xxkbxx Posted September 4, 2005 Report Share Posted September 4, 2005 Logfile of HijackThis v1.99.1Scan saved at 4:18:42 PM, on 9/4/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXEC:\WINDOWS\System32\ezSP_Px.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\PROGRA~1\mcafee.com\vso\mcvsshld.exeC:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\PROGRA~1\mcafee.com\mps\mscifapp.exeC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXEC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Creative\MediaSource\Detector\CTDetect.exeC:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exeC:\Program Files\ClickToConvert\C2CMonitor.exec:\progra~1\mcafee.com\vso\mcvsescn.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\1109976495\ee\AOLHostManager.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\WINDOWS\system32\devldr32.exec:\PROGRA~1\mcafee.com\vso\mcvsrte.exeC:\Program Files\Common Files\AOL\1109976495\ee\AOLServiceHost.exeC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exeC:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exeC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFAGENT.EXEc:\progra~1\mcafee.com\vso\mcvsftsn.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\wdfmgr.exeC:\WINDOWS\System32\wbem\wmiprvse.exec:\PROGRA~1\mcafee.com\vso\mcshield.exeC:\WINDOWS\System32\alg.exeC:\Program Files\America Online 9.0\waol.exeC:\Program Files\America Online 9.0\shellmon.exeC:\WINDOWS\explorer.exeC:\Program Files\AIM\aim.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Hijack This\HijackThis.exeO2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dllO2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dllO2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\AppPatch\nuturl.dllO2 - BHO: CEngine Object - {B824E7B0-E8E3-4D75-895E-2C309EA4CC5D} - (no file)O2 - BHO: (no name) - {E5A1691B-D188-4419-AD02-90002030B8EE} - (no file)O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dllO3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exeO4 - HKLM\..\Run: [speed racer] C:\Program Files\Creative\PlayCenter\CTSRReg.exeO4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXEO4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exeO4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktaskO4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exeO4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exeO4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embeddingO4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exeO4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startupO4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXEO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exeO4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1109976495\ee\AOLHostManager.exeO4 - HKLM\..\RunOnce: [0000 - C:\Documents and Settings\default\Start Menu\Programs\HP DeskJet 810C Series v11.1] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\default\Start Menu\Programs\HP DeskJet 810C Series v11.1"O4 - HKLM\..\RunOnce: [PrivacyGuardianIndex] C:\K Load\2\PgIndex.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /RO4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exeO4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -bO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: C2CMonitor.lnk = C:\Program Files\ClickToConvert\C2CMonitor.exeO8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTMLO8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.htmlO8 - Extra context menu item: Send Image to Phone - http://www.freeringers.net/ezimage.phpO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLLO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLLO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dllO9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLLO9 - Extra button: (no name) - {D5770C25-E0F4-4bb9-BCB6-DB17F7BFBB7F} - C:\K Load\DLoad\SafeGuard Popup Blocker Pro\PBOptions.exe (file missing)O9 - Extra 'Tools' menuitem: Popup Blocker Options - {D5770C25-E0F4-4bb9-BCB6-DB17F7BFBB7F} - C:\K Load\DLoad\SafeGuard Popup Blocker Pro\PBOptions.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...83/mcinsctl.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124915556609O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq.com/cab/prod/Driver_D..._Non_Member.CABO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,20/mcgdmgr.cabO16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cabO20 - Winlogon Notify: nuturl - C:\WINDOWS\AppPatch\nuturl.dllO23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeO23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exeO23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exeO23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exeO23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe Link to post Share on other sites
mlegg510 Posted September 4, 2005 Report Share Posted September 4, 2005 (edited) link to original thread in PC support about his winfixer problemForgot to say in the other thread, but hopefully you read the HJT instructions, you need to make sure to enable all hidden files/folders before you run this.Did you run the Spybot, A2 Squared and Ewido Suite ? Did it pick up anything ?I don't see winfixer in your log, but wait to see what a HJT from this board says.I am one in other places, not on the list here Edited September 4, 2005 by mlegg510 Link to post Share on other sites
Recommended Posts