Results 1 to 10 of 12

Thread: Hijackthis Log

Hybrid View

  1. 12-29-2006, 09:59 AM #1
    Mich Guest

    Re: Hijackthis Log

    you can upload your log to these sites, works well to analyze

    http://hjt.iamnotageek.com/


    http://www.hijackthis.de/en
    Your Explorer.exe is in the wrong directory, search for it and look at the
    properties (you will find the legit one too) find the rouge one and rename
    the extension , and I'm not sure what winACE is


    The rest of you Why just attack PCbutts instead of helping the person with
    the post ?
    Butts is craving attention and your giving it to him... DUH!!!!

    Mich...


    <alcarm1964@hotmail.com> wrote in message
    news:1167310390.100511.94640@h40g2000cwb.googlegro ups.com...
    > Just today I started getting that problem where any search results on
    > Google are redirected to other weird sites instead of the ones I want.
    > I ran my Norton thing and a couple of different Spyware programs. Each
    >
    > found 1 or 2 things and fixed them but the problem still exists. I
    > downloaded Hijackthis and ran it a few minutes ago. This is the log it
    >
    > created. I was wondering if someone could take alook and make some
    > recommendations (I have no idea what most of these things are). Also,
    > everything seems to running a little slow...my CPU usase fluctuates
    > constantly
    > between like 10 and 90%...usually, it's pretty steady in the cingle
    > digits. Thanks!
    > ================================================== =======================
    >
    > Logfile of HijackThis v1.99.1
    > Scan saved at 5:38:52 PM, on 12/27/2006
    > Platform: Windows XP SP2 (WinNT 5.01.2600)
    > MSIE: Internet Explorer v7.00 (7.00.5346.0005)
    >
    > Running processes:
    > C:\WINDOWS\System32\smss.exe
    > C:\WINDOWS\system32\csrss.exe
    > C:\WINDOWS\system32\winlogon.exe
    > C:\WINDOWS\system32\services.exe
    > C:\WINDOWS\system32\lsass.exe
    > C:\WINDOWS\system32\Ati2evxx.exe
    > C:\WINDOWS\system32\svchost.exe
    > C:\WINDOWS\system32\svchost.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    > C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    > C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    > C:\WINDOWS\system32\Ati2evxx.exe
    > C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    > C:\WINDOWS\Explorer.EXE
    > C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    > C:\WINDOWS\system32\spoolsv.exe
    > C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    > C:\Program Files\Norton AntiVirus\navapsvc.exe
    > C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    > C:\WINDOWS\system32\HPZipm12.exe
    > C:\Program Files\Spyware Doctor\sdhelp.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\WINDOWS\wanmpsvc.exe
    > C:\WINDOWS\system32\fxssvc.exe
    > C:\WINDOWS\System32\alg.exe
    > C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    > C:\WINDOWS\system32\ps2.exe
    > C:\windows\system\hpsysdrv.exe
    > C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    > C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    > C:\Program Files\DIGStream\digstream.exe
    > C:\Program Files\ESPNRunTime\DIGServices.exe
    > C:\WINDOWS\LTMSG.exe
    > C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    > C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
    > C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    > C:\Program Files\Common Files\Symantec Shared\Security
    > Console\NSCSRVCE.EXE
    > C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    > C:\Program Files\AIM\aim.exe
    > C:\WINDOWS\explorer.exe
    > C:\Program Files\Windows Media Player\wmplayer.exe
    > C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    > C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    > C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    > C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    > C:\Program Files\Spyware Doctor\swdoctor.exe
    > C:\Program Files\Internet Explorer\iexplore.exe
    > C:\Program Files\Microsoft Office\Office\EXCEL.EXE
    > C:\WINDOWS\msagent\AgentSvr.exe
    > C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    > C:\Program Files\WinAce\WinAce.exe
    > C:\DOCUME~1\Owner\LOCALS~1\Temp\~AceTemp\hijackthi s[1]\HijackThis.exe
    >
    >
    > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
    > = http://srch-us7.hpwis.com/
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    > http://go.microsoft.com/fwlink/?LinkId=54729
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
    > = http://go.microsoft.com/fwlink/?LinkId=54896
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    > http://go.microsoft.com/fwlink/?LinkId=54896
    > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    > http://hsremove.com/done.htm
    > R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
    > Settings,ProxyServer = 192.168.254.1:80
    > R3 - URLSearchHook: AOLTBSearch Class -
    > {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL
    > Toolbar 2.0\aoltb.dll (file missing)
    > R3 - URLSearchHook: (no name) - _{6CC1C918-AE8B-4373-A5B4-28BA1851E39A}
    >
    > - (no file)
    > O2 - BHO: Yahoo! Toolbar Helper -
    > {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program
    > Files\Yahoo!\Companion\Installs\cpn\yt.dll
    > O2 - BHO: Adobe PDF Reader Link Helper -
    > {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
    >
    > 7.0\ActiveX\AcroIEHelper.dll
    > O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    > C:\SPYWAR~1\SPYBOT~1\SDHelper.dll
    > O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
    >
    > C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
    > O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    > C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    > O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9}
    >
    > - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
    > O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} -
    > C:\Program Files\Norton AntiVirus\NavShExt.dll
    > O2 - BHO: Google Toolbar Helper -
    > {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
    > files\google\googletoolbar1.dll
    > O2 - BHO: PCTools Browser Monitor -
    > {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
    > C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    > O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} -
    > C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
    > O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B}
    >
    > - C:\Program Files\Norton AntiVirus\NavShExt.dll
    > O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    > c:\program files\google\googletoolbar1.dll
    > O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
    >
    > C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    > O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
    > Files\Java\jre1.5.0_10\bin\jusched.exe"
    > O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    > O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
    > O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon
    > initialize
    > O4 - HKLM\..\Run: [ISUSPM Startup]
    > C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    > O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    > O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
    > C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 5.exe
    > O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    > O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
    > O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
    > O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
    > O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    > O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\Hewlett-Packard\Digital
    > Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    > O4 - HKLM\..\Run: [HP Software Update] C:\Program
    > Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    > O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS
    > Software\Update Manager\sgtray.exe" /r
    > O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    > Files\QuickTime\qttask.exe" -atboottime
    > O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
    > Shared\ccApp.exe"
    > O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
    > O4 - HKLM\..\Run: [DIGServices] C:\Program
    > Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0
    > /poll=24
    > O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
    > O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    > O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    > O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat
    > 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    > O4 - HKCU\..\RunOnce: [FlashPlayerUpdate]
    > C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
    > O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
    > Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    > O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    > Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    > O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program
    > Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
    > O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration
    > Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    > O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM
    > Toolbar\AIMBar.dll/aimsearch.htm
    > O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program
    > files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
    > O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    >
    > C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    > O9 - Extra 'Tools' menuitem: Sun Java Console -
    > {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    > Files\Java\jre1.5.0_10\bin\ssv.dll
    > O9 - Extra button: Spyware Doctor -
    > {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
    > C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    > O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578}
    >
    > - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
    > O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
    > C:\Program Files\AIM\aim.exe
    > O9 - Extra button: PartyPoker.com -
    > {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program
    > Files\PartyGaming\PartyPoker\RunApp.exe
    > O9 - Extra 'Tools' menuitem: PartyPoker.com -
    > {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program
    > Files\PartyGaming\PartyPoker\RunApp.exe
    > O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
    >
    > (no file)
    > O9 - Extra button: PartyPoker.net -
    > {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program
    > files\PartyGaming.net\PartyPokerNet\RunPF.exe
    > O9 - Extra 'Tools' menuitem: PartyPoker.net -
    > {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program
    > files\PartyGaming.net\PartyPokerNet\RunPF.exe
    > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    >
    > C:\Program Files\Messenger\msmsgs.exe
    > O9 - Extra 'Tools' menuitem: Windows Messenger -
    > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    > Files\Messenger\msmsgs.exe
    > O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
    > - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    > O11 - Options group: [INTERNATIONAL] International*
    > O12 - Plugin for .spop: C:\Program Files\Internet
    > Explorer\Plugins\NPDocBox.dll
    > O16 - DPF: JT's Blocks -
    > http://download.games.yahoo.com/game...s/y/blt1_x.cab
    > O16 - DPF: Tornado 21 -
    > http://download.games.yahoo.com/game.../y/t21t0_x.cab
    > O16 - DPF: Video Poker -
    > http://download.games.yahoo.com/game...s/y/vpt0_x.cab
    > O16 - DPF: Yahoo! Backgammon -
    > http://download.games.yahoo.com/game...ts/y/at1_x.cab
    > O16 - DPF: Yahoo! Bingo -
    > http://download.games.yahoo.com/game...ts/y/xt0_x.cab
    > O16 - DPF: Yahoo! Blackjack -
    > http://download.games.yahoo.com/game...ts/y/jt0_x.cab
    > O16 - DPF: Yahoo! Chat -
    > http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
    > O16 - DPF: Yahoo! Klondike Solitaire -
    > http://presence.games.yahoo.com/yog/y/ks12_x.cab
    > O16 - DPF: Yahoo! MahJong Solitaire -
    > http://download.games.yahoo.com/game.../y/mjst4_x.cab
    > O16 - DPF: Yahoo! Poker -
    > http://download.games.yahoo.com/game...ts/y/pt3_x.cab
    > O16 - DPF: Yahoo! Pyramids -
    > http://download.games.yahoo.com/game...s/y/pyt1_x.cab
    > O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) -
    >
    > http://www.nintendowifi.com/troubles.../usbaptest.cab
    > O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    > Advantage Validation Tool) -
    > http://go.microsoft.com/fwlink/?linkid=39204
    > O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} -
    > http://download.ebay.com/turbo_lister/US/install.cab
    > O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} -
    > http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
    > O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
    > scanner) -
    > http://security.symantec.com/sscv6/S...in/AvSniff.cab
    > O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl
    > Class) -
    > http://tools.ebayimg.com/eps/wl/acti...icture_Control...
    >
    > O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
    > http://207.188.7.150/210a200be34ff19...p/RdxIE601.cab
    > O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
    > http://www.bitdefender.com/scan8/oscan8.cab
    > O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI
    > Utility Class) -
    > http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    > O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
    > http://www.nick.com/common/groove/gx/GrooveAX27.cab
    > O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
    >
    > Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    > O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
    >
    > http://www.ravantivirus.com/scan/ravonline.cab
    > O16 - DPF: {A9DD5FE2-5567-4983-971F-C792375025A6} (PhoenixBody Class) -
    >
    > http://software.musicnow.com/musicno...4/MusicNow.cab
    > O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm
    > Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    > O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass
    > Control) -
    > http://download.games.yahoo.com/game...tched/main.cab
    >
    > O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements
    > Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    > O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer
    > Class) -
    > http://a532.g.akamai.net/f/532/6712/...com/downloads/...
    >
    > O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer
    > Class) -
    > http://a532.g.akamai.net/f/532/6712/...d.akamai.com/6...
    >
    > O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online
    > Control) -
    > http://download.games.yahoo.com/game...s/cinematycoon...
    >
    > O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
    > http://download.games.yahoo.com/game...insaniquarium/...
    >
    > O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl
    > Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab
    > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    > O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    > O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
    >
    > C:\WINDOWS\system32\WPDShServiceObj.dll
    > O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
    > C:\WINDOWS\system32\Ati2evxx.exe
    > O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation -
    > C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    > O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation
    >
    > - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    > O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
    > Corporation - C:\Program Files\Common Files\Symantec
    > Shared\ccSetMgr.exe
    > O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    > Corporation - C:\Program Files\Common
    > Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    > O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
    > Files\iPod\bin\iPodService.exe
    > O23 - Service: LiveUpdate - Symantec Corporation -
    > C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    > O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) -
    > Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    > O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) -
    > Symantec Corporation - C:\Program Files\Norton
    > AntiVirus\IWP\NPFMntor.exe
    > O23 - Service: Norton Protection Center Service (NSCService) - Symantec
    >
    > Corporation - C:\Program Files\Common Files\Symantec Shared\Security
    > Console\NSCSRVCE.EXE
    > O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
    > Corporation - C:\WINDOWS\System32\nvsvc32.exe
    > O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    >
    > O23 - Service: Remote Packet Capture Protocol v.0 (experimental)
    > (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f
    > "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    > O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation -
    > C:\Program Files\Norton AntiVirus\SAVScan.exe
    > O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research
    > Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    > O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
    > Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    >
    > O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program
    > Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    > O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
    > Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    > O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) -
    > America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    >
    >


    Reply With Quote Reply With Quote
  2. 12-29-2006, 10:54 AM #2
    Roger Johnson Guest

    Re: Hijackthis Log

    On Fri, 29 Dec 2006 09:59:30 -0500, "Mich" <Mich8hb@netscape.net>
    wrote:

    >you can upload your log to these sites, works well to analyze
    >
    >http://hjt.iamnotageek.com/
    >
    >
    >http://www.hijackthis.de/en
    >Your Explorer.exe is in the wrong directory, search for it and look at the
    >properties (you will find the legit one too) find the rouge one and rename
    >the extension , and I'm not sure what winACE is
    >
    >

    It's an archiving program similar to Winzip or Winrar, getting rather
    old hat now though.
    --
    Reply With Quote Reply With Quote
  3. 12-29-2006, 04:46 PM #3
    pcbutts1 Guest

    Re: Hijackthis Log

    Because the trolls in my sig who stalk me are not capable of reading HJT
    logs so they have nothing better to do then to attack me. That's all Leythos
    does, he never replies to the original poster, he always replies to me, he
    never helps anyone except me by promoting my website. My hit count is up 25%
    in the past 3 months. I just ignore him and let him do his thing, I benefit
    from it.

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker,David H. Lipman, Max M Wachtell III aka
    What's in a Name?,Fitz,Rhonda Lea Kirk,Meat Plow, F Kwatu F, George Orwell



    "Mich" <Mich8hb@netscape.net> wrote in message
    news:X3alh.18$Q4.4@newsfe02.lga...
    > you can upload your log to these sites, works well to analyze
    >
    > http://hjt.iamnotageek.com/
    >
    >
    > http://www.hijackthis.de/en
    > Your Explorer.exe is in the wrong directory, search for it and look at the
    > properties (you will find the legit one too) find the rouge one and rename
    > the extension , and I'm not sure what winACE is
    >
    >
    > The rest of you Why just attack PCbutts instead of helping the person with
    > the post ?
    > Butts is craving attention and your giving it to him... DUH!!!!
    >
    > Mich...
    >
    >
    > <alcarm1964@hotmail.com> wrote in message
    > news:1167310390.100511.94640@h40g2000cwb.googlegro ups.com...
    >> Just today I started getting that problem where any search results on
    >> Google are redirected to other weird sites instead of the ones I want.
    >> I ran my Norton thing and a couple of different Spyware programs. Each
    >>
    >> found 1 or 2 things and fixed them but the problem still exists. I
    >> downloaded Hijackthis and ran it a few minutes ago. This is the log it
    >>
    >> created. I was wondering if someone could take alook and make some
    >> recommendations (I have no idea what most of these things are). Also,
    >> everything seems to running a little slow...my CPU usase fluctuates
    >> constantly
    >> between like 10 and 90%...usually, it's pretty steady in the cingle
    >> digits. Thanks!
    >> ================================================== =======================
    >>
    >> Logfile of HijackThis v1.99.1
    >> Scan saved at 5:38:52 PM, on 12/27/2006
    >> Platform: Windows XP SP2 (WinNT 5.01.2600)
    >> MSIE: Internet Explorer v7.00 (7.00.5346.0005)
    >>
    >> Running processes:
    >> C:\WINDOWS\System32\smss.exe
    >> C:\WINDOWS\system32\csrss.exe
    >> C:\WINDOWS\system32\winlogon.exe
    >> C:\WINDOWS\system32\services.exe
    >> C:\WINDOWS\system32\lsass.exe
    >> C:\WINDOWS\system32\Ati2evxx.exe
    >> C:\WINDOWS\system32\svchost.exe
    >> C:\WINDOWS\system32\svchost.exe
    >> C:\WINDOWS\System32\svchost.exe
    >> C:\WINDOWS\System32\svchost.exe
    >> C:\WINDOWS\System32\svchost.exe
    >> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    >> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    >> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    >> C:\WINDOWS\system32\Ati2evxx.exe
    >> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    >> C:\WINDOWS\Explorer.EXE
    >> C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    >> C:\WINDOWS\system32\spoolsv.exe
    >> C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    >> C:\Program Files\Norton AntiVirus\navapsvc.exe
    >> C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    >> C:\WINDOWS\system32\HPZipm12.exe
    >> C:\Program Files\Spyware Doctor\sdhelp.exe
    >> C:\WINDOWS\System32\svchost.exe
    >> C:\WINDOWS\wanmpsvc.exe
    >> C:\WINDOWS\system32\fxssvc.exe
    >> C:\WINDOWS\System32\alg.exe
    >> C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    >> C:\WINDOWS\system32\ps2.exe
    >> C:\windows\system\hpsysdrv.exe
    >> C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    >> C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    >> C:\Program Files\DIGStream\digstream.exe
    >> C:\Program Files\ESPNRunTime\DIGServices.exe
    >> C:\WINDOWS\LTMSG.exe
    >> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    >> C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    >> C:\WINDOWS\System32\svchost.exe
    >> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
    >> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    >> C:\Program Files\Common Files\Symantec Shared\Security
    >> Console\NSCSRVCE.EXE
    >> C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    >> C:\Program Files\AIM\aim.exe
    >> C:\WINDOWS\explorer.exe
    >> C:\Program Files\Windows Media Player\wmplayer.exe
    >> C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    >> C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    >> C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    >> C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    >> C:\Program Files\Spyware Doctor\swdoctor.exe
    >> C:\Program Files\Internet Explorer\iexplore.exe
    >> C:\Program Files\Microsoft Office\Office\EXCEL.EXE
    >> C:\WINDOWS\msagent\AgentSvr.exe
    >> C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    >> C:\Program Files\WinAce\WinAce.exe
    >> C:\DOCUME~1\Owner\LOCALS~1\Temp\~AceTemp\hijackthi s[1]\HijackThis.exe
    >>
    >>
    >> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
    >> = http://srch-us7.hpwis.com/
    >> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    >> http://go.microsoft.com/fwlink/?LinkId=54729
    >> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
    >> = http://go.microsoft.com/fwlink/?LinkId=54896
    >> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    >> http://go.microsoft.com/fwlink/?LinkId=54896
    >> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    >> http://hsremove.com/done.htm
    >> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
    >> Settings,ProxyServer = 192.168.254.1:80
    >> R3 - URLSearchHook: AOLTBSearch Class -
    >> {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL
    >> Toolbar 2.0\aoltb.dll (file missing)
    >> R3 - URLSearchHook: (no name) - _{6CC1C918-AE8B-4373-A5B4-28BA1851E39A}
    >>
    >> - (no file)
    >> O2 - BHO: Yahoo! Toolbar Helper -
    >> {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program
    >> Files\Yahoo!\Companion\Installs\cpn\yt.dll
    >> O2 - BHO: Adobe PDF Reader Link Helper -
    >> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
    >>
    >> 7.0\ActiveX\AcroIEHelper.dll
    >> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    >> C:\SPYWAR~1\SPYBOT~1\SDHelper.dll
    >> O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
    >>
    >> C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
    >> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    >> C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    >> O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9}
    >>
    >> - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
    >> O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} -
    >> C:\Program Files\Norton AntiVirus\NavShExt.dll
    >> O2 - BHO: Google Toolbar Helper -
    >> {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
    >> files\google\googletoolbar1.dll
    >> O2 - BHO: PCTools Browser Monitor -
    >> {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
    >> C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    >> O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} -
    >> C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
    >> O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B}
    >>
    >> - C:\Program Files\Norton AntiVirus\NavShExt.dll
    >> O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    >> c:\program files\google\googletoolbar1.dll
    >> O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
    >>
    >> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    >> O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
    >> Files\Java\jre1.5.0_10\bin\jusched.exe"
    >> O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    >> O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
    >> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon
    >> initialize
    >> O4 - HKLM\..\Run: [ISUSPM Startup]
    >> C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    >> O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    >> O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
    >> C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 5.exe
    >> O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    >> O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
    >> O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
    >> O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
    >> O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    >> O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\Hewlett-Packard\Digital
    >> Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    >> O4 - HKLM\..\Run: [HP Software Update] C:\Program
    >> Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    >> O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS
    >> Software\Update Manager\sgtray.exe" /r
    >> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    >> Files\QuickTime\qttask.exe" -atboottime
    >> O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
    >> Shared\ccApp.exe"
    >> O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
    >> O4 - HKLM\..\Run: [DIGServices] C:\Program
    >> Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0
    >> /poll=24
    >> O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
    >> O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    >> O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    >> O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat
    >> 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    >> O4 - HKCU\..\RunOnce: [FlashPlayerUpdate]
    >> C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
    >> O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
    >> Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    >> O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    >> Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    >> O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program
    >> Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
    >> O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration
    >> Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    >> O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM
    >> Toolbar\AIMBar.dll/aimsearch.htm
    >> O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program
    >> files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
    >> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    >>
    >> C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    >> O9 - Extra 'Tools' menuitem: Sun Java Console -
    >> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    >> Files\Java\jre1.5.0_10\bin\ssv.dll
    >> O9 - Extra button: Spyware Doctor -
    >> {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
    >> C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    >> O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578}
    >>
    >> - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
    >> O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
    >> C:\Program Files\AIM\aim.exe
    >> O9 - Extra button: PartyPoker.com -
    >> {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program
    >> Files\PartyGaming\PartyPoker\RunApp.exe
    >> O9 - Extra 'Tools' menuitem: PartyPoker.com -
    >> {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program
    >> Files\PartyGaming\PartyPoker\RunApp.exe
    >> O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
    >>
    >> (no file)
    >> O9 - Extra button: PartyPoker.net -
    >> {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program
    >> files\PartyGaming.net\PartyPokerNet\RunPF.exe
    >> O9 - Extra 'Tools' menuitem: PartyPoker.net -
    >> {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program
    >> files\PartyGaming.net\PartyPokerNet\RunPF.exe
    >> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    >>
    >> C:\Program Files\Messenger\msmsgs.exe
    >> O9 - Extra 'Tools' menuitem: Windows Messenger -
    >> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    >> Files\Messenger\msmsgs.exe
    >> O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
    >> - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    >> O11 - Options group: [INTERNATIONAL] International*
    >> O12 - Plugin for .spop: C:\Program Files\Internet
    >> Explorer\Plugins\NPDocBox.dll
    >> O16 - DPF: JT's Blocks -
    >> http://download.games.yahoo.com/game...s/y/blt1_x.cab
    >> O16 - DPF: Tornado 21 -
    >> http://download.games.yahoo.com/game.../y/t21t0_x.cab
    >> O16 - DPF: Video Poker -
    >> http://download.games.yahoo.com/game...s/y/vpt0_x.cab
    >> O16 - DPF: Yahoo! Backgammon -
    >> http://download.games.yahoo.com/game...ts/y/at1_x.cab
    >> O16 - DPF: Yahoo! Bingo -
    >> http://download.games.yahoo.com/game...ts/y/xt0_x.cab
    >> O16 - DPF: Yahoo! Blackjack -
    >> http://download.games.yahoo.com/game...ts/y/jt0_x.cab
    >> O16 - DPF: Yahoo! Chat -
    >> http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
    >> O16 - DPF: Yahoo! Klondike Solitaire -
    >> http://presence.games.yahoo.com/yog/y/ks12_x.cab
    >> O16 - DPF: Yahoo! MahJong Solitaire -
    >> http://download.games.yahoo.com/game.../y/mjst4_x.cab
    >> O16 - DPF: Yahoo! Poker -
    >> http://download.games.yahoo.com/game...ts/y/pt3_x.cab
    >> O16 - DPF: Yahoo! Pyramids -
    >> http://download.games.yahoo.com/game...s/y/pyt1_x.cab
    >> O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) -
    >>
    >> http://www.nintendowifi.com/troubles.../usbaptest.cab
    >> O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    >> Advantage Validation Tool) -
    >> http://go.microsoft.com/fwlink/?linkid=39204
    >> O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} -
    >> http://download.ebay.com/turbo_lister/US/install.cab
    >> O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} -
    >> http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
    >> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
    >> scanner) -
    >> http://security.symantec.com/sscv6/S...in/AvSniff.cab
    >> O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl
    >> Class) -
    >> http://tools.ebayimg.com/eps/wl/acti...icture_Control...
    >>
    >> O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
    >> http://207.188.7.150/210a200be34ff19...p/RdxIE601.cab
    >> O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
    >> http://www.bitdefender.com/scan8/oscan8.cab
    >> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI
    >> Utility Class) -
    >> http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    >> O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
    >> http://www.nick.com/common/groove/gx/GrooveAX27.cab
    >> O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
    >>
    >> Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    >> O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
    >>
    >> http://www.ravantivirus.com/scan/ravonline.cab
    >> O16 - DPF: {A9DD5FE2-5567-4983-971F-C792375025A6} (PhoenixBody Class) -
    >>
    >> http://software.musicnow.com/musicno...4/MusicNow.cab
    >> O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm
    >> Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    >> O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass
    >> Control) -
    >> http://download.games.yahoo.com/game...tched/main.cab
    >>
    >> O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements
    >> Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    >> O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer
    >> Class) -
    >> http://a532.g.akamai.net/f/532/6712/...com/downloads/...
    >>
    >> O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer
    >> Class) -
    >> http://a532.g.akamai.net/f/532/6712/...d.akamai.com/6...
    >>
    >> O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online
    >> Control) -
    >> http://download.games.yahoo.com/game...s/cinematycoon...
    >>
    >> O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
    >> http://download.games.yahoo.com/game...insaniquarium/...
    >>
    >> O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl
    >> Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab
    >> O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    >> O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    >> O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
    >>
    >> C:\WINDOWS\system32\WPDShServiceObj.dll
    >> O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
    >> C:\WINDOWS\system32\Ati2evxx.exe
    >> O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation -
    >> C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    >> O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation
    >>
    >> - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    >> O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
    >> Corporation - C:\Program Files\Common Files\Symantec
    >> Shared\ccSetMgr.exe
    >> O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    >> Corporation - C:\Program Files\Common
    >> Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    >> O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
    >> Files\iPod\bin\iPodService.exe
    >> O23 - Service: LiveUpdate - Symantec Corporation -
    >> C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    >> O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) -
    >> Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    >> O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) -
    >> Symantec Corporation - C:\Program Files\Norton
    >> AntiVirus\IWP\NPFMntor.exe
    >> O23 - Service: Norton Protection Center Service (NSCService) - Symantec
    >>
    >> Corporation - C:\Program Files\Common Files\Symantec Shared\Security
    >> Console\NSCSRVCE.EXE
    >> O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
    >> Corporation - C:\WINDOWS\System32\nvsvc32.exe
    >> O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    >>
    >> O23 - Service: Remote Packet Capture Protocol v.0 (experimental)
    >> (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f
    >> "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    >> O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation -
    >> C:\Program Files\Norton AntiVirus\SAVScan.exe
    >> O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research
    >> Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    >> O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
    >> Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    >>
    >> O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program
    >> Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    >> O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
    >> Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    >> O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) -
    >> America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    >>
    >>
    >
    >


    Reply With Quote Reply With Quote
  4. 12-29-2006, 04:50 PM #4
    pcbutts1 Guest

    Re: Hijackthis Log

    BTW his Explorer.exe is in the correct location.


    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker,David H. Lipman, Max M Wachtell III aka
    What's in a Name?,Fitz,Rhonda Lea Kirk,Meat Plow, F Kwatu F, George Orwell



    "Mich" <Mich8hb@netscape.net> wrote in message
    news:X3alh.18$Q4.4@newsfe02.lga...
    > you can upload your log to these sites, works well to analyze
    >
    > http://hjt.iamnotageek.com/
    >
    >
    > http://www.hijackthis.de/en
    > Your Explorer.exe is in the wrong directory, search for it and look at the
    > properties (you will find the legit one too) find the rouge one and rename
    > the extension , and I'm not sure what winACE is
    >
    >
    > The rest of you Why just attack PCbutts instead of helping the person with
    > the post ?
    > Butts is craving attention and your giving it to him... DUH!!!!
    >
    > Mich...
    >
    >


    Reply With Quote Reply With Quote
  5. 01-01-2007, 09:16 AM #5
    Mich Guest

    Re: Hijackthis Log


    "pcbutts1" <pcbutts1@****leythosthestalker.com> wrote in message
    news:OuSdnQBh1qArEAjYnZ2dnUVZ_u6rnZ2d@giganews.com ...
    > BTW his Explorer.exe is in the correct location.
    >
    >

    Your right I goofed, (first time ever) ha ha
    I've got a terrible head cold...

    If explorer.exe is in the sys32 or root of C or in your temp internet
    directories then you need to do some hunting.
    Explorer.exe default location is in the Windows dir, in Win98, WinXP,
    WinVista,

    Thanks for the correction
    nobody else noticed my mistake though, must be a bunch of "experts" in
    here.

    Mich...



    Reply With Quote Reply With Quote
  6. 01-01-2007, 09:44 AM #6
    pcbutts1 Guest

    Re: Hijackthis Log

    Just two.

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



    "Mich" <Mich8hb@netscape.net> wrote in message
    news:5K8mh.4$4p1.2@newsfe02.lga...
    >
    > "pcbutts1" <pcbutts1@****leythosthestalker.com> wrote in message
    > news:OuSdnQBh1qArEAjYnZ2dnUVZ_u6rnZ2d@giganews.com ...
    >> BTW his Explorer.exe is in the correct location.
    >>
    >>
    >
    > Your right I goofed, (first time ever) ha ha
    > I've got a terrible head cold...
    >
    > If explorer.exe is in the sys32 or root of C or in your temp internet
    > directories then you need to do some hunting.
    > Explorer.exe default location is in the Windows dir, in Win98, WinXP,
    > WinVista,
    >
    > Thanks for the correction
    > nobody else noticed my mistake though, must be a bunch of "experts" in
    > here.
    >
    > Mich...
    >
    >
    >


    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules