0

This is a friends PC and he said it has been running slow lately so the topic says it all, please help and thnak you in advance. Here is his HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:50:49 PM, on 1/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:..WINNT..System32..smss.exe
C:..WINNT..system32..winlogon.exe
C:..WINNT..system32..services.exe
C:..WINNT..system32..lsass.exe
C:..WINNT..system32..svchost.exe
C:..WINNT..System32..svchost.exe
C:..WINNT..system32..spoolsv.exe
C:..Program Files..Citrix..ICA Client..ssonsvr.exe
C:..WINNT..system32..devldr32.exe
C:..WINNT..Explorer.EXE
C:..Program Files..Creative..ShareDLL..CtNotify.exe
C:..Program Files..Eset..nod32kui.exe
C:..Program Files..Java..jre1.6.0_02..bin..jusched.exe
C:..Program Files..QuickTime..qttask.exe
C:..WINNT..system32..ctfmon.exe
C:..Program Files..Messenger..msmsgs.exe
C:..Program Files..AIM6..aim6.exe
C:..Program Files..Creative..ShareDLL..MediaDet.Exe
C:..Program Files..Sony..Sony Picture Utility..VolumeWatcher..SPUVolumeWatcher.exe
C:..Program Files..AIM6..aolsoftware.exe
C:..WINNT..System32..PackethSvc.exe
C:..PROGRA~1..COMMON~1..AOL..ACS..acsd.exe
C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
C:..WINNT..System32..CTsvcCDA.exe
C:..Program Files..Eset..nod32krn.exe
C:..WINNT..System32..nvsvc32.exe
C:..WINNT..System32..svchost.exe
C:..Program Files..Viewpoint..Common..ViewpointService.exe
C:..WINNT..wanmpsvc.exe
C:..Program Files..Viewpoint..Viewpoint Manager..ViewMgr.exe
C:..Program Files..QdrPack..QdrPack12.exe
C:..Program Files..Java..jre1.6.0_02..bin..jucheck.exe
C:..Program Files..Common Files..Real..Update_OB..realsched.exe
C:..WINNT..svchost.exe
C:..Program Files..Ventrilo..Ventrilo.exe
C:..Program Files..Steam..steam.exe
C:..Program Files..Internet Explorer..iexplore.exe
C:..Program Files..Hewlett-Packard..HP Share-to-Web..hpgs2wnf.exe
C:..Program Files..Internet Explorer..iexplore.exe
C:..Documents and Settings..Jim..My Documents..HiJackThis.exe

R0 - HKCU..Software..Microsoft..Internet Explorer..Main,Start Page = http://www.comcast.net/
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM..Software..Microsoft..Internet Explorer..Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM..Software..Microsoft..Internet Explorer..Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69
ZMbubcDODB5xmjBn4fP/Dl3EZSINe2YdgjektiM1iBrUpgh7WcPwSF0NW9JUeXlHdjXjk7pg+laRfEF
cC9ycBhQvFkIN+3LSw4M/EeDJ2ghlgeW0+z23Zftzr/IbEpc9w+1z761N4ICspjzFA0jfgeMJ
VBHrSk3jRc5mkAE
R1 - HKCU..Software..Microsoft..Internet Explorer..SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13
Emww/Ywt/2xYhTlJWsBlSAONGafHSsg6hBNDdsOtwwJGapm6MwqXON+wFbvXgPGF
eENd/0h+bCY+feJ93Q=
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F3 - REG:win.ini: load=C:..WINNT..svchost.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:..Program Files..Yahoo!..Companion..Installs..cpn..ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Adobe..Acrobat 5.0..Reader..ActiveX..AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:..PROGRA~1..SPYBOT~1..SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:..Program Files..Java..jre1.6.0_02..bin..ssv.dll
O2 - BHO: BndBlock4 BHO Class - {8F9E2BE3-766D-4831-BB0E-766D5B819995} - C:..Program Files..QdrDrive..QdrDrive9.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:..Program Files..Viewpoint..Viewpoint Toolbar..3.8.0..ViewBarBHO.dll
O2 - BHO: (no name) - {E434D3C7-A673-4100-8140-79C020945017} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:..Program Files..Microsoft Money..System..mnyviewer.dll
O3 - Toolbar: (no name) - {53829F91-1B06-4DB9-B13E-812A986169F9} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..Program Files..Yahoo!..Companion..Installs..cpn..ycomp5_5_7_0.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:..Program Files..Common Files..Viewpoint..Toolbar Runtime..3.8.0..IEViewBar.dll
O4 - HKLM......Run: [Disc Detector] C:..Program Files..Creative..ShareDLL..CtNotify.exe
O4 - HKLM......Run: [nod32kui] "C:..Program Files..Eset..nod32kui.exe" /WAITSERVICE
O4 - HKLM......Run: [SunJavaUpdateSched] "C:..Program Files..Java..jre1.6.0_02..bin..jusched.exe"
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [TkBellExe] "C:..Program Files..Common Files..Real..Update_OB..realsched.exe" -osboot
O4 - HKCU......Run: [ctfmon.exe] C:..WINNT..system32..ctfmon.exe
O4 - HKCU......Run: [MSMSGS] "C:..Program Files..Messenger..msmsgs.exe" /background
O4 - HKCU......Run: [Steam] "c:..program files..steam..steam.exe" -silent
O4 - HKCU......Run: [Aim6] "C:..Program Files..AIM6..aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU......Run: [QdrModule11] "C:..Program Files..QdrModule..QdrModule11.exe"
O4 - HKCU......Run: [QdrPack12] "C:..Program Files..QdrPack..QdrPack12.exe"
O4 - HKUS..S-1-5-21-3962937336-3133978997-4149289120-1003......Ru
n: [MSMSGS] "C:..Program Files..Messenger..msmsgs.exe" /background (User '?')
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:..Program Files..Sony..Sony Picture Utility..VolumeWatcher..SPUVolumeWatcher.exe
O4 - Global Startup: America Online 6.0 Tray Icon.lnk = C:..Program Files..America Online 6.0a..aoltray.exe
O6 - HKCU..Software..Policies..Microsoft..Internet Explorer..Restrictions present
O6 - HKCU..Software..Policies..Microsoft..Internet Explorer..Control Panel present
O8 - Extra context menu item: &Search - ?p=ZB
O8 - Extra context menu item: &Viewpoint Search - res://C:..Program Files..Viewpoint..Viewpoint Toolbar..ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Look Up in &Encyclopedia - C:..Program Files..Common Files..Microsoft Shared..Reference 2001..A..ERS_ENC.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.6.0_02..bin..ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.6.0_02..bin..ssv.dll
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:..Program Files..Common Files..Microsoft Shared..Reference 2001..A..ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:..Program Files..Common Files..Microsoft Shared..Reference 2001..A..ERS_ENC.HTM
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:..Program Files..Microsoft Money..System..mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O10 - Unknown file in Winsock LSP: c:..winnt..system32..nwprovau.dll
O12 - Plugin for .spop: C:..Program Files..Internet Explorer..Plugins..NPDocBox.dll
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://66.48.68.135/save/makeover.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:..counter.cab
O16 - DPF: {3CC943C7-3C99-11D4-8135-0050041A5144} (RunExeActiveX.UserControl1) - file://C:..Program Files..Gateway..HelpSpot..RunExeActiveX.CAB
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.tren
dmicro.com/housecall/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - file://C:..Program Files..Gateway..HelpSpot..StartFirstControl.CAB
O16 - DPF: {CE37E095-ACFF-4380-A856-A560D389E5E1} (XPLControlProject.XPLControl) - file://C:..Program Files..Gateway..HelpSpot..XPLControl.CAB
O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - C:..Program Files..RcvSystem..httpdchk.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:..PROGRA~1..COMMON~1..AOL..ACS..acsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:..WINNT..System32..CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:..Program Files..Common Files..InstallShield..Driver..11..Intel 32..IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:..WINNT..System32..ImapiRox.exe
O23 - Service: iPod Service - Unknown owner - C:..Program Files..iPod..bin..iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:..Program Files..Eset..nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:..WINNT..System32..nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:..WINNT..System32..PackethSvc.exe
O23 - Service: PictureTaker - Unknown owner - c:..fixit..pt..PCTKRNT.SYS (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:..WINNT..System32..HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:..Program Files..Viewpoint..Common..ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:..WINNT..wanmpsvc.exe

--
End of file - 9961 bytes

5
Contributors
11
Replies
12
Views
9 Years
Discussion Span
Last Post by jaromir kosik
0

Dont know about HJT logs, but you can cleanup unneeded temporary files etc... using "CCleaner" and "ATF cleaner" (used together = ver effective)

0

thank you for your help, i will do that and see how it goes, but can someone help me clean up the HJT log?? thank you

0

check the following:

R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: (no name) - {E434D3C7-A673-4100-8140-79C020945017} - (no file)

O3 - Toolbar: (no name) - {53829F91-1B06-4DB9-B13E-812A986169F9} - (no file)

O8 - Extra context menu item: &Search - ?p=ZB

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.6.0_02..bin..ssv.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


click fix selected and restart and let me know if its any better and repost a new log

0

thanks, heres my new log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:17:25 PM, on 1/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:..WINNT..System32..smss.exe
C:..WINNT..system32..winlogon.exe
C:..WINNT..system32..services.exe
C:..WINNT..system32..lsass.exe
C:..WINNT..system32..svchost.exe
C:..WINNT..System32..svchost.exe
C:..WINNT..system32..spoolsv.exe
C:..Program Files..Citrix..ICA Client..ssonsvr.exe
C:..WINNT..system32..devldr32.exe
C:..WINNT..Explorer.EXE
C:..WINNT..svchost.exe
C:..Program Files..Creative..ShareDLL..CtNotify.exe
C:..Program Files..Eset..nod32kui.exe
C:..Program Files..Java..jre1.6.0_02..bin..jusched.exe
C:..Program Files..QuickTime..qttask.exe
C:..Program Files..Common Files..Real..Update_OB..realsched.exe
C:..WINNT..system32..ctfmon.exe
C:..Program Files..Messenger..msmsgs.exe
C:..program files..steam..steam.exe
C:..Program Files..AIM6..aim6.exe
C:..Program Files..Creative..ShareDLL..MediaDet.Exe
C:..Program Files..Sony..Sony Picture Utility..VolumeWatcher..SPUVolumeWatcher.exe
C:..Program Files..AIM6..aolsoftware.exe
C:..WINNT..System32..PackethSvc.exe
C:..PROGRA~1..COMMON~1..AOL..ACS..acsd.exe
C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
C:..WINNT..System32..CTsvcCDA.exe
C:..Program Files..Eset..nod32krn.exe
C:..WINNT..System32..nvsvc32.exe
C:..WINNT..System32..svchost.exe
C:..Program Files..Viewpoint..Common..ViewpointService.exe
C:..WINNT..wanmpsvc.exe
C:..Program Files..Viewpoint..Viewpoint Manager..ViewMgr.exe
C:..Program Files..Ventrilo..Ventrilo.exe
C:..Program Files..Internet Explorer..iexplore.exe
C:..Program Files..Java..jre1.6.0_02..bin..jucheck.exe
C:..Program Files..Microsoft Money..System..urlmap.exe
C:..Documents and Settings..Jim..My Documents..HiJackThis.exe

R0 - HKCU..Software..Microsoft..Internet Explorer..Main,Start Page = http://www.comcast.net/
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM..Software..Microsoft..Internet Explorer..Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F3 - REG:win.ini: load=C:..WINNT..svchost.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:..Program Files..Yahoo!..Companion..Installs..cpn..ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Adobe..Acrobat 5.0..Reader..ActiveX..AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:..PROGRA~1..SPYBOT~1..SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:..Program Files..Java..jre1.6.0_02..bin..ssv.dll
O2 - BHO: BndBlock4 BHO Class - {8F9E2BE3-766D-4831-BB0E-766D5B819995} - C:..Program Files..QdrDrive..QdrDrive9.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:..Program Files..Viewpoint..Viewpoint Toolbar..3.8.0..ViewBarBHO.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:..Program Files..Microsoft Money..System..mnyviewer.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:..Program Files..Yahoo!..Companion..Installs..cpn..ycomp5_5_7_0.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:..Program Files..Common Files..Viewpoint..Toolbar Runtime..3.8.0..IEViewBar.dll
O4 - HKLM......Run: [Disc Detector] C:..Program Files..Creative..ShareDLL..CtNotify.exe
O4 - HKLM......Run: [nod32kui] "C:..Program Files..Eset..nod32kui.exe" /WAITSERVICE
O4 - HKLM......Run: [SunJavaUpdateSched] "C:..Program Files..Java..jre1.6.0_02..bin..jusched.exe"
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [TkBellExe] "C:..Program Files..Common Files..Real..Update_OB..realsched.exe" -osboot
O4 - HKCU......Run: [ctfmon.exe] C:..WINNT..system32..ctfmon.exe
O4 - HKCU......Run: [MSMSGS] "C:..Program Files..Messenger..msmsgs.exe" /background
O4 - HKCU......Run: [Steam] "c:..program files..steam..steam.exe" -silent
O4 - HKCU......Run: [Aim6] "C:..Program Files..AIM6..aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU......Run: [QdrModule11] "C:..Program Files..QdrModule..QdrModule11.exe"
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:..Program Files..Sony..Sony Picture Utility..VolumeWatcher..SPUVolumeWatcher.exe
O4 - Global Startup: America Online 6.0 Tray Icon.lnk = C:..Program Files..America Online 6.0a..aoltray.exe
O6 - HKCU..Software..Policies..Microsoft..Internet Explorer..Restrictions present
O6 - HKCU..Software..Policies..Microsoft..Internet Explorer..Control Panel present
O8 - Extra context menu item: &Viewpoint Search - res://C:..Program Files..Viewpoint..Viewpoint Toolbar..ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Look Up in &Encyclopedia - C:..Program Files..Common Files..Microsoft Shared..Reference 2001..A..ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:..Program Files..Common Files..Microsoft Shared..Reference 2001..A..ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:..Program Files..Common Files..Microsoft Shared..Reference 2001..A..ERS_ENC.HTM
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:..Program Files..Microsoft Money..System..mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O10 - Unknown file in Winsock LSP: c:..winnt..system32..nwprovau.dll
O12 - Plugin for .spop: C:..Program Files..Internet Explorer..Plugins..NPDocBox.dll
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://66.48.68.135/save/makeover.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:..counter.cab
O16 - DPF: {3CC943C7-3C99-11D4-8135-0050041A5144} (RunExeActiveX.UserControl1) - file://C:..Program Files..Gateway..HelpSpot..RunExeActiveX.CAB
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.tren
dmicro.com/housecall/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - file://C:..Program Files..Gateway..HelpSpot..StartFirstControl.CAB
O16 - DPF: {CE37E095-ACFF-4380-A856-A560D389E5E1} (XPLControlProject.XPLControl) - file://C:..Program Files..Gateway..HelpSpot..XPLControl.CAB
O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - C:..Program Files..RcvSystem..httpdchk.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:..PROGRA~1..COMMON~1..AOL..ACS..acsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:..WINNT..System32..CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:..Program Files..Common Files..InstallShield..Driver..11..Intel 32..IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:..WINNT..System32..ImapiRox.exe
O23 - Service: iPod Service - Unknown owner - C:..Program Files..iPod..bin..iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:..Program Files..Eset..nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:..WINNT..System32..nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:..WINNT..System32..PackethSvc.exe
O23 - Service: PictureTaker - Unknown owner - c:..fixit..pt..PCTKRNT.SYS (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:..WINNT..System32..HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:..Program Files..Viewpoint..Common..ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:..WINNT..wanmpsvc.exe

--
End of file - 8469 bytes

0

You have a problem there, but if you want to get it clean, you must post an un-edited hijackthis log!

0

okay i will get his log and re-post it/edit this post and will make the changes you posted overwhelmed. thanks.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.