Extremely Slow Loading of Programs and Internet, Popups, Computer Freezing

**Jacko2983** · #1 11th Jul 2009, 20:45

Hi there. I was here back in April and received great help with problems I was having with my computer. Well, I am back with more issues! My computer worked great up until 2 days ago I suddenly had major problems loading any programs, or getting on the internet. It took me 12 hours today just to do the initial scans listed in the main thread so I can come here to post my logs. This is because my computer kept freezing and I had to keep re-booting, etc... anyway, here are my logs from my scans. My computer is still acting up. Let me know if you can help... Thanks!

Ok, here I am 45 min after typing the above, and I have been trying to go to my desk top to open my logs and copy and paste them here but if I double click the icons my computer freezes and thinks for 30+ minutes before unfreezing, but never opening...

So, I will go ahead and post this just so I can find it easier... I am going to reboot and then attempt to post them again. It will be awhile though because it takes an hour for my internet to open up after I re-boot.

**Jacko2983** · #2 11th Jul 2009, 21:39

Here it is...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:42 PM, on 7/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.ex e
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Trend Micro\juice.exe\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] "C:\WINDOWS\System32\DLA\DLACTRLW.EXE"
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs " /args //b startupdelay
O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"
O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6172\SiteAdv.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -u
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} (Image Uploader Control) - http://cccamera.lifepics.com/net/Upl...Uploader45.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edg...ex-2.0.6.0.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager...EGetPlugin.ocx
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/bar...webinstall.cab
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Whale Client Components) - https://kmanywhere.kohls.com/Interna...WhlCompMgr.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} (Image Uploader Control) - http://cccamera.lifepics.com/net/Upl...Uploader45.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab55579.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/gh...ylomplayer.cab
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} (Image Uploader Control) - http://cccamera.lifepics.com/net/Upl...Uploader57.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/G...onGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\nafamamo.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.ex e

--
End of file - 12445 bytes

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/11/2009 at 11:40 AM

Application Version : 4.26.1006

Core Rules Database Version : 3952
Trace Rules Database Version: 1894

Scan type : Complete Scan
Total Scan Time : 01:18:03

Memory items scanned : 531
Memory threats detected : 0
Registry items scanned : 6666
Registry threats detected : 3
File items scanned : 30014
File threats detected : 125

Trojan.Dropper/Win-NV
HKLM\Software\Microsoft\Windows\CurrentVersion\Run #sysldtray [ C:\windows\ld12.exe ]
C:\WINDOWS\MSA.EXE
C:\WINDOWS\Prefetch\MSA.EXE-02AC1082.pf

Trojan.Hugipon
HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Parame ters
HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Parame ters#ServiceDll

Adware.Tracking Cookie
C:\Documents and Settings\Frankie\Cookies\frankie@ads.bootcampmedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@tribalfusion[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@counter16.sextrac ker[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@yieldmanager[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.bootcampmedia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@sportone.adservin ginternational[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@chitika[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adultadworld[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@tacoda[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ad.yieldmanager[3].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adserver.adtechus[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@greenlightbanner[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@citi.bridgetrack[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@www.porndad[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@cdn4.specificclic k[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@socialmedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adecn[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.widgetbucks[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.crakmedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adinterax[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.redorbit[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@bluestreak[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adlegend[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@a1.interclick[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@atdmt[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@doubleclick[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@microsoftwindows. 112.2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@azjmp[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@www.socialtrack[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@interclick[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adultswim[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@eyewonder[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@media.brandreachs ys[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@indextools[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@banners.moreniche[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@dominionenterpris es.112.2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@yellowlinebanner[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@sportingnews.122. 2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@www.asianesex[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@intermundomedia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@e-2dj6wbloqmcjilq.stats.esomniture[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@technoratimedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@yellowlinebanner[4].txt
C:\Documents and Settings\Frankie\Cookies\frankie@yellowlinebanner[3].txt
C:\Documents and Settings\Frankie\Cookies\frankie@www.3dstats[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.cnn[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@teen.idrivesafely[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@bbfadnet[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@statshockey[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.kaktuz[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@at.atwola[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@warnerbros.112.2o 7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@c5.zedo[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@imrworldwide[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.madisonavenue[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@traffic.prod.coba ltgroup[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@c5.zedo[3].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.adultswim[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ordie.adbureau[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@cbs.112.2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@burstnet[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@zedo[3].txt
C:\Documents and Settings\Frankie\Cookies\frankie@zedo[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@usatoday1.112.2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@2o7[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@counter.surfcount ers[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@cache.trafficmp[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.tarrobads[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@canoe.112.2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@lfstmedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@www.burstnet[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@freeadultmedia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@specificmedia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@kontera[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@e-2dj6wbkokodjcco.stats.esomniture[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@tfpmedia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.uselessjunk[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@invitemedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@richbanner[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ad2.doublepimp[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@247realmedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ad.sbnation[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ad.zanox[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.adap[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.bridgetrack[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.mediamayhemco rp[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.mycricket[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@ads.undertone[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adserving.autotra der[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@adtech[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@advertising[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@borders.112.2o7[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@bs.serving-sys[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@casalemedia[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@eas.apm.emediate[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@edge.ru4[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@indexstats[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@leeenterprises.11 2.2o7[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@linotraffic[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@media.mtvnservice s[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@mediaplex[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@oasn04.247realmed ia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@overture[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@realmedia[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@redorbit[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@rotator.adjuggler[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@sales.liveperson[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@sales.liveperson[3].txt
C:\Documents and Settings\Frankie\Cookies\frankie@serving-sys[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@sextracker[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@stat.winrar2009[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@us.2.cqcounter[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@videoegg.adbureau[2].txt
C:\Documents and Settings\Frankie\Cookies\frankie@www.icityfind[1].txt
C:\Documents and Settings\Frankie\Cookies\frankie@xxxcounter[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degre es[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldman ager[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@collective-media[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[1].txt

Trojan.Agent/Gen-SDRA
C:\WINDOWS\SYSTEM32\SDRA64.EXE

Trojan.Agent/Gen-FraudDrop
C:\WINDOWS\TWITTY01.EXE
C:\WINDOWS\Prefetch\TWITTY01.EXE-3B34889B.pf

Malwarebytes' Anti-Malware 1.38
Database version: 2411
Windows 5.1.2600 Service Pack 3

7/11/2009 7:15:41 PM
mbam-log-2009-07-11 (19-15-36).txt

Scan type: Quick Scan
Objects scanned: 124907
Time elapsed: 57 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 7
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 32

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\autochk.dll (Trojan.Agent) -> No action taken.

Registry Keys Infected:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p cmstub (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\p cmstub (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\pcmstub (Rootkit.Agent) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\autochk (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\autochk (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\ForceClassicControlPan el (Hijack.ControlPanelStyle) -> No action taken.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\CLSID\{46c166aa-3108-11d4-9348-00c04f8eeb71}\inprocserver32\(default) (Hijack.Hnetcfg) -> Bad: (\\?\globalroot\systemroot\installer\710c6.msi) Good: (hnetcfg.dll) -> No action taken.

Folders Infected:
C:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken.

Files Infected:
C:\WINDOWS\system32\autochk.dll (Trojan.Agent) -> No action taken.
C:\Documents and Settings\NetworkService\protect.dll (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\pcmstub.sys (Rootkit.Agent) -> No action taken.
c:\WINDOWS\system32\6to4v32.dll (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\wbem\proquota.exe (Worm.KoobFace) -> No action taken.
c:\documents and settings\frankie\local settings\temp\a.exe (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\frankie\local settings\temp\b.exe (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\Frankie\local settings\temp\db.exe (Trojan.Dropper) -> No action taken.
c:\documents and settings\Frankie\local settings\temp\f.exe (Trojan.Dropper) -> No action taken.
c:\documents and settings\Frankie\local settings\temp\msb.dll (Trojan.Agent) -> No action taken.
c:\documents and settings\frankie\local settings\temp\install.48349.exe (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\Frankie\local settings\temp\installb[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Frankie\protect.dll (Trojan.Agent) -> No action taken.
c:\documents and settings\Jackie\protect.dll (Trojan.Agent) -> No action taken.
c:\documents and settings\Frankie\start menu\Programs\Startup\ChkDisk.dll (Trojan.Agent) -> No action taken.
c:\documents and settings\Jackie\start menu\Programs\Startup\ChkDisk.dll (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken.
c:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken.
c:\documents and settings\Frankie\Start Menu\Programs\Startup\ChkDisk.lnk (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\Jackie\Start Menu\Programs\Startup\ChkDisk.lnk (Trojan.FakeAlert) -> No action taken.
c:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\Frankie\Local Settings\temp\nsrbgxod.bak (Trojan.Agent) -> No action taken.
c:\documents and settings\Jackie\Local Settings\temp\nsrbgxod.bak (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\str.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\certstore.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\010112010146118114.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\0101120101464849.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\0101120101464948.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\0101120101465749.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\0101120101465752.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\ld12.exe (Worm.KoobFace) -> No action taken.

**Jacko2983** · #3 11th Jul 2009, 21:50

Oh, and I should probably add... I normally use Internet Explorer, but recently downloaded Firefox because I found it worked better when I was on some sites... this probably started happening a few days after I downloaded Firefox. Could this be related, or just coincidence??

**evilfantasy** · #4 12th Jul 2009, 08:50

Everything in the Malwarebytes log says No action taken. Please update it and run another scan letting it remove everything found and then post the log.