hijackthis log

[ice_ring]

Logfile of HijackThis v1.99.1

 

Scan saved at 7:15:32 PM, on 10/1/2006

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: Executable File]

 

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File]

 

C:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

C:\Program Files\Apoint2K\Apoint[Caution: Executable File]

 

C:\WINDOWS\AGRSMMSG[Caution: Executable File]

 

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: Executable File]

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: Executable File]

 

C:\Program Files\Java\jre1.5.0_01\bin\jusched[Caution: Executable File]

 

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

 

C:\Program Files\QuickTime\qttask[Caution: Executable File]

 

C:\PROGRA~1\AIM\aim[Caution: Executable File]

 

C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

C:\Program Files\Apoint2K\Apntex[Caution: Executable File]

 

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray[Caution: Executable File]

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08[Caution: Executable File]

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\Program Files\LimeWire\LimeWire[Caution: Executable File]

 

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08[Caution: Executable File]

 

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08[Caution: Executable File]

 

C:\WINDOWS\system32\wscntfy[Caution: Executable File]

 

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]

 

C:\PROGRA~1\MOZILL~1\firefox[Caution: Executable File]

 

C:\Program Files\Sonic Foundry\Vegas 4.0\vegas40[Caution: Executable File]

 

C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop[Caution: Executable File]

 

C:\DOCUME~1\ZX5000\LOCALS~1\Temp\Adobelm_Cleanup.0001

 

C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File]

 

C:\DOCUME~1\ZX5000\LOCALS~1\Temp\Adobelm_Cleanup.0001

 

C:\Documents and Settings\ZX5000\Desktop\hijackthis\HijackThis[Caution: Executable File]

 

 

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 83.206.128.73:80

 

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

O3 - Toolbar: Adorons Easy Security - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - C:\Program Files\Adorons\Adorons Easy Security\ETB.dll

 

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint[Caution: Executable File]

 

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG[Caution: Executable File]

 

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx[Caution: Executable File]

 

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: Executable File]

 

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: Executable File] /STARTUP

 

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: Executable File]

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched[Caution: Executable File]

 

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr[Caution: Executable File]

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]" -osboot

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime

 

O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim[Caution: Executable File] -cnetwait.odl

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: Executable File]" /background

 

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager[Caution: Executable File] -quiet

 

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype[Caution: Executable File]" /nosplash /minimized

 

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File]

 

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire[Caution: Executable File]

 

O4 - Global Startup: BTTray.lnk = ?

 

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08[Caution: Executable File]

 

O4 - Global Startup: hpoddt01[Caution: Executable File].lnk = ?

 

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html

 

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

 

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

 

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

 

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim[Caution: Executable File]

 

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager[Caution: Executable File]

 

O9 - Extra button: (no name) - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - (no file)

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O15 - Trusted Zone: *.adorons.com

 

O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommo ... gctlsr.cab

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{F76BD77B-A450-4FC7-B96D-650B12CD06EA}: NameServer = 205.152.132.23 205.152.37.23

 

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

 

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File]

 

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: Executable File]

 

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: Executable File]

 

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File]

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: Executable File]

 

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12[Caution: Executable File]

 

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: Executable File]

 

 

 

internet running slooow...please help! :ohnoes:

[coltm4carbine]

looks alright just a few questions:

 

 

 

1) Did you add http://www.adorons.com to your trusted sites?

 

2) Did you install viewpoint media player yourself?

 

 

 

ALso have you done the usual? Virus scans, spyware scans etc...

[ice_ring]

yes

 

no :?

[coltm4carbine]

Reopen HJT anf fix these:

 

 

 

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.e3e (CAUTION - executable file)

 

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

 

 

 

Go to add/remove program and remove Viewpoint media player.