Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log- Dozens of error messages upon startup


  • This topic is locked This topic is locked
2 replies to this topic

#1 Wsa23899

Wsa23899

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:33 AM

Posted 17 February 2009 - 07:57 AM

Hi. Whenever I start up my computer, dozens of error messages pop up. They say "Data Execution Prevention- Microsoft. Name: DHCP Wizard. Publisher: Microsoft Corporation. I recently got the BSOD for the first time. This is my Hijackthis log. Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:15:29 PM, on 2/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\winlognn.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\drivers\services.exe
C:\Documents and Settings\DELUEX FOOD MARKET\svchost.exe
C:\WINDOWS\TEMP\winlognn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Documents and Settings\DELUEX FOOD MARKET\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\dumprep.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Superpen_Soft\hwshell.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\DELUEX FOOD MARKET\Start Menu\Programs\Startup\userinit.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\DELUEX FOOD MARKET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\BN35.tmp
C:\WINDOWS\TEMP\tkg39.tmp
c:\program files\aim toolbar\aimtbServer.exe
C:\Documents and Settings\DELUEX FOOD MARKET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\axygda.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\DELUEX FOOD MARKET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\DELUEX FOOD MARKET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: C:\WINDOWS\system32\osm3of8s3njd.dll - {C5AF42A3-94F3-42BD-F634-3604832C897D} - C:\WINDOWS\system32\osm3of8s3njd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [dc2f251d] rundll32.exe "C:\WINDOWS\system32\argmhayy.dll",b
O4 - HKLM\..\Run: [Rculob] rundll32.exe "C:\WINDOWS\Rkomeboqu.dll",e
O4 - HKLM\..\Run: [jsf8uiw3jnjgffght] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\winlognn.exe
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKLM\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe
O4 - HKLM\..\Run: [winlogon] C:\Documents and Settings\DELUEX FOOD MARKET\svchost.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [lrijh8s73jhbfgfd] C:\WINDOWS\TEMP\winlognn.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WinXDefender] C:\Program Files\WinXDefender\WinXDefender.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\DELUEX FOOD MARKET\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKCU\..\Run: [jsf8uiw3jnjgffght] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\winlognn.exe
O4 - HKCU\..\Run: [lrijh8s73jhbfgfd] C:\WINDOWS\TEMP\winlognn.exe
O4 - HKCU\..\Run: [ua8198pkxn21ph22ljockfcya5x8mler079g9hyke2b5oxcu] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\pybvwh0etn3.exe
O4 - HKCU\..\Run: [whnopfeseu3v9qv2o3hdod9dt0] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\uxbu0d.exe
O4 - HKCU\..\Run: [ljbcbhcl0jgp70djzg8aeg6y1d5y85g3u5ks6yybcduzt5jdmc] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\ep6ffn.exe
O4 - HKCU\..\Run: [how9wnscf5tzob8fhmylgeys8p9fj9oeum5emw7p9] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\wtbnepue644r.exe
O4 - HKCU\..\Run: [f7wpd66ysi4cy8sr2ahndbagb0onudmt7ybxlg14gqgwnxk3cc] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\gl6ptzcw899d.exe
O4 - HKCU\..\Run: [ztabzrjvmwqovjnznu] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\ain5rl.exe
O4 - HKCU\..\Run: [ewbp223l3qa4om9vdmp0tfveef65xmzoyi48kitaullywfdgn] C:\WINDOWS\TEMP\o73dski.exe
O4 - HKCU\..\Run: [zb2ziu60jbut64dbhoezqpzrnertb0guq3ckvoszwy6voknic] C:\WINDOWS\TEMP\fpqnpnnvpwp.exe
O4 - HKCU\..\Run: [nfwmt67nj5y565echirv] C:\WINDOWS\TEMP\hy7pu99wahr.exe
O4 - HKCU\..\Run: [wlpezfqmtfza9qednb106nz4mwjtbygtidn7b48uc6l2kedw7i] C:\WINDOWS\TEMP\mn6iulsx7orvk.exe
O4 - HKCU\..\Run: [m7t1d5b1epjssya9snz6x4pwn2vaker98jpg] C:\WINDOWS\TEMP\u356nvn299k.exe
O4 - HKCU\..\Run: [a40u3eid170tsov6c9pg7125] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\rjlj2g83i.exe
O4 - HKCU\..\Run: [wifwa9th79qu] C:\WINDOWS\TEMP\hrqyn6q2x.exe
O4 - HKCU\..\Run: [nuj21ri6y4fui37eye9v8ezm47m3xidt6vdx7qoh42] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\w51dd7q18krou.exe
O4 - HKCU\..\Run: [xuwdzcsbh6kb9oqz0oghrgc9tezja6uip8t] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\l1fhmba.exe
O4 - HKCU\..\Run: [ghgkvo2b0audmh0jh3n6f77gb5spcxsrtpzx620me] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\rn9jyt0f02.exe
O4 - HKCU\..\Run: [pn37gtqxetzp9z5oa6] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\ttffr4.exe
O4 - HKCU\..\Run: [robeyt5kg86objet5wu71x2286jjj3kjl8o0] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\o5gaa1i5b9f.exe
O4 - HKCU\..\Run: [t6dds1kwg3eb4znsuloh5ufkk7p898cfitgqg3cdlyq6] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\rp6x5xg3gle.exe
O4 - HKCU\..\Run: [o3l1gr8mmir4ex6w3zyt1lrvf7b33dprce] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\jgmoju.exe
O4 - HKCU\..\Run: [v5ddnnvynttm1l7ok] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\s0bjfnpes68.exe
O4 - HKCU\..\Run: [dhzjwfa6rffewnurgn5n5fia78ztydeqednn] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\g389qs.exe
O4 - HKCU\..\Run: [otmkpae21eebnpbc45frgr4qcv3q] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\sydlp1.exe
O4 - HKCU\..\Run: [rjtj8qbcofcz04ql4msppxk0tvfc51fuek5dn] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\g6cvqng9.exe
O4 - HKCU\..\Run: [te6ytvvp3r1afvj9h995xcjrzx3q44c65rdr6ui] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\xe4lhr4e.exe
O4 - HKCU\..\Run: [sgqee6bsqx8dxugbbqo0h7ntfsjnt6vltp12x] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\lhurzxno5.exe
O4 - HKCU\..\Run: [c0iovbfizo4navs5y0h7ho8zvtt8y6u6] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\t0kuy6isy8qo.exe
O4 - HKCU\..\Run: [ap6s1nu7ntxnl] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\axygda.exe
O4 - HKCU\..\Run: [era18kms3gtfom0mzr3fy6fmdz2m7kq2trr9e8o] C:\DOCUME~1\DELUEX~1\LOCALS~1\Temp\qtlv5g49b.exe
O4 - Startup: userinit.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HANWANG Shell.lnk = %SystemDrive%\Superpen_Soft\hwshell.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {7E0FDFBB-87D4-43A1-9AD4-41F0EA8AFF7B} (Net6Launcher Class) - https://sslvpn.benelogic.com/net6helper.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = benelogic.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = benelogic.com
O20 - AppInit_DLLs: karna.dat tjnukl.dll
O20 - Winlogon Notify: togfohjs - C:\WINDOWS\SYSTEM32\togfohjs32.dll
O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hs78344kjkfd.dll
O22 - SharedTaskScheduler: har78w3uhewf8yurhefd - {C5AF42A3-94F3-42BD-F634-3604832C897D} - C:\WINDOWS\system32\osm3of8s3njd.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour aA°E (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: iPod aA°E (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - IntelŪ Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 15655 bytes

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 18 February 2009 - 06:58 AM

Please download Dr.Web CureIt to the Desktop:
  • Double-click the launch.exe or cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, please do a re-scan.. This time, choose Complete Scan
  • Click the green arrow button at the right, and the scan will start.
  • After the scan finished, click Select all
  • Click on Cure and choose Move incurable
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your Desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit. Reboot your PC in Normal Mode, and post DrWeb.csv in your next reply (Open it as Notepad)



NEXT


Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

Please download ComboFix by sUBs from one of the locations below, and save it to your Desktop.

Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply..

Note: DO NOT mouseclick combofix's window while its running. That may cause it to stall




Please post these logs in your next reply... Post each log in separate post

1. Dr. Web CureIt
2. ComboFix
3. A fresh HijackThis log

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 25 February 2009 - 07:42 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users