Spyware Problem Log Attached
Jan 20, 2005
My computer is running very slow. I know it is is spyware. Also I can't open any websites and get random advertisments.Logfile of HijackThis v1.99.0 Scan saved at 7:39:49 AM, on 1/20/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe
C:Program FilesAdmanager ControllerAdManCtl.exe C:Program FilesISTsvcistsvc.exe C:WINDOWS etkp.exe C:Program FilesAdmanager ControllerAdManKeep.exe C:PROGRA~1GrisoftAVG7avgamsvr.exe C:PROGRA~1GrisoftAVG7avgupsvc.exe C:WINDOWSsystem32addsb32.exe
C:WINDOWSsystem32wuauclt.exe C:WINDOWSsystem32wscntfy.exe C:DOCUME~1RIOCOL~1LOCALS~1TempTemporary Directory 2 for hijackthis.zipHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSpzgdv.dll/sp.html#28129 R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSpzgdv.dll/sp.html#28129 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWSpzgdv.dll/sp.html#28129 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSpzgdv.dll/sp.html#28129 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSpzgdv.dll/sp.html#28129 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSpzgdv.dll/sp.html#28129 R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: (no name) - {7D84605B-257F-35AC-B82F-7E711C985FBD} - C:WINDOWSsystem32winvh32.dll O4 - HKLM..Run: [Admanager Controller] C:Program FilesAdmanager ControllerAdManCtl.exe O4 - HKLM..Run: [IST Service] C:Program FilesISTsvcistsvc.exe O4 - HKLM..Run: [netkp.exe] C:WINDOWS
etkp.exe O4 - HKLM..RunServices: [WindowsRegKey Autoupdate] explorer.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2- 9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O15 - Trusted Zone: *.frame.crazywinnings.com O15 - Trusted Zone: *.static.topconverting.com O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe O23 - Service: Macromedia Licensing Service - Unknown - C:Program FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exe O23 - Service: Workstation NetLogon Service - Unknown -C:WINDOWSsystem32addsb32.exe
View 14 Replies
ADVERTISEMENT
Dec 22, 2004
Okay, I guess I inadvertantly downloaded a zip file that I thought was something else but apparently it was Bundled with Spyware Everywhere, I've been spending the wee hours of the night attempting to remove this garbage but unfortunatly ISTsvc.exe and Hot as Hell and Bargain Buddy keep reinstalling even after I delete the Reg Entries etc. Also this is where my browser keeps getting Hijacked to "http://www.web--search.com/to.php?ID1=997&ID2=145248911&ID3=566146524954&ID4=0&ID5={677D98D5-F874-42EC-B42D-6CDCB0B549EA}" This other question is in relation to my parents puter That I plan on fixing later, They cant surf the net, something in the lower left of IE keeps flashing saying badurl.fhksadfs <------flashes too fast to read. Anyways....I'm going to attach my HiJackThis Log so that someone out the could better assist nme in this, how should I say......"Adventure".
View 7 Replies
View Related
Jan 25, 2007
i dont know if anyone can help but i have these messages coming up on my computer .I am a complete novice so please bear with me. i have windows xp thats all i know and zone alarms .I Also have ad aware and spybot and spyware blaster in my summery it says file java byte exploit! verify c/docume~1 karenlocal~1TEMPAAWTMPC563045335AC80COUNTER.CLASS Java/byteverify!exploit c:docume~1karen/LOCAL~1TEMPAAWTMPC563045335AC80VERIFIERBUG.CLASS Java/Shinwow.AB C:docume~1/karen/Locals~1TEMPAAWTMPC563045335AC80BEYOND.CLASS
View 14 Replies
View Related
Sep 6, 2003
There are two excellent spyware removal apps available and they are both FREE so there is no reason to not use them regularly. The two best apps there are for removing spyware are SpyBot Search & Destroy and Ad Aware. IT IS IMPERATIVE THAT YOU USE BOTH OF THESE APPS SINCE ONE FINDS WHAT THE OTHER MISSES AND VICE VERSA, YOU ARE NOT SAFE USING JUST ONE OF THEM. There is one other app that I HIGHLY recommend is for spyware prevention, SpywareBlaster. This app sets certain registry entries that prevent spyware from ever installing, it DOES NOT run in the background using any resources, you just set it and forget it. Once you have installed these three MUST HAVE apps you then need to update them and keep them up to date. I would recommend checking for updates weekly, it’s just like your antivirus app, you need to stay protected from the latest spyware out there. To update SpyBot just open the app from your start menu (use the advanced mode option) and select “search for updates” it will then show you what updates are available for download, always install all the updates. Another feature that SpyBot has is called “Immunize”, you will see an icon for it. Select the icon and under “Permanent Internet Explorer Immunity” select “Immunize” this works in the same way as SpywareBlaster in blocking new spyware. It also gives you the option of locking your hosts file against hijackers, I highly recommend using this option as well. To update Ad Aware just open it and select “Check for updates now”. For SpywareBlaster it is mostly the same, open it up and select “Check for updates” once you update this you then must select “select all” and then “Protect against checked items” so that the updates you just did take effect. Anything these apps find is spyware and should be removed, if you choose not to remove what is found then you have no one to blame if your pc crashes due to spyware or your privacy is invaded (including these companies stealing your credit card number and identity
View 9 Replies
View Related
Jan 14, 2006
I'm experienceing problems running the internet. Each time I try connecting tho the Net, despite changing the default homepage which has been changed to c:secure32.html I get a warning message about spyware I have also run Spybot Search and Destroy and the Lavasoft Ad-ware and removed all of the critical objects.
View 14 Replies
View Related
Oct 2, 2006
My PC is infected with some bad stuff and I'm not sure what to do. So far I have tried to run Spybot S&D, Registry mechanic, ewido anti-spyware, Spyware Doctor and SpywareBlaster all of these programs seize when carrying out a scan and I have no option but to close the pc down with the power button. I am pretty much at a loss as what to do next and was hoping one of you kind souls could help me. I am running xp.
View 14 Replies
View Related
Jun 20, 2005
My XP SP2 is not detecting any new printer attached. Both parallel and USB ports are not being detected. When I connect the printer and reboot, its like nothing at all has happened. The PC sits there finished booting, calm and quiet. They were being detected and installed some time ago. I suspect it might be a window corruption.. or some registry problem. Is there any way to refresh the windows registery so that it will start picking up printers again? Other devices like memory stick, external hard disk etc. are being picked up and working fine with USB
View 1 Replies
View Related
Aug 4, 2007
I've been trying with little success to get my mum's computer to run smoother. She has a Compaq Presrio 2100 running Windows XP-Home with Service Pack 2. Celeron 2.40 GHz - 448 MB RAM 37.2 Gig (using 11.9 - remaining 25.3) She is running Norton (argh) and I have put this machine through several scans for malware, adware and viruses and have found absolutely nothing. I have defragged, Dr. Watsoned, ran the Windows Error Checking Tool, and inflicted several other Windows tools on this poor machine, but I am unable to get the dang thing to speed up at start-up and shut-down. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:38:55 PM, on 8/4/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Runningprocesses: C:WINDOWSS ystem32smss.exe C :WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:Program FilesWindows DefenderMsMpEng.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesSymantec SharedccSvcHst.exe C:Program Files Common FilesSymantec SharedAppCoreAppSvc32.exe C:WINDOWSsystem32spoolsv.exe C:ProgramFiles SymantecLiveUpdateALUSchedulerSvc.exe C:Program FilesCommon FilesSymantec SharedccSvcHst.exe C:Program FilesCisco SystemsVPN Clientcvpnd.exe C:WINDOWSsystem32HPConfig.exe C:Program FilesHPQNotebook UtilitiesHPWirelessMgr.exe C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32carpserv.exe C:Program FilesSynapticsSynTPSynTPLpr.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:Program FilesWindows DefenderMSASCui.exe C:Program FilesJavajre1.6.0_02�injusched.exe C:WINDOWS system32ctfmon.exe C:Program FilesLinksysWireless-G Notebook AdapterOdHost.exe C:Program FilesLinksysWireless-G Notebook Adapter WPC54Cfg.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Spyware ToolsHiJackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jspR1- HKLMSoftware MicrosoftInternet ExplorerMain, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = http://wpad/wpad.dat
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:Program FilesMicrosoft MoneySystemmnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:SPYWAR~1SPYBOT~1SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_02�inssv.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM..Run: [CARPService] carpserv.exe O4 - HKLM..Run: [Cpqset] C:Program FilesHPQDefault Settingscpqset.exe O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [srmclean] C:CpqsScomsrmclean.exe O4 - HKLM..Run: [Display Settings] C:Program FilesHPQNotebook Utilitieshptasks.exe /s O4 - HKLM..Run: [SynTPLpr] C:Program FilesS ynapticsSynTPSynTPLpr.exeO4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe O4 - HKLM..Run: [osCheck] "C:Program FilesNorton AntiVirusosCheck.exe" O4 - HKLM..Run: [ccApp] C:Program FilesCommon FilesSymantec SharedccApp.exe O4 - HKLM..Run: [Windows Defender] "C:Program FilesWindows DefenderMSASCui.exe" -hide O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_02�injusched.exe" O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Cisco Systems VPN Client.lnk = C:Program FilesCisco SystemsVPN Clientvpngui.exe O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:Program FilesLinksysWireless-G Notebook AdapterStartup.exe O8 - Extra context menu item: &AIM Search - res://C:Program FilesAIM ToolbarAIMBar.dll/aimsearch.htm
O14 - IERESET.INF: START_PAGE_URL=http://qus8l.hpwis.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/...dsolutions.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/game...ploader_v6.cab O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:Program FilesCisco SystemsVPN Clientcvpnd.exe O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:WINDOWSsystem32HPConfig.exe O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:Program FilesHPQNotebook UtilitiesHPWirelessMgr.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:Program FilesNorton AntiVirusisPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe O23 - Service: NICSer_WPC54G - Unknown owner - C:Program FilesLinksysWireless-G Notebook AdapterNICServ.exe O23 - Service: Pml Driver - HP - C:WINDOWSsystem32HPHipm09.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe End of file - 6659 bytes
View 10 Replies
View Related
Jan 29, 2005
Having problems with popups all of a sudden, I'v never used hijack before and not really sure of what I'm looking at. I did attach a copy of log. Logfile of HijackThis v1.99.0 Scan saved at 4:45:27 PM, on 1/29/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exeC:WINDOWSsystem32svchost.exeC:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32CTsvcCDA.EXE C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32 vsvc32.exe C:WINDOWSsystem32MsPMSPSv.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
C:WINDOWSsystem32CTHELPER.EXE C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe C:WINDOWSsystem32Ubxoiw.exe C:WINDOWSsystem32ctfmon.exe C:DOCUME~1JackLOCALS~1TempTemporary Directory 1 for hijackthis.zipHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cnn.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cnn.com/ R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:Program FilesICQToolbar oolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:Program FilescontMediaAnatomical Atlas HRMSDXM.OCX O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:Program FilesICQToolbar oolbaru.dll O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdreg.exe
O4 - HKLM..Run: [CTStartup] C:Program FilesCreativeSBAudigyProgramCTEaxSpl.EXE /run O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" -osboot
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k O4 - HKLM..Run: [CTHelper] CTHELPER.EXE O4 - HKLM..Run: [mmtask] C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe O4 - HKLM..Run: [version] C:WINDOWSsystem32Srkgph.exe O4 - HKLM..Run: [secure] C:WINDOWSsystem32Ubxoiw.exe O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe" O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [TaskTray] "C:Program FilesCreativeTaskBarCTLTray.exe" O4 - HKCU..Run: [TaskBar] "C:Program FilesCreativeTaskBarCTLTask.exe" O8 - Extra context menu item: &ICQ Toolbar Search - res://C:Program FilesICQToolbar oolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_05�in
pjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_05�in pjpi142_05.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:Program FilesICQLiteICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:Program FilesICQLiteICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2- 9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb02a.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)- http://v5.windowsupdate.microsoft.co...?1094006758724 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/C...CamControl.ocx O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab33902.cab O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O23 - Service: Adobe LM Service - Unknown - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.EXE O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
View 4 Replies
View Related
May 7, 2005
For two weeks I have had a constant problem with freezing and disconnects on various sites, including updates for Norton and AdAware, so I don't know if it is browser related or not. Every few minutes data in and out stop completely for about 30 seconds, then resume normally until the next freeze. The disconnects may happen every few minutes, then may not happen for several days. This is a 38kbs dial-up, with no prior major problems. My ISP is baffled, Norton has NEVER found anything, AdAware finds only the normal browser cookies, Spybot never finds ANYTHING if I run AdAware first, the free version of Registry Mechanic didn't help, CWShredder found nothing. This happens even with no other programs running. This was not a gradual thing--if was fine one day, problem the next day. I tried un and reinstalling the modem driver and got a "not configured properly" message no matter how I tried it, so had to use system restore to get it back. Occasionally IE opens with the plain screen with "browser cannot find style and presentation information", then the next time it is normal. Logfile of HijackThis v1.97.7 Scan saved at 12:33:15 AM, on 5/7/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32LEXPPS.EXE C:WINDOWSSystem32cisvc.exe C:WINDOWSSystem32CTsvcCDA.EXE C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:Program FilesNorton AntiVirus
avapsvc.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32svchost.exe C:WINDOWSwanmpsvc.exe C:WINDOWSSystem32MsPMSPSv.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesDellEUSWSupport.exe C:Program FilesCreativeSBLiveCreative Diagnostics 2.0DIAGENT.EXE
C:PROGRA~1NORTON~1 avapw32.exe C:Program FilesJavajre1.5.0_02�injusched.exe C:WINDOWSSystem32devldr32.exe C:WINDOWSSystem32ctfmon.exe
C:Program FilesDellSupportAlert�inNotifyAlert.exe C:WINDOWSSystem32cidaemon.exe C:WINDOWSSystem32cidaemon.exe C:Program FilesInternet Exploreriexplore.exe C:unzippedhijackthis[1]hijackthis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dellnet.com/ R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dellnet.com R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dellnet.com R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dellnet.com O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:Program FilesMicrosoft MoneySystemmnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF- FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [DwlClient] C:Program FilesCommon FilesDellEUSWSupport.exe O4 - HKLM..Run: [DIAGENT] C:Program FilesCreativeSBLiveCreative Diagnostics 2.0DIAGENT.EXE startup O4 - HKLM..Run: [AHQInit] C:Program FilesCreativeSBLiveProgramAHQInit.exe O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~1 avapw32.exe O4 - HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02�injusched.exe O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSSystem32ctfmon.exe O4 - HKCU..Run: [Microsoft Works Update Detection] C:Program FilesMicrosoft WorksWkDetect.exe
O4 - Startup: TempCleaner.pif = C:PROGRA~1TEMPCL~1TEMPCL~1.BAT O8 - Extra context menu item: &Yahoo! Search - file:///C:Program FilesYahoo!Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:Program FilesYahoo!Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:Program FilesYahoo!Common/ycdict.htm O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O15 - Trusted Zone: www.forsalebyowner.com
O15 - Trusted Zone: http://play.hoylegames.com O15 - Trusted Zone: http://softwareupdates.roxio.com O15 - Trusted Zone: http://hoylegames.sierra.com O16 - DPF: ppctlcab - http://69.44.122.156/scanner/ppctlcab.cab O16 - DPF: Yahoo! Spades - http://download.games.yahoo.com/game...ts/y/st2_x.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/downlo...?1074912086675 O16 - DPF: {29B2C103-AB53-4971-B765-FC1CE5D8B2D1} - http://www.silvercrk.com/php/hwspade...07_4998516.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156/scanner/axscanner.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/yinst/yinst_current.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl acti..._v1-0-3-18.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://play.hoylegames.com cab/WONWe...herControl.cab O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O17 - HKLMSystemCCSServicesTcpip..{C9528AAA-94E7-49CE-A1D0-ABE5E2967B5C}: NameServer = 65.120.0.2 65.120.0.10
View 3 Replies
View Related
Mar 29, 2010
I've been getting a BSOD, and I can't seem to pin down what might be causing it. I've attached the minidump to this.
View 10 Replies
View Related
Sep 5, 2009
Im having a problem with the USB error bubble popping up constantly.. Sometimes i will get an hour or two without the bubble coming up.. but usually it pops up bout every 2-5 seconds.. As you could probably guess this is interferring with how my computer is operating.. It freezes up alot but it will resume after the freeze.If i restart sometimes that will help a little by cutting down how many times the bubble comes up.. I dont have anything plugged into the USBs But i do have a modem connected by ethernet.The error bubbles say USB device unrecognized after clicking on it it shows one unknown device. I have tried powering down and shutting off the power strip. And unistalling all devices and rebooting.
View 14 Replies
View Related
Aug 8, 2005
Today I've been receiving a Windows error warning of a power surge on the USB hub. This warning continues to pop up (and block document windows) even after removing all USB devices. If I click on the error, I get a dialog box reporting that one USB device is drawing too much power through the hub, and it lists 5 USB ports with one highlighted as the problem device. It instructs me to remove the device and click the Reset button.I have three problems with this error. First, from the dialog box there's little way for me to determine which physical USB port is the problem, so I have to unplug all devices. Second, doing as instructed (disconnecting the devices and clicking Reset) doesn't clear up the problem, as I immediately get another warning.
View 5 Replies
View Related
Apr 21, 2007
I just recently had to do a system rescue on my hp machine. One issue i have run into is the computer will not boot up if the external HD is connected. This was not an issue prior. The drive is a fantom external drive and is connected by usb.
View 10 Replies
View Related
May 6, 2006
I have an MP3 player with a USB connection attached. Whenever I plug it in it tells me the information is on the J Drive, but I don't appear to have a J Drive. Can anyone explain what the J Drive is?
View 13 Replies
View Related
Mar 20, 2007
I've got win xp, recently it is running very slowly especially when I try to get on the internet. I am attaching hicjackthis log, are there any obvious problems, I have a hunch that there are some programs which I don't use which slow down the system. Any suggestions? Thanks Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22:02:05, on 20/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWS system32lsass.exe C:WINDOWSsystem32svchost.exe C:Program FilesWindows DefenderMsMpEng.exe C:WINDOWSSystem32svchost.exe C:WINDOWS system32spoolsv.exe D:avasy anti virusaswUpdSv.exe D:avasy anti virusashServ.exe C:WINDOWSsystem32 vsvc32.exe C:WINDOWS system32svchost.exe C:WINDOWSExplorer.EXE C:Program FilesCanonCALCALMAIN.exe D:avasy anti virusashMaiSv.exe D:AVASYA~1ashDisp.exe
D:scannerHP Share-to-Webhpgs2wnd.exe C:Program FilesPicasa2PicasaMediaDetector.exe C:WINDOWSsystem32LVCOMSX.EXE C:Program Files LogitechVideoLogiTray.exe C:Program FilesThomsonSpeedTouch USBDragdiag.exe C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
D:avasy anti virusashWebSv.exe C:WINDOWSsystem32RUNDLL32.EXE C:Program FilesWindows DefenderMSASCui.exe C:WINDOWSsystem32 undll32.exe
D:Java�injusched.exe C:Program FilesQuickTimeqttask.exe D:iTunesiTunesHelper.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesGoogle Google ToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe C:Program FilesWireless DeviceWireless KeyboardMagickey.exe C:Program FilesWireless DeviceWireless MouseMouseAp.exe D:scannerHP Share-to-Webhpgs2wnf.exe C:Program FilesWireless DeviceWireless Keyboardosd.exe
C:Program FilesLogitechVideoFxSvr2.exe C:Program FilesiPod�iniPodService.exe C:Program FilesInternet Exploreriexplore.exe D:Program Files weak uiHiJackThis_v2.exe R0 - HKCUSoftwareMicrosoftInternet Explorer Main,Start Page = http://news.bbc.co.uk/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:Java�inssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program files googlegoogletoolbar4.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar4.dll
O4 - HKLM..Run: [avast!] D:AVASYA~1ashDisp.exe O4 - HKLM..Run: [Share-to-Web Namespace Daemon] D:scannerHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [Windows Defender] "C:Program FilesWindows DefenderMSASCui.exe" -hideO4 - HKLM..Run: [SunJavaUpdateSched] "D:Java�injusched.exe" O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [iTunesHelper] "D:iTunesiTunesHelper.exe" O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program Files Logitech VideoManifestEngine.exe" boot O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUSS-1-5-21-1214440339-2025429265-725345543-1004..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background (User 'Mary') O4 - HKUSS-1-5-21-1214440339-2025429265-725345543-1004..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe (User 'Mary') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader eader_sl.exe O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:Program FilesWireless DeviceWireless KeyboardMagickey.exe O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:Program FilesWireless DeviceWireless MouseMouseAp.exe O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE O8 - Extra context menu item: &Google Search - res://c:program filesgoogle GoogleToolbar2.dll /cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:MICROS~1OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:Java�inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:Java�inssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:MICROS~1OFFICE11REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O15 - Trusted Zone: http://www.boots.co.uk O15 - Trusted Zone: http://www.skl-network.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.co/kos/english...an_unicode.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/1f16/uploader2.cab O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5...ws-i586-jc.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandon demand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLMSystemCCSServicesTcpip..{DF43DB2B-C236-4154-B334-12818626C126}: NameServer = 212.139.132.5 212.139.132.4
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSsystem32�rowseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSsystem32�rowseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:avasy anti virusaswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - D:avasy anti virusashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:avasy anti virusashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:avasy anti virusashWebSv.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:Program FilesCanonCALCALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:Program FilesCommon FilesInstallShield Driver11Intel32IDriverT.exe (file missing) O23 - Service: iPod Service - Apple Computer, Inc. - C:Program FilesiPod�iniPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32 vsvc32.exe
View 1 Replies
View Related
Jul 3, 2005
My computer is running very slowly, and things like WinXP do not automatically update. I ran a trojan program, as well as Norton Antivirus, and Spy Sweeper. Can someone here please review this log Logfile of HijackThis v1.99.1 Scan saved at 4:29:52 PM, on 7/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2800.1106)Running processes:
C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:PROGRA~1COMMON~1AOLACSacsd.exe
C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe C:WINDOWSSystem32gearsec.exe C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe C:Program FilesPhotodexProShowGoldScsiAccess.exe C:WINDOWSSystem32svchost.exe
C:Program FilesWebrootSpy SweeperWRSSSDK.exe C:WINDOWSSystem32wdfmgr.exe C:WINDOWSwanmpsvc.exe C:WINDOWSSystem32MsPMSPSv.exe C:windowssystemhpsysdrv.exe C:HPKBDKBD.EXE C:WINDOWSSystem32VTTimer.exe C:PROGRA~1SYMANT~1SYMANT~1vptray.exe C:Program FilesMultimedia Card Readershwicon2k.exe C:Program FilesJavaj2re1.4.2_06�injusched.exe C:WINDOWSLTMSG.exe C:WINDOWSSystem32 undll32.exe C:WINDOWSSystem32wuauclt.exe C:Program FilesWebrootSpy SweeperSpySweeper.exe C:WINDOWSexplorer.exe C:Documents and SettingsOwnerDesktopNew FolderHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-qus10.hpwis.com/ R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://qus10.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-qus10.hpwis.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://srch-qus10.hpwis.com R1 -HKCUSoftware MicrosoftWindows CurrentVersionInternet Settings,ProxyOverride = localhost O1 - Hosts: 64.91.255.87 www.dcsresearch.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: (no name) -{53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:PROGRA~1PopUpCopPopUpCop.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe O4 - HKLM..Run: [VTTimer] VTTimer.exe O4 - HKLM..Run: [vptray] C:PROGRA~1SYMANT~1SYMANT~1vptray.exe O4 - HKLM..Run: [Sunkist2k] C:Program FilesMultimedia Card Readershwicon2k.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_06�injusched.exe O4 - HKLM..Run: [LTMSG] LTMSG.exe 7 O4 - HKLM..Run: [New.net Startup] rundll32 C:PROGRA~1NEWDOT~1NEWDOT~1.DLL,NewDotNetStartup -s O4 - HKLM..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeper.exe" /startintray O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe O4 - Global Startup: RealSecure(r) Desktop Protector.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:Program FilesAIM ToolbarAIMBar.dll/aimsearch.htm O8 - Extra context menu item: &Google Search - res://c:program filesgoogleGoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Open Image in New Window - res://C:Program FilesPopUpCoppopupcop.dll/imagenew O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:program filesgoogleGoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_06�in pjpi142_06.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_06�in pjpi142_06.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:Program FilesPartyPokerPartyPoker.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:Program FilesPartyPokerPartyPoker.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU) O10 - Hijacked Internet access by New.Net O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM) O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:counter.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1093219557375 O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.amazon.ofoto.com/download...1/axofupld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/...er/MotUtil.cab O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll O20 - Winlogon Notify: NavLogon - C:WINDOWSSystem32NavLogon.dll O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSacsd.exe O23 - Service: BlackICE - Unknown owner - C:Program FilesNetwork ICEBlackICE�lackd.exe (file missing) O23 - Service: DefWatch - Symantec Corporation - C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe
O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:WINDOWSSystem32gearsec.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPod�iniPodService.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe O23 - Service: RapApp - Unknown owner - C:Program FilesNetwork ICEBlackICERapApp.exe (file missing) O23 - Service: ScsiAccess - Unknown owner - C:Program FilesPhotodexProShowGoldScsiAccess.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:Program FilesWebrootSpy SweeperWRSSSDK.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:Program FilesTuneUp Utilities 2004WinStylerThemeSvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:WINDOWSwanmpsvc.exe
View 9 Replies
View Related
Oct 13, 2005
what I'm thinking is that I'm just going to have to pay & get this pc cleaned because after I go thru all the steps to correct it.later it starts freezing and stuff sooo bad that I always have to reset it like you do when you first by the pc because it won't let me estore pc using restore systems. So, here is my hijack this log. Logfile of HijackThis v1.99.1 Scan saved at 11:49:15 AM, on 10/13/2005
Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes:C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:windowssystemhpsysdrv.exe C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe C:Program FilesVERITAS SoftwareUpdate Managersgtray.exe C:WINDOWSsystem32dla fswctrl.exe
C:WINDOWSSystem32igfxtray.exe C:WINDOWSSystem32hkcmd.exe C:WINDOWSsystem32ps2.exe C:WINDOWSetbpokapoka75.exe C:WINDOWSSystem32w?auclt.exe
C:Program Filesapsiwtta.exe C:Program Fileshp center137903ProgramBackWeb-137903.exe c:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesInternet Exploreriexplore.exe C:Program Filesewidosecurity suiteSecuritySuite.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesHijackThisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =http://www.24-7searching-and-more.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://us6.hpwis.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-us6.hpwis.com/ R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.24-7searching-and-more.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.24-7searching-and-more.com/sp2.php R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://us6.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-us6.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://srch-us6.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://srch-us6.hpwis.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://us6.hpwis.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://srch-us6.hpwis.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://srch-us6.hpwis.com/ R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe O4 - HKLM..Run: [CamMonitor] c:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe O4 - HKLM..Run: [StorageGuard] "C:Program FilesVERITAS SoftwareUpdate Managersgtray.exe" /r O4 - HKLM..Run: [dla] C:WINDOWSsystem32dla fswctrl.exe
O4 - HKLM..Run: [DDCActiveMenu] "C:Program FilesWildTangentDDCActiveMenuDDCActiveMenu.exe" -boot O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe O4 - HKLM..Run: [IST Service] C:Program FilesISTsvcistsvc.exe
O4 - HKLM..Run: [System service75] C:WINDOWSetbpokapoka75.exe O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Mrqx] C:WINDOWSSystem32w?auclt.exe O4 - HKCU..Run: [Notn] "C:Program Filesapsiwtta.exe" -vt mt O4 - Global Startup: hp center.lnk = C:Program Fileshp center137903ProgramBackWeb-137903.exe O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/game...s/y/pyt1_x.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com download.yaho...st20040510.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:Program FilesNorton AntiVirus avapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe O23 - Service: Windows 32 Bit (Windows 32 Bit Drivers) - Unknown owner - C:WINDOWSWinVid32.exe
View 14 Replies
View Related
Apr 11, 2007
Computer seems to be slowed down, PLUS it seems to slow down its internet connection that is max 10 mips down, to a crawl, then it speeds back up. Cable claims all is okay on their end, and is something on my system. If someone can tell me if there is anything running in this HJ log that shouldn't be, or that I don't need to have running, Logfile of HijackThis v1.99.1 Scan saved at 1:21:21 PM, on 4/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes:
C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:Windows DefenderMsMpEng.exe C:WINDOWSsystem32svchost.exe C:Program FilesCommon FilesSymantec SharedccProxy.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Norton Personal FirewallISSVC.exe C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:WINDOWSsystem32�rsvc01a.exe
C:WINDOWSsystem32�rss01a.exe C:WINDOWSsystem32spoolsv.exe C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe C:WINDOWSsystem32CTsvcCDA.EXE C:Norton SystemWorksNorton AntiVirusIWPNPFMntor.exe C:NORTON~1NORTON~1NPROTECT.EXE C:WINDOWSsystem32PSIService.exe C:NORTON~1NORTON~1SPEEDD~1NOPDB.EXE C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32WFXSVC.EXE C:WINDOWSsystem32MsPMSPSv.exe C:WINDOWSsystem32hkcmd.exe C:Windows DefenderMSASCui.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:WINDOWSsystem32wfxsnt40.exe C:Program FilesMicrosoft IntelliType Proitype.exe C:WINDOWSsystem32ctfmon.exe C:LogitechMouseWaresystemem_exec.exe C:WinZipwinzip32.exe C:DoughijackthisHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cnn.com/ R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = ftp=localhost:8118;gopher=localhost:8118;http=localhost:8118;https=localhos t:8118;socks=localhost:8118 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Norton SystemWorksNorton AntiVirusNavShExt.dll O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Norton SystemWorksNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE O4 - HKLM..Run: [Windows Defender] "C:Windows DefenderMSASCui.exe" -hide O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer O4 - HKLM..Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM..Run: [itype] "c:Program FilesMicrosoft IntelliType Proitype.exe" O4 - HKLM..RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:WINDOWSsystem32sti_ci.dll,WiaCreateWizardMenu O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Norton SystemWorks] "C:Norton SystemWorkscfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:MICROS~1OFFICE11EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Java�in pjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Java�in pjpi150_04.dll O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install...ds/tgctlcm.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1155682376421 O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:WINDOWSsystem32�rsvc01a.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:Norton Personal FirewallISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Norton SystemWorksNorton AntiVirus avapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Norton SystemWorksNorton AntiVirusIWPNPFMntor.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:NORTON~1NORTON~1NPROTECT.EXE O23 - Service: ProtexisLicensing - Unknown owner - C:WINDOWSsystem32PSIService.exe O23 - Service: SAVScan - Symantec Corporation - C:Norton SystemWorksNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:NORTON~1NORTON~1SPEEDD~1NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:WINDOWSsystem32WFXSVC.EXE
View 2 Replies
View Related
Nov 14, 2008
Lately my PC freezes up for virtually no reason. The computer is older but runs just fine besides the freezing up. Not sure if its just time to get a new computer or if its just a glitch. I've attached a hijackthis log, hopefully if there is a glitch we can find it. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:55:49 PM, on 11/14/2008 Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:Program FilesWindows DefenderMsMpEng.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:PROGRA~1COMMON~1aolACSAOLacsd.exe C:Program FilesCommon FilesAppleMobile Device Support�inAppleMobileDeviceService.exe C:PROGRA~1AVGAVG8avgwdsvc.exe C:Program FilesBonjourmDNSResponder.exe C:Program FilesWIDCOMMBluetooth Software�in�twdins.exe C:WINDOWSsystem32cisvc.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesViewpointCommonViewpointService.exe C:WINDOWSwanmpsvc.exe C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:WINDOWSsystem32ctfmon.exe C:Program FilesAWSWeatherBugWeather.exe C:Program FilesThe Weather Channel FWDesktopDesktopWeather.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe C:Program FilesNokiaNokia PC Suite 7PCSync2.exe C:Program FilesNokiaNokia PC Suite 7PCSuite.exe C:PROGRA~1AVGAVG8avgrsx.exe C:Program FilesBilleo�illeo.exe C:Program FilesDigital Line DetectDLG.exe C:Program FilesYahoo!Messengerymsgr_tray.exe C:Program FilesViewpointViewpoint ManagerViewMgr.exe C:Program FilesCommon FilesNokiaMPAPIMPAPI3s.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe C:WINDOWSsystem32dlbxcoms.exe C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32cidaemon.exe C:Program FilesInternet ExplorerIEXPLORE.EXE C:Program FilesNokiaNokia PC Suite 7ImageStore.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: LoginMonitorBHO Class - {23128821-FF38-4B38-82EA-FFC6DF4A7DD1} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll O2 - BHO: Billeo - {465E08E7-F005-4389-980F-1D8764B3486C} - c:program files�illeo�illeo.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:Program FilesYahoo!Commonyiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_05�inssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: Billeo - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - c:program files�illeo�illeo.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:WINDOWSSYSTEM32TwcToolbarIe7.dll O4 - HKLM..Run: [Adobe Photo Downloader] "C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [Yahoo! Pager] "C:Program FilesYahoo!MessengerYahooMessenger.exe" -quiet O4 - HKCU..Run: [Weather] C:Program FilesAWSWeatherBugWeather.exe 1 O4 - HKCU..Run: [DW6] "C:Program FilesThe Weather Channel WDesktopDesktopWeather.exe"
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKCU..Run: [Nokia.PCSync] "C:Program FilesNokiaNokia PC Suite 7PCSync2.exe" /NoDialog O4 - HKCU..Run: [PC Suite Tray] "C:Program FilesNokiaNokia PC Suite 7PCSuite.exe" -onlytray O4 - Global Startup: billeo.lnk = C:Program FilesBilleo�illeo.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE O8 - Extra context menu item: &AOL Toolbar search - res://C:Program FilesAOL Toolbar oolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Yahoo! Search - file:///C:Program FilesYahoo!Common/ycsrch.htm O8 - Extra context menu item: Send To &Bluetooth - C:Program FilesWIDCOMMBluetooth Software�tsendto_ie_ctx.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:Program FilesYahoo!Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:Program FilesYahoo!Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:Program FilesYahoo!Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05�inssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05�inssv.dll O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file) O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:Program FilesYahoo!Commonyiesrvc.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:Program FilesBonjourExplorerPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Software�tsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Software�tsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - c:program files�illeo�illeo.dll (HKCU)
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://usercenter.cox.net/rsuite/sdc...cx_tgctlcm.jsp O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:Program FilesYahoo!Commonyinsthelper.dll O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebI...6-6D5536C585C9} O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.1.1.74.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net qtinstall.in...lInstaller.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1145286197448 O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/download...1/axofupld.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/soft...ch/alaunch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://68.228.1.61:7000/activex/AxisCamControl.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://131.107.96.16/media/xp/TLIEFlash.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/game...ploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {EC8C56B1-D027-4AB2-AF63-F845CCEE59B5} (DocumentAccessor Class) - https://billmanager.aol.com/billmana...oginHelper.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL,avgrsstx.dll O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:PROGRA~1COMMON~1aolACSAOLacsd.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:Program FilesCommon FilesAppleMobile Device Support�inAppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesWIDCOMMBluetooth Software�in�twdins.exe O23 - Service: dlbx_device - Dell - C:WINDOWSsystem32dlbxcoms.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPod�iniPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:Program FilesViewpointCommonViewpointService.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:WINDOWSwanmpsvc.exe
View 3 Replies
View Related
Jun 1, 2005
I've seen blue screens maybe 5 times in the last few months, but never on a cold startup. It was turned off totally for several hours, and at startup I got "A problem has been detected and windows has been shut down to prevent damage to your computer. FILE_SYSTEM If this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow these steps: Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need. If problems continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such as caching or shadowing. If you need to use safe mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then select Safe Mode. Technical information:* **STOP: 0x00000022 (0x000202EF, 0x824A2D28,0x824A2C70,0x8257E620) I killed the power, restarted, and got "Windows was unable to start successfully, etc.", on a black screen. Using 'last known good configuration', it then started normally. Perhaps not coincidentally, my Norton 2002(updated) was acting up again last night. A few days ago I could not get "Autoprotect" turned on even after a reinstall, then it mysteriously started working after one of many reboots. Last night "Autoprotect" quit again, and every attempt to engage it brought a Script Error message I could not get past, but after a single reboot, it started working. After the "Last good configuration" startup today, "Autoprotect" was off again, but after two tries brought "Script error", I was able to get it working simply by checking the "Autoprotect" box. I had another thread here regarding the Norton, titled "what did I do to my Norton", if referring to it helps any. This blue screen business first appeared before SP2 was installed, but I have never been able to connect it with software installations or anything else I have done. My uneducated opinion is that I have had something out of whack for a long time, but have never had someone babysit me through a long enough process to find it. Logfile of HijackThis v1.99.1 Scan saved at 1:09:18 PM, on 6/1/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesAheadInCDInCDsrv.exe C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32LEXPPS.EXE C:WINDOWSsystem32devldr32.exe C:WINDOWSExplorer.EXE C:Program FilesCreativeSBLiveCreative Diagnostics 2.0DIAGENT.EXE C:Program FilesJavajre1.5.0_02�injusched.exe C:Program FilesMicrosoft AntiSpywaregcasServ.exe C:Program FilesAheadInCDInCD.exe C:PROGRA~1NORTON~1
avapw32.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesDell SupportDSAgnt.exe C:PROGRA~1AheadNEROPH~2dataXtrasmssysmgr.exe C:WINDOWSSystem32cisvc.exe C:WINDOWSSystem32CTsvcCDA.EXE C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:WINDOWSSystem32
vsvc32.exe C:WINDOWSSystem32svchost.exe C:WINDOWSwanmpsvc.exe C:WINDOWSSystem32MsPMSPSv.exe C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32cidaemon.exe C:Program FilesNorton AntiVirus avapsvc.exe C:Program FilesHijackthishijackthis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dellnet.com R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dellnet.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dellnet.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:Program FilesMicrosoft MoneySystemmnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [DIAGENT] C:Program FilesCreativeSBLiveCreative Diagnostics 2.0DIAGENT.EXE startup
O4 - HKLM..Run: [AHQInit] C:Program FilesCreativeSBLiveProgramAHQInit.exe O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02�injusched.exe O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~1 avapw32.exe O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [DellSupport] "C:ProgramilesDell SupportDSAgnt.exe" /startup O4 - HKCU..Run: [PhotoShow Deluxe Media Manager] C:PROGRA~1AheadNEROPH~2dataXtrasmssysmgr.exe O4 - Startup: TempCleaner.pif = C:PROGRA~1TEMPCL~1TEMPCL~1.BAT O8 - Extra context menu item: &Yahoo! Search - file:///C:Program FilesYahoo!Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:Program FilesYahoo!Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:Program FilesYahoo!Common/ycdict.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02�in pjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02�in pjpi150_02.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes0521.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:Program FilesMicrosoft MoneySystemmnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2- B9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O15 - Trusted Zone: www.forsalebyowner.com O15 - Trusted Zone: http://hoylegames.sierra.com O15 - Trusted IP range: http://12.129.201.83 O16 - DPF: ppctlcab - http://69.44.122.156/scanner/ppctlcab.cab
O16 - DPF: Yahoo! Spades - http://download.games.yahoo.com/game...ts/y/st2_x.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {29B2C103-AB53-4971-B765-FC1CE5D8B2D1} - http://www.silvercrk.com/php/hwspade...07_4998516.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156/scanner/axscanner.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-18.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://play.hoylegames.com/cab/WONWe...herControl.cab O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSSystem32CTsvcCDA.EXE O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus avapsvc.exe O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:WINDOWSSystem32NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:WINDOWSwanmpsvc.exe
View 14 Replies
View Related
Nov 7, 2006
its been awhile since my last hiJack and I've notice a few things upon start up, just a quick flash of something have no idea what it is.. i've run all my AVG's, sypwear and Adwear but haven't really come up with anything.. if someone could take a look at my log it would be great.Logfile of HijackThis v1.99.1 Scan saved at 5:21:11 PM, on 07/11/2006Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes:C:WINNTSystem32smss.exe C:WINNTsystem32winlogon.exe C:WINNTsystem32services.exe C:WINNTsystem32lsass.exe C:WINNTsystem32svchost.exe C:WINNTSystem32svchost.exe C:WINNTsystem32spoolsv.exe
C:WINNTExplorer.EXE C:Program FilesDIGStreamdigstream.exe C:Program FilesMicrosoft HardwareKeyboard ype32.exe C:WINNTsystem32NVATray.exe C:PROGRA~1GrisoftAVGFRE~1avgcc.exe C:PROGRA~1GrisoftAVGFRE~1avgemc.exe C:Program FilesJavajre1.5.0_06�injusched.exe C:Program FilesCommon FilesRealUpdate_OB ealsched.exe C:Program FilesE-ColorTrue Internet ColorTICIcon.exe
C:downloadslogitechmouseMouseWaresystemem_exec.exe C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:downloadsewidosecurity suiteewidoctrl.exe C:WINNTSystem32 vsvc32.exe C:WINNTSystem32svchost.exe C:WINNTsystem32WgaTray.exe
C:Program FilesMozilla Firefoxfirefox.exe C:WINNTsystem32wuauclt.exe C:downloadshijackthisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://yahoo.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com N3 - Netscape 7: user_pref("browser.startup.homepage", "http:/www.yahoo.com"); (C:Documents and SettingsAdm inistratorApplication DataMozillaProfilesdefaultczxbl1g7.sltprefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5Cdownloads%5CNetscape6%5Csearchplugins%5CSBWeb_01.src"); (C:Documents and SettingsAdministratorApplication DataMozillaProfilesdefaultczxbl1g7.sltprefs.js) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:downloadsacrobat readerReaderActiveXAcroIEHelper.ocx O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B- 8BC-4B02-94D6-2FC0DE4A7897} - C:downloadsyahooCommonyiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06�inssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:downloadsyahooCompanionInstallscpn1yt.dll O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM..Run: [LoadQM] loadqm.exe O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM..Run: [DIGStream] C:Program FilesDIGStreamdigstream.exe O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe" O4 - HKLM..Run: [NVIDIA nForce APU1 Utilities] NVATray.exe O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe O4 - HKLM..Run: [NeroFilterCheck] C:WINNTsystem32NeroCheck.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06�injusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:downloadsquicktimeqttask.exe" -atboottime O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe O4 - Global Startup: True Internet Color Icon.lnk = C:Program FilesE-ColorTrue Internet ColorTICIcon.exe O8 - Extra context menu item: &Yahoo! Search - ile:///C:downloadsyahooCommon/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:downloadsyahooCommon/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:downloadsyahooCommon/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:downloadsyahooCommon/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06�inssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06�inssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} C:downloadsyahooCommonyiesrvc.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:downloadsicqICQICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:downloadsicqICQICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:downloadsAOLaim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab40641.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:downloadsyahooCommonyinsthelper.dll O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10...y.cab32846.cab O16 - DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} (QOLCheck Control) - https://www.qwizonline.com/cabs/QOLCheck.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) http://by2fd.bay2.hotmail.msn.com/re...s/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab32846.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1123916575234 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10...y.cab41227.cab O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames...A.cab40641.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:WINNTSYSTEM32WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:downloadsewidosecurity suiteewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - G:LaureniPod�iniPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINNTSystem32 vsvc32.exe
View 1 Replies
View Related
Mar 20, 2005
My computer has been very bogged down. Can you please advise on attached hijack this list?
View 2 Replies
View Related
Jul 7, 2005
I recently attached a new dvd rom to my pc. After it was detached, the drive letters on my extra HDD's have changed around.Can anyone please explain to me how to change the drive letters back?
View 6 Replies
View Related
Dec 23, 2005
Can someone look at the attached Windows XP Mini-dump and tell me what it says about these random BSODs I have been experiencing?
View 7 Replies
View Related
Jul 11, 2005
Is there anyway to designate which drive letters a USB storage device will take?I have a WinXP Pro, SP2, workstation attached to a domain and I have several mapped drives that are assigned to me. Additionally, I have one floppy, two hard drives and two CD drives. These take up A, C, D, E, and F. The mappings use G, I, N and Z. The probelm occurs when I plug in any type of USB storage device (my thumb drive or cammera). It automatically gets assigned G drive. I can access the USB device but when I go to properties, I get the mapped drives info.
View 6 Replies
View Related
Jul 20, 2008
I get all blacked out icons on my pc after it runs for around 4 hours. what is the possible reason? i have attached the screen shots
[img]URL=http://img178.imageshack.us/my.php?image=32877243fu9.png[/img]
View 1 Replies
View Related
May 17, 2010
My SPMS and hard disk attached to another system. It was working properly. I think it was bios problem, How to fix it and How to solve it?
View 1 Replies
View Related
Apr 23, 2006
I have a vaio PCG - 9G5M which has an internal CD reader - i wanted to record DVDs so i brought an external DVD writer - this did not come with any software but the shop gave me Nero version 7.I tried using this but try as i might it wouldnt work - then suddenly the computer stopped recognising the external AND internal disc drives - on the hard ware manager it states that the drivers for these devices are either misisng or corrupt - error message number 39.
I uninstalled the nero. I have tried uninstalling and reinstalling the drivers and uninstalling - turining off - and then trying - always the same message I had a techno guy come and look at it but he buggered up the internet and couldnt get it back - the only thing I could think to do was system roll back - i got my internet back but nero is still there - only this time i cannot uninstall because it states it cannot find certain databasesso, i am left with no internal or external disc driver and half of nero which i cannot shift
View 3 Replies
View Related
Aug 19, 2006
When I start up Musicmatch Jukebbox Plus version 10.0 I get the opening screen and then nothing. I tried to uninstall it in Control Panel and Install Shield freezes. I try to install a new download for musicmatch and Install Shield also freezes. I therefore can't install or uninstall this program. My PC has been intermitantly very very slow for the last few months. Please help. I have a Dell 8200 series PC with XP Professional Below is a copy of the Hijackthis log. Logfile of HijackThis v1.99.1 Scan saved at 11:55:47 AM, on 8/19/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32LEXPPS.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesJavajre1.5.0_06�injusched.exe C:Program Files�one Labs�oneAlarmzlclient.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:PROGRA~1SPYWAR~1swdoctor.exe C:Program FilesPlaxo2.6.2.9PlaxoHelper.exe C:WINDOWSSystem32CTsvcCDA.exe C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:Program FilesNorton AntiVirus avapsvc.exe C:Program FilesNorton AntiVirusIWPNPFMntor.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSsystem32PNUpdate.exe C:Program FilesSpyware Doctorsdhelp.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32wdfmgr.exe C:WINDOWSsystem32�oneLabsvsmon.exe C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE C:WINDOWSSystem32alg.exe C:Program FilesMicrosoft OfficeOffice10OUTLOOK.EXE C:Program FilesMUSICMATCHMUSICMATCH JukeboxMMDiag.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmim.exe C:Program FilesMicrosoft OfficeOffice10WINWORD.EXE C:Program FilesCommon FilesMicrosoft SharedSpeechsapisvr.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesHijackthisHijackThis.exe R0 - HKCUSoftware MicrosoftInternet ExplorerMain,Start Page = http://www.teamster.org/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59- 87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0AcrobatActiveXAcroIEHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1 oolsiesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06�inssv.dll O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:Program FilesViewpoint Viewpoint ToolbarViewBarBHO.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:Program FilesNorton AntiVirus NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:Program FilesAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1 oolsiesdpb.dll O2 - BHO: AIMSite Class - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:Program FilesAIM Toolbaraimhelper.dll (file missing) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:Program FilesAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:Program FilesViewpointViewpoint ToolbarViewBar.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:Program FilesNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06�injusched.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM..Run: [Zone Labs Client] "C:Program Files�one Labs�oneAlarmzlclient.exe" O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKCU..Run: [Spyware Doctor] C:PROGRA~1SPYWAR~1swdoctor.exe /Q O4 - HKCU..Run: [PlaxoUpdate] C:Program FilesPlaxo2.6.2.9PlaxoHelper.exe -a O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O8 - Extra context menu item: &AIM Search - res://C:Program FilesAIM ToolbarAIMBar.dll/aimsearch.htmO8 - Extra context menu item: &Google Search - res://c:program filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Viewpoint Search - res://C:Program FilesViewpointViewpoint ToolbarViewBar.dll/CXTSEARCH.HTML O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06�inssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06�inssv.dllO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1 oolsiesdpb.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe (file missing)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) http://v5.windowsupdate.microsoft.co...?1093720813389 O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax4017.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSSystem32CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPod�iniPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus avapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe O23 - Service: Provision Networks Update Service (PNUpdate) - Provision Networks - C:WINDOWSsystem32PNUpdate.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:Program FilesSpyware Doctorsdhelp.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32�oneLabsvsmon.exe
View 14 Replies
View Related
Jan 4, 2005
My son was online and went to some site that told him to install something to access the site he was trying to reach for playstation codes for a game or something arrrrrrrrg He clicked the x in the corner but it proceeded to download something and installed anyway. I immediately went to the control panel and add/remove and tried to get rid of it but then my computer restarted and I got a fast blue screen... From there... well let me just say its been miserable and it restarts everytime I even try to open my windows folder or regedit. I did manage to get it to search for all files and folders created at that particular time and I deleted every file created during that short period. Spybot wont run for a second and then it restarts my system again and no online virus scanner will run it just locks up or restarts my system. Did some more searching and deleted any unrecognizable files created today and now my process list is clear of all but the one savedump.exe When my computer boots back up to my desktop I get a windows box that says a serious system error occurred and then a second one right after that one. Its running now but I dont know for how long and I dont want to stay on the net cause I dont know if someone has ahold of my system or not. I managed to get hijackthis to download and ran it and this is all it shows. I know a couple of the files are apropos.exe and cxtpls but I cant find any of them in my system or registry now. No searches have found any more files since I deleted the last ones. I have a savedump.exe in my process list that was never there before until this happened and it wont allow me to kill the process in spybot. I started in safemode twice but it still wont allow me to do anything without rebooting as soon as I get close to finding the little booger. Thanks for any help you can give me. logfile of HijackThis v1.99.0
Scan saved at 8:52:07 PM, on 1/4/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32driversKodakCCS.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32ScsiAccess.EXE C:WINDOWSSystem32svchost.exe
C:Program FilesInternet Exploreriexplore.exe C:DOCUME~1GUPPYS~1LOCALS~1TempRar$EX00.448HijackThis.exe O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:WINDOWSBTGrab.dll (file missing) O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActive XAcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:WINDOWSsystem32driversKodakCCS.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe O23 - Service: ScsiAccess - Unknown - C:WINDOWSSystem32ScsiAccess.EXE
View 10 Replies
View Related
