Our November Competition
 User Reviews - Add Yours!
The PCHF Lounge
Go Back   PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs
Reload this Page [Resolved] HiJackThis Log (Task Manger and RegEdit Disabled) Log File in 2 parts
Register for a Free Account

[Fixed] Hijackthis! Logs - [Resolved] HiJackThis Log (Task Manger and RegEdit Disabled) Log File in 2 parts posted in the Security & Safety forums; Logfile of HijackThis v1.99.1 Scan saved at 7:18:25 PM, on 11/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Windows folder: C:\WINDOWS System folder: C:\WINDOWS\SYSTEM32 Hosts file: ...


Reply
Scan your PC for Errors
Old 11-10-2006   #1
Bronze Member
 
Join Date: Nov 2006
Posts: 4
Default [Resolved] HiJackThis Log (Task Manger and RegEdit Disabled) Log File in 2 parts
Logfile of HijackThis v1.99.1
Scan saved at 7:18:25 PM, on 11/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\SYSTEM32
Hosts file: C:\WINDOWS\System32\drivers\etc\hosts

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.e xe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe
C:\Program Files\Rollback\RollbackClnt.exe
C:\Program Files\Rollback\shdserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Virtual CD v8\System\VC8SecS.exe
C:\WINDOWS\scvhost.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\PuXpMan2.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\ModemMax\ModemMAX.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Rollback\RollbackTray.exe
C:\Program Files\IEHistory\IEHistoryShellNotifier.exe
C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.ex e
C:\Program Files\RamSmash\RamSmash.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe
C:\PROGRA~1\Ashampoo\ASHAMP~2\TASKPL~1.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\Ashampoo\AS5CDE~1\AMO_TA~1.EXE
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\uTorrent\utorrent.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Administrator\My Documents\Matt's Files\HijackThis.exe
minchia is offline   Reply With Quote
Advertisement - Register to Remove
Old 11-10-2006   #2
Bronze Member
 
Join Date: Nov 2006
Posts: 4
Default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe scvhost.exe
F3 - REG:win.ini: run=C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CSeaMonkey%5 Csearchplugins%5Cgoogle.src"); (C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\default\3l90atz6.slt\prefs.j s)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (filesize 440384 bytes, MD5 045EFAAE4617C8883DFC840C6685C390)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (filesize 63128 bytes, MD5 F17B2B264072B921FC66A0BE16626BAB)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll (filesize 81920 bytes, MD5 8AB453E6168A5FEDFDDF44BC13F42E70)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (filesize 185848 bytes, MD5 FFCFF90506D2055936B2E577C50ACEA6)
O2 - BHO: (no name) - {75AB884B-A20B-BB8D-C24C-EC769F7157D5} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll (filesize 434279 bytes, MD5 77036728E730F810CD479EF9F48398C5)
O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (filesize 256792 bytes, MD5 6C5BEBC36A199B438B593E9A4DCD21F4)
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (filesize 208896 bytes, MD5 BEBDF2293F53049569285B9B2FA7EC68)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (filesize 231160 bytes, MD5 6A95C44FFF0AFE30351CBC92CF327924)
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll (filesize 118784 bytes, MD5 72BE3470C1DDD455867DFEEACE56959D)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (filesize 440384 bytes, MD5 045EFAAE4617C8883DFC840C6685C390)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (filesize 86016 bytes, MD5 8FA3B8B4ECFFDE790DA2173210C80A85)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (filesize 231160 bytes, MD5 6A95C44FFF0AFE30351CBC92CF327924)
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (filesize 256792 bytes, MD5 6C5BEBC36A199B438B593E9A4DCD21F4)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\ehome\ehtray .exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode (filesize 33280 bytes, MD5 DA285490BBD8A1D0CE6623577D5BA1FF)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE (filesize 16239616 bytes, MD5 7ED41E534AD1ECB7C75FFDA0C2917144)
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE (filesize 77312 bytes, MD5 B596347A26DC054EBB44EB3BC8E95B0A)
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" (filesize 90112 bytes, MD5 9E1992C27ECF7F08C154DCACF32F1AAB)
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXEC:\WINDOWS\SMINST\RE CGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run (filesize 249856 bytes, MD5 A789B145F17FA5C2326907F4872FE173)
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exeC:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (filesize 968696 bytes, MD5 71514E2C74D554F5902DC184046ECA3B)
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exeC:\Progr am Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan2.exeC:\WINDOWS\system3 2\PuXpMan2.exe
O4 - HKLM\..\Run: [Check Trial ModemMAX] C:\Program Files\ModemMax\CheckTrial.exeC:\Program Files\ModemMax\CheckTrial.exe
O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" (filesize 49263 bytes, MD5 FFB2D7833002457D3801AA4422FFB44F)
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup (filesize 249856 bytes, MD5 1C46FC1AB600766B8554580204806E84)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (filesize 33280 bytes, MD5 DA285490BBD8A1D0CE6623577D5BA1FF)
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (filesize 81920 bytes, MD5 7D58C9BDF9C0A3955BDCDE7387AD12AC)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeC:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Rollback] "C:\Program Files\Rollback\RollbackTray.exe" (filesize 3104768 bytes, MD5 4DB57FD6AE68CE02234D0320C216C39D)
O4 - HKLM\..\Run: [IEHistory] C:\Program Files\IEHistory\IEHistoryShellNotifier.exeC:\Progr am Files\IEHistory\IEHistoryShellNotifier.exe
O4 - HKLM\..\Run: [OTFSDMS] C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe /p (filesize 120320 bytes, MD5 63A375E2EF4EBB5A53F3A8F257A52DC8)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [PCPerf] "C:\PROGRA~1\PCACCE~1\pcperf.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" (filesize 856064 bytes, MD5 98FAFD82E4F0674D2D7BB3C8FD141D32)
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" (filesize 483328 bytes, MD5 78FF388FD58CE0BAE1F7C9670F5473C1)
O4 - HKLM\..\Run: [] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [RamSmash] "C:\Program Files\RamSmash\RamSmash.exe" /start (filesize 361984 bytes, MD5 CFF363DDF01015163A995383C434674C)
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (filesize 241664 bytes, MD5 E91CDE1B706189C03904A901A1CA1832)
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [msconfig] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [icq lite] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Update Checker] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [AntiVir] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Windows Update] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [msconfig] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [icq lite] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Update Checker] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [AntiVir] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Windows Update] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [msconfig] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [icq lite] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Update Checker] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [AntiVir] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [] C:\WINDOWS\scvhost.exeC:\WINDOWS\scvhost.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exeC:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe
O4 - HKCU\..\Run: [Ashampoo WinOptimizer Platinum 3 TaskPlaner] "C:\PROGRA~1\Ashampoo\ASHAMP~2\TASKPL~1.EXE" -TRAY (filesize 741888 bytes, MD5 2DEC655C7AB2F00024730D691E4C5AD3)
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (filesize 139264 bytes, MD5 615D80390284899DD9DD068CF82F3529)
O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\AS5CDE~1\AMO_TA~1.EXE" -TRAY (filesize 1244160 bytes, MD5 228F15604F6C7ADE9C839FE91F48EB7A)
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe" (filesize 101080 bytes, MD5 7512EC7190DBEA84D34B5C21E7AFAD4C)
O4 - HKCU\..\Run: [OptimizerRX] C:\Program Files\OptimizerRX\OptimizerRX.exe
O4 - HKCU\..\Run: [L07AXLRD_24479484] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE" -m (filesize 351000 bytes, MD5 554BDEB0453E42C5CAC7E7181E74E246)
O4 - HKCU\..\Run: [PCMesh Anonymous Web Surfing] C:\Program Files\pcmesh\aws\aws.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (filesize 113664 bytes, MD5 C2FF17734176CD15221C10044EF0BA1A)
O4 - Global Startup: Ashampoo Magical Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe (filesize 4112497 bytes, MD5 B8179CD2E2F9FE2466521AD437504077)
O4 - Global Startup: DVD@ccess.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (filesize 241664 bytes, MD5 16E91805CC071039372AE0037AAA9A2B)
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (filesize 53248 bytes, MD5 91C0436BD6CB73370895EF33C1C9CB47)
O4 - Global Startup: Palo Alto Software Update Manager 9.0.lnk = C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe (filesize 122880 bytes, MD5 06FB8D471BAEE372DE1FF0D271ED41F8)
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (filesize 811008 bytes, MD5 838E1292B01A56DC92EE1AC5AC9AA9DE)
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (filesize 36903 bytes, MD5 CBCDA25B76B570A8252644594EDF3BE9)
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (filesize 110080 bytes, MD5 1A74872637B0BD6389EB8D4E8CDAF1D5)
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm (filesize 575 bytes, MD5 4F5140BEADB0A78CE30E9F0F4B591B8F)
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm (filesize 1898 bytes, MD5 208F30C68E12274B625E3EDF9186680C)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll (filesize 434279 bytes, MD5 77036728E730F810CD479EF9F48398C5)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll (filesize 434279 bytes, MD5 77036728E730F810CD479EF9F48398C5)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (filesize 185848 bytes, MD5 FFCFF90506D2055936B2E577C50ACEA6)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL (filesize 40208 bytes, MD5 BD191DAA0A8D7430F3387F72E6D7C792)
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (filesize 289560 bytes, MD5 4E336D9C138B106E3EDB6BA9743DD875)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (filesize 1400832 bytes, MD5 C0BB801810DD4A6CCF3EB1C4969F6E3A)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (filesize 1400832 bytes, MD5 C0BB801810DD4A6CCF3EB1C4969F6E3A)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\system32\shdocvw.dll (filesize 1497088 bytes, MD5 559B2D22A1EE947A7EAED530C7FF9320)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\system32\shdocvw.dll (filesize 1497088 bytes, MD5 559B2D22A1EE947A7EAED530C7FF9320)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (filesize 4662776 bytes, MD5 BB5E7B73A3A54CCF329325807E5122FE)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (filesize 4662776 bytes, MD5 BB5E7B73A3A54CCF329325807E5122FE)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5 74E6E96C6F0E2ECA4EDBB7F7A468F259)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5 74E6E96C6F0E2ECA4EDBB7F7A468F259)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1158384568781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1158384563781
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/F...ansferCtrl.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (filesize 835072 bytes, MD5 920FCECDA7500E02CF834FA623C21B6A)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (filesize 43792 bytes, MD5 2DF3130B89470D15C9FD2AC5B3B78A45)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dllC:\WINDOWS\SYSTEM3 2\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (filesize 133120 bytes, MD5 99425F30D4D46B78DC7F613D5DCDB4B8)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeC:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exeC:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exeC:\WINDOWS\s ystem32\ZoneLabs\isafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeC:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeC:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeC:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
minchia is offline   Reply With Quote
Old 11-10-2006   #3
Bronze Member
 
Join Date: Nov 2006
Posts: 4
Default
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32 \nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system3 2\HPZipm12.exe
O23 - Service: RollbackClientService - Unknown owner - C:\Program Files\Rollback\RollbackClnt.exeC:\Program Files\Rollback\RollbackClnt.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SHDSERV - Horizon Datasys, Inc. - C:\Program Files\Rollback\shdserv.exeC:\Program Files\Rollback\shdserv.exe
O23 - Service: Virtual CD v8 Management Service (VC8SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v8\System\VC8SecS.exeC:\Program Files\Virtual CD v8\System\VC8SecS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\s ystem32\ZoneLabs\vsmon.exe
minchia is offline   Reply With Quote
Old 11-10-2006   #4
Bronze Member
 
Join Date: Nov 2006
Posts: 4
Default
Again the problem I am having is Task Manager and RegEdit has been disabled. I use CounterSpy and ZoneAlarm... neither have asked for permission to make these changes... So I am uncertain how or when it changed. Occasionally I get a Visual C++ Error, but not often, and I dont think it relates to this.
minchia is offline   Reply With Quote

Reply


Bookmarks

Tags
disabled, file, hijackthis, log, manger, parts, regedit, Resolved, task

« [Fixed] msmo again.. | [Resolved] Critical system error and other pop ups »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On


Site Map - Top

All times are GMT. The time now is 03:23 AM.
Powered by vBulletin
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2