Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Fixed] Please help with hijackthis file log.

[Fixed] Hijackthis! Logs - [Fixed] Please help with hijackthis file log. posted in the Security & Safety forums; Please and thank you all Logfile of HijackThis v1.99.1 Scan saved at 5:24:42 PM, on 8/1/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe ...

JOIN US NOW to remove these Ads

pc help forum number one in the search engines
Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 08-01-2006
011010's Avatar
Bronze Member
  
Join Date: Dec 2005
Posts: 9
011010 - See this Members User comments on their Profile page
Exclamation [Fixed] Please help with hijackthis file log.
Please and thank you all

Logfile of HijackThis v1.99.1
Scan saved at 5:24:42 PM, on 8/1/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\S2V2aW4\command.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\BIGKEV~1\LOCALS~1\Temp\Rar$EX00.094\Hi jackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} (HGPlugin7USA Class) - http://gamedownload.ijjimax.com/game...Plugin7USA.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\S2V2aW4\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe



Please if possible guide me through the cleansing process

ex: what programs, where to get them and finally what to do with them.
  #2  
Old 08-02-2006
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 2,297
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default
Hello 011010


Before we start working with your log, you are running Hijack This from a temporary location.This needs to have its own folder.Please download HijackThis Self-installer
This is a complete installer that installs HijackThis on the computer to C:\Program Files\HijackThis.
It is important that you uninstall any previous versions by using Add/Remove programs in your control panel before installing a newer version.

Go to Start > Run and type
cmd
and OK. Type the below commands and hit "Enter" after each line
sc stop cmdService
sc delete cmdService
Type Exit to close.

Open Windows Explorer and delete the following red folder/s

C:\Program Files\Network Monitor

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\S2V2aW4\command.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

Reboot..................
Download Ewido Anti-Malware
  • Install Ewido Anti-Malware
  • Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.
  • On the top of the main screen click Shield
  • Click the word active to change it to inactive
  • On the top of the main screen click Update.
  • Then click on Start Update. The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido. When you have finished updating, EXIT Ewido.
Please reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.
  • In Safe Mode,run Ewido.
  • Click Scanner
  • Click on the Scan tab
  • Click Complete System Scan to begin scanning.
  • When the scan is complete click Recommended Action and change it to Quarantine
  • Then click Apply all actions
Once finished, click the Save report button, then click Save Report As. This will create a text file.
Make sure you know where to find this file again (like on the Desktop).
Restart back into Normal Mode.
Please perform another scan with Hijack This, and then post back with a copy of the Ewido log and the new HijackThis log.


__________________
  • An Australian Member of
  • and
My real name is Eddy
Last edited by Pancake; 08-02-2006 at 03:30 AM.
  #3  
Old 08-02-2006
011010's Avatar
Bronze Member
  
Join Date: Dec 2005
Posts: 9
011010 - See this Members User comments on their Profile page
Default
thanks a ton for the help! i've followed instructions accordingly and this is what im left with


HijackThis LOG:

Logfile of HijackThis v1.99.1
Scan saved at 11:17:01 AM, on 8/2/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\Tablet.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} (HGPlugin7USA Class) - http://gamedownload.ijjimax.com/game...Plugin7USA.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
  #4  
Old 08-02-2006
011010's Avatar
Bronze Member
  
Join Date: Dec 2005
Posts: 9
011010 - See this Members User comments on their Profile page
Default
and heres the Ewildo Log:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:11:39 AM 8/2/2006
+ Scan result:

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\installcasino[1].exe -> Adware.Casino : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\EHC7UXI5\Installer[1].exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\W9U74XI3\Installer[1].exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Installer3.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001530.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001575.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001602.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001603.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001608.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001609.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001655.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\WKVADVE.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\h0l20a3oed.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\o0840alqedqe0.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wfpshell.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Program Files\Adverts\uninst.exe -> Adware.Lop : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\AZY5IBUB\joysavsht[1].cab/amm06.ocx -> Adware.MediaMotor : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\CFDBMM39\util[1].js -> Adware.MediaMotor : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\CL4VSBCF\util[1].js -> Adware.MediaMotor : Cleaned with backup (quarantined).
C:\Program Files\Common Files\foiu\foiud\foiuc.dll -> Adware.TargetServer : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Synacast\SynaLive\EvID4226Patch.exe -> Backdoor.Virkel.A : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\TVF3TT0A\3138302D2D2D[1].exe -> Downloader.Adload.bl : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\ANUVQHMN\loader[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\BY0RJ98P\drsmartload[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\STY7G5AB\loader[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\drsmartload.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\drsmartload1.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001505.EXE -> Downloader.Small.ajc : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\CL4VSBCF\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\EJQJ89KT\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\MTE3NDI6ODoxNgnew.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\VSL.dl_ -> Downloader.Small.ctp : Cleaned with backup (quarantined).
C:\Program Files\Common Files\foiu\foiup.exe -> Downloader.TSUpdate.f : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001553.exe -> Downloader.TSUpdate.f : Cleaned with backup (quarantined).
C:\Program Files\Common Files\foiu\foiua.exe -> Downloader.TSUpdate.l : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001552.exe -> Downloader.TSUpdate.l : Cleaned with backup (quarantined).
C:\Program Files\Common Files\foiu\foium.exe -> Downloader.TSUpdate.n : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001550.exe -> Downloader.TSUpdate.n : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\W5OHQFOT\stub_113_4_0_4_0[1].exe -> Downloader.TSUpdate.o : Cleaned with backup (quarantined).
C:\stub_113_4_0_4_0newer.exe -> Downloader.TSUpdate.o : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001551.exe -> Downloader.TSUpdate.p : Cleaned with backup (quarantined).
C:\Program Files\Common Files\foiu\foiul.exe -> Downloader.TSUpdate.r : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\8L6RGTYF\preax[1].cab/preax.ocx -> Downloader.VB.aee : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\WDQFOXEN\drsmartload45a[1].exe -> Downloader.VB.aiw : Cleaned with backup (quarantined).
C:\drsmartload45a7i.exe -> Downloader.VB.aiw : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\D40BPX4X\nwnmfg_7[1].exe -> Downloader.VB.aiy : Cleaned with backup (quarantined).
C:\nwnmfg_7.exe -> Downloader.VB.aiy : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\EJQJ89KT\wallpap[1].exe -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\Program Files\html1.htm -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\Program Files\html2.htm -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001500.js -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001502.exe -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001504.js -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001507.exe -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\CHMZ4DQF\drsmartload849a[1].exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\CL4VSBCF\mmx[1].exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\UB479E3I\drsmartload46a[1].exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload46a7i.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload849a7i.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\AZY5IBUB\dfndrfg_7[1].exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\dfndrfg_7.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\BY0RJ98P\speedtest2[1].dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Big Kev\Local Settings\Temporary Internet Files\Content.IE5\CNNRAKTX\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup (quarantined).
C:\RECYCLER\S-1-5-21-1085031214-1364589140-682003330-1003\Dc1\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned with backup (quarantined).
:mozilla.17:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.18:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.19:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.82:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.73:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.74:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.75:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.59:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Big Kev\Local Settings\Temp\Cookies\big kev@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.110:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.93:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.94:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@bilbo.counted[2].txt -> TrackingCookie.Counted : Cleaned.
:mozilla.45:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.95:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned.
:mozilla.116:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.86:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\RECYCLER\NPROTECT\00003196.TXT -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ehg-gamespot.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ehg-sonyesolutions.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ehg-yamahacanadamusic.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@counter.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@hotlog[2].txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.80:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Big Kev\Local Settings\Temp\Cookies\big kev@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.76:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.77:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@media.top-banners[1].txt -> TrackingCookie.Top-banners : Cleaned.
:mozilla.112:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.43:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.44:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.48:C:\Documents and Settings\Big Kev\Application Data\Mozilla\Firefox\Profiles\ka9b89ym.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Big Kev\Cookies\big kev@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.

::Report end
  #5  
Old 08-02-2006
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,044
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Your HJT log looks good sofar, and Ewido has cleaned alot.

But I have a feeling we aren't seeing the hole picture here.. Can you do this for me, can you rename your Hijackthis.exe to test.exe and then make and post a new log with it?


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #6  
Old 08-04-2006
011010's Avatar
Bronze Member
  
Join Date: Dec 2005
Posts: 9
011010 - See this Members User comments on their Profile page
Default
HERE U GO!

Logfile of HijackThis v1.99.1
Scan saved at 3:19:01 PM, on 8/4/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis\test.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.ca/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} (HGPlugin7USA Class) - http://gamedownload.ijjimax.com/game...Plugin7USA.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe

Reply
New! Norton Internet Security 2008 – Download Now Click Here
Page 1 of 2 1 2 >

Bookmarks

« [Fixed] no program can delete my virus. Help me | [Fixed] hijackthis log check please »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 11:46 PM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top