Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Hijack this log could someone please take a look at this and tell me what to delete

Reply
Thread Tools

Hijack this log could someone please take a look at this and tell me what to delete

 
 
fred_7038@yahoo.com
Guest
Posts: n/a
 
      09-08-2005
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.ex e
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 AA.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\ATI Multimedia\main\LaunchPd.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FAPIEXE.EXE
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Verizon Online\SupportCenter\bin\mpbtn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpywareBlaster\spywareblaster.exe
C:\Documents and Settings\Thomas Hassinger\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://cgi.verizon.net/bookmarks/bmr...5&bm=ho_search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.ebay.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://cgi.verizon.net/bookmarks/bmr...5&bm=ho_search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ebay.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Verizon Broadband Toolbar -
{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -
C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -
C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A}
- C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655}
- c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Verizon Broadband Toolbar -
{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -
C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O4 - HKLM\..\Run: [VSOCheckTask]
"C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program
Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint
Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common
Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PrinTray]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printra y.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Motive SmartBridge]
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Verizon
Online\Visual IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Verizon
Online\Visual IP InSight\IPClient.exe" -l
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 AA.EXE /P26 "EPSON
Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [diagent] "C:\Program
Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [CallControl 4.5] C:\PROGRAM FILES\FAXTALK
COMMUNICATOR\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program
Files\Verizon Online\SupportCenter\bin\matcli.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM
Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program
Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC}
- C:\Program Files\Verizon Online\Verizon Online Control
Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad -
{28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon
Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} -
C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services -
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program
Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
- C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
- C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://bin.mcafee.com/molbin/shared/...6/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/072242d8...p/RdxIE601.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class)
-
http://download.mcafee.com/molbin/sh...19/mcgdmgr.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX
Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX
Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) -
McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe

 
Reply With Quote
 
 
 
 
pcbutts1
Guest
Posts: n/a
 
      09-08-2005
http://www.velocityreviews.com/forums/(E-Mail Removed), <(E-Mail Removed)> wrote:

> C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\System32\CTsvcCDA.exe
> c:\program files\mcafee.com\agent\mcdetect.exe
> c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
> C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE
> C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program
> Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program
> Files\McAfee.com\VSO\oasclnt.exe
> C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.ex e C:\Program
> Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe c:\program
> files\mcafee.com\agent\mcagent.exe
> C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe C:\Program
> Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program
> Files\Verizon Online\Visual IP InSight\IPMon32.exe C:\Program
> Files\Verizon Online\Visual IP InSight\IPClient.exe C:\Program
> Files\Microsoft AntiSpyware\gcasServ.exe
> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 AA.EXE
> C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRAM FILES\FAXTALK
> COMMUNICATOR\FTCtrl32.exe
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\ATI
> Multimedia\main\LaunchPd.exe C:\PROGRA~1\AIM\aim.exe C:\Program
> Files\Yahoo!\Messenger\ypager.exe C:\PROGRAM FILES\FAXTALK
> COMMUNICATOR\FAPIEXE.EXE C:\Program Files\ATI
> Multimedia\main\ATIDtct.EXE C:\Program Files\Microsoft
> AntiSpyware\gcasDtServ.exe C:\Program
> Files\Creative\SBLive\Diagnostics\diagent.exe
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
> C:\PROGRA~1\DELLSU~1\DSAgnt.exe
> c:\progra~1\mcafee.com\vso\mcvsftsn.exe


Are we ever going to get married?

> C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program
> Files\Verizon Online\SupportCenter\bin\mpbtn.exe C:\Program
> Files\Messenger\msmsgs.exe C:\Program
> Files\SpywareBlaster\spywareblaster.exe C:\Documents and
> Settings\Thomas Hassinger\Desktop\HijackThis.exe


And they wonder why jazz is dead.

http://cgi.verizon.net/bookmarks/bmr...ion=all&bw=dsl
> &cd=5.1.5&bm=ho_search R0 - HKCU\Software\Microsoft\Internet
> Explorer\Main,Start Page = www.ebay.com R1 -
> http://cgi.verizon.net/bookmarks/bmr...ion=all&bw=dsl
> &cd=5.1.5&bm=ho_search R0 - HKLM\Software\Microsoft\Internet
> Explorer\Main,Start Page = http://www.ebay.com/ R1 -
> HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
> Internet Explorer provided by Verizon Online R1 -
> HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
> Settings,ProxyOverride = 127.0.0.1 O2 - BHO: AcroIEHlprObj
> Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
> Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO:
> Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -
> C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll O2 - BHO: (no name) -
> {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search
> & Destroy\SDHelper.dll O2 - BHO: UberButton Class -
> {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program
> Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: DriveLetterAccess -
> {5CA3D70E-1895-11CF-8E15-001234567890} -
> C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: YahooTaggedBM Class -
> {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program
> Files\Yahoo!\Common\YIeTagBm.dll O3 - Toolbar: McAfee VirusScan -
> {BA52B914-B692-46c4-B683-905236F6F655} -
> c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Verizon
> Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -
> C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll O4 - HKLM\..\Run:
> [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
> /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program
> Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run:
> [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe O4

-

I need to study.

> HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 -
> HKLM\..\Run: [UpdateManager] "C:\Program Files\Common
> Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run:
> [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printra y.exe O4
> - HKLM\..\Run: [OASClnt] C:\Program
> Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run:
> [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
> O4 - HKLM\..\Run: [Motive SmartBridge]
> C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.ex e O4 -
> HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH
> Jukebox\mm_tray.exe" O4 - HKLM\..\Run: [mmtask] "C:\Program
> Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" O4 -
> HKLM\..\Run: [MCUpdateExe]
> C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 -
> HKLM\..\Run: [MCAgentExe] [IPInSightMonitor 01] "C:\Program
> Files\Verizon Online\Visual IP InSight\IPMon32.exe" O4 -
> HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Verizon
> Online\Visual IP InSight\IPClient.exe" -l O4 - HKLM\..\Run:
> [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 -
> HKLM\..\Run: [EPSON Stylus CX4600 Series]
> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 AA.EXE /P26 "EPSON
> Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600" O4 -
> HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 -
> HKLM\..\Run: [diagent] "C:\Program
> Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 -
> HKLM\..\Run: [CallControl 4.5] C:\PROGRAM FILES\FAXTALK
> COMMUNICATOR\FTCtrl32.exe /autoload O4 - HKLM\..\Run: [MPFExe]
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - Global Startup:
> Verizon Online Support Center.lnk = C:\Program Files\Verizon
> Online\SupportCenter\bin\matcli.exe O8 - Extra context menu item: &AIM
> Search - res://C:\Program Files\AIM
> Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item:
> &Yahoo! Search -


Who needs context? I just make this **** up.

> file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context
> menu item: Yahoo! &Dictionary - file:///C:\Program
> Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo!
> &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra
> context menu item: Yahoo! &SMS - file:///C:\Program
> Files\Yahoo!\Common/ycsms.htm O9 - Extra button: Control Pad -
> {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon
> Online\Verizon Online Control Pad\VerizonControlPad.Exe O9 - Extra
> 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} -
> C:\Program Files\Verizon Online\Verizon Online Control
> Pad\VerizonControlPad.Exe O9 - Extra button: ATI TV -
> {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI
> Multimedia\tv\EXPLBAR.DLL O9 - Extra button: Yahoo! Services -
> {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program
> Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: AIM -
> {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe O9 -
> Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem:
> Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug -
> {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program
> Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
> Explorer\Plugins\NPDocBox.dll O16 - DPF:
> {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
> Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
> O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
> C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF:
> {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System
> http://bin.mcafee.com/molbin/shared/...,0,0,76/mcinsc
> http://software-dl.real.com/072242d8...etzip/RdxIE601[D
> OT]cab O16 - DPF:


Who needs context? I just make this **** up.

> {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl
> http://messenger.msn.com/download/Ms...etupDownloader.
> cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
> http://download.mcafee.com/molbin/sh...us/1,0,0,19/mc
> gdmgr.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo!
> Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
> O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
> 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF:
> {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) -
> http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O16 -
> http://pdl.stream.aol.com/downloads/...i/ampx_en_dl.c
> ab O23 - Service: Creative Service for CDROM Access - Creative Technology
> Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: LexBce Server
> (LexBceS) - Lexmark International, Inc. -
> C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee WSC Integration
> (McDetect.exe) - McAfee, Inc - c:\program
> files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com
> McShield (McShield) - McAfee Inc. -
> c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task
> Scheduler (McTskshd.exe) - McAfee, Inc -
> c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee
> SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc -
> C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee
> Personal Firewall Service (MpfService) - McAfee Corporation -
> C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe O23 - Service:
> Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program
> Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: NVIDIA Driver Helper
> Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe


nVidia are ****. Buy an ATI.




 
Reply With Quote
 
 
 
 
pcbutts1
Guest
Posts: n/a
 
      09-08-2005
Have HJT fix the following lines, oh and ignore the name forging troll.

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint
Manager\ViewMgr.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
- C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

You log is not that bad except for the many things you have starting when
windows starts. What problems are you having?

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Running processes:



 
Reply With Quote
 
=?ISO-8859-1?Q?R=F4g=EAr?=
Guest
Posts: n/a
 
      09-08-2005
pcbutts1 wrote:
> Have HJT fix the following lines, oh and ignore the name forging troll.
>
> O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint
> Manager\ViewMgr.exe
> O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
> - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
>
> You log is not that bad except for the many things you have starting when
> windows starts. What problems are you having?
>

When I run HJT on customer's computers, I never see log files as long as
most of the ones I see posted on the net. And I've got some pretty goofy
people for customers.
--
Goes without saying.
 
Reply With Quote
 
pcbutts1
Guest
Posts: n/a
 
      09-08-2005
Me neither, the one the other day was a record. The one with the hosts file
entries.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"Rgr" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> pcbutts1 wrote:
>> Have HJT fix the following lines, oh and ignore the name forging troll.
>>
>> O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint
>> Manager\ViewMgr.exe
>> O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
>> - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
>>
>> You log is not that bad except for the many things you have starting when
>> windows starts. What problems are you having?
>>

> When I run HJT on customer's computers, I never see log files as long as
> most of the ones I see posted on the net. And I've got some pretty goofy
> people for customers.
> --
> Goes without saying.



 
Reply With Quote
 
fred_7038@yahoo.com
Guest
Posts: n/a
 
      09-08-2005
isearch maxs out my CPU at 100%

 
Reply With Quote
 
fred_7038@yahoo.com
Guest
Posts: n/a
 
      09-08-2005
isearch maxs out my CPU at 100%

 
Reply With Quote
 
pcbutts1
Guest
Posts: n/a
 
      09-08-2005
Download, install, update and run all of the following.

Ad-Aware
http://www.pcbutts1.com/downloads/aawsepersonal.exe

Spybot search and destroy
http://www.pcbutts1.com/downloads/spybotsd14.exe

Ewido Security Suite Trial version
http://www.pcbutts1.com/downloads/ewidosetup.exe

Microsoft Windows AntiSpyware (Beta1)
http://www.microsoft.com/downloads/d...displaylang=en

If none of the above fixes the issue then download Hijack this, run it, save
a copy of the log file and cut and paste it back here to this group so that
I can analyze it. Ignore anyone who tells you to post it elsewhere. I need
to see it not them.


HijackThis
http://www.pcbutts1.com/downloads/HijackThis.zip


The authors of the above programs, with the exception of Microsoft has given
the owner of pcbutts1.com express written permission to redistribute their
software.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> isearch maxs out my CPU at 100%
>



 
Reply With Quote
 
goofy@nowhere.com
Guest
Posts: n/a
 
      09-15-2005
Go to http://www.spywarewarrior.com for assistance with HIJACKTHIS logs.


pcbutts1 wrote:

> (E-Mail Removed), <(E-Mail Removed)> wrote:
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Malicious Attack? Could someone take a look and let me know what you think? HelenD Computer Security 0 05-01-2007 01:27 PM
please look at my hijack this log file and tell me what is wrong ng5y@arrl.net Computer Support 10 06-12-2006 12:26 PM
Please could someone take a look at this website... Jerry HTML 21 05-21-2006 01:02 PM
Can someone tell me why I can't delete this file? and why it blue screens WinXP Pro on delete? zZz Computer Support 1 01-12-2005 02:37 AM
Please take a look at my site and tell me what you think. Everything here has been shot digital high res. Dan Digital Photography 6 11-05-2003 07:49 AM



Advertisments