Jump to content

Randomly HD lost? weird!!

im1knight

By im1knight
in Tech and Computers

 Share

Recommended Posts

im1knight

im1knight

Posted
Posted

and here is the log...

 

 

 

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

 

Scan saved at 11:41:13, on 2008-2-9

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Boot mode: Normal

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\Program Files\Microsoft IntelliPoint\ipoint[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File]

 

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]

 

C:\Program Files\360Safebox\safeboxTray[Caution: Executable File]

 

C:\Program Files\360safe\safemon\360tray[Caution: Executable File]

 

C:\Program Files\Java\jre1.6.0_03\bin\jusched[Caution: Executable File]

 

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard[Caution: Executable File]

 

C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File]

 

C:\Program Files\Windows Media Player\WMPNSCFG[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVG7\avgemc[Caution: Executable File]

 

C:\WINDOWS\eHome\ehRecvr[Caution: Executable File]

 

C:\WINDOWS\eHome\ehSched[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\Program Files\Common Files\LightScribe\LSSrvc[Caution: Executable File]

 

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

C:\Program Files\SiteAdvisor\6253\SAService[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\Viewpoint\Common\ViewpointService[Caution: Executable File]

 

C:\WINDOWS\system32\mqsvc[Caution: Executable File]

 

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex[Caution: Executable File]

 

C:\WINDOWS\system32\mqtgsvc[Caution: Executable File]

 

C:\WINDOWS\system32\dllhost[Caution: Executable File]

 

C:\Program Files\Thunder Network\Thunder\Program\Thunder5[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

 

 

O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll

 

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll

 

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

 

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

 

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll

 

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

 

O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll

 

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

 

O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll

 

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard[Caution: Executable File]

 

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint[Caution: Executable File]"

 

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File] /STARTUP

 

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]"

 

O4 - HKLM\..\Run: [360Safebox] "C:\Program Files\360Safebox\safeboxTray[Caution: Executable File]" /r

 

O4 - HKLM\..\Run: [360Safetray] C:\Program Files\360safe\safemon\360tray[Caution: Executable File] /start

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched[Caution: Executable File]"

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]" -osboot

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File]

 

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG[Caution: Executable File]

 

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'LOCAL SERVICE')

 

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'NETWORK SERVICE')

 

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'SYSTEM')

 

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'Default user')

 

O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray[Caution: Executable File] (User 'Default user')

 

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet[Caution: Executable File]/AddLink.htm

 

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet[Caution: Executable File]/AddVideo.htm

 

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet[Caution: Executable File]/AddAllLink.htm

 

O8 - Extra context menu item: &ÃÆäÃâýÃâÿÃÆçâââ¬Ã

Quit runescape on Jan 6th of 2008, at level of 115 with around 150M worth of item in bank...however stats still remains

Baoding.png

World 59, the world i loved~

59.png

 

Now 95% dedicated to playing Microsoft flight simulator

image_mini

http://www.youtube.com/user/im1knight

my youtube channel with many FSX videos i made. please leave a comment if you will

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept