HJT log

Discussion in 'Windows - Virus and spyware problems' started by anarkya, Aug 19, 2006.

  1. anarkya

    anarkya Member

    Joined:
    Aug 10, 2006
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    16
    Hello,
    Here's my friend HJT log, Can you guys look at it? he is having some problems with his PC. His clock move 3 times faster and he cannot connect to firefox and msn.
    I made him run Vundofix and Smitfraudfix and it didnt help.

    Thank you for your help.

    Anarkya

    Logfile of HijackThis v1.99.1
    Scan saved at 7:15:47 PM, on 8/19/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Softimage\XSI_5.0\Application\bin\ray3xsi5_0server.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\Explorer.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\Program Files\Xfire\Xfire.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\anyone\Desktop\HijackThis_v1.99.1.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R3 - Default URLSearchHook is missing
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\kernels64.exe
    O2 - BHO: (no name) - {007B911E-5570-A396-6F4A-A0CC235143DC} - (no file)
    O2 - BHO: (no name) - {007F3E5D-5957-E86E-8681-82EE2B1C5E7F} - (no file)
    O2 - BHO: (no name) - {01397EFB-DB13-FC80-D515-37FE199B36B4} - (no file)
    O2 - BHO: (no name) - {0155F0FD-B763-E202-7DD5-FD3E8D258B75} - (no file)
    O2 - BHO: (no name) - {026DEDBF-DB64-0143-D3F3-260B28824F6B} - (no file)
    O2 - BHO: (no name) - {03447597-2072-30AA-1960-A7E155CE5AC6} - (no file)
    O2 - BHO: (no name) - {05C14565-6A58-3226-F0E3-0143E875B618} - (no file)
    O2 - BHO: (no name) - {063FF24F-53A7-58B0-86E1-F81C9BAAFF3A} - (no file)
    O2 - BHO: (no name) - {0664BE2E-CCA3-0F0E-86A7-E0ABFA0E5932} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {07DABBD5-6266-88F3-4EEF-7DCA2FA9AB12} - (no file)
    O2 - BHO: (no name) - {07F009CC-0ADE-5083-F469-92CE6474B119} - (no file)
    O2 - BHO: (no name) - {089ABD91-26C6-7AA0-2AB0-C46C5C3AF77F} - (no file)
    O2 - BHO: (no name) - {094C8991-D4CA-2D16-BFB0-B84ABF8D27DA} - (no file)
    O2 - BHO: (no name) - {0D6ECE59-7291-07DE-DCA0-00ABE0C14F46} - (no file)
    O2 - BHO: (no name) - {11897CC4-53D0-91EC-CD00-264D5155B63E} - (no file)
    O2 - BHO: (no name) - {131BF8BB-81BA-2059-36D4-F6347DFAFF17} - (no file)
    O2 - BHO: (no name) - {13C5C5B6-9C48-F9B9-B1DD-39AF7595AF49} - (no file)
    O2 - BHO: (no name) - {13DFFD82-94B1-31CB-5C0B-300B9E37563F} - (no file)
    O2 - BHO: (no name) - {165E6766-EBA8-44B6-A74C-0B7B4D913A32} - (no file)
    O2 - BHO: (no name) - {16D60090-130F-47CE-41BD-1AFF536AC88E} - (no file)
    O2 - BHO: (no name) - {184CF53A-43DD-BBD2-D3F8-E5964A5DC684} - (no file)
    O2 - BHO: (no name) - {18E79D78-37FF-46FB-174F-D52C8A9B4AA4} - (no file)
    O2 - BHO: (no name) - {18EA7FE0-8BD6-2D3D-4A77-6732EFEC2B2C} - (no file)
    O2 - BHO: (no name) - {18EA91F9-6792-38ED-9791-EC436A3BB3CF} - (no file)
    O2 - BHO: (no name) - {199D9E0B-2F5F-DA98-2B62-FA9AA3710DD5} - (no file)
    O2 - BHO: (no name) - {19A743FF-D985-0DCF-CFC2-5DE372D16830} - (no file)
    O2 - BHO: (no name) - {1C5CF169-7102-1F3D-5594-86EE2D6D9EE0} - (no file)
    O2 - BHO: (no name) - {1E883F2F-29E2-AD4B-A546-1CFC8B6CBE28} - (no file)
    O2 - BHO: (no name) - {205C6908-B58B-58E1-DDB3-F55EC80EF005} - (no file)
    O2 - BHO: (no name) - {21DD6C43-4909-73BD-AC73-F4B1A19AC112} - (no file)
    O2 - BHO: (no name) - {235AC682-1EA0-63EA-569B-DB01B824F50A} - (no file)
    O2 - BHO: (no name) - {25BC0079-2A8E-B1F2-44CA-1C9AE7CFE95A} - (no file)
    O2 - BHO: (no name) - {26292D92-C47D-8978-68F1-EADFBF80E5DD} - (no file)
    O2 - BHO: (no name) - {2B059896-BB0E-9E34-798B-01B795993144} - (no file)
    O2 - BHO: (no name) - {2B4E1834-BFE0-707E-3449-46EC0AEDF9DC} - (no file)
    O2 - BHO: (no name) - {2CEB755B-6BCC-9879-D315-A49FBFA75BD7} - (no file)
    O2 - BHO: (no name) - {2FD1CA00-24E1-FC67-3211-CC143E32E448} - (no file)
    O2 - BHO: (no name) - {321EE6F6-38D2-4E50-0092-8423258A5117} - (no file)
    O2 - BHO: (no name) - {32D49AC6-E2D7-4904-D7DB-D80E36A7A1A3} - (no file)
    O2 - BHO: (no name) - {338E9F9A-BBF9-233A-33C3-E48A66C94FFA} - (no file)
    O2 - BHO: (no name) - {34575C2A-5B57-EBAD-7D49-F18EE966FA39} - (no file)
    O2 - BHO: (no name) - {347CE5A5-6599-8A80-9D8E-06843CFEDD27} - (no file)
    O2 - BHO: (no name) - {3487A0E4-207B-E09F-81B8-A8EDBD853E83} - (no file)
    O2 - BHO: (no name) - {369D3C07-F0E6-911F-75DF-C3B06260CE96} - (no file)
    O2 - BHO: (no name) - {371FF568-518E-125B-A6C7-DE20312D535C} - (no file)
    O2 - BHO: (no name) - {382544E1-147D-F605-A678-BBD18A0F3232} - (no file)
    O2 - BHO: (no name) - {395AC10C-9B60-248F-194C-9D8697C487C3} - (no file)
    O2 - BHO: (no name) - {3A175AA1-C661-1142-D773-47AE66A178FA} - (no file)
    O2 - BHO: (no name) - {3B9CB54E-F318-B709-AA3D-26315C164573} - (no file)
    O2 - BHO: (no name) - {3BA5C516-2E23-6854-9EFC-21E89FEB7C2E} - (no file)
    O2 - BHO: (no name) - {3F196571-8AE3-1455-9565-1D33F6C41C58} - (no file)
    O2 - BHO: (no name) - {3F4A50AD-904E-7E61-9D73-3F174291F4B2} - (no file)
    O2 - BHO: (no name) - {3F787872-61C2-E14A-5458-CFF5381DEA94} - (no file)
    O2 - BHO: (no name) - {407FFCD2-654F-817E-A2EE-B535B9FBC95D} - (no file)
    O2 - BHO: (no name) - {41E85D98-6F3B-5C26-6D90-5875C3B7B83A} - (no file)
    O2 - BHO: (no name) - {424E3970-C42B-B0EE-5949-FE8987AD05F6} - (no file)
    O2 - BHO: (no name) - {42C21F01-F6DE-4B57-9CA9-ECDBD48392AD} - (no file)
    O2 - BHO: (no name) - {430C166C-49CE-19E8-CF15-95AB6EE7E7CE} - (no file)
    O2 - BHO: (no name) - {442D8F79-8826-B4A6-92B0-B5389B535D9B} - (no file)
    O2 - BHO: (no name) - {46F0B586-63AE-3428-88FC-AD230B3E4D26} - (no file)
    O2 - BHO: (no name) - {48522E44-2657-63AA-D1A5-88BD8F6F6BCB} - (no file)
    O2 - BHO: (no name) - {4873121D-827E-1BD4-1A2C-B5A0C13C9785} - (no file)
    O2 - BHO: (no name) - {48824338-44C0-7912-89AA-850C0E0875C0} - (no file)
    O2 - BHO: (no name) - {49D8788B-72E3-2632-6071-544088C2D9E3} - (no file)
    O2 - BHO: (no name) - {4A5ABB53-102D-C19C-B368-482572DCB536} - (no file)
    O2 - BHO: (no name) - {4A5B3E71-F19A-1D5B-B786-EF21EDBFE12C} - (no file)
    O2 - BHO: (no name) - {4C8EF58C-1E8B-772E-B285-50C063477787} - (no file)
    O2 - BHO: (no name) - {4D7AAE7E-60D8-7CE4-E215-285680E2A5E4} - (no file)
    O2 - BHO: (no name) - {4ECCDA5C-3EB8-D769-3EAD-C45654F9083C} - (no file)
    O2 - BHO: (no name) - {51516028-FA3B-8261-B4D3-346C6B349CAE} - (no file)
    O2 - BHO: (no name) - {5514309F-226E-4564-4CC0-558961C76698} - (no file)
    O2 - BHO: (no name) - {55C8C6D7-0FC7-6CAC-AA38-69CB63141D4E} - (no file)
    O2 - BHO: (no name) - {570908A4-FE60-6ABF-B123-69E2CEC6741D} - (no file)
    O2 - BHO: (no name) - {572A44A6-4945-DA71-B13F-066F8EC29E66} - (no file)
    O2 - BHO: (no name) - {57FD4D84-8261-8F19-F386-D7902792B1C6} - (no file)
    O2 - BHO: (no name) - {595AD4D2-88BB-5563-8BB4-F6F7AC5BB382} - (no file)
    O2 - BHO: (no name) - {59EE4542-8EDF-55ED-0398-74D600792B04} - (no file)
    O2 - BHO: (no name) - {5AC5C3B9-9CEC-BC17-DFFB-3F33F50B8236} - (no file)
    O2 - BHO: (no name) - {5B7AB13C-069E-0A96-369B-83180E283DCD} - (no file)
    O2 - BHO: (no name) - {5BA8BAA2-A8F8-C5AE-06EC-5A7D9EFC3436} - (no file)
    O2 - BHO: (no name) - {5F101202-11AE-81D3-D484-0354226D02AE} - (no file)
    O2 - BHO: (no name) - {6211EC0C-2CF4-DEC3-4695-A8A0A9B57676} - (no file)
    O2 - BHO: (no name) - {62F9E29F-0396-506F-A1AF-EC0A261735CD} - (no file)
    O2 - BHO: (no name) - {63DFBE3B-D797-50E4-BE10-0AD1C6D7B7AD} - (no file)
    O2 - BHO: (no name) - {63EDD3FE-AFF5-BAA7-633A-B83D248F62B6} - (no file)
    O2 - BHO: (no name) - {64FC896F-F223-9929-AE61-5B3CD69B9146} - (no file)
    O2 - BHO: (no name) - {65E38C5A-C2E5-319D-507E-7617213EEC42} - (no file)
    O2 - BHO: (no name) - {65F0E138-122A-6E08-A5F0-E375D08E2101} - (no file)
    O2 - BHO: (no name) - {6604595C-B90A-8BCC-F8EF-5C2F9611D23F} - (no file)
    O2 - BHO: (no name) - {67AD8EEC-DBC9-81F8-1EAB-6D24CF242AC2} - (no file)
    O2 - BHO: (no name) - {683EAC7F-683C-AF5F-A8BE-9D9877B52E10} - (no file)
    O2 - BHO: (no name) - {68DE9027-1CBD-5899-FC4F-E5B84A8F6BE4} - (no file)
    O2 - BHO: (no name) - {6A770916-35E5-FF9E-E4EC-F0D453A172D3} - (no file)
    O2 - BHO: (no name) - {6B014825-F801-F6B3-8BFB-8D1EDD53C72E} - (no file)
    O2 - BHO: (no name) - {6BCDE398-C8C8-7128-9CA9-82F81B85402E} - (no file)
    O2 - BHO: (no name) - {6D25C675-70D8-EC23-84B5-DA5169D62ABC} - (no file)
    O2 - BHO: (no name) - {6F9CD290-449C-DBE4-621A-E7E113A0EE2F} - (no file)
    O2 - BHO: (no name) - {71F3E61A-9FC2-684B-270A-33AEBC0E2EC0} - (no file)
    O2 - BHO: (no name) - {73387395-ABB2-DEF3-C455-735DB3177062} - (no file)
    O2 - BHO: (no name) - {736D52E2-B286-6230-5722-E4EDA9DBD27E} - (no file)
    O2 - BHO: (no name) - {741FAA78-FB1F-CB3C-44BD-E14600CFF87A} - (no file)
    O2 - BHO: (no name) - {75897AF8-779E-E938-121D-38FA5AA18C43} - (no file)
    O2 - BHO: (no name) - {759713F7-705A-2B13-02E3-9E591EAEF259} - (no file)
    O2 - BHO: (no name) - {766D2566-60FD-10F1-92DB-18BB4F8AF267} - (no file)
    O2 - BHO: (no name) - {7743F003-44EF-1F75-AF4B-3683EF4A7346} - (no file)
    O2 - BHO: (no name) - {782EFECF-07F2-F82F-8EDE-F319601EAE66} - (no file)
    O2 - BHO: (no name) - {793E35F2-B88F-15B6-3AEC-CEADED9E2A95} - (no file)
    O2 - BHO: (no name) - {7B630149-A84A-17F7-4D18-6D554AEC18DB} - (no file)
    O2 - BHO: (no name) - {7B9F0EE4-BFCC-13BF-7127-EC3A3BA67B92} - (no file)
    O2 - BHO: (no name) - {7C461C96-0310-49FA-767A-6D27FEB941E6} - (no file)
    O2 - BHO: (no name) - {7DB27A26-99E5-D3F2-DE5E-69D6A77FC596} - (no file)
    O2 - BHO: (no name) - {81798751-29AB-CDD7-94B0-440339635507} - (no file)
    O2 - BHO: (no name) - {822904F6-6515-F4CA-FCA6-3DD79347C0E0} - (no file)
    O2 - BHO: (no name) - {82FCD2C0-6CAF-9AD2-CAC6-D68F740206C3} - (no file)
    O2 - BHO: (no name) - {837083AF-B511-DCC4-05AB-DB06515B52E4} - (no file)
    O2 - BHO: (no name) - {848A750E-82F4-F1BA-633F-89CAC4D3092C} - (no file)
    O2 - BHO: (no name) - {84B31CA2-4ABA-BD58-F6B2-15F1D1739686} - (no file)
    O2 - BHO: (no name) - {852064D5-D83D-C0DA-ED78-76551794EE8D} - (no file)
    O2 - BHO: (no name) - {85350E27-DDF3-4D24-ABE1-57F9792608C9} - (no file)
    O2 - BHO: (no name) - {86041CA1-6D62-16AB-85F3-D49D60FDF6D8} - (no file)
    O2 - BHO: (no name) - {8604FBEF-52C2-EE38-8CC6-738DD1B1DC95} - (no file)
    O2 - BHO: (no name) - {86A6FBFC-1991-4760-7966-9152C01207F3} - (no file)
    O2 - BHO: (no name) - {86EC1399-152F-7B85-24FA-2CE7E962248F} - (no file)
    O2 - BHO: (no name) - {8757DCF3-EDCB-AF1D-2A96-1BA99BF8F486} - (no file)
    O2 - BHO: (no name) - {8955C38D-4C95-80AA-4D9C-204125ADD200} - (no file)
    O2 - BHO: (no name) - {8A6CC37B-7883-F9CA-C742-9785D83F18C7} - (no file)
    O2 - BHO: (no name) - {8A75EA04-9575-A22B-4FC7-E64CB83DA5F3} - (no file)
    O2 - BHO: (no name) - {8B088183-9C7B-6F8C-21F6-7FA52E5B8262} - (no file)
    O2 - BHO: (no name) - {8C7D53BF-2F81-F6A2-202A-C13B9FDF7854} - (no file)
    O2 - BHO: (no name) - {8D404A47-9791-D80C-3E84-8E7B3D9C3C44} - (no file)
    O2 - BHO: (no name) - {8DD0E093-F203-A226-34B6-803644787EFF} - (no file)
    O2 - BHO: (no name) - {8F847879-40F7-B232-AEC5-D3214B36C965} - (no file)
    O2 - BHO: (no name) - {94059374-9687-2B88-4C00-22E2FF8039AE} - (no file)
    O2 - BHO: (no name) - {9600C465-7C6A-0B9C-2B1E-DA75DD1BD842} - (no file)
    O2 - BHO: (no name) - {967871F3-038A-F72E-C5FF-CE710FAFDEA8} - (no file)
    O2 - BHO: (no name) - {986BD453-5B57-5C00-BC7E-97C1B11930A9} - (no file)
    O2 - BHO: (no name) - {986EB30A-4B14-6249-1774-A75D9AEAC359} - (no file)
    O2 - BHO: (no name) - {98B06E7B-7D84-30CB-A991-794990630F1F} - (no file)
    O2 - BHO: (no name) - {991DF816-06EC-05DF-D306-F828A69AEF22} - (no file)
    O2 - BHO: (no name) - {9ADFE229-40FB-615D-BB53-35E7CF17109E} - (no file)
    O2 - BHO: (no name) - {9B1A2625-49C3-7881-A453-1C2B2E4282F9} - (no file)
    O2 - BHO: (no name) - {9CC24F8C-C090-F78B-2849-1C3653933660} - (no file)
    O2 - BHO: (no name) - {9CC8F542-1A40-D18B-FB14-9CD9B4908857} - (no file)
    O2 - BHO: (no name) - {9D824F52-D30D-CDCC-B4A2-0861DBD812D6} - (no file)
    O2 - BHO: (no name) - {9DB2564C-B368-0DA1-BB00-6F46F0DD9CD2} - (no file)
    O2 - BHO: (no name) - {9DE1545A-6CDE-C52E-C2EE-15ABB18D6F1A} - (no file)
    O2 - BHO: (no name) - {9FDEC173-21F7-980A-124F-9D55C74F77FE} - (no file)
    O2 - BHO: (no name) - {A21022CC-4063-2FB0-2846-65FB99D6E89E} - (no file)
    O2 - BHO: (no name) - {A2D89F27-175B-994F-3147-AA6CADE063DE} - (no file)
    O2 - BHO: (no name) - {A2E2EDE4-E2D3-F3DF-1F23-8C3BEE10E0AA} - (no file)
    O2 - BHO: (no name) - {A493684E-9B4F-2C08-E3D3-1677B7786D2B} - (no file)
    O2 - BHO: (no name) - {A515DB28-6353-A6A5-258A-23E58675622A} - (no file)
    O2 - BHO: (no name) - {A5363EEA-80FF-2D9D-B95C-136303CBE2E5} - (no file)
    O2 - BHO: (no name) - {A733C711-3E32-9E03-FC91-8987286C8BE5} - (no file)
    O2 - BHO: (no name) - {A81BCDA3-15E4-11AF-47AC-CDE1A5CE4A3C} - (no file)
    O2 - BHO: (no name) - {A8C8A388-61C0-F0D9-91D0-47615F2F6A9B} - (no file)
    O2 - BHO: (no name) - {A8D30C47-4510-9BB5-0432-574064529B27} - (no file)
    O2 - BHO: (no name) - {A8DBFF81-041C-F290-213E-2D0CB852CF56} - (no file)
    O2 - BHO: (no name) - {A951E8A4-0C15-D6A1-B279-C69CE7DFFB06} - (no file)
    O2 - BHO: (no name) - {AA22FEC5-204E-D1C9-8EAB-F1C63F3BCE8D} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {AADB9ABD-0002-CBE6-1BE2-2AB853D25403} - (no file)
    O2 - BHO: (no name) - {AD558823-F711-D52F-CF3D-E2058029C0DD} - (no file)
    O2 - BHO: (no name) - {AF0E6521-11D3-E910-5998-4ABEE4595D36} - (no file)
    O2 - BHO: (no name) - {AF9E47E5-DA5F-2D53-4855-D3DBCC67B6EF} - (no file)
    O2 - BHO: (no name) - {B13C0965-868F-283A-5E4E-C1B07A643E7A} - (no file)
    O2 - BHO: (no name) - {B49B7CB5-DE38-EE8F-E72D-484C0FED08D3} - (no file)
    O2 - BHO: (no name) - {B4F8C4E0-F516-5DEF-B102-AAF1ADBCBB04} - (no file)
    O2 - BHO: (no name) - {B58B9B1C-55D9-1746-5D04-4AD3FEBB33BE} - (no file)
    O2 - BHO: (no name) - {B6EFF8ED-FE91-D486-61D0-EF55DD5220AC} - (no file)
    O2 - BHO: (no name) - {B74D7ADF-0D9A-236B-88D0-5341D065D6CE} - (no file)
    O2 - BHO: (no name) - {B7C236A8-174F-E368-2B49-6729088050CA} - (no file)
    O2 - BHO: (no name) - {B7E615F6-2E23-77B4-BE15-D9B9EE44B2E6} - (no file)
    O2 - BHO: (no name) - {B824C0E3-2D3F-4C0D-C74F-6A9E9873BE3B} - (no file)
    O2 - BHO: (no name) - {BAA0D3EB-6EAA-378D-EABD-428A8C6CBCDC} - (no file)
    O2 - BHO: (no name) - {BD58C39B-DC86-1C66-6B5B-2D9C7B1C970D} - (no file)
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {BE0D8EA0-8960-8DE8-30E4-E8710ED84A81} - (no file)
    O2 - BHO: (no name) - {C1CD277B-16A9-E698-A991-DD5E2FEDEB4A} - (no file)
    O2 - BHO: (no name) - {C20427B5-F4CC-E04E-6477-FCAF3C116979} - (no file)
    O2 - BHO: (no name) - {C21C63F8-4294-8448-115A-32EF23FDED10} - (no file)
    O2 - BHO: (no name) - {C3425118-CE29-04D1-3C22-36802146C4F5} - (no file)
    O2 - BHO: (no name) - {C5149068-08D4-7379-7115-E35C21E90399} - (no file)
    O2 - BHO: (no name) - {C5E5AAF1-E338-ED8E-4D57-DC8FB2DE04CB} - (no file)
    O2 - BHO: (no name) - {C6515C08-028F-7E34-837C-D5405B542821} - (no file)
    O2 - BHO: (no name) - {C684B7E4-5C80-3711-FE91-063EACA2347E} - (no file)
    O2 - BHO: (no name) - {C77119AD-B010-7430-67AD-6E3A4C0E744C} - (no file)
    O2 - BHO: (no name) - {C7CEA3E7-B58C-0117-58AA-8E0E57E0565E} - (no file)
    O2 - BHO: (no name) - {C8BD5992-93A2-C72D-346C-BE031396197E} - (no file)
    O2 - BHO: (no name) - {C91C6A50-4E18-389A-6EEB-F0FC5AC3AC38} - (no file)
    O2 - BHO: (no name) - {CA14850C-FA9C-DE0D-27DA-8BD9DA485F0B} - (no file)
    O2 - BHO: (no name) - {CAFF6042-9822-36A6-4764-C0BF5E59EF31} - (no file)
    O2 - BHO: (no name) - {CDF9C391-2BED-F4A8-C899-0144B25686F9} - (no file)
    O2 - BHO: (no name) - {CE8B07CF-9A43-6140-608C-092AA763D1BD} - (no file)
    O2 - BHO: (no name) - {CE91F604-199F-7882-72AB-B4D8255E7E3A} - (no file)
    O2 - BHO: (no name) - {CF1C66A5-22A7-AA44-A767-EB79B05C5F1B} - (no file)
    O2 - BHO: (no name) - {CF28B2B6-4BF8-5E57-FC69-B5570B57EE06} - (no file)
    O2 - BHO: (no name) - {D04B13F5-0E39-EE4E-D33A-14F3941F8539} - (no file)
    O2 - BHO: (no name) - {D241F789-5659-5DF9-1F51-4D46D0E3964A} - (no file)
    O2 - BHO: (no name) - {D337CF3A-4A39-86E1-B3F2-5AA0D97926D3} - (no file)
    O2 - BHO: (no name) - {D36BD597-630F-D814-CF19-D7AAC22FEDDA} - (no file)
    O2 - BHO: (no name) - {D3F6EDB3-54C6-DE0B-5911-30B33BA4264B} - (no file)
    O2 - BHO: (no name) - {D54285E4-B4B1-6830-3009-C1211A0CD05E} - (no file)
    O2 - BHO: (no name) - {D7630E68-79D7-6EF3-062A-A8D62572DA69} - (no file)
    O2 - BHO: (no name) - {D772EDB5-7E28-3680-0DFD-47B69536B127} - (no file)
    O2 - BHO: (no name) - {D7AADEDD-97A8-C970-FA3A-C2E0C1831A77} - (no file)
    O2 - BHO: (no name) - {DA3AAC09-2842-4792-FD3F-8A5A9649EF1C} - (no file)
    O2 - BHO: (no name) - {DA3AC16D-881C-500D-EEA0-6EE3A2056627} - (no file)
    O2 - BHO: (no name) - {DA5F3BAE-6318-EE03-9D47-260E2FA367B7} - (no file)
    O2 - BHO: (no name) - {DAD64CB5-6A52-35C2-38BD-73771485436C} - (no file)
    O2 - BHO: (no name) - {DB99FC8C-8A73-A988-8229-764512FCAD1B} - (no file)
    O2 - BHO: (no name) - {DBD602A8-8F55-C964-E168-4A9DD3C20AC4} - (no file)
    O2 - BHO: (no name) - {DD7F1708-D0FC-9336-482E-B32F8180E1F3} - (no file)
    O2 - BHO: (no name) - {DEFF3B98-3686-8151-5CDB-C593651F3170} - (no file)
    O2 - BHO: (no name) - {DF68EA3F-353B-2006-149E-B74E2F05DCBC} - (no file)
    O2 - BHO: (no name) - {E2A6A5F0-F499-A477-E58D-4D5A4B562721} - (no file)
    O2 - BHO: (no name) - {E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56} - (no file)
    O2 - BHO: (no name) - {E42B61C2-66D3-07B5-A6D8-5FD00BC22603} - (no file)
    O2 - BHO: (no name) - {E655B30E-6312-F0CC-F75E-35C1460C02FD} - (no file)
    O2 - BHO: (no name) - {E6B5BD9E-F3FF-E5A3-4B37-210B4F9B2CFF} - (no file)
    O2 - BHO: (no name) - {E7EA31BC-040D-2E4D-88EF-40381EB92CB7} - (no file)
    O2 - BHO: (no name) - {E86CB8A6-5ACF-DE17-8629-2E3D0D603A51} - (no file)
    O2 - BHO: (no name) - {E8F8DF77-A372-CB3E-F005-44B07E1086DE} - (no file)
    O2 - BHO: (no name) - {EAADD167-D492-D64A-6508-6BCC2A6B4D56} - (no file)
    O2 - BHO: (no name) - {EB79404D-AE0E-86BB-F3E5-F15C2D55C061} - (no file)
    O2 - BHO: (no name) - {ECDB01F4-FF73-F26C-DD86-4D5A54623E8F} - (no file)
    O2 - BHO: (no name) - {EF499FF4-5D68-4F48-3C5E-65411AF29344} - (no file)
    O2 - BHO: (no name) - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - (no file)
    O2 - BHO: (no name) - {F55AF506-EB9F-47DF-AB8E-D6D291DE1757} - (no file)
    O2 - BHO: (no name) - {F6BCAC5B-F512-DB71-1A25-5B568F21C13C} - (no file)
    O2 - BHO: (no name) - {F72C2F74-8735-611B-5E85-D33CA3E557A9} - (no file)
    O2 - BHO: (no name) - {F99DA94E-8003-7D47-5B90-44A2088F5120} - (no file)
    O2 - BHO: (no name) - {FA30FBE1-2D6A-60CB-19A0-CC0872CC2F67} - (no file)
    O2 - BHO: (no name) - {FBF04123-7B6C-5A17-E393-11BC902B1B9B} - (no file)
    O2 - BHO: (no name) - {FD3DA53B-7B48-41D2-9F9A-F137210DEFBA} - (no file)
    O2 - BHO: (no name) - {FD53AF3D-B5A4-3DEC-C009-E2E6791F3EE9} - (no file)
    O2 - BHO: (no name) - {FE912560-84DA-169C-94D6-8B410D6F44B3} - (no file)
    O2 - BHO: (no name) - {FEDB5C70-C8D3-5CE0-5433-3BFBF961AF4B} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
    O4 - HKLM\..\Run: [62.tmp] C:\DOCUME~1\anyone\LOCALS~1\Temp\62.tmp.exe
    O4 - HKLM\..\Run: [63.tmp] C:\DOCUME~1\anyone\LOCALS~1\Temp\63.tmp.exe
    O4 - HKLM\..\Run: [62.tmp.exe] C:\DOCUME~1\anyone\LOCALS~1\Temp\62.tmp.exe
    O4 - HKLM\..\Run: [63.tmp.exe] C:\DOCUME~1\anyone\LOCALS~1\Temp\63.tmp.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/tgctlcm.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by114fd.bay114.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135900172312
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/180solutions/ie/bridge-c24.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: awvvu - awvvu.dll (file missing)
    O20 - Winlogon Notify: browsela - C:\WINDOWS\system32\browsela.dll (file missing)
    O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Ray3xsi5_0 Server (Ray3xsi5_0Server) - Unknown owner - C:\Softimage\XSI_5.0\Application\bin\ray3xsi5_0server.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SPM License Server (spmd) - mental images GmbH - C:\WINDOWS\system32\spm\spmdib.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
     
    Last edited: Aug 19, 2006
    anarkya, Aug 19, 2006
    #1
  2. Xeres

    Xeres Member

    Joined:
    Apr 27, 2003
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    16
    Well, I'm not a expert, but the first thing I would do is Download
    Ewido AntiMalware http://free.grisoft.com/doc/20/lng/us/tpl/v5 to the desptop and run the install routine, but not a scan. Than get the latest updates for it and install them.
    Next I would download a copy of ATF Cleaner http://www.atribune.org/content/view/25/2 Don't run it just yet.
    reboot to safe mode and run a scan with Ewido with the option to fix ALL. save the report, as and expert will want to see it.

    Reboot normal. Run a new HJT scan and post it back to the list. Don't check anything yet

    Cheers
    Xeres
     
    Xeres, Aug 20, 2006
    #2
  3. Xeres

    Xeres Member

    Joined:
    Apr 27, 2003
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    16
    ooopps .... fat fingered that one,
    Also include the ewido scan.

    Cheers
    Xeres
     
    Xeres, Aug 20, 2006
    #3
  4. anarkya

    anarkya Member

    Joined:
    Aug 10, 2006
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    16
    Thank you for your answer.

    His PC doesnt wanna work now.
    He had to reboot the pc from the start, but it still doesnt work. it gets into the create an acct thing and freezes.

    Any advice would be appreciated

    Thank you again for your help.
     
    anarkya, Aug 20, 2006
    #4
  5. Xeres

    Xeres Member

    Joined:
    Apr 27, 2003
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    16
    Try booting to safe mode. reboot and while the system starts up keep tapping the F8 key. Select safe mode from the menue.

    Xeres
     
    Xeres, Aug 20, 2006
    #5
  6. thugs121

    thugs121 Regular member

    Joined:
    Aug 3, 2004
    Messages:
    460
    Likes Received:
    0
    Trophy Points:
    26
    This is often the case when trying to log into the comp when the comp is severely infected. It may take awhile (maybe 10 or more minutes).

    Once the freezing is over,please start by downloading [bold]VirtumundoBegone[/bold]: http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
    and save it to your desktop. When you have done this doubleclick on VirtumundoBeGone.exe and follow the instructions. Do not worry if you see a BLUE SCREEN "Fatal Error" Message, it is normal and expected. A file called VBG.txt will be created on your desktop. Save that file for later.


    In this case, you may have to reboot this compuer several times in order to alleviate the freezing...

    As Xeres mentioned, try and use ATF Cleaner and Ewido Ant-Spyware... When you do have the chance, try and update Ewido and provide the latest Hijack this log...
     
    thugs121, Aug 21, 2006
    #6

Share This Page