 |  |  |  |  |  |  |  |
help clean HJT log please
 |
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:52:17 PM, on 1/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:..WINDOWS..System32..smss.exe
C:..WINDOWS..system32..winlogon.exe
C:..WINDOWS..system32..services.exe
C:..WINDOWS..system32..lsass.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..System32..svchost.exe
C:..Program Files..Common Files..iS3..Anti-Spyware..SZServer.exe
C:..WINDOWS..Explorer.EXE
C:..WINDOWS..system32..spoolsv.exe
C:..Program Files..Digital Media Reader..shwiconem.exe
C:..WINDOWS..system32..spool..drivers..w32x86..3..hpztsb09.e
xe
C:..Program Files..Common Files..Real..Update_OB..realsched.exe
C:..Program Files..Java..jre1.5.0_03..bin..jusched.exe
C:..Program Files..BroadJump..Client Foundation..CFD.exe
C:..Program Files..Adobe..Photoshop Album Starter Edition..3.0..Apps..apdproxy.exe
C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..InfoMyCa.exe
C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
C:..Program Files..Bonjour..mDNSResponder.exe
C:..WINDOWS..system32..cisvc.exe
C:..Program Files..Common Files..New Boundary..PrismXL..PRISMXL.SYS
C:..Program Files..Java..jre1.5.0_03..bin..jucheck.exe
C:..WINDOWS..system32..svchost.exe
C:..Program Files..Viewpoint..Common..ViewpointService.exe
C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..WLService.exe
C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..WUSB54Gv2.exe
C:..Program Files..Ventrilo..Ventrilo.exe
C:..Program Files..Viewpoint..Viewpoint Manager..ViewMgr.exe
C:..Program Files..STOPzilla!..STOPzilla.exe
C:..Program Files..Steam..steam.exe
C:..WINDOWS..system32..cidaemon.exe
C:..Program Files..AIM6..aolsoftware.exe
C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
c:..program files..steam..steamapps..ssvenomx26..counter-strike..hl.exe
C:..Program Files..Steam..GameOverlayUI.exe
C:..Program Files..Internet Explorer..iexplore.exe
C:..Program Files..Common Files..Microsoft Shared..Windows Live..WLLoginProxy.exe
C:..Program Files..Internet Explorer..IEXPLORE.EXE
C:..Program Files..AIM6..aim6.exe
C:..Documents and Settings..Owner..Desktop..HijackThis.exe
R1 - HKCU..Software..Microsoft..Internet Explorer..Main,Search Page =
http://red.clientapps.yahoo.com/cust...efaults/sp/sbc
ydsl.r{}*http://yahoo.sbc.com/dsl
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Default_Search_URL =
http://red.clientapps.yahoo.com/cust...efaults/su/sbc
ydsl.r{}*http://www.yahoo.com/search/ie.html
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page =
http://red.clientapps.yahoo.com/cust...efaults/sp/sbc
ydsl.r{}*http://yahoo.sbc.com/dsl
R1 - HKCU..Software..Microsoft..Internet Explorer..SearchURL,(Default) =
http://red.clientapps.yahoo.com/cust...efaults/su/sbc
ydsl.r{}*.local
R0 - HKCU..Software..Microsoft..Internet Explorer..Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {719DA6B5-607A-3687-7190-15833CD896CB} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Common
Files..Adobe..Acrobat..ActiveX..AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:..Program
Files..MyWebSearch..bar..1.bin..MWSBAR.DLL
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:..Program Files..STOPzilla!..SZSG.dll
O2 - BHO: (no name) - {33184FC8-8E0E-8AFA-5B64-8DED9C60D49C} - C:..WINDOWS..system32..zfdmpz.dll (file missing)
O2 - BHO: (no name) - {43CBE820-B564-4B5A-BD5E-F365C19E445C} - C:..WINDOWS..system32..pmnnnmn.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:..Program Files..Common
Files..Microsoft Shared..Windows Live..WindowsLiveLogin.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:..Program Files..STOPzilla!
..SZIEBHO.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:..Program Files..Yahoo!
..browser..YSidebarIEBHO.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:..Program Files..MSN Toolbar..01.01.2607.0..en
-us..msntb.dll (file missing)
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:..Program Files..STOPzilla!..SZSG.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
O4 - HKLM......Run: [SunKistEM] C:..Program Files..Digital Media Reader..shwiconem.exe
O4 - HKLM......Run: [HPDJ Taskbar Utility] C:..WINDOWS..system32..spool..drivers..w32x86..3..hpztsb09.e
xe
O4 - HKLM......Run: [TkBellExe] "C:..Program Files..Common Files..Real..Update_OB..realsched.exe" -osboot
O4 - HKLM......Run: [SunJavaUpdateSched] C:..Program Files..Java..jre1.5.0_03..bin..jusched.exe
O4 - HKLM......Run: [BJCFD] C:..Program Files..BroadJump..Client Foundation..CFD.exe
O4 - HKLM......Run: [YBrowser] C:..PROGRA~1..Yahoo!..browser..ybrwicon.exe
O4 - HKLM......Run: [Adobe Photo Downloader] "C:..Program Files..Adobe..Photoshop Album Starter Edition..3.0
..Apps..apdproxy.exe"
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [WUSB54Gv2] C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..InvokeSvc3.exe
O4 - HKLM......Run: [Adobe Reader Speed Launcher] "C:..Program Files..Adobe..Reader 8.0..Reader..Reader_sl.exe"
O4 - HKLM......Run: [KernelFaultCheck] %systemroot%..system32..dumprep 0 -k
O4 - HKLM......Run: [My Web Search Bar] rundll32 C:..PROGRA~1..MYWEBS~1..bar..1.bin..MWSBAR.DLL,S
O4 - HKLM......Run: [MyWebSearch Email Plugin] C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
O4 - HKLM......RunServices: [SystemTools32] C:..WINDOWS..system32..inet.exe
O4 - HKCU......Run: [MyWebSearch Email Plugin] C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
O8 - Extra context menu item: &AIM Search - res://C:..Program Files..AIM Toolbar..AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...search.jhtml?p
=ZN
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:..PROGRA~1..MICROS~4..OFFICE11..EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..WINDOWS..system32..msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..WINDOWS..system32
..msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:..PROGRA~1..MICROS~4..OFFICE11
..REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:..WINDOWS..system32..Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe (file
missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program
Files..Messenger..msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius.com/download/sof.../ActiveXPlugin.
cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) -
http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} -
http://nprotect.roseonlinegame.com/n...tizen/KeyCrypt
/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://aolsvc.aol.com/onlinegames/po...aploader_v10.c
ab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:..Program Files..Common Files..Apple..Mobile Device
Support..bin..AppleMobileDeviceService.exe
O23 - Service: fqllbfjmzuak (arpsdwzt5) - Unknown owner - C:..WINDOWS..system32..buwwnuul5.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762�
35;# (Bonjour Service) - Apple Computer, Inc. -
C:..Program Files..Bonjour..mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:..Program Files..Common Files..Macrovision
Shared..FLEXnet Publisher..FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:..Program Files..Common
Files..InstallShield..Driver..11..Intel 32..IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:..Program Files..iPod..bin..iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:..Program Files..Intel..NCS..Sync..NetSvc.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:..Program Files..Common Files..New
Boundary..PrismXL..PRISMXL.SYS
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:..Program Files..Common Files..iS3..Anti-Spyware..SZServer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:..Program Files..Viewpoint..Common..ViewpointService.exe
O23 - Service: WUSB54Gv2SVC - GEMTEKS - C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..WLService.exe
--
End of file - 10840 bytes
Scan saved at 9:52:17 PM, on 1/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:..WINDOWS..System32..smss.exe
C:..WINDOWS..system32..winlogon.exe
C:..WINDOWS..system32..services.exe
C:..WINDOWS..system32..lsass.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..System32..svchost.exe
C:..Program Files..Common Files..iS3..Anti-Spyware..SZServer.exe
C:..WINDOWS..Explorer.EXE
C:..WINDOWS..system32..spoolsv.exe
C:..Program Files..Digital Media Reader..shwiconem.exe
C:..WINDOWS..system32..spool..drivers..w32x86..3..hpztsb09.e
xe
C:..Program Files..Common Files..Real..Update_OB..realsched.exe
C:..Program Files..Java..jre1.5.0_03..bin..jusched.exe
C:..Program Files..BroadJump..Client Foundation..CFD.exe
C:..Program Files..Adobe..Photoshop Album Starter Edition..3.0..Apps..apdproxy.exe
C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..InfoMyCa.exe
C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
C:..Program Files..Bonjour..mDNSResponder.exe
C:..WINDOWS..system32..cisvc.exe
C:..Program Files..Common Files..New Boundary..PrismXL..PRISMXL.SYS
C:..Program Files..Java..jre1.5.0_03..bin..jucheck.exe
C:..WINDOWS..system32..svchost.exe
C:..Program Files..Viewpoint..Common..ViewpointService.exe
C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..WLService.exe
C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..WUSB54Gv2.exe
C:..Program Files..Ventrilo..Ventrilo.exe
C:..Program Files..Viewpoint..Viewpoint Manager..ViewMgr.exe
C:..Program Files..STOPzilla!..STOPzilla.exe
C:..Program Files..Steam..steam.exe
C:..WINDOWS..system32..cidaemon.exe
C:..Program Files..AIM6..aolsoftware.exe
C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
c:..program files..steam..steamapps..ssvenomx26..counter-strike..hl.exe
C:..Program Files..Steam..GameOverlayUI.exe
C:..Program Files..Internet Explorer..iexplore.exe
C:..Program Files..Common Files..Microsoft Shared..Windows Live..WLLoginProxy.exe
C:..Program Files..Internet Explorer..IEXPLORE.EXE
C:..Program Files..AIM6..aim6.exe
C:..Documents and Settings..Owner..Desktop..HijackThis.exe
R1 - HKCU..Software..Microsoft..Internet Explorer..Main,Search Page =
http://red.clientapps.yahoo.com/cust...efaults/sp/sbc
ydsl.r{}*http://yahoo.sbc.com/dsl
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Default_Search_URL =
http://red.clientapps.yahoo.com/cust...efaults/su/sbc
ydsl.r{}*http://www.yahoo.com/search/ie.html
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page =
http://red.clientapps.yahoo.com/cust...efaults/sp/sbc
ydsl.r{}*http://yahoo.sbc.com/dsl
R1 - HKCU..Software..Microsoft..Internet Explorer..SearchURL,(Default) =
http://red.clientapps.yahoo.com/cust...efaults/su/sbc
ydsl.r{}*.local
R0 - HKCU..Software..Microsoft..Internet Explorer..Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {719DA6B5-607A-3687-7190-15833CD896CB} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Common
Files..Adobe..Acrobat..ActiveX..AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:..Program
Files..MyWebSearch..bar..1.bin..MWSBAR.DLL
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:..Program Files..STOPzilla!..SZSG.dll
O2 - BHO: (no name) - {33184FC8-8E0E-8AFA-5B64-8DED9C60D49C} - C:..WINDOWS..system32..zfdmpz.dll (file missing)
O2 - BHO: (no name) - {43CBE820-B564-4B5A-BD5E-F365C19E445C} - C:..WINDOWS..system32..pmnnnmn.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:..Program Files..Common
Files..Microsoft Shared..Windows Live..WindowsLiveLogin.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:..Program Files..STOPzilla!
..SZIEBHO.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:..Program Files..Yahoo!
..browser..YSidebarIEBHO.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:..Program Files..MSN Toolbar..01.01.2607.0..en
-us..msntb.dll (file missing)
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:..Program Files..STOPzilla!..SZSG.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
O4 - HKLM......Run: [SunKistEM] C:..Program Files..Digital Media Reader..shwiconem.exe
O4 - HKLM......Run: [HPDJ Taskbar Utility] C:..WINDOWS..system32..spool..drivers..w32x86..3..hpztsb09.e
xe
O4 - HKLM......Run: [TkBellExe] "C:..Program Files..Common Files..Real..Update_OB..realsched.exe" -osboot
O4 - HKLM......Run: [SunJavaUpdateSched] C:..Program Files..Java..jre1.5.0_03..bin..jusched.exe
O4 - HKLM......Run: [BJCFD] C:..Program Files..BroadJump..Client Foundation..CFD.exe
O4 - HKLM......Run: [YBrowser] C:..PROGRA~1..Yahoo!..browser..ybrwicon.exe
O4 - HKLM......Run: [Adobe Photo Downloader] "C:..Program Files..Adobe..Photoshop Album Starter Edition..3.0
..Apps..apdproxy.exe"
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [WUSB54Gv2] C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..InvokeSvc3.exe
O4 - HKLM......Run: [Adobe Reader Speed Launcher] "C:..Program Files..Adobe..Reader 8.0..Reader..Reader_sl.exe"
O4 - HKLM......Run: [KernelFaultCheck] %systemroot%..system32..dumprep 0 -k
O4 - HKLM......Run: [My Web Search Bar] rundll32 C:..PROGRA~1..MYWEBS~1..bar..1.bin..MWSBAR.DLL,S
O4 - HKLM......Run: [MyWebSearch Email Plugin] C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
O4 - HKLM......RunServices: [SystemTools32] C:..WINDOWS..system32..inet.exe
O4 - HKCU......Run: [MyWebSearch Email Plugin] C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
O8 - Extra context menu item: &AIM Search - res://C:..Program Files..AIM Toolbar..AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...search.jhtml?p
=ZN
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:..PROGRA~1..MICROS~4..OFFICE11..EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..WINDOWS..system32..msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..WINDOWS..system32
..msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:..PROGRA~1..MICROS~4..OFFICE11
..REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:..WINDOWS..system32..Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe (file
missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program
Files..Messenger..msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius.com/download/sof.../ActiveXPlugin.
cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) -
http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} -
http://nprotect.roseonlinegame.com/n...tizen/KeyCrypt
/npkcx.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://aolsvc.aol.com/onlinegames/po...aploader_v10.c
ab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:..Program Files..Common Files..Apple..Mobile Device
Support..bin..AppleMobileDeviceService.exe
O23 - Service: fqllbfjmzuak (arpsdwzt5) - Unknown owner - C:..WINDOWS..system32..buwwnuul5.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762�
35;# (Bonjour Service) - Apple Computer, Inc. -
C:..Program Files..Bonjour..mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:..Program Files..Common Files..Macrovision
Shared..FLEXnet Publisher..FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:..Program Files..Common
Files..InstallShield..Driver..11..Intel 32..IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:..Program Files..iPod..bin..iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:..Program Files..Intel..NCS..Sync..NetSvc.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:..Program Files..Common Files..New
Boundary..PrismXL..PRISMXL.SYS
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:..Program Files..Common Files..iS3..Anti-Spyware..SZServer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:..Program Files..Viewpoint..Common..ViewpointService.exe
O23 - Service: WUSB54Gv2SVC - GEMTEKS - C:..Program Files..Linksys Wireless-G USB Wireless Network Monitor..WLService.exe
--
End of file - 10840 bytes
•
•
Join Date: Jul 2007
Posts: 271
Reputation: 
Solved Threads: 11
Posting Whiz in Training
next time you post a log from notepad make sure the word wrap is changed so it isnt seperated like this one is...
place a check next to the following entries:
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page =
http://red.clientapps.yahoo.com/cust...efaults/sp/sbc
ydsl.r{}*http://yahoo.sbc.com/dsl
R1 - HKCU..Software..Microsoft..Internet Explorer..SearchURL,(Default) =
http://red.clientapps.yahoo.com/cust...efaults/su/sbc
ydsl.r{}*.local
R3 - URLSearchHook: (no name) - {719DA6B5-607A-3687-7190-15833CD896CB} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DLL
O2 - BHO: (no name) - {33184FC8-8E0E-8AFA-5B64-8DED9C60D49C} - C:..WINDOWS..system32..zfdmpz.dll (file missing)
O2 - BHO: (no name) - {43CBE820-B564-4B5A-BD5E-F365C19E445C} - C:..WINDOWS..system32..pmnnnmn.dll (file missing)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:..Program Files..MSN Toolbar..01.01.2607.0..en
-us..msntb.dll (file missing)
O4 - HKLM......Run: [My Web Search Bar] rundll32 C:..PROGRA~1..MYWEBS~1..bar..1.bin..MWSBAR.DLL,S
O4 - HKLM......Run: [MyWebSearch Email Plugin] C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
close all internet windows and then click fix selected and then post a new log here because there r more things to be removed
place a check next to the following entries:
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page =
http://red.clientapps.yahoo.com/cust...efaults/sp/sbc
ydsl.r{}*http://yahoo.sbc.com/dsl
R1 - HKCU..Software..Microsoft..Internet Explorer..SearchURL,(Default) =
http://red.clientapps.yahoo.com/cust...efaults/su/sbc
ydsl.r{}*.local
R3 - URLSearchHook: (no name) - {719DA6B5-607A-3687-7190-15833CD896CB} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..PROGRA~1..Yahoo!
..Companion..Installs..cpn..yt.dll (file missing)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:..Program
Files..MyWebSearch..SrchAstt..1.bin..MWSSRCAS.DLL
O2 - BHO: (no name) - {33184FC8-8E0E-8AFA-5B64-8DED9C60D49C} - C:..WINDOWS..system32..zfdmpz.dll (file missing)
O2 - BHO: (no name) - {43CBE820-B564-4B5A-BD5E-F365C19E445C} - C:..WINDOWS..system32..pmnnnmn.dll (file missing)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:..Program Files..MSN Toolbar..01.01.2607.0..en
-us..msntb.dll (file missing)
O4 - HKLM......Run: [My Web Search Bar] rundll32 C:..PROGRA~1..MYWEBS~1..bar..1.bin..MWSBAR.DLL,S
O4 - HKLM......Run: [MyWebSearch Email Plugin] C:..PROGRA~1..MYWEBS~1..bar..1.bin..mwsoemon.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:..Program
Files..PartyGaming..PartyPoker..RunApp.exe (file missing)
close all internet windows and then click fix selected and then post a new log here because there r more things to be removed
|
Similar Threads
- Please look at this HJT log (Viruses, Spyware and other Nasties)
- Sorry, Don't know how to clean HJT Log (Viruses, Spyware and other Nasties)
- HJT Log, please help (Viruses, Spyware and other Nasties)
- Help Fix My Neighbor's Computer (HJT Log) (Viruses, Spyware and other Nasties)
- Two HJT's for review after fresh install, no problems, no hurry (Viruses, Spyware and other Nasties)
- Friends HJT log, (Viruses, Spyware and other Nasties)
- Big Baddie wont cant DL dllfix.exe - Please review HJT log (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Newbie here deperate for virus help!!
- Next Thread: Help...Trojan Zlob
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare domains e-mafia education email europe exam facebook fake fancheckvirus gaming gtaiv halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses war warning windows worm yahoo zeroday