Sign in to follow this  
yloops

Help Me please Have hjt Log File

Recommended Posts

Hi www.hi5.com has just compltely stopped working ...says that page cannot be displayed. All other internet sites work on my computer. I checked with others and www.hi5.com works perfectly. Wondering if it could be that i have a trojan or something.

My hjt log has is below. Please help.

 

Logfile of HijackThis v1.99.1

Scan saved at 13:19:06, on 03/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

D:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

D:\Program Files\DAEMON Tools\daemon.exe

D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

D:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

D:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

D:\PROGRA~1\MICROS~3\rapimgr.exe

D:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

C:\Program Files\Motorola\Motorola Desktop Suite\DesktopSuite.exe

C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe

C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SYMBIA~1.EXE

C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SCBAL.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\Program Files\Hijack This\HijackThis.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\WINDOWS\system32\ospitray.exe

 

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - d:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - d:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [DAEMON Tools] "d:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [ssAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

O4 - HKLM\..\Run: [eBayToolbar] d:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"

O4 - HKCU\..\Run: [bitComet] "D:\Program Files\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?

O4 - Global Startup: Motorola Desktop Suite mRouter Config.lnk = C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

O4 - Global Startup: Motorola Desktop Suite.lnk = C:\Program Files\Motorola\Motorola Desktop Suite\DesktopSuite.exe

O8 - Extra context menu item: &eBay Search - res://D:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{EBB6916B-3EFC-4348-B518-D002C351256A}: NameServer = 192.168.0.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

 

Thanks In Advance For your Help

Share this post


Link to post
Share on other sites

Hi,

 

HijackThis is not the first tool to use if you think you are infected.

 

1. First please get one, preferably two of the following Free online AV scans. This is to ensure that your resident AV has not missed something or been disabled:

 

eTrust Antivirus Web Scanner

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

(if prompted, please *allow* Active X and the install of software - this is needed to scan your system)

It will take a while to download the updates needed, and then you'll be presented with a screen to scan your system.

 

 

Trend Micro (PC-cillin) - Free on-line Scan

http://housecall.antivirus.com

 

Panda's Active Scan

http://www.pandasoftware.com/products/activescan.htm

 

2. Use this free online scanner to scan for trojans:

Ewido free online scanner

http://www.ewido.net/en/onlinescan/

 

If any infections are found, please post the scan log or results of the scan back here for review

.............................................................

Next, this is the Lavasoft Support Forum, for help with use of Lavasoft products like Ad-Aware SE.

 

We need to see your latest Adaware Scan log with the latest reference file update. You may have to run it more than one time to get everything. Please reboot between cleanings as it sometimes requires a reboot to get rid of any hard to remove nasties. When you finally get an Adaware scan with no critical objects detected, then please post the log.

 

Please make sure that you are using

Ad-aware SE Build 106r1

Note: If your version is 6.0 and not the SE, you need to uninstall and get the latest version from the above link.

 

[if not Uninstall your old Ad-aware first then install SE]

Then use the WebUpDate

to get the latest Definition file

SE1R118 07.08.2006

To do this Open Ad-aware

Click the WebUpDate

button at the top right hand side of the Ad-aware screen (The world globe).

Click "Connect"

Ad-aware will then download the latest Definition file for you.

To make sure it is updated , look at the main

Ad-aware screen, and look under "Initialization Status"

It should say the Latest Definition file.

then scan doing a "Full Scan"

and then post your logfile here by using the Add-Reply Feature .

As Logs are stored in :

C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.

An easy way to get there is to

click Start,

click Run

And type in and press ENTER: %appdata%

then click Lavasoft

then Ad-Aware

and then Logs.

scroll down to find the latest one that you have

(by date & time)

and open it right Click select all

copy and then paste the contents of it here.

(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)

...............

Finally, scan again and post a fresh HijackThis log for review to see where you are now.

Share this post


Link to post
Share on other sites

I ait did the check wid the internet scanners and they found nothing...

 

My Adaware found a couple nasties but i clear them off did another scan to enusre they were gon.....

 

this is the adaware log:

 

Ad-Aware SE Build 1.06r1

Logfile Created on:07 August 2006 14:28:48

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R118 07.08.2006

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

None

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

07-08-2006 14:28:48 - Scan started. (Full System Scan)

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32\

ProcessID : 624

ThreadCreationTime : 07-08-2006 08:21:48

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32\

ProcessID : 684

ThreadCreationTime : 07-08-2006 08:21:49

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\system32\

ProcessID : 708

ThreadCreationTime : 07-08-2006 08:21:49

BasePriority : High

 

 

#:4 [services.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 756

ThreadCreationTime : 07-08-2006 08:21:50

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Services and Controller app

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 768

ThreadCreationTime : 07-08-2006 08:21:50

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 936

ThreadCreationTime : 07-08-2006 08:21:50

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1004

ThreadCreationTime : 07-08-2006 08:21:51

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : C:\WINDOWS\System32\

ProcessID : 1100

ThreadCreationTime : 07-08-2006 08:21:51

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1152

ThreadCreationTime : 07-08-2006 08:21:51

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1236

ThreadCreationTime : 07-08-2006 08:21:51

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [spoolsv.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1488

ThreadCreationTime : 07-08-2006 08:21:52

BasePriority : Normal

FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)

ProductVersion : 5.1.2600.2696

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:12 [aswupdsv.exe]

FilePath : D:\Program Files\Alwil Software\Avast4\

ProcessID : 1676

ThreadCreationTime : 07-08-2006 08:21:53

BasePriority : Normal

 

 

#:13 [ashserv.exe]

FilePath : D:\Program Files\Alwil Software\Avast4\

ProcessID : 1692

ThreadCreationTime : 07-08-2006 08:21:53

BasePriority : High

FileVersion : 4, 7, 844, 0

ProductVersion : 4, 7, 0, 0

ProductName : avast! Antivirus

FileDescription : avast! antivirus service

InternalName : aswServ

LegalCopyright : Copyright © 2006 ALWIL Software

OriginalFilename : aswServ.exe

 

#:14 [mdm.exe]

FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\

ProcessID : 1740

ThreadCreationTime : 07-08-2006 08:21:54

BasePriority : Normal

FileVersion : 7.00.9466

ProductVersion : 7.00.9466

ProductName : Microsoft® Visual Studio .NET

CompanyName : Microsoft Corporation

FileDescription : Machine Debug Manager

InternalName : mdm.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : mdm.exe

 

#:15 [smagent.exe]

FilePath : C:\Program Files\Analog Devices\SoundMAX\

ProcessID : 1832

ThreadCreationTime : 07-08-2006 08:21:54

BasePriority : Normal

FileVersion : 3, 2, 6, 0

ProductVersion : 3, 2, 6, 0

ProductName : SoundMAX service agent

CompanyName : Analog Devices, Inc.

FileDescription : SoundMAX service agent component

InternalName : SMAgent

LegalCopyright : Copyright © 2002

OriginalFilename : SMAgent.exe

 

#:16 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1884

ThreadCreationTime : 07-08-2006 08:21:54

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:17 [explorer.exe]

FilePath : C:\WINDOWS\

ProcessID : 232

ThreadCreationTime : 07-08-2006 08:21:55

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows Explorer

InternalName : explorer

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : EXPLORER.EXE

 

#:18 [hkcmd.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1308

ThreadCreationTime : 07-08-2006 08:22:02

BasePriority : Normal

FileVersion : 3.0.0.4497

ProductVersion : 7.0.0.4497

ProductName : Intel® Common User Interface

CompanyName : Intel Corporation

FileDescription : hkcmd Module

InternalName : HKCMD

LegalCopyright : Copyright 1999-2004, Intel Corporation

OriginalFilename : HKCMD.EXE

 

#:19 [igfxpers.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1316

ThreadCreationTime : 07-08-2006 08:22:02

BasePriority : Normal

FileVersion : 3.0.0.4497

ProductVersion : 7.0.0.4497

ProductName : Intel® Common User Interface

CompanyName : Intel Corporation

FileDescription : persistence Module

InternalName : PERSISTENCE

LegalCopyright : Copyright 1999-2004, Intel Corporation

OriginalFilename : IGFXPERS.EXE

 

#:20 [jusched.exe]

FilePath : C:\Program Files\Java\jre1.5.0_06\bin\

ProcessID : 1900

ThreadCreationTime : 07-08-2006 08:22:04

BasePriority : Normal

 

 

#:21 [daemon.exe]

FilePath : D:\Program Files\DAEMON Tools\

ProcessID : 1916

ThreadCreationTime : 07-08-2006 08:22:05

BasePriority : Normal

 

 

#:22 [ssaad.exe]

FilePath : D:\PROGRA~1\Sony\SONICS~1\

ProcessID : 1796

ThreadCreationTime : 07-08-2006 08:22:06

BasePriority : Normal

FileVersion : 3.4.01.13062

FileDescription : SonicStage Atrac Hard Disk Monitor

InternalName : SonicStage Atrac Hard Disk Monitor

LegalCopyright : Copyright 2005 Sony Corporation

 

#:23 [ashdisp.exe]

FilePath : D:\PROGRA~1\ALWILS~1\Avast4\

ProcessID : 492

ThreadCreationTime : 07-08-2006 08:22:06

BasePriority : Normal

FileVersion : 5, 0, 0, 0

ProductVersion : 5, 0, 0, 0

ProductName : avast! Antivirus

FileDescription : avast! service GUI component

InternalName : aswDisp

LegalCopyright : Copyright © 2006 ALWIL Software

OriginalFilename : aswDisp.exe

 

#:24 [nmbgmonitor.exe]

FilePath : C:\Program Files\Common Files\Ahead\lib\

ProcessID : 2032

ThreadCreationTime : 07-08-2006 08:22:07

BasePriority : Normal

 

 

#:25 [ashmaisv.exe]

FilePath : D:\Program Files\Alwil Software\Avast4\

ProcessID : 2016

ThreadCreationTime : 07-08-2006 08:22:07

BasePriority : Normal

 

 

#:26 [msmsgs.exe]

FilePath : C:\Program Files\Messenger\

ProcessID : 1340

ThreadCreationTime : 07-08-2006 08:22:08

BasePriority : Normal

FileVersion : 4.7.3001

ProductVersion : Version 4.7.3001

ProductName : Messenger

CompanyName : Microsoft Corporation

FileDescription : Windows Messenger

InternalName : msmsgs

LegalCopyright : Copyright © Microsoft Corporation 2004

LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.

OriginalFilename : msmsgs.exe

 

#:27 [mrouterconfig.exe]

FilePath : C:\Program Files\Intuwave\Shared\mRouterRuntime\

ProcessID : 1772

ThreadCreationTime : 07-08-2006 08:22:09

BasePriority : Normal

FileVersion : 3, 1, 0, 28

ProductVersion : 3, 0, 0, 0

ProductName : mRouter

CompanyName : Intuwave Ltd.

FileDescription : mRouterConfig Module

InternalName : mRouterConfig

LegalCopyright : Copyright © Intuwave Ltd. 2003

OriginalFilename : mRouterConfig.EXE

 

#:28 [ashwebsv.exe]

FilePath : D:\Program Files\Alwil Software\Avast4\

ProcessID : 2072

ThreadCreationTime : 07-08-2006 08:22:10

BasePriority : Normal

 

 

#:29 [wcescomm.exe]

FilePath : D:\Program Files\Microsoft ActiveSync\

ProcessID : 2104

ThreadCreationTime : 07-08-2006 08:22:11

BasePriority : Normal

FileVersion : 4.0.4343.0

ProductVersion : 4.0.4343

ProductName : Microsoft ActiveSync

CompanyName : Microsoft Corporation

FileDescription : ActiveSync Connection Manager

InternalName : wcescomm

LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.

LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.

OriginalFilename : WCESCOMM.EXE

 

#:30 [msnmsgr.exe]

FilePath : C:\Program Files\MSN Messenger\

ProcessID : 2160

ThreadCreationTime : 07-08-2006 08:22:12

BasePriority : Normal

FileVersion : 8.0.0792.00

ProductVersion : 8.0.0792

ProductName : Messenger

CompanyName : Microsoft Corporation

FileDescription : Messenger

InternalName : msnmsgr.exe

LegalCopyright : Copyright © Microsoft Corporation. All rights reserved.

OriginalFilename : msnmsgr.exe

 

#:31 [alg.exe]

FilePath : C:\WINDOWS\System32\

ProcessID : 2216

ThreadCreationTime : 07-08-2006 08:22:13

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:32 [ctfmon.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2372

ThreadCreationTime : 07-08-2006 08:22:14

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : CTF Loader

InternalName : CTFMON

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : CTFMON.EXE

 

#:33 [rapimgr.exe]

FilePath : D:\PROGRA~1\MICROS~3\

ProcessID : 2616

ThreadCreationTime : 07-08-2006 08:22:15

BasePriority : Normal

FileVersion : 4.0.4343.0

ProductVersion : 4.0.4343

ProductName : Microsoft ActiveSync

CompanyName : Microsoft Corporation

FileDescription : ActiveSync RAPI Manager

InternalName : rapimgr

LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.

LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.

OriginalFilename : rapimgr.exe

 

#:34 [mrouterruntime.exe]

FilePath : C:\Program Files\Intuwave\Shared\mRouterRuntime\

ProcessID : 2632

ThreadCreationTime : 07-08-2006 08:22:16

BasePriority : Normal

FileVersion : 3, 1, 0, 28

ProductVersion : 3, 0, 0, 0

ProductName : mRouter

CompanyName : Intuwave Ltd.

FileDescription : mRouterRuntime Module

InternalName : mRouterRuntime

LegalCopyright : Copyright © Intuwave Ltd. 2003

OriginalFilename : mRouterRuntime.DLL

 

#:35 [utility.exe]

FilePath : D:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\

ProcessID : 2704

ThreadCreationTime : 07-08-2006 08:22:16

BasePriority : Normal

FileVersion : 1, 0, 0, 6

ProductVersion : 1, 0, 0, 6

ProductName : Utility Application

CompanyName : Belkin

FileDescription : WLANSTAT CONFIGURATION UTILITY

InternalName : Utility

LegalCopyright : Copyright © 2003-2004

OriginalFilename : Utility.EXE

 

#:36 [desktopsuite.exe]

FilePath : C:\Program Files\Motorola\Motorola Desktop Suite\

ProcessID : 2792

ThreadCreationTime : 07-08-2006 08:22:18

BasePriority : Normal

FileVersion : 1, 0, 0, 1

ProductVersion : 1, 0, 0, 1

ProductName : Symbian Connect QI

CompanyName : Symbian Ltd.

FileDescription : Symbian Connect QI Reference User Interface

InternalName : SymbianConnect

LegalCopyright : Copyright © Symbian Ltd. 2002 - 2003

OriginalFilename : SymbianConnect.exe

 

#:37 [fcpms.exe]

FilePath : D:\Program Files\Freecom Personal Media Suite\

ProcessID : 3004

ThreadCreationTime : 07-08-2006 08:22:20

BasePriority : Normal

FileVersion : 2.18

ProductVersion : 2.18

ProductName : Freecom Personal Media Suite

CompanyName : Freecom

FileDescription : Personal Media Suite

InternalName : Zion

LegalCopyright : Copyright © 2003-2005

OriginalFilename : FCPMS.exe

 

#:38 [symbia~1.exe]

FilePath : C:\PROGRA~1\Symbian\Shared\SYMBIA~1\

ProcessID : 3300

ThreadCreationTime : 07-08-2006 08:22:21

BasePriority : Normal

FileVersion : 1, 0, 0, 1

ProductVersion : 1, 0, 0, 1

ProductName : Symbian Connect QI

CompanyName : Symbian Software Ltd.

FileDescription : The Symbian Connect Object Model for Symbian Connect QI

InternalName : SymbianConnectRuntime

LegalCopyright : Copyright © Symbian Software Ltd 2002 - 2004. All rights reserved.

OriginalFilename : SymbianConnectRuntime.EXE

 

#:39 [scbal.exe]

FilePath : C:\PROGRA~1\Symbian\Shared\SYMBIA~1\

ProcessID : 3364

ThreadCreationTime : 07-08-2006 08:22:23

BasePriority : Normal

FileVersion : 1, 0, 0, 1

ProductVersion : 1, 0, 0, 1

ProductName : Symbian Connect QI

CompanyName : Symbian Software Ltd.

FileDescription : Bearer Abstraction Layer - Controller

InternalName : SCBALController

LegalCopyright : Copyright © Symbian Software Ltd 2003 - 2004. All rights reserved.

OriginalFilename : SCBALController.EXE

 

#:40 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2496

ThreadCreationTime : 07-08-2006 08:22:38

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:41 [svchost.exe]

FilePath : C:\WINDOWS\System32\

ProcessID : 208

ThreadCreationTime : 07-08-2006 08:39:56

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:42 [azureus.exe]

FilePath : d:\Program Files\Azureus\

ProcessID : 2980

ThreadCreationTime : 07-08-2006 09:50:01

BasePriority : Normal

 

 

#:43 [ad-aware.exe]

FilePath : D:\PROGRA~1\Lavasoft\AD-AWA~1\

ProcessID : 3056

ThreadCreationTime : 07-08-2006 12:55:59

BasePriority : Normal

FileVersion : 6.2.0.236

ProductVersion : SE 106

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft AB Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

 

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for C:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Deep scanning and examining files (D:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for D:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 0

 

 

14:40:41 Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:11:53.63

Objects scanned:148829

Objects identified:0

Objects ignored:0

New critical objects:0

 

Ill put my new HJT log in another reply

Share this post


Link to post
Share on other sites

And this is the new Hjt Log..

 

Logfile of HijackThis v1.99.1

Scan saved at 15:17:14, on 07/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

D:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

D:\Program Files\DAEMON Tools\daemon.exe

D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

D:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

D:\PROGRA~1\MICROS~3\rapimgr.exe

C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe

D:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

C:\Program Files\Motorola\Motorola Desktop Suite\DesktopSuite.exe

D:\Program Files\Freecom Personal Media Suite\FCPMS.exe

C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SYMBIA~1.EXE

C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SCBAL.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

d:\Program Files\Azureus\Azureus.exe

D:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\Program Files\Hijack This\HijackThis.exe

 

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [DAEMON Tools] "d:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [ssAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"

O4 - HKCU\..\Run: [bitComet] "D:\Program Files\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Freecom Personal Media Suite.lnk = D:\Program Files\Freecom Personal Media Suite\FCPMS.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?

O4 - Global Startup: Motorola Desktop Suite mRouter Config.lnk = C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

O4 - Global Startup: Motorola Desktop Suite.lnk = C:\Program Files\Motorola\Motorola Desktop Suite\DesktopSuite.exe

O8 - Extra context menu item: &eBay Search - res://D:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{EBB6916B-3EFC-4348-B518-D002C351256A}: NameServer = 192.168.0.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

 

Thanx again for ur help In advance

Share this post


Link to post
Share on other sites

Ok, good! Using full system scanners to check your system is a much better way to look for malware problems. Hijackthis doesn't see anything either, so I suspect your problems are something other than a trojan or spyware.

Share this post


Link to post
Share on other sites
Sign in to follow this