:\windows\System32\drivers\volsnap.sys
2008-12-12 12:41 . 2008-12-12 12:41 154,624 --a------ c:\windows\System32\drivers\nwifi.sys
2008-12-12 12:41 . 2008-12-12 12:41 109,624 --a------ c:\windows\System32\drivers\ataport.sys
2008-12-12 12:41 . 2008-12-12 12:41 25,656 --a------ c:\windows\System32\drivers\msahci.sys
2008-12-12 12:41 . 2008-12-12 12:41 17,464 --a------ c:\windows\System32\drivers\intelide.sys
2008-12-12 12:39 . 2008-12-12 12:39 2,923,520 --a------ c:\windows\explorer.exe
2008-12-12 12:33 . 2008-12-12 12:33 826,368 --a------ c:\windows\System32\wininet.dll
2008-12-12 12:30 . 2008-12-12 12:30 803,328 --a------ c:\windows\System32\drivers\tcpip.sys
2008-12-12 12:30 . 2008-12-12 12:30 216,632 --a------ c:\windows\System32\drivers\netio.sys
2008-12-12 12:30 . 2008-12-12 12:30 167,424 --a------ c:\windows\System32\tcpipcfg.dll
2008-12-12 12:30 . 2008-12-12 12:30 24,064 --a------ c:\windows\System32\netcfg.exe
2008-12-12 12:30 . 2008-12-12 12:30 22,016 --a------ c:\windows\System32\netiougc.exe
2008-12-12 12:24 . 2008-12-12 12:24 1,585,664 --a------ c:\windows\System32\setupapi.dll
2008-12-12 12:20 . 2008-12-12 12:20 290,304 --a------ c:\windows\System32\drivers\srv.sys
2008-12-12 12:20 . 2008-12-12 12:20 223,232 --a------ c:\windows\System32\WMASF.DLL
2008-12-12 12:20 . 2008-12-12 12:20 9,728 --a------ c:\windows\System32\LAPRXY.DLL
2008-12-12 12:20 . 2008-12-12 12:20 2,048 --a------ c:\windows\System32\asferror.dll
2008-12-12 12:19 . 2008-12-12 12:19 712,192 --a------ c:\windows\System32\WindowsCodecs.dll
2008-12-12 12:19 . 2008-12-12 12:19 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-12-12 12:19 . 2008-12-12 12:19 347,136 --a------ c:\windows\System32\WindowsCodec***t.dll
2008-12-12 12:16 . 2008-12-12 12:16 8,138,240 --a------ c:\windows\System32\ssBranded.scr
2008-12-12 12:16 . 2008-12-12 12:16 441,856 --a------ c:\windows\System32\win32spl.dll
2008-12-12 12:16 . 2008-12-12 12:16 37,376 --a------ c:\windows\System32\printcom.dll
2008-12-12 12:14 . 2008-12-12 12:14 113,664 --a------ c:\windows\System32\drivers\rmcast.sys
2008-12-12 12:14 . 2008-12-12 12:14 14,848 --a------ c:\windows\System32\wshrm.dll
2008-12-12 12:14 . 2008-12-12 12:14 11,776 --a------ c:\windows\System32\sbunattend.exe
2008-12-12 12:12 . 2008-12-12 12:12 83,968 --a------ c:\windows\System32\dnsrslvr.dll
2008-12-12 12:12 . 2008-12-12 12:12 24,576 --a------ c:\windows\System32\dnscacheugc.exe
2008-12-12 12:07 . 2008-12-12 12:07 2,855,424 --a------ c:\windows\System32\mf.dll
2008-12-12 12:07 . 2008-12-12 12:07 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2008-12-12 12:07 . 2008-12-12 12:07 98,816 --a------ c:\windows\System32\mfps.dll
2008-12-12 12:07 . 2008-12-12 12:07 94,720 --a------ c:\windows\System32\logagent.exe
2008-12-12 12:07 . 2008-12-12 12:07 52,736 --a------ c:\windows\System32\rrinstaller.exe
2008-12-12 12:07 . 2008-12-12 12:07 24,576 --a------ c:\windows\System32\mfpmp.exe
2008-12-12 12:07 . 2008-12-12 12:07 2,048 --a------ c:\windows\System32\mferror.dll
2008-12-12 12:06 . 2008-12-12 12:06 1,645,568 --a------ c:\windows\System32\connect.dll
2008-12-12 12:06 . 2008-12-12 12:06 788,992 --a------ c:\windows\System32\rpcrt4.dll
2008-12-12 12:06 . 2008-12-12 12:06 737,792 --a------ c:\windows\System32\inetcomm.dll
2008-12-12 12:06 . 2008-12-12 12:06 130,048 --a------ c:\windows\System32\drivers\srv2.sys
2008-12-12 12:06 . 2008-12-12 12:06 101,888 --a------ c:\windows\System32\drivers\mrxsmb.sys
2008-12-12 12:06 . 2008-12-12 12:06 84,992 --a------ c:\windows\System32\drivers\srvnet.sys
2008-12-12 12:06 . 2008-12-12 12:06 84,480 --a------ c:\windows\System32\INETRES.dll
2008-12-12 12:06 . 2008-12-12 12:06 58,368 --a------ c:\windows\System32\drivers\mrxsmb20.sys
2008-12-12 12:05 . 2008-12-12 12:05 1,327,104 --a------ c:\windows\System32\quartz.dll
2008-12-12 12:03 . 2008-12-12 12:03 <DIR> d-------- c:\program files\MSXML 4.0
2008-12-12 02:39 . 2008-12-12 02:39 99,840 --a------ c:\windows\System32\poqexec.exe
2008-12-12 02:38 . 2008-12-12 02:38 3,505,208 --a------ c:\windows\System32\ntkrnlpa.exe
2008-12-12 02:38 . 2008-12-12 02:38 3,470,904 --a------ c:\windows\System32\ntoskrnl.exe
2008-12-12 02:37 . 2008-12-12 02:37 1,341,440 --a------ c:\windows\System32\msxml6.dll
2008-12-12 02:37 . 2008-12-12 02:37 2,048 --a------ c:\windows\System32\msxml6r.dll
2008-12-12 02:30 . 2008-12-12 02:30 750,080 --a------ c:\windows\System32\qmgr.dll
2008-12-11 18:36 . 2008-12-11 18:36 <DIR> d-------- c:\users\Jay Dawg\AppData\Roaming\Turbine
2008-12-11 18:22 . 2008-12-11 18:22 <DIR> d-------- c:\windows\System32\URTTEMP
2008-12-11 17:23 . 2008-12-11 17:23 <DIR> d-------- c:\program files\Turbine
2008-12-11 17:13 . 2008-12-13 00:09 <DIR> d-------- c:\users\Jay Dawg\AppData\Roaming\skypePM
2008-12-11 17:13 . 2008-12-11 17:13 56 --ah----- c:\users\All Users\ezsidmv.dat
2008-12-11 17:13 . 2008-12-11 17:13 56 --ah----- c:\programdata\ezsidmv.dat
2008-12-11 17:10 . 2008-12-13 02:31 <DIR> d-------- c:\users\Jay Dawg\AppData\Roaming\Skype
2008-12-11 17:04 . 2008-12-11 17:05 <DIR> d-------- c:\program files\Skype
2008-12-11 17:04 . 2008-12-11 17:04 <DIR> d-------- c:\program files\Common Files\Skype
2008-12-11 17:02 . 2008-12-11 17:05 <DIR> d-------- c:\users\All Users\Skype
2008-12-11 17:02 . 2008-12-11 17:05 <DIR> d-------- c:\programdata\Skype
2008-12-11 16:40 . 2008-12-11 16:40 <DIR> d-------- c:\program files\Trend Micro
2008-12-11 16:40 . 2008-12-11 16:40 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-12-11 16:40 . 2008-12-11 16:40 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-12-11 16:40 . 2008-12-11 16:40 43,544 --a------ c:\windows\System32\wups2.dll
2008-12-11 16:39 . 2008-12-11 16:39 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-12-11 16:38 . 2008-12-11 16:43 <DIR> d-a------ c:\users\All Users\TEMP
2008-12-11 16:38 . 2008-12-11 16:43 <DIR> d-a------ c:\programdata\TEMP
2008-12-11 16:36 . 2008-12-11 16:36 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-12-11 16:36 . 2008-12-11 16:36 31,232 --a------ c:\windows\System32\wuapp.exe
2008-12-11 15:53 . 2008-12-11 15:53 <DIR> d--h----- c:\windows\PIF
2008-12-11 15:50 . 2008-12-11 18:33 16 --a------ c:\windows\System32\coh.cache
2008-12-11 15:07 . 2008-12-11 16:32 <DIR> d-------- c:\users\All Users\Spybot - Search & Destroy
2008-12-11 15:07 . 2008-12-11 16:32 <DIR> d-------- c:\programdata\Spybot - Search & Destroy
2008-12-11 15:07 . 2008-12-11 16:06 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-12-11 14:58 . 2008-12-11 17:42 <DIR> d-------- c:\program files\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-12-12 19:30 --------- d-----w c:\programdata\Symantec
2008-12-12 19:30 --------- d-----w c:\program files\Symantec
2008-12-12 19:30 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-12 18:39 174 --sha-w c:\program files\desktop.ini
2008-12-12 18:36 --------- d-----w c:\program files\Windows Mail
2008-12-12 18:36 --------- d-----w c:\program files\Windows Calendar
2008-12-12 18:28 --------- d-----w c:\programdata\Microsoft Help
2008-12-12 18:24 704,000 ----a-w c:\windows\System32\PhotoScreensaver.scr
2008-12-12 18:24 67,584 ----a-w c:\windows\System32\wlanhlp.dll
2008-12-12 18:24 542,720 ----a-w c:\windows\System32\sysmain.dll
2008-12-12 18:24 502,784 ----a-w c:\windows\System32\wlansvc.dll
2008-12-12 18:24 47,104 ----a-w c:\windows\System32\wlanapi.dll
2008-12-12 18:24 297,984 ----a-w c:\windows\System32\wlansec.dll
2008-12-12 18:24 290,816 ----a-w c:\windows\System32\wlanmsm.dll
2008-12-12 18:24 28,344 ----a-w c:\windows\system32\drivers\battc.sys
2008-12-12 18:24 258,232 ----a-w c:\windows\system32\drivers\acpi.sys
2008-12-12 18:24 24,064 ----a-w c:\windows\System32\wtsapi32.dll
2008-12-12 18:24 20,920 ----a-w c:\windows\system32\drivers\compbatt.sys
2008-12-12 18:24 14,208 ----a-w c:\windows\system32\drivers\CmBatt.sys
2008-12-12 18:24 11,264 ----a-w c:\windows\system32\drivers\wmiacpi.sys
2008-12-12 18:14 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-12-12 18:14 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-12-12 18:14 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-12-12 18:14 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-12-12 18:14 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-12-12 18:14 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-12-12 17:51 --------- d-----w c:\program files\Windows Sidebar
2008-12-12 17:32 56,320 ----a-w c:\windows\System32\iesetup.dll
2008-12-12 17:32 26,624 ----a-w c:\windows\System32\ieUnatt.exe
2008-12-12 17:23 944,184 ----a-w c:\windows\System32\winload.exe
2008-12-12 17:17 88,576 ----a-w c:\windows\System32\avifil32.dll
2008-12-12 17:17 82,944 ----a-w c:\windows\System32\mciavi32.dll
2008-12-12 17:17 69,632 ----a-w c:\windows\System32\sendmail.dll
2008-12-12 17:17 65,024 ----a-w c:\windows\System32\avicap32.dll
2008-12-12 17:17 61,440 ----a-w c:\windows\System32\ntprint.exe
2008-12-12 17:17 31,232 ----a-w c:\windows\System32\msvidc32.dll
2008-12-12 17:17 269,824 ----a-w c:\windows\System32\schannel.dll
2008-12-12 17:17 220,160 ----a-w c:\windows\System32\ntprint.dll
2008-12-12 17:17 123,904 ----a-w c:\windows\System32\msvfw32.dll
2008-12-12 17:17 120,320 ----a-w c:\windows\System32\dhcpcsvc6.dll
2008-12-12 17:17 12,800 ----a-w c:\windows\System32\msrle32.dll
2008-12-12 17:17 10,240 ----a-w c:\windows\System32\dhcpcmonitor.dll
2008-12-12 17:17 1,984,512 ----a-w c:\windows\System32\authui.dll
2008-12-12 17:05 --------- d-----w c:\program files\Microsoft Works
2008-12-11 22:39 --------- d-----w c:\program files\Acer GameZone
2008-12-11 22:35 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2008-12-11 22:35 10,671 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2008-12-11 22:23 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-11 22:12 --------- d-----w c:\programdata\CyberLink
2008-10-01 00:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-12-12 1232896]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ALaunch"="c:\acer\ALaunch\AlaunchClient.exe" [2007-01-26 598016]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-24 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-24 154392]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2007-05-24 138008]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-07-16 768520]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-05 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-07-31 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{27A3F3FC-07CF-48E6-A1CA-4EDA23B75423}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{82BE9CBB-8DEC-45EC-8760-3B544ED09129}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D485D0F8-7C4D-4D71-8892-489785AEF208}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{EC578ADE-29F2-4170-B632-A775D347DFF9}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DA1C8870-C502-478A-B1B8-C5C6CA494928}"= UDP:c:\users\Jay Dawg\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norto n Removal Tool
"{517EE587-26D0-42DA-B944-0305E3DC264D}"= TCP:c:\users\Jay Dawg\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norto n Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2007-07-31 50688]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-31 179712]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

*Newly Created Service* - FASTFAT
*Newly Created Service* - UDFS
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-osCheck - c:\program files\Norton Internet Security\osCheck.exe
HKLM-Run-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
HKLM-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALuNotify.exe
HKLM-Run-eRecoveryService - (no file)



************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 14:35:53
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(556)
c:\windows\system32\eNetHook.dll

- - - - - - - > 'lsass.exe'(608)
c:\windows\system32\eNetHook.dll

- - - - - - - > 'Explorer.exe'(5152)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Completion time: 2008-12-12 14:45:27
ComboFix-quarantined-files.txt 2008-12-12 19:45:15

Pre-Run: 26,390,151,168 bytes free
Post-Run: 26,508,918,784 bytes free

274 --- E O F --- 2008-12-12 18:28:58

bakuryu

HijackThis log looks clean. You can fix those file missing entries.

btw .. your Windows Security center and Antivirus/firewall seems to be disabled. Did you disable them manually ?

Wolfie276

yeh i would recommend cleaning those registry entries with "(no file)" and "(file missing)"

javagee

You can use this site and paste your log,
HijackThis Logfileauswertung

This site will analyze your log file and recommend which files are to be deleted.

I have been using it for quite sometimes.

Strider

I must say it's not quite accurate. I tested with a number of logs found online, but it catches only a very few of infections.

But thanks for the link.

__________________
Want to ask a question? Try This! A guide on how to post a question, reply to a post etc.

jayinwww

anyway to fix why my mouse keeps clicking by itself every minute or so???

could it be this file....

C:\Users\JAYDAW~1\AppData\Local\Temp\RtkBtMnt.exe

also is there a way to disable people from viewing my personal information on this website like my age birthday etc...???