Jump to content

HJT Log

Hulk12

By Hulk12
in Tech and Computers

 Share

Recommended Posts

Hulk12

Hulk12

Posted
Posted

Logfile of HijackThis v1.99.0

 

 

 

Scan saved at 4:28:24 PM, on 4/25/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\TGTSoft\StyleXP\StyleXPService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\PackethSvc[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Stardock\THINKD~1\MULTIP~1\MULTIS~2[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Stardock\SDMCP[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

 

 

 

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray[Caution: ExecutableFile]

 

 

 

C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\j2re1.4.2_06\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft IntelliType Pro\type32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\MouseWare\system\em_exec[Caution: ExecutableFile]

 

 

 

C:\Program Files\RFA\r[bleep]ent[Caution: ExecutableFile]

 

 

 

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

 

 

 

C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim[Caution: ExecutableFile]

 

 

 

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag[Caution: ExecutableFile]

 

 

 

C:\Program Files\Steam\Steam[Caution: ExecutableFile]

 

 

 

C:\DOCUME~1\Robert\LOCALS~1\Temp\bwgo0005d764[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01[Caution: ExecutableFile]

 

 

 

C:\Program Files\Yahoo!\Messenger\ymsgr_tray[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\Program Files\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

 

 

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

 

 

 

O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll

 

 

 

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

 

 

 

O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll

 

 

 

O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing)

 

 

 

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

 

 

 

O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing)

 

 

 

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [VTPreset] VTPreset[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32[Caution: ExecutableFile] "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain

 

 

 

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

 

 

 

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [r[bleep]ent] "C:\Program Files\RFA\r[bleep]ent[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]"

 

 

 

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP[Caution: ExecutableFile] -Hide

 

 

 

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim[Caution: ExecutableFile] -cnetwait.odl

 

 

 

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager[Caution: ExecutableFile] -quiet

 

 

 

O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam[Caution: ExecutableFile] -silent

 

 

 

O4 - Global Startup: hp psc 1000 series.lnk = ?

 

 

 

O4 - Global Startup: hpoddt01[Caution: ExecutableFile].lnk = ?

 

 

 

O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf[Caution: ExecutableFile]

 

 

 

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

 

 

 

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

 

 

 

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

 

 

 

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather[Caution: ExecutableFile] (file missing) (HKCU)

 

 

 

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

 

 

 

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3270601308

 

 

 

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing[Caution: ExecutableFile]

 

 

 

O23 - Service: Stardock Multiplicity - Unknown - C:\PROGRA~1\Stardock\THINKD~1\MULTIP~1\MULTIS~2[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile]

 

 

 

O23 - Service: Virtual NIC Service - America Online, Inc. - C:\WINDOWS\system32\PackethSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12[Caution: ExecutableFile]

 

 

 

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan[Caution: ExecutableFile]

 

 

 

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: TrueVector Internet Monitor - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

Link to comment
Share on other sites
Hulk12

Hulk12

Posted
  • Author
Posted

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 8:31:43 PM, on 4/27/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\TGTSoft\StyleXP\StyleXPService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Stardock\SDMCP[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

 

 

 

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray[Caution: ExecutableFile]

 

 

 

C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\j2re1.4.2_06\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft IntelliType Pro\type32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\Program Files\RFA\r[bleep]ent[Caution: ExecutableFile]

 

 

 

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\MouseWare\system\em_exec[Caution: ExecutableFile]

 

 

 

C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim[Caution: ExecutableFile]

 

 

 

C:\Program Files\Steam\Steam[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01[Caution: ExecutableFile]

 

 

 

C:\DOCUME~1\Robert\LOCALS~1\Temp\bwgo0000df40[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Yahoo!\Messenger\ymsgr_tray[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\PackethSvc[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Stardock\THINKD~1\MULTIP~1\MULTIS~2[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wuauclt[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Winamp\winamp[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\hijackthis\HijackThis[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

 

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

 

 

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

 

 

 

O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll

 

 

 

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

 

 

 

O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll

 

 

 

O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing)

 

 

 

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

 

 

 

O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing)

 

 

 

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [VTPreset] VTPreset[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32[Caution: ExecutableFile] "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain

 

 

 

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

 

 

 

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [r[bleep]ent] "C:\Program Files\RFA\r[bleep]ent[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]"

 

 

 

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP[Caution: ExecutableFile] -Hide

 

 

 

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim[Caution: ExecutableFile] -cnetwait.odl

 

 

 

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager[Caution: ExecutableFile] -quiet

 

 

 

O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam[Caution: ExecutableFile] -silent

 

 

 

O4 - Global Startup: hp psc 1000 series.lnk = ?

 

 

 

O4 - Global Startup: hpoddt01[Caution: ExecutableFile].lnk = ?

 

 

 

O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf[Caution: ExecutableFile]

 

 

 

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

 

 

 

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

 

 

 

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

 

 

 

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather[Caution: ExecutableFile] (file missing) (HKCU)

 

 

 

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

 

 

 

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 3270601308

 

 

 

O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll

 

 

 

O20 - Winlogon Notify: Multi - C:\Program Files\Stardock\ThinkDesk\Multiplicity\MultiWin32.dll

 

 

 

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

 

 

 

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing[Caution: ExecutableFile]

 

 

 

O23 - Service: Stardock Multiplicity (Multiplicity) - Unknown owner - C:\PROGRA~1\Stardock\THINKD~1\MULTIP~1\MULTIS~2[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile]

 

 

 

O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12[Caution: ExecutableFile]

 

 

 

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan[Caution: ExecutableFile]

 

 

 

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

Link to comment
Share on other sites
Mercifull

Mercifull

Posted
Posted

  • Ctrl+Alt+del and end the following processes
     
     
     
    [*:1ffg2f2u]C:\DOCUME~1\Robert\LOCALS~1\Temp\bwgo0000df40[Caution: ExecutableFile]
     
     
     
     
     
     
     
    Fix the following
     
     
     
    [*:1ffg2f2u]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://channels.aimtoday.com/search/aimtoolbar.jsp
 
 
 
[*:1ffg2f2u]O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
 
 
 
[*:1ffg2f2u]O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing)
 
 
 
[*:1ffg2f2u]O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
 
 
 
[*:1ffg2f2u]O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll (file missing)
 
 
 
[*:1ffg2f2u]O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32[Caution: ExecutableFile] "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
 
 
 
[*:1ffg2f2u]O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480[Caution: ExecutableFile]
 
 
 
[*:1ffg2f2u]O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
 
 
 
[*:1ffg2f2u]O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
 
 
 
[*:1ffg2f2u]O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather[Caution: ExecutableFile] (file missing) (HKCU)

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept