Threats detected on my system

Viruses and worms
1

Threats detected on my computer system by SUPERAntispyware.
Complete scan details of threats detected.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/05/2010 at 00:56 AM

Application Version : 4.34.1000

Core Rules Database Version : 4638
Trace Rules Database Version: 2450

Scan type : Complete Scan
Total Scan Time : 01:58:48

Memory items scanned : 556
Memory threats detected : 0
Registry items scanned : 6936
Registry threats detected : 26
File items scanned : 81972
File threats detected : 1

Adware.HBHelper
HKLM\Software\Classes\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
HKCR\CLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
HKCR\URLSearchHook.ToolbarURLSearchHook.1
HKCR\URLSearchHook.ToolbarURLSearchHook.1\CLSID
HKCR\URLSearchHook.ToolbarURLSearchHook
HKCR\URLSearchHook.ToolbarURLSearchHook\CLSID
HKCR\TypeLib{4509D3CC-B642-4745-B030-645B79522C6D}
HKCR\TypeLib{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
HKCR\TypeLib{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
HKCR\TypeLib{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
HKCR\TypeLib{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
HKCR\TypeLib{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR
C:\PROGRAM FILES\SPEEDBIT VIDEO DOWNLOADER\TOOLBAR\TBHELPER.DLL
HKU\S-1-5-21-2151372535-17006562-1767833862-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKU\S-1-5-21-2151372535-17006562-1767833862-1000\Software\Microsoft\Internet Explorer\URLSearchHooks#{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKU\S-1-5-21-2151372535-17006562-1767833862-1000_Classes\Software\Microsoft\Internet Explorer\URLSearchHooks#{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Browser Hijacker.Deskbar
HKCR\Interface{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

samnetx

2

Hi

You can fix these BHO’s through Freefixer, download here:
http://www.freefixer.com/static/freefixersetup.exe

Another removal instruction can be found here:
http://www.geekstogo.com/forum/Can-t-Remove-Browser-Hijacker-t167591.html

polonus

3

Suspicious files found on my system of Bluetooth software by outpost spyware scan. Here are the virustotal results.
Bluetooth software: Bluesoleil 6.4.249.0

Bluesoleilcs.exe
2/42
http://www.virustotal.com/analisis/bc7437c06d43bc0b615bd6485c6c0bbf43a54ec3f5f4af177202909a20d21094-1268147231

bttray.exe
2/42
http://www.virustotal.com/analisis/8654d95c29258149441edeff5bdd6927cda07a81cfeb6aab2b997880f600d09c-1268147461

Veiw the image of detection by Outpost Spyware scan attached with this post.

4

HijackThis log

Here is HijackThis log file attached with this post. I think there are some wrong (malware) entries in HijackThis log file which are needed to be removed. Analyse for my safety.

Thanks for help.

samnetx

5

I don’t know hoe you are running the OP anti-spyware module did you not get a compatibility notice from OP when it detected avast ?

Personally I want my firewall to do just that, be a good firewall and leave the anti-spyware in OP disabled. You already have a slew of anti-spyware capable applications, avast!, MSE, SAS, MBAM, how many do you want ?

Given the VT results on both of these there is a high likelihood they are FPs I also bet none of the other anti-spywares mentioned in your signature detected anything ?

6

Sir DavidR

I have only following security software as protection active in memory.

  1. Firewall – Outpost with antispyware module disabled, web control module enabled for preventing malicious scripts and some
    dangerous active content elements are blocked.
  2. Avast 5 free antivirus
  3. Malwarebytes Antimalware.

Other security software are for scans only not used as Real-Time protection like MSE,SAS.

7

Even so, given those resident & on-demand scanners you already have, I really see no need for the OP anti-spyware module too.

If you have the OP anti-spyware module disabled how is it possible to do an on-demand scan, for me the OP anti-spyware module is not even installed (as I said the compatibility check of OP), so no anti-spyware module update, so no possibility of running a scan.

8

Outpost antispyware module only Real-Time protection is disabled. I can do ON-demand scan by selecting scan for spyware on windows vista, no compatibility check is shown while installing Outpost firewall with antispyware module in vista.

In Windows xp, compatibility check was shown and Real Time Protection in disabled by default with avast4.8 and I cannot use antispyware Real-Time Protection but I can do on-demand scan by selecting scan for spyware. But in windows vista I can use Real-Time Protection anytime with avast5.