Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Hijacked


  • Please log in to reply
2 replies to this topic

#1 HereWeAre

HereWeAre

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 11 November 2006 - 04:28 PM

Hi guys I accidently downloaded ishost.exe and it hijacked my desktop and google. I ran a few things and I got rid of the virus but google is still hijacked.

Heres my combofix log:

ComboFix 06.11.9W - Running from: "C:\Documents and Settings\John Rivers\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\components


((((((((((((((((((((((((((((((( Files Created from 2006-10-11 to 2006-11-11 ))))))))))))))))))))))))))))))))))


2006-11-09 20:33 <DIR> d-------- C:\WINDOWS\pss
2006-11-09 20:16 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-11-09 20:16 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-11-09 20:16 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-11-09 20:16 2,706 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-09 20:16 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-11-09 19:09 80,640 --a------ C:\WINDOWS\system32\drivers\MpFirewall.sys
2006-11-09 19:05 41,018 --a------ C:\WINDOWS\system32\EntAPI.dll
2006-11-09 19:05 114,464 --a------ C:\WINDOWS\system32\drivers\naiavf5x.sys
2006-11-09 19:04 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll
2006-11-09 19:04 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2006-11-09 19:04 1,233,920 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-09 18:05 <DIR> dr-h----- C:\Documents and Settings\John Rivers\Recent
2006-11-06 12:39 8,552 --a------ C:\WINDOWS\system32\drivers\asctrm.sys
2006-11-06 12:39 173,184 --a------ C:\WINDOWS\system32\ygpss.scr
2006-11-06 12:39 <DIR> d-------- C:\Documents and Settings\John Rivers\Application Data\You've Got Pictures Screensaver
2006-11-06 12:38 <DIR> d-------- C:\WINDOWS\LastGood
2006-11-06 12:36 <DIR> d-------- C:\Program Files\America Online 9.0a
2006-11-05 23:59 51,724 --a------ C:\WINDOWS\system32\csdfx.exe
2006-10-20 11:46 <DIR> d-------- C:\Program Files\Lavasoft
2006-10-20 11:46 <DIR> d-------- C:\Documents and Settings\John Rivers\Application Data\Lavasoft
2006-10-20 10:36 <DIR> d-------- C:\Program Files\CCleaner


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-09 19:11 -------- d-------- C:\Program Files\Common Files\AOL
2006-11-09 07:46 -------- d-------- C:\Program Files\Common Files\aolshare
2006-11-06 12:41 -------- d-------- C:\Documents and Settings\John Rivers\Application Data\AOL
2006-11-06 12:39 -------- d-------- C:\Program Files\Common Files\Real
2006-11-02 20:51 -------- d-------- C:\Program Files\America Online 9.0
2006-10-16 21:38 -------- d-------- C:\Program Files\Google
2006-10-11 10:41 -------- d-------- C:\Documents and Settings\John Rivers\Application Data\Azureus
2006-10-10 12:51 -------- d-------- C:\Program Files\Windows Media Player
2006-10-10 01:31 74 --a------ C:\WINDOWS\system32\niapfp.exe
2006-10-10 01:31 26112 --a------ C:\WINDOWS\system32\xttpswr.exe
2006-10-10 00:53 -------- d-------- C:\Program Files\QuickTime
2006-10-10 00:44 -------- d-------- C:\Program Files\iTunes
2006-10-09 22:47 -------- d---s---- C:\Documents and Settings\John Rivers\Application Data\Microsoft
2006-10-09 19:50 -------- d-------- C:\Program Files\McAfee.com
2006-10-09 19:18 26112 --a------ C:\WINDOWS\system32\z2287.exe
2006-10-09 19:18 10426 --a------ C:\WINDOWS\system32\z2909.exe
2006-10-09 19:17 29184 --a------ C:\WINDOWS\system32\z2664.exe
2006-10-09 00:29 9815 --a------ C:\WINDOWS\system32\z1861.exe
2006-10-06 17:26 -------- d-------- C:\Program Files\Democracy
2006-10-06 15:50 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-10-06 15:18 -------- d-------- C:\Program Files\Microsoft Office
2006-10-06 15:17 -------- d-------- C:\Program Files\Common Files\System
2006-10-06 15:17 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-06 15:16 -------- d-------- C:\Program Files\Common Files
2006-10-06 14:59 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-06 12:45 -------- d-------- C:\Program Files\Azureus
2006-09-30 19:51 -------- d-------- C:\Documents and Settings\John Rivers\Application Data\Macromedia
2006-09-18 12:11 778240 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-09-18 12:11 778240 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-09-18 12:11 761856 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-09-18 12:11 620180 --a------ C:\WINDOWS\system32\DivX.dll
2006-08-24 15:13 122880 --------- C:\WINDOWS\system32\fppr332.dll
2006-08-24 15:09 307200 --------- C:\WINDOWS\system32\fppmon3.dll
2006-08-11 11:35 520192 --a------ C:\WINDOWS\system32\DivXsm.exe
2006-08-11 11:35 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2006-08-11 11:35 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2006-08-11 11:35 109568 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-08-11 11:35 108544 --------- C:\WINDOWS\system32\pxcpyi64.exe
2006-08-11 11:35 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2006-08-11 11:31 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2006-08-11 11:31 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2006-08-11 11:31 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2006-08-11 11:31 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2006-08-11 11:31 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2006-08-11 11:31 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2006-08-11 11:31 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2006-08-11 11:31 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2006-08-11 11:31 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2006-08-11 11:31 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"
"Aim6"=""
"AOL Fast Start"="\"C:\\Program Files\\America Online 9.0a\\AOL.EXE\" -b"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"CheckNetworkConnection"="\"C:\\Program Files\\Support.com\\providerComcast\\desktopdoctor.exe\" /flow /flow=diagnosenetwork /trayclick=true /haveconfirmedwiring=true /haverenewed=true /haverestartedmodem=true /onrestart=true /havehealed=true /issuenumber=6b190cbc-601e-48ae-8075-79f517e74f00"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"CARPService"="carpserv.exe"
"ATIModeChange"="Ati2mdxx.exe"
"AtiPTA"="atiptaxx.exe"
"PreloadApp"="c:\\hp\\drivers\\printers\\photosmart\\hphprld.exe c:\\hp\\drivers\\printers\\photosmart\\setup.exe -d"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1116349479\\ee\\AOLSoftware.exe"
"AOLSPScheduler"="C:\\Program Files\\Common Files\\AOL\\1116349479\\ee\\services\\safetyCore\\ver2_5_4_1\\AOLSP Scheduler.exe"
"sscRun"="C:\\Program Files\\Common Files\\AOL\\1116349479\\ee\\SSCRun.exe"
"MPFExe"="C:\\Program Files\\mcafee.com\\personal firewall\\MPfTray.exe"
"StrgSync.exe"="C:\\Program Files\\StorageSync\\StrgSync.exe -w"
"tgcmd"="C:\\Program Files\\Support.com\\bin\\tgcmd.exe /server /startmonitor /deaf"
"OASClnt"="C:\\Program Files\\mcafee.com\\antivirus\\oasclnt.exe"
"EmailScan"="C:\\Program Files\\mcafee.com\\antivirus\\mcvsescn.exe"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"dmzdq.exe"="C:\\WINDOWS\\System32\\dmzdq.exe"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load]
"net_insll"=dword:452b4cd9
"worg"=hex:78,20,37,80,78,6d,50,41,7a,7e,4b,18,f7,cc,aa,95,6d,58,6a,00,fe,df,\
8b,3e,23,5f,d4,b1,60
"cmpid"=hex:99,1a,33,fd,26,58,10,73,06,63,56,4c,a0,9f,87,a4,34,14,72,5c,d1,ff,\
d6,21,76,48,90,ed,20,7c,b3,f4,34,03,c5,fd,55,6b,91,c3,02,d4,d3,7d,a2,ab,74,\
e2,34,57,80,10,d2,ca,22,e5,76,89,15,dd,26,bc,42,b1,38,b0,33,b0
"h"=dword:452bf162
"kyrpa"=hex:61,66,61,67,64,74,5d,1f,29,3f,02,16
"ino"=" "
"info_sze"=hex:50,93,df,0c,21,2f,13,02,75
"forwas"=hex:15,26,db,fb,69
"tas"=hex:bc,04,98,d1,78,6d,50,41,33,6b,4b,56,ba,87,a0,84,2c,49,30,1d,e0,ca,de,\
3e,6f,5b,8a,b8,64,35,f0,a0,6e,6d,f0,a7,71,75,d1,93,2f,bd,89,5a,fb,c5,37,cf,\
61,4d,ad,1b,bc,8a,0d,b6,2e,d0,50,ec,62,ec,28,e8,79,ef,3f,e1,64,ed,54,c2,7a,\
fe,4b,d3,be,4d,a1,3f,6d,c4,2d,9a,e3,45,c5,a3
"tannumr"=hex:ae,2b,b1,84,25
"tantotl"=hex:0d,be,d5,1a,22
"taloinata"=hex:ee,d3,73,07,75,7b,45,5f,2b,38,0a,1e,be,da,b4,80,72,45,25,0b,f1,\
d7,8f,2b,23,04,d7,ad,7f,24,e1,b3,69,25,a8,b9,79,37,9f,d0,22,f0,8a,52,f9,87,\
23,d1,6f,13,b0,48,fc,c3,0f,be,2e,c5,4b,f7,65,e4,66,e4,72,ba,25,fe,67,ee,0e,\
c7,32,fc,4e,9c,f2,48,aa,0a,69,cf,23,c7,f4,5c,de,e4,33,94,d6,75,60,a0,ea,7a,\
68,b5,f0,39,63,f3,d7,14,22,2b,91,ca,f5,1b,2d,45,2c,91,ad,c7,ab,1d,0d,33,21,\
1f,40,7c,2a,56,71,72,65,73,28,56,60,6e,40,1d,1f,38,00,1c,fe,dd,ff,97,6f,4d,\
2f,1a,f2,d8,8a,7a,6e,15,c1,e3,74,20,f6,a4,6b,35,db,a7,65,34,c9,94,32,bd,94,\
50,fe,84,34,c8,6e,5a,e5,4a,f9,8d,0d,b3,21,df,4f,b7,74,ec,2b,e9,6f,ec,61,eb,\
71,f7,4f,d8,2e,b6,17,9c,f3,5c,b6,04,2f,c8,2a,9a,f5,4a,97,bf,21,82,d4,66,4f,\
ad,b9,36,65,ad,e7,26,7d,bc,c9,10,34,2b,87,d8,e2,0d,2c,4e,6c,85,a1,db,ab,0e,\
13,63,6e,59,4b,74,75,6b,65,6f,6b,68,6a,6e,2a,72,50,5e,2e,23,48,09,f9,c7,ff,\
82,6f,4c,29,0c,e2,c3,86,70,2e,1a,cd,b7,77,67,e0,a4,3a,31,e8,bd,7c,36,c3,98,\
2e,ce,c8,66,fe,9c,29,cc,65,13,ff,47,f5,8d,06,b0,2e,da,4d,f7,77,a7,65,f5,3a,\
f4,77,ec,62,c6,4d,d5,6c,b2,16,80,e0,5d,a1,05,70,d6,20,d2,e3,49,85,e3,2b,90,\
d7,2a,75,e3,aa,25,65,fb,f4,28,62,b8,c9,40,6c,61,85,cb,f1,04,76,1a,62,80,aa,\
c2,f9,17,03,7b,24,54,0b,70,60,7a,3e,6b,5f,74,77,6c,62,77,45,5c,25,7d,0e,26,\
e0,c8,b7,92,77,4e,36,0d,ab,d1,85,62,30,10,8a,bd,75,73,e8,ae,67,28,ea,a2,64,\
36,ca,83,6c,e1,8d,57,ab,99,2b,d2,74,03,a5,47,fb,d7,00,b4,7a,d0,47,fa,7f,fc,\
6a,f5,6e,f4,69,eb,75,eb,08,c1,29,bf,0a,8c,fd,4b,a1,13,3b,d2,26,c7,ba,4c,8a,\
f8,6d,96,cb,3c,64,bd,ed,2f,67,a4,ea,67,74,bc,9e,04,33,74,96,d7,f1,04,21,0d,\
70,80,b7,da,e7,16,16,35,7b,10,53,6e,67,27,60,73,65,72,60,67,75,6b,09,41,32,\
38,12,18,e4,87,a0,84,3a,48,20,0c,fe,cd,8d,77,29,14,d6,e2,7d,2c,ed,af,65,6f,\
e0,ac,65,2d,d7,92,28,f4,c9,5b,f1,87,2f,8f,64,04,fe,4b,e2,98,0a,b2,28,9d,45,\
fa,73,e6,71,ef,74,ef,71,e4,72,fc,56,9d,33,a4,06,98,f3,4a,ab,14,6e,d5,68,99,\
f9,57,df,f3,21,9f,cf,30,7e,ae,aa,25,6f,af,ea,2c,62,f7,c0,14,7a,7a,8a,cd,fd,\
02,2b,4f,74,8e,aa,dc,fd,14,01,23,6c,41,4d,77,7d,79,6d,6f,3b,6e,6a,65,79,77,\
41,53,21,3f,0f,10,fe,ce,ea,8f,6f,53,2d,1a,f2,d8,8a,7a,6e,15,c1,e3,7b,26,ea,\
b5,6f,2f,f1,a4,7d,3c,d6,dd,30,f8,8a,02,b1,8a,36,c4,64,08,b0,59,fc,8c,17,ff,\
24,d4,1e,f1,7e,fb,3f,a0,69,ef,70,ec,62,f7,41,c5,22,b0,0a,92,f9,47,a3,5b,6b,\
ce,2a,9d,ff,57,91,fc,2d,94,d6,62,79,a7,f0,24,72,af,e1,3d,72,b8,ca,1a,29,7f,\
83,97,f7,08,20,0f,64,84,fe,c2,fb,0d,0a,23,6c,5a,4f,6d,64,71,70,71,77,3a,25,\
79,79,77,48,5e,27,38,0a,57,f4,c6,fe,88,64,44,2a,1d,f9,df,8d,74,32,4a,c6,b8,\
7e,22,ed,af,67,6f,f7,b9,71,2b,cf,90,33,e2,81,14,ba,c7,20,c4,2f,02,a3,40,bf,\
95,0b,b6,29,df,0a,fa,77,e0,3e,ea,74,ee,6a,fb,3c,e9,4d,df,7b,f0,14,96,e2,5d,\
a5,0d,2a,8f,20,8c,bf,13,89,f0,29,9f,9e,32,7f,a7,f0,2e,6e,b4,e9,24,75,ab,9f,\
15,21,73,c9,db,f1,07,2f,0f,63,8e,a9,86,ba,56,0c,3e,2d,54,54,78,77,6c,2a,6b,\
73,71,3b,6a,7f,77,50,54,2e,25,4e,15,ff,ce,ad,8f,3a,40,31,1d,f8,dc,8a,65,29,\
17,cd,ba,71,3d,ed,ae,6e,2f,f1,a4,72,3c,d6,9d,2f,f6,8d,57,bc,99,2d,cf,6c,0e,\
a3,40,fe,d5,0d,b5,25,df,50,f0,76,e0,61,f3,6c,ee,63,e0,7e,a2,46,d0,2e,ba,0d,\
97,f7,07,a7,02,2d,c3,25,87,fb,17,80,f4,6f,db,8b,35,7f,ae,ed,2f,3a,ab,db,3c,\
63,bc,d6,1f,21,7c,81,95,fa,36,34,40,73,92,b3,c6,e2,1d,5f,70,2d,48,0a,71,69,\
79,6b,77,65,73,61,60,7e,6a,46,50,2e,3a,4a,1d,f5,86,a8,8e,67,48,2a,46,f4,d0,\
96,74,23,05,c6,b8,7e,22,ed,af,67,6e,e0,a0,62,3c,c7,85,22,f0,8a,52,f9,87,23,\
cd,6f,06,ad,47,be,9f,0b,a3,2d,8b,51,ea,75,fb,6a,e0,6d,e4,3f,fe,67,ee,0a,df,\
32,a6,06,98,fe,42,ea,05,65,8e,34,9b,ff,5a,81,e2,33,9d,cb,3e,79,a7,aa,25,6f,\
fb,f1,3a,75,ab,c1,1c,21,78,88,95,e5,1a,21,53,70,80,b7,da,e7,16,16,35,7b,10,\
4b,77,7c,60,6a,64,2e,63,65,24,73,78,0a,52,2f,3c,4b,0a,f5,db,b2,8d,65,55,6b,\
1a,e3,d6,88,7e,27,18,ca,e3,7c,28,ea,a6,75,20,e3,ac,2b,2e,d3,86,6e,f3,8c,5f,\
bd,8b,25,cf,6b,4f,a7,46,fd,d6,4e,fe,37,d4,46,b3,7c,e6,63,e8,6e,bb,71,fa,75,\
eb,4d,d5,6c,a1,13,9d,ab,5a,b7,0e,2e,c0,29,8c,e2,50,87,f0,2e,94,dc,29,62,ac,\
f7,32,2e,a2,eb,24,3f,aa,d7,1e,6f,7d,8b,de,ff,07,6a,47,63,82,fe,dc,e3,1c,16,\
38,24,1d,54,6e,74,32,6b,6f,6c,68,6a,6c,3d,7b,45,5f,2b,38,0a,1e,be,df,b3,83,\
61,4f,2f,47,f4,dc,cb,3b,6f,01,c5,be,75,3a,ab,a2,6f,2f,f0,bb,7f,35,8a,90,33,\
e1,de,55,ff,8e,2d,cf,2c,11,a5,5a,e3,8e,0b,a3,24
"poups"=hex:a4,f3,d2,00,78,6d,50,41,33,6b,4b,56,f9,cb,a5,8f,6b,0f,26,08,e2,da,\
88,70,39,02,8a,ba,7f,67,f1,aa,2f,2e,e8,ab,3f,73,8b,bd,2f,f6,8d,57,c0,88,37,\
d2,63,0e,a0,4c,be,9d,0b,ad,02,d0,56,fa,7c,e8,7d,f2,20,c8,6a,fd,75,eb,4a,d4,\
34,f1,26,98,fe,42,ad,0f,67,dd,1d,86,e5,4b,c4,fc,25,9c,cb,2b,71,ab,e8,24,20,\
b6,eb,3b,74,f9,ca,1e,34,31,96,dc,f3,06,23,4f,69,9b,a1,cd,be,59,34,3d,25,50,\
57,7c,30,6c,6a,75,65,73,24,70,7f,6c,56,11,2d,34,09,16,e2,c8,a6,8d,65,01,33,\
06,e2,dd,c4,62,2f,51,d3,bc,30,2a,e5,af,20,28,e0,ac,7e,2d,cd,97,39,b1,9d,56,\
e5,c9,25,d2,20,00,aa,09,f1,9a,07,be,35,df,50,b9,78,e6,68,e5,65,f3,2a,f5,51,\
cd,70,f4,0e,85,2d,b6,de,13,e4,27,6f,d3,64,9a,f5,5a,91,e3,29,85,dd,79,62,ac,\
e5,32,6f,af,f7,65,30,a0,cb,04,60,79,85,cf,f5,49,25,01,6c,88,a9,c0,e4,1c,00,\
71,2e,44,49,7b,75,7b,24,6e,66,21,65,7d,64,7c,49,41,34,22,44,0d,ff,89,b4,93,\
6f,57,2d,0d,f5,99,90,79,25,51,c7,b6,62,3b,e1,a2,74,61,ed,a7,76,36,d6,9c,21,\
e5,8d,56,fe,c7,64,e8,66,41,bd,46,e5,d9,00,be,60,df,4b,ed,30,f9,76,ee,76,e8,\
60,ec,30,ed,4c,d4,60,b2,0b,8b,e2,4c,a7,15,20,c8,2a,8f,ff,4b,89,f0,34,98,cb,\
37,3c,e9,e5,22,63,a4,f7,3a,30,ad,cb,51,39,7e,91,cb,b0,2b,25,53,63,8d,a5,d0,\
e3,59,05,32,23,5e,51,77,64,29,73,68,6c,6d,24,6b,75,39,57,44,33,21,01,17,f4,\
cc,a0,9d,43,40,2a,0a,f5,d5,c9,52,2f,1f,d0,b0,7e,3c,e1,bd,43,7b,d8,9e,59,17,\
e0,be,17,c2,b8,6a,e9,9a,30,c4,6d,52,f6,75,f2,98,16,b2,2c,d0,5d,ea,4f,e5,6b,\
e6,6f,af,63,e0,76,b5,58,fc,25,bc,0b,8b,f1,4b,a8,04,20,f6,2b,9b,f4,02,8c,e5,\
34,81,d7,63,3f,e6,f3,36,77,ef,ea,3e,7f,b5,c6,5f,23,7e,89,9c,c3,0c,28,44,63,\
95,e4,c8,fe,59,05,32,23,5e,51,77,64,29,70,6e,20,77,6d,6c,67,65,6a,50,34,06,\
01,0a,e4,89,ab,8f,6c,48,2a,0c,b0,db,85,7f,2b,18,ca,be,6c,0f,eb,b3,20,32,e1,\
aa,65,2b,cd,85,39,b1,96,5c,f1,9a,2b,cf,73,41,b4,45,f5,98,17,b4,60,c3,41,ed,\
69,f9,61,a1,79,ee,71,fb,30,c9,6d,ff,6c,f1,34,b8,c3,7a,93,2e,52,e5,6a,c9,f1,\
57,80,b1,34,99,c1,37,30,aa,e8,28,63,aa,a4,2a,7f,b7,d0,18,2e,64,81,99,f2,1c,\
30,55,6f,8f,ea,89,c4,11,05,3f,2b,11,7d,76,65,27,78,40,54,55,41,47,44,50,6b,\
7f,7a,71,22,16,e2,89,b7,84,63,54,36,00,e4,c0,c4,63,25,10,d7,b6,7e,3a,a8,e1,\
79,2e,f1,e9,78,38,d2,94,60,f0,c4,55,f9,84,2d,d5,65,05,e4,47,e5,94,06,b4,32,\
91,4b,ff,30,e8,70,f5,65,ec,74,fd,63,b9,50,de,60,a1,16,96,e6,40,a0,04,20,d5,\
2c,8c,b0,5a,8b,e3,32,94,c7,2d,30,a0,ea,27,6f,b3,e9,28,64,b0,cb,1f,6e,31,ad,\
df,b0,10,2b,54,20,85,ab,89,fe,16,10,71,30,43,4b,6f,79,6d,61,21,74,69,61,29,\
73,76,56,43,25,32,10,59,f9,c7,a2,8e,72,4c,25,1d,f9,d6,8a,3d,60,10,c7,ba,75,\
3a,f7,e1,74,2e,a4,b0,7f,2c,d6,d1,0e,f0,90,6e,f5,9a,30,81,61,02,a7,46,e5,97,\
10,f1,37,d8,48,f5,30,eb,61,a1,73,f4,77,f9,75,f7,40,d4,24,ad,27,98,fe,4a,a1,\
0d,2d,e2,2b,87,e4,50,8a,e4,25,8d,d8,09,59,87,f8,11,41,92,d7,1e,5f,8b,e0,4a,\
28,65,90,c9,e3,53,6b,0e,77,96,b3,87,f5,1b,05,3f,2b,1f,4c,6a,72,6a,2a,62,6f,\
2f,71,62,3f,6e,41,5d,23,3e,09,1c,f2,c8,a7,8a,2a,4b,37,19,ec,f1,b7,53,03,51,\
ed,b7,64,2c,f6,af,65,35,a4,8b,71,37,cf,98,2e,f6,98,7d,f5,88,36,81,63,14,b7,\
5d,ff,94,01,a3,61,91,62,f6,62,a9,77,e4,63,f4,76,e0,64,e0,04,c3,25,b0,17,96,\
fe,5a,e4,11,6c,c4,25,9a,f5,19,96,f4,34,88,d4,3c,30,b0,eb,34,72,e1,a3,1a,75,\
ba,d1,03,29,65,9d,99,fe,1c,29,43,65,93,e3,87,b0,38,0a,35,60,45,4c,7c,7e,29,\
67,6d,69,62,6f,29,73,76,4a,45,29,3f,11,1c,b0,cb,b1,95,74,4e,2a,47,b0,ed,8c,\
70,2e,1a,84,80,7f,3c,aa,bd,41,15,d0,8c,5e,0d,ed,be,0e,ab,c4,7f,ff,9b,64,d2,\
65,02,b1,5b,f9,8d,1d,f1,32,d4,45,ea,7f,e7,77,ad,20,f8,6b,fc,30,f1,45,c7,25,\
f1,05,d9,fc,40,a9,08,74,c4,20,c9,fe,4c,89,f3,25,83,84,36,76,e9,e5,35,74,a4,\
e9,39,64,aa,84,05,2f,31,94,cb,ff,1f,2d,45,65,c1,b0,c1,f5,59,07,3e,32,43,41,\
7a,64,29,6d,6f,66,6e,76,64,71,6d,4d,5e,2e,7f,44,30,f6,89,bd,8e,75,01,20,06,\
b0,d7,8b,65,60,01,d6,b6,66,20,e0,a4,20,35,ec,ac,30,3a,cb,83,32,f4,87,4d,b0,\
80,2a,c7,6f,13,a9,48,e4,90,0b,bf,6c,91,45,fa,73,ec,77,f2,20,f5,6b,a9,69,f6,\
51,c3,60,99,37,bb,d3,09,8d,0f,74,c4,36,87,f5,4d,c4,d3,21,9f,cf,30,7e,ae,a4,\
20,63,a2,eb,3c,7e,ad,84,06,29,7d,88,99,f2,0c,64,52,75,92,b4,cc,fe,1d,01,35,\
3c,72,45,77,73,6c,68,2c,43,6e,6a,7d,79,77,51,54,3c,2d,2a,0c,fd,cb,a1,93,3b,\
49,30,1d,e0,ca,de,3e,6f,1e,ca,b5,79,27,e1,ef,77,24,e8,a5,63,3f,c5,83,27,fe,\
ca,5a,ff,84,61,f8,6f,14,b6,09,e3,9c,17,a2,29,de,4a,b9,79,fa,24,e3,65,e8,6a,\
ee,30,f0,4a,d8,34,b8,05,8d,f5,4d,ea,4f,2e,dd,13,8c,fc,55,97,b1,06,90,d6,3e,\
7f,e9,d7,28,67,af,a4,06,7e,a5,e0,14,21,63,c4,da,e5,1a,30,4e,6d,84,b6,88,b0,\
3f,0b,23,60,42,41,7a,65,7b,6d,75,79,21,76,6c,71,6a,4b,5f,33,71,14,15,f5,c8,\
b7,84,20,44,2a,1d,f5,cb,c4,68,2f,04,d6,f9,51,1d,c9,e1,50,08,ca,e7,30,18,ca,\
95,60,e5,8c,5c,fe,c9,27,cd,69,02,af,09,f3,96,0a,a5,29,df,51,fc,30,eb,71,f5,\
74,ee,6a,a7,30,cd,4c,d0,2e,ba,44,a0,ff,5c,ea,1d,41,f5,10,ac,de,6d,ad,de,0e,\
cb,84,1f,7f,bb,a4,32,65,a2,f1,3b,79,ad,dd,51,32,74,85,ca,ff,07,37,0d,20,98,\
ab,dc,b0,11,05,27,25,11,45,39,7c,60,69,68,74,64,60,29,7e,6c,49,53,25,23,44,\
16,f6,89,a5,95,74,44,29,19,e4,ca,c4,65,2f,51,d4,ab,7f,3f,ed,a5,65,61,f0,a1,\
75,79,c7,9e,32,e3,81,5a,e4,c9,2d,cf,66,0e,b6,44,f1,8d,0d,be,2e,9f,04,d0,76,\
a9,7d,ee,75,a1,60,e6,30,f7,4b,c5,60,a1,16,96,e6,40,a0,04,20,d5,2c,8c,b0,5a,\
8b,e3,32,94,c7,2d,30,a0,ea,27,6f,b3,e9,28,64,b0,cb,1f,6c,31,85,da,f3,0c,37,\
52,20,95,ab,89,e9,16,11,23,60,66,41,75,7c,7a,24,47,61,73,63,66,30,56,4a,5d,\
29,3f,01,59,d2,c8,aa,8a,69,4f,23,49,f1,da,87,7e,35,1f,d0,f9,67,20,e8,ad,20,\
23,e1,e9,63,2c,d7,81,25,ff,80,5c,f4,95,07,c0,6e,02,a1,45,bd,ba,0b,bf,34,d8,\
4a,ec,75,f5,47,bb,5c,d6,4d,c7,54,d6,73,e2,1c,82,1d,8a,e4,4c,a9,52,32,fd,2d,\
87,f4,66,8c,fe,2d,94,c8,36,77,a6,db,26,65,af,aa,2e,79,bf,88,0d,01,45,a9,99,\
c0,20,0a,1a,68,95,b0,d9,e3,43,4b,7e,37,46,53,37,62,6b,77,65,69,66,6d,7d,71,\
75,0a,52,2f,3c,4b,1d,f5,cf,a5,94,6c,55,6a,08,e3,c9,9c,34,0c,1e,c3,f9,59,27,\
a4,ec,20,12,f0,ac,60,79,96,8d,12,d3,b7,19,b0,ad,2d,c6,69,15,a5,45,b0,bb,05,\
bf,2b,d8,4a,fe,6c,cf,6b,f3,20,f2,61,ea,65,eb,4d,c5,39,f1,16,9c,f1,5a,ab,0f,\
73,81,34,85,f5,58,97,f4,60,83,c1,2d,69,b9,e1,61,79,ae,f1,3b,30,8a,c1,12,35,\
63,8d,cd,e9,49,0a,54,6d,83,a1,db,bc,59,34,30,33,42,53,76,62,6d,2a,21,61,6f,\
60,29,64,71,41,5f,60,32,08,10,f3,c2,e4,82,6f,4f,30,00,fe,cc,81,31,22,04,d0,\
ad,7f,27,aa,e1,54,29,e5,a7,7b,79,fd,9e,35,bf,98,78,c4,bd,01,ef,54,28,8b,67,\
aa,d9,22,be,32,91,57,fc,73,fc,76,e8,74,f8,24,fb,75,f8,57,de,2e,a2,48,d9,e9,\
46,b1,41,68,c0,32,8c,b0,58,c4,fd,29,9c,cd,2d,75,ad,a4,2f,75,ac,e6,2c,62,f9,\
cb,17,60,70,90,cd,f5,04,34,55,73,c1,b0,c6,b0,09,16,3e,36,58,40,7c,30,7d,6c,\
64,20,62,6b,7b,62,7c,47,45,60,38,0a,1f,ff,db,a9,80,74,48,2b,07,be,99,ad,77,\
60,08,cb,ac,30,2d,eb,e1,6e,2e,f0,e9,60,2b,cb,87,29,f5,81,19,e4,81,21,81,63,\
0e,b6,5b,f5,9a,10,f1,29,df,42,f6,62,e4,65,f5,69,ee,6a,a5,30,f8,47,d2,25,a2,\
17,d9,e4,46,e4,18,6f,d4,36,c9,c2,7b,b7,b1,04,98,c3,30,64,a8,e8,61,42,a0,ea,\
22,79,b7,c3,51,37,78,88,d5,b0,0b,21,01,73,94,b7,d9,f5,17,00,34,24,4d,67,78,\
7e,6a,61,6d,2d,42,6b,67,64,70,4a,44,25,2d,27,43,cc,fe,8d,af,44,6e,13,3a,cc,\
ea,9d,62,34,14,c9,ea,22,15,e8,ae,67,2e,db,bb,72,2a,fb,c3,70,a1,d2,17,f7,80,\
22,8d,7c,38,ab,5c,e2,d9,37,b4,23,c4,56,f0,64,f0,24,cf,75,ec,66,ec,62,e5,7d,\
de,35,a3,44,a9,f1,5a,b7,16,6f,d3,20,d2,f8,4d,90,e1,33,cb,8b,76,79,ab,e5,2f,\
6b,ef,e7,28,78,b6,cb,05,6e,72,8b,d4,bf,28,35,54,61,93,ad,dc,e3,56,13,34,22,\
1e,41,77,3f,6a,6b,73,65,5e,66,68,7e,72,4d,5f,27,7e,08,16,f7,f6,ad,8f,2f,47,\
36,08,fd,dc,97,74,34,2e,d0,b6,60,16,e8,ae,67,1e,ed,a7,3e,31,d0,9c,2c,b4,88,\
56,f7,c9,2d,cf,20,4c,e4,7a,e4,9c,14,f1,72,cd,67,f8,78,e6,6b,f5,20,c3,65,e7,\
7b,f0,4a,d6,3c,97,0b,8b,b0,5a,a1,02,75,d3,2d,9d,e9,19,96,f4,21,82,cb,37,63,\
e9,f4,2d,65,a0,f7,2c,30,ab,c1,05,39,61,81,99,e9,06,31,53,20,b1,a5,da,e3,0e,\
0b,23,24,1f,04,78,7e,6d,24,75,68,64,6a,29,73,75,4d,52,2b,71,07,16,fe,dd,ad,\
8f,75,44,64,0b,e5,cd,90,7e,2e,5f,84,8d,78,28,ea,aa,20,18,eb,bc,3e,25,e5,a5,\
14,d4,aa,6d,d9,a6,0a,9b,20,27,ab,5b,b0,8a,01,b2,35,c3,4d,ed,69,a9,76,e4,61,\
f2,6b,e7,63,b5,04,c8,2f,a4,44,91,f1,5f,a1,41,61,81,28,80,fd,50,90,f4,24,d1,\
ca,2c,7d,ab,e1,33,20,ae,e2,69,71,ad,d0,14,2d,61,90,ca,b0,1d,2b,01,70,93,ab,\
df,f9,1d,01,71,34,59,41,39,73,66,76,73,65,62,70,29,79,77,42,5e,32,3c,05,0d,\
f9,c6,aa,cf,20,68,22,49,e9,d6,91,31,24,1e,84,b7,7f,3d,a4,b1,72,2e,f2,a0,74,\
3c,84,85,28,f4,c4,5a,ff,9b,36,c4,63,15,e4,40,fe,9f,0b,a3,2d,d0,50,f0,7f,e7,\
28,a1,61,e2,67,ec,63,ea,04,c5,2f,f1,1d,96,e5,5b,e4,33,42,f2,64,ad,f9,5e,8d,\
e5,21,9d,84,1b,71,a7,ef,28,6e,a6,a4,3e,79,b5,c8,51,22,74,c4,ca,e5,1a,34,44,\
6e,85,a1,cd,ec,3a,05,3f,23,54,48,34,53,66,6a,75,69,6f,71,6c,6c,5a,1e,6d,17,\
18,2a,3d,df,fe,97,bd,53,58,37,1d,f5,d4,d7,23,1c,12,c5,b1,7f,26,f0,9e,6c,2e,\
e3,a6,4f,2a,c9,90,2c,fd,ca,5e,f9,8f,68,dd,59,0e,b1,5b,b0,a9,05,a2,33,c6,4b,\
eb,74
"faddress"=hex:d9,61,c8,68,71,7e,41,5f,34,3c,1d,57,f9,c7,a2,8e
"fter"=hex:b6,19,77,83,64,70,54,50,00,30,03,1c,fe,dd,a9,98,2e,48,2a,0f,ff
"ftass"=hex:37,7d,40,a9,7f,69,45
"ptexcl"=hex:8d,0a,03,d7,73,76,4a,45,25,3f,10,54,f4,c0,b7,91,6f,52,2d,1d,f9,d6,\
8a

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee.com Update Check (HEWLETT-Z2WF5FI-John Rivers).job
C:\WINDOWS\tasks\McAfee.com Update Check (HEWLETT-Z2WF5FI-Owner).job
C:\WINDOWS\tasks\Symantec NetDetect.job

Completion time: 06-11-11 15:19:08.88
C:\ComboFix.txt ... 06-11-11 15:19

If you need any other information let me know. All help is greatly appreciated.

BC AdBot (Login to Remove)

 


#2 HereWeAre

HereWeAre
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 11 November 2006 - 04:32 PM

Here's my hijack this log.

Logfile of HijackThis v1.99.1
Scan saved at 3:28:52 PM, on 11/11/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Common Files\AOL\1116349479\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\1116349479\ee\services\safetyCore\ver2_5_4_1\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1116349479\ee\SSCRun.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\StorageSync\StrgSync.exe
C:\Program Files\mcafee.com\antivirus\oasclnt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\Common Files\AOL\1116349479\ee\aolsoftware.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1116349479\ee\services\safetyCore\ver2_5_4_1\aolavupd.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\HPWirelessMgr.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
C:\Documents and Settings\John Rivers\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1116349479\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1116349479\ee\services\safetyCore\ver2_5_4_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1116349479\ee\SSCRun.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [StrgSync.exe] C:\Program Files\StorageSync\StrgSync.exe -w
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [dmzdq.exe] C:\WINDOWS\System32\dmzdq.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - HKCU\..\RunOnce: [CheckNetworkConnection] "C:\Program Files\Support.com\providerComcast\desktopdoctor.exe" /flow /flow=diagnosenetwork /trayclick=true /haveconfirmedwiring=true /haverenewed=true /haverestartedmodem=true /onrestart=true /havehealed=true /issuenumber=6b190cbc-601e-48ae-8075-79f517e74f00
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/e-center-p
O15 - Trusted Zone: http://app.citizensfla.com
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - https://objects.aol.com/mcafee/molbin/share...83/mcinsctl.cab
O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://app.citizensfla.com/cts/jsp/ir/ImageUploader3.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - https://objects.aol.com/mcafee/molbin/share...,20/McGDMgr.cab
O20 - AppInit_DLLs:
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1116349479\ee\services\safetyCore\ver2_5_4_1\aolavupd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\Hewlett-Packard\HP Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

#3 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:01:41 AM

Posted 17 November 2006 - 03:18 PM

You must get at least SP1 or we are wasting our time working on the system

http://www.microsoft.com/windowsxp/downloa...p1/default.mspx

Get it and then post a new log
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users