omg teh hijackthis log

[ice_ring]

just got this program :oops:

 

 

 

 

 

 

 

could anyone tell me if anything is wrong?

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: ExecutableFile]

 

 

 

C:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wscntfy[Caution: ExecutableFile]

 

 

 

C:\Program Files\Apoint2K\Apoint[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\AGRSMMSG[Caution: ExecutableFile]

 

 

 

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_01\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Apoint2K\Apntex[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\Program Files\BlazeVideo\BlazeDVD4 Professional\MediaDetector[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\1129774079\ee\AOLHostManager[Caution: ExecutableFile]

 

 

 

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\1129774079\ee\AOLServiceHost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\HPZipm12[Caution: ExecutableFile]

 

 

 

C:\Program Files\Yahoo!\Messenger\ymsgr_tray[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08[Caution: ExecutableFile]

 

 

 

C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile]

 

 

 

C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile]

 

 

 

C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile]

 

 

 

C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop[Caution: ExecutableFile]

 

 

 

C:\DOCUME~1\ZX5000\LOCALS~1\Temp\Adobelm_Cleanup.0001

 

 

 

C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: ExecutableFile]

 

 

 

C:\DOCUME~1\ZX5000\LOCALS~1\Temp\Adobelm_Cleanup.0001

 

 

 

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]

 

 

 

C:\Program Files\Adobe\Adobe Photoshop CS2\ImageReady[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\NOTEPAD[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\Windows Media Player\wmplayer[Caution: ExecutableFile]

 

 

 

C:\Documents and Settings\ZX5000\Desktop\hijackthis\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

 

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

 

 

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

 

 

O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll

 

 

 

O3 - Toolbar: Adorons Easy Security - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - C:\Program Files\Adorons\Adorons Easy Security\ETB.dll

 

 

 

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

 

 

 

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

 

 

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP

 

 

 

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1129774079\ee\AOLHostManager[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim[Caution: ExecutableFile] -cnetwait.odl

 

 

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager[Caution: ExecutableFile] -quiet

 

 

 

O4 - HKCU\..\Run: [blazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD4 Professional\MediaDetector[Caution: ExecutableFile]"

 

 

 

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: BTTray.lnk = ?

 

 

 

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: hpoddt01[Caution: ExecutableFile].lnk = ?

 

 

 

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html

 

 

 

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

 

 

 

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

 

 

 

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

 

 

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager[Caution: ExecutableFile]

 

 

 

O9 - Extra button: (no name) - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - (no file)

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O15 - Trusted Zone: *.adorons.com

 

 

 

O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommo ... gctlsr.cab

 

 

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{F76BD77B-A450-4FC7-B96D-650B12CD06EA}: NameServer = 205.152.132.235 205.152.37.254

 

 

 

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: ExecutableFile]

 

 

 

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ[Caution: ExecutableFile]

 

 

 

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: ExecutableFile]" /service (file missing)

 

 

 

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: ExecutableFile]" /service (file missing)

 

 

 

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile]

 

 

 

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: ExecutableFile]

 

 

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

 

 

 

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12[Caution: ExecutableFile]

 

 

 

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile]

[weezcake]

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

 

 

 

 

 

 

 

^ I'd uninstall this.

 

 

 

 

 

 

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{F76BD77B-A450-4FC7-B96D-650B12CD06EA}: NameServer = 205.152.132.235 205.152.37.254

 

 

 

 

 

 

 

O9 - Extra button: (no name) - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - (no file)

 

 

 

 

 

 

 

^ These last two look suspicious to me. Don't do anything with them until one of the pros come and check our your log :)

 

 

 

 

 

 

 

Also, it looks like you're running two anti viruses at the same time. You shold always run only one, to avoid conflict between the two. :)

[ice_ring]

Thanks :D

[Vape]

Please post the first part of your log aswell, that's important.

[ice_ring]

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 11:46:58 PM, on 11/21/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

[coltm4carbine]

You may wish to print out a copy of these instructions to follow while you complete this procedure.

 

 

 

 

 

 

 

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items (if found), then click fix checked.

 

 

 

 

 

 

 

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

 

 

 

 

 

 

 

Please reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).

 

 

 

Be sure you're able to view hidden files, and remove the following files in bold (if found):

 

 

 

 

 

 

 

 

 

 

C:\Program Files\Viewpoint

 

 

 

 

 

 

 

+++++++++++++

 

 

 

 

 

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{F76BD77B-A450-4FC7-B96D-650B12CD06EA}: NameServer = 205.152.132.235 205.152.37.254

 

 

 

 

 

 

 

O9 - Extra button: (no name) - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - (no file)

 

 

 

 

 

 

 

the one in Green are Legit. Don't fix them.