 |  |  |  |  |  |  |  |
HJT Log attached, Please help?
 |
Computer Keeps ressetting, very slow, i am having heaps of trouble with it...
Are you able to help please??
Logfile of HijackThis v1.99.1
Scan saved at 11:50:46 AM, on 28/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Vypress Chat\VyChat.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\HJT\CheckThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CA93BCC6-C1BB-4D60-95C7-E3ADCA02973A} - C:\WINDOWS\inf\lpaypm3.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware, Ad-watch.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Vypress Chat StartUp.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1121245685433
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{413F521F-BB9D-4A4B-A6EA-EA9B80B1A027}: NameServer = 210.15.254.240,210.15.254.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD956B78-F2F9-44EE-9F97-B849BFB93BFC}: NameServer = 210.15.254.240,210.15.254.241
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Are you able to help please??
Logfile of HijackThis v1.99.1
Scan saved at 11:50:46 AM, on 28/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Vypress Chat\VyChat.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\HJT\CheckThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CA93BCC6-C1BB-4D60-95C7-E3ADCA02973A} - C:\WINDOWS\inf\lpaypm3.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware, Ad-watch.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Vypress Chat StartUp.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1121245685433
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{413F521F-BB9D-4A4B-A6EA-EA9B80B1A027}: NameServer = 210.15.254.240,210.15.254.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD956B78-F2F9-44EE-9F97-B849BFB93BFC}: NameServer = 210.15.254.240,210.15.254.241
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
•
•
Join Date: Aug 2003
Posts: 9,761
Reputation: 
Solved Threads: 511
defently some nastie stuff in the log ,likely came along with your install of msn messenger plus program .
I sugges a run of spybot ,then post a new hjt log .
http://fileforum.betanews.com/detail...y/1043809773/1
I sugges a run of spybot ,then post a new hjt log .
http://fileforum.betanews.com/detail...y/1043809773/1
Fallen Heroes Song ,
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
Heres the hjt log after the Spyboy- S&D scan
thanks
Logfile of HijackThis v1.99.1
Scan saved at 10:21:25 AM, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Vypress Chat\VyChat.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\HJT\CheckThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {873D6182-28AF-48AF-9955-2F831FFB0ACC} - C:\WINDOWS\inf\lpaypm3.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware, Ad-watch.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Vypress Chat StartUp.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1121245685433
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{413F521F-BB9D-4A4B-A6EA-EA9B80B1A027}: NameServer = 210.15.254.240,210.15.254.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD956B78-F2F9-44EE-9F97-B849BFB93BFC}: NameServer = 210.15.254.240,210.15.254.241
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
thanks
Logfile of HijackThis v1.99.1
Scan saved at 10:21:25 AM, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Vypress Chat\VyChat.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\HJT\CheckThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {873D6182-28AF-48AF-9955-2F831FFB0ACC} - C:\WINDOWS\inf\lpaypm3.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware, Ad-watch.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Vypress Chat StartUp.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1121245685433
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{413F521F-BB9D-4A4B-A6EA-EA9B80B1A027}: NameServer = 210.15.254.240,210.15.254.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD956B78-F2F9-44EE-9F97-B849BFB93BFC}: NameServer = 210.15.254.240,210.15.254.241
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
•
•
Join Date: Aug 2003
Posts: 9,761
Reputation:
Solved Threads: 511
Download trojan hunter trial run and post new log
http://www.misec.net/
Then run hijackthis again and fix any of the item below if they still exist.
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} -
C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: (no name) - {873D6182-28AF-48AF-9955-2F831FFB0ACC} -
C:\WINDOWS\inf\lpaypm3.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll
(file missing)
Is this a site you want to be in the trusted zone.,If you ever see any domains or IP addresses listed here
you should generally remove it unless it is a recognizable URL such as one you use.
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
http://www.misec.net/
Then run hijackthis again and fix any of the item below if they still exist.
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} -
C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: (no name) - {873D6182-28AF-48AF-9955-2F831FFB0ACC} -
C:\WINDOWS\inf\lpaypm3.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll
(file missing)
Is this a site you want to be in the trusted zone.,If you ever see any domains or IP addresses listed here
you should generally remove it unless it is a recognizable URL such as one you use.
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
Last edited by caperjack; Oct 29th, 2006 at 8:33 am.
Fallen Heroes Song ,
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
I downloaded the TrojanHunter,,, installed it but was unable to run a full scan before my computer reset itself.
The resseting is becomming out of control,,, When i turn my computer on it *sometimes* gets all the way into windows but when i go to do sumthing it resets. And from this point it keeps resetting and im lucky if i can get back into windows...
Also sometimes it starts and the resolution is apauling,,, The only option in the setting for this is 800x600 on 16 bit...
I dont understand...
I started it in safemode aswell and it still reset on me,,, Does this mean the problem could be hardware?
I wasnt sure whether to skip the trojanhunter step for now and try and do the fixes in the hijack log first see if it makes a differnce.
Thanks for your time
The resseting is becomming out of control,,, When i turn my computer on it *sometimes* gets all the way into windows but when i go to do sumthing it resets. And from this point it keeps resetting and im lucky if i can get back into windows...
Also sometimes it starts and the resolution is apauling,,, The only option in the setting for this is 800x600 on 16 bit...
I dont understand...
I started it in safemode aswell and it still reset on me,,, Does this mean the problem could be hardware?
I wasnt sure whether to skip the trojanhunter step for now and try and do the fixes in the hijack log first see if it makes a differnce.
Thanks for your time
•
•
Join Date: Aug 2003
Posts: 9,761
Reputation:
Solved Threads: 511
sure, do the hijackthis fixes now ,
Fallen Heroes Song ,
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
i was able to run hijack this again,,, I fixed all the above you asked,,,
Atm, it is saying that windows needs to be activated before i can log in...
It keeps resseting on me now,,, at the loding windows screen,, were the 3 blue sqaure move along the loading bar... 95% of the time i am unable to pass that point.
If i do pass it i cant do anything as it wont log into windows unless i reactive.
Atm, it is saying that windows needs to be activated before i can log in...
It keeps resseting on me now,,, at the loding windows screen,, were the 3 blue sqaure move along the loading bar... 95% of the time i am unable to pass that point.
If i do pass it i cant do anything as it wont log into windows unless i reactive.
•
•
Join Date: Aug 2003
Posts: 9,761
Reputation:
Solved Threads: 511
•
•
•
•
Originally Posted by fil_2065 
i was able to run hijack this again,,, I fixed all the above you asked,,,
Atm, it is saying that windows needs to be activated before i can log in...
It keeps resseting on me now,,, at the loding windows screen,, were the 3 blue sqaure move along the loading bar... 95% of the time i am unable to pass that point.
If i do pass it i cant do anything as it wont log into windows unless i reactive.
I seen that just reciently and forget how i got past it .can you click on anything to to get to activate it .I remember click on something!! think think .is ther a like to phone the activation !!
can yo uget to safe mode ,hitting f8 on bootup ,if yes run hijack this ,go to config/backups ,check off all you removed and click restore
Fallen Heroes Song ,
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
As this was my mums bussness computer and it was needing to be up and running asap i ended up buying another Hard drive. I was in the middle of reinstalling windows and the computer reset on me just as it had before.
This really pissed me off as i just bought a new Hard Drive and now it looks to be a Hardware issue.
I Ripped the whole thing apart to suss out the hardware and noticed a resistor in the power suply that had a burnt look to it. I went out and bout a new case with power supply and ran the new hard drive with the old motherbord and the thing still reset on me.
I swiched the ram from another computer (computer 2) into the one we have been working on (computer 1) and the ram from computer 1 into computer 2.
Computer 2 then camn up with alot of missing files and on occation resets randomly and was running fine before i swiched the ram.... and computer 1 hasnt reset yet and is running fine with the new hard drive and different ram....
Is it possable that the ram could of been causing this problem? And then transfered the problem to computer 2?
This really pissed me off as i just bought a new Hard Drive and now it looks to be a Hardware issue.
I Ripped the whole thing apart to suss out the hardware and noticed a resistor in the power suply that had a burnt look to it. I went out and bout a new case with power supply and ran the new hard drive with the old motherbord and the thing still reset on me.
I swiched the ram from another computer (computer 2) into the one we have been working on (computer 1) and the ram from computer 1 into computer 2.
Computer 2 then camn up with alot of missing files and on occation resets randomly and was running fine before i swiched the ram.... and computer 1 hasnt reset yet and is running fine with the new hard drive and different ram....
Is it possable that the ram could of been causing this problem? And then transfered the problem to computer 2?
•
•
Join Date: Aug 2003
Posts: 9,761
Reputation:
Solved Threads: 511
Sure sounds like it .
Fallen Heroes Song ,
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
http://www.youtube.com/watch?v=-RfXBB0BRHY
Going with the Flow ,but the water is low and the rocks are big
|
Similar Threads
- 100's of Spam Emails... [HJT log inc.] (Viruses, Spyware and other Nasties)
- IE is redirecting to other sites - HJT log attached (Viruses, Spyware and other Nasties)
- Help i think i have the about:blank virus hjt log attached (Viruses, Spyware and other Nasties)
- IE Hijacked and unresponsive HJT log attached (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: NVIDIA Network Access Manager
- Next Thread: Check Out My HJT Log???
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adobe adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china combofix commercial conficker connect control cybercrime cyberwarfare ddos education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone logfiles malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch pdf police policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting report research rogueantivirus rootkit samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista vulnerability war warning windows worm yahoo zero-day zeroday
