Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack Log, Please Help


  • Please log in to reply
1 reply to this topic

#1 chrism

chrism

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 05 March 2008 - 08:49 PM

My computer is running very slow. Couldn't run hijackThis. It appeared to be blocked. Downloaded winpatrol as recommended in another post and got hijackPatrol.log from that.

Seems to be a ton of tmp files in my c:\ root directory as well...

Please help.

Thanks,
-Chris

Log created by WinPatrol version 14.0.2007.1:14.0.2007.1
Scan saved at 8:37:25 PM, on 3/05/2008
Platform: Windows XP SP2 Service Pack 2 (Build 2600)
MSIE: Internet Explorer (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRAM FILES\Lavasoft\AD-AWARE 2007\AAWSERVICE.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\PROGRAM FILES\COMMON FILES\INTERVIDEO\DEVICESERVICE\DevSvc.exe
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSrvc.exe
C:\WINDOWS\system32\PSISERVICE.EXE
C:\PROGRAM FILES\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
C:\PROGRAM FILES\COMMON FILES\ULEAD SYSTEMS\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.exe
C:\PROGRAM FILES\Roxio\EASY CD CREATOR 6\AUDIOCENTRAL\RxMon.exe
C:\PROGRAM FILES\MICROSOFT INTELLITYPE PRO\type32.exe
C:\PROGRAM FILES\MICROSOFT INTELLIPOINT\point32.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRAM FILES\Creative\SOUND BLASTER X-FI\DVDAudio\CTDVDDET.exe
C:\PROGRAM FILES\Creative\SHARED FILES\MODULE LOADER\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\system32\CTXFISPI.EXE
C:\WINDOWS\system32\DLA\DLACTRLW.EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM.exe
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PRECISIONSCAN\PRECISIONSCAN\HPLamp.exe
C:\PROGRAM FILES\Adobe\PHOTOSHOP ELEMENTS 5.0\apdproxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAM FILES\FISHER-PRICE\DACS\MiniApp\DACSMINIAPP.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\MESSENGER\msmsgs.exe
C:\PROGRAM FILES\ATI MULTIMEDIA\RemCtrl\ATIRW.EXE
C:\PROGRAM FILES\ATI MULTIMEDIA\main\atidtct.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\wmpnscfg.exe
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
C:\PROGRAM FILES\Roxio\EASY CD CREATOR 6\AUDIOCENTRAL\Playlist.exe
C:\PROGRAM FILES\WinZip\WZQKPICK.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
O1 - Hosts: 127.0.0.
O2 - BHO: - {45DE0107-A667-439C-A161-CD7C5A3CD636} -
O2 - BHO: ssttr - {7D955F64-3014-4464-A834-ACF7D9AB5EDC} - C:\WINDOWS\system32\ssttr.dll
O2 - BHO: zxtvkdnd - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\zxtvkdnd.dll
O2 - BHO: rqrqron - {B3ADDB7B-3DF5-4672-82DD-775FFF180134} - C:\WINDOWS\system32\rqrqron.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ATICCC]C:\Program Files\ATI Technologies\ATI.ACE\cli.exe runtime
O4 - HKLM\..\Run: [RoxioEngineUtility]C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe
O4 - HKLM\..\Run: [RoxioAudioCentral]C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup]C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler]C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start
O4 - HKLM\..\Run: [EPSON Stylus Photo 960]C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P22 EPSON Stylus Photo 960 /O11 SC430490_P2 /M Stylus Photo 960
O4 - HKLM\..\Run: [type32]C:\Program Files\Microsoft IntelliType Pro\type32.exe
O4 - HKLM\..\Run: [IntelliPoint]C:\Program Files\Microsoft IntelliPoint\point32.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent]bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task]C:\Program Files\QuickTime\qttask.exe -atboottime
O4 - HKLM\..\Run: [CTDVDDET]C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe
O4 - HKLM\..\Run: [RCSystem]C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator]C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe -1 AudioDrvEmulator C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll
O4 - HKLM\..\Run: [VolPanel]C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe /r
O4 - HKLM\..\Run: [CTHelper]CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp]CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg]C:\WINDOWS\Updreg.EXE
O4 - HKLM\..\Run: [ccApp]C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [osCheck]C:\Program Files\Norton Internet Security\osCheck.exe
O4 - HKLM\..\Run: [DLA]C:\WINDOWS\system32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM]C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe -scheduler
O4 - HKLM\..\Run: [HP Lamp]C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader]C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng]C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
O4 - HKLM\..\Run: [DACSMiniApp]C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
O4 - HKLM\..\Run: [LanguageShortcut]C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [9c4f44dd]C:\WINDOWS\system32\tchxhqer.dll,b
O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [BM9f7c7741]C:\WINDOWS\system32\rxvyrjbl.dll,s
O4 - HKCU\..\Run: [MSMSGS]C:\Program Files\Messenger\MSMSGS.EXE /background
O4 - HKCU\..\Run: [ATI Remote Control]C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
O4 - HKCU\..\Run: [ATI DeviceDetect]C:\Program Files\ATI Multimedia\main\atidtct.exe
O4 - HKCU\..\Run: [updateMgr]C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG]C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKCU\..\Run: [braviax]C:\WINDOWS\system32\braviax.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer]C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: WinZip Quick Pick.lnk=C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program Files\Java\j2re1.4.2_16\bin
O11 - Options group: [] -
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/3/9...heckControl.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://E:\components\hidinputmonitorx.ocx
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc3.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://E:\components\A9.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128975371328
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1129901658968
O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4} (PrintEngine ActiveX Control v4.2) - http://wxpcmalunow:8080/ddrint/content/ddiprintengine.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.4.2_16) - http://java.sun.com/products/plugin/autodl...indows-i586.cab
O16 - DPF: {CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA} (Java Plug-in 1.4.2_16) - http://java.sun.com/products/plugin/autodl...indows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} (CTAdjust Class) - http://download.microsoft.com/download/7/E...04/clearadj.cab
O20 - AppInit_DLLs: cru629.dat

O21 - WPDShServiceObj - WPDShServiceObj Class - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - UPnPMonitor - UPnP Tray Monitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
O23 - Service: Ad-Aware 2007 Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V5 - - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Settings Manager - - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon
O23 - Service: Symantec Lic NetConnect service - - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon
O23 - Service: COM Host - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: EPSON Printer Status Agent2 - - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EPSON V3 Service4(01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE
O23 - Service: LiveUpdate Notice Service Ex - - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon
O23 - Service: LiveUpdate Notice Service - - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
O23 - Service: ProtexisLicensing - - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) - - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Ulead Burning Helper - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--- Additional WinPatrol Info ---
Default Browser: Windows® Internet Explorer - Internet Explorer version 7.00.6000.16414
MSIE: Internet Explorer (7.00.6000.16414)
285 IE Cookies in Folder: C:\Documents and Settings\Chris\Cookies\

WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS3: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe

WP03 - Windows Automatic Update = 2:Notify me but don't automatically download or install them.


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://

WP31 - Scheduled Tasks: [User_Feed_Synchronization-{2610D575-B1E7-4E9D-8D27-93D1E9E2C16C}.job]C:\WINDOWS\system32\msfeedssync.exe 03/05/2008 8:20 PM
WP31 - Scheduled Tasks: [Norton Internet Security - Run Full System Scan - Chris.job]C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe 02/01/2008 8:00 PM

WP32 - Hidden File: C:\boot.ini
WP32 - Hidden File: C:\IO.SYS
WP32 - Hidden File: C:\MSDOS.SYS
WP32 - Hidden File: C:\NTDETECT.COM
WP32 - Hidden File: C:\ntldr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\Thumbs.db
WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
WP32 - Hidden File: C:\WINDOWS\Thumbs.db
WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
WP32 - Hidden File: C:\WINDOWS\winnt.bmp
WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
WP32 - Hidden File: C:\WINDOWS\system32\KGyGaAvL.sys
WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\reqhxhct.ini
WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
WP32 - Hidden File: C:\WINDOWS\system32\rttss.ini
WP32 - Hidden File: C:\WINDOWS\system32\rttss.ini2
WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\zxtvkdnd.dllbox
WP32 - Hidden File: C:\Documents and Settings\Chris\Local Settings\Temp\.Sony_PMBrowser1000_BrowserDiskCache
WP32 - Hidden File: C:\Documents and Settings\Chris\Local Settings\Temp\.Sony_PMBrowser1000_BrowserDiskCache.idx
WP32 - Hidden File: C:\Documents and Settings\Chris\Local Settings\Temp\CTZapTest.txt

WP33 - File Type .AVI: [Video Clip]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
WP33 - File Type .BAT: [MS-DOS Batch File]%1 %*
WP33 - File Type .CAB: [WinZip File]C:\PROGRA~1\WINZIP\winzip32.exe %1
WP33 - File Type .CAT: [Security Catalog]rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Compiled HTML Help file]C:\WINDOWS\hh.exe %1
WP33 - File Type .COM: [MS-DOS Application]%1 %*
WP33 - File Type .CMD: [Windows NT Command Script]%1 %*
WP33 - File Type .DOC: [Microsoft Word Document]C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde
WP33 - File Type .EML: [Internet E-Mail Message]C:\Program Files\Outlook Express\msimn.exe /eml:%1
WP33 - File Type .EXE: [Application]%1 %*
WP33 - File Type .INF: [Setup Information]C:\WINDOWS\System32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JScript Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Outlook Item]C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [MIDI Sequence]C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
WP33 - File Type .MP3: [MP3 Format Sound]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:6 /Open %L
WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
WP33 - File Type .REG: [Registration Entries]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde
WP33 - File Type .SCR: [Screen Saver]%1 /S
WP33 - File Type .TXT: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Internet Shortcut]rundll32.exe ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [VBScript Encoded Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Windows Script Host Settings File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Excel Worksheet]C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE /e

Memory currently in use: 48%
Physical Memory Free: 537,936 KB
Paging File Free: 2,058,328 KB
Virtual Memory Free: 2,043,732 KB


--
End of file

BC AdBot (Login to Remove)

 


m

#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:40 AM

Posted 24 March 2008 - 02:03 PM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Thank you for your patience.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users