QJ.NET | Videos | Forums | iPhone | MMORPG | Nintendo DS | Wii | PlayStation 3 | PSP | Xbox 360 | PC | Downloads | Contact Us
Forums | Gaming News | Videos | Downloads | Today's Posts | Mark Forums Read | Chat | FAQ | Members List | Contact

QJ.net Game Discussion - PSP, Xbox, Wii, PS3, PSP Homebrew, and PSP Guides

Go Back   QJ.net Game Discussion - PSP, Xbox, Wii, PS3, PSP Homebrew, and PSP Guides > Consumer > General PC Forums > Everything Windows
Reload this Page HJT logfile. please help me.
The above video goes away if you are a member and logged in, so log in now!

HJT logfile. please help me.

This is a discussion on HJT logfile. please help me. within the Everything Windows forums, part of the General PC Forums category; hey can anyone help me get rid of a virus. I've installed zonealarm and it pops up and says somthing ...
Reply
 
LinkBack Thread Tools
Old 02-11-2006, 08:16 PM   #1
 

 
Join Date: Jul 2005
Posts: 494
Trader Feedback: 0
Red face HJT logfile. please help me.
hey can anyone help me get rid of a virus. I've installed zonealarm and it pops up and says somthing about DrWatson Postmortem Debugger. I looked it up and cam across hijack this I save the log file can someone look at it and tell me whats wrong please.
Logfile of HijackThis v1.99.1
Scan saved at 9:01:23 PM, on 2/11/2006
Platform: Windows XP SP2
MSIE: Internet Explorer v6.00 SP2

Running processes:
C:\WINDOWS\System32\smss. exe
C:\WINDOWS\system32\winlo gon.exe
C:\WINDOWS\system32\servi ces.exe
C:\WINDOWS\system32\lsass .exe
C:\WINDOWS\system32\svcho st.exe
C:\WINDOWS\System32\svcho st.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\brsvc 01a.exe
C:\WINDOWS\System32\brss0 1a.exe
C:\WINDOWS\system32\spool sv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv. exe
C:\WINDOWS\system32\Brmfr mps.exe
C:\Program Files\Autodesk\3dsMax8\me ntalray\satellite\raysat_ 3dsmax8server.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.ex e
C:\WINDOWS\System32\nvsvc 32.exe
C:\WINDOWS\System32\ScsiA ccess.EXE
C:\WINDOWS\System32\svcho st.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZONEL ABS\vsmon.exe
C:\PROGRA~1\COMMON~1\Star dock\SDMCP.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.ex e
C:\Program Files\Common Files\Real\Update_OB\real sched.exe
C:\Program Files\SysMetrix\SysMetrix .exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.e xe
C:\WINDOWS\system32\ctfmo n.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.ex e
C:\Documents and Settings\Russell\Desktop\ HijackThis.exe
C:\Program Files\Symantec\LiveUpdate \AUpdate.exe

R1 - HKCU\Software\Microsoft\I nternet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\I nternet Explorer\Main,Default_Pag e_URL = about:blank
R0 - HKCU\Software\Microsoft\I nternet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\I nternet Explorer\Main,Default_Pag e_URL = about:blank
R0 - HKLM\Software\Microsoft\I nternet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\I nternet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\I nternet Explorer\Main,Local Page = about:blank
R3 - URLSearchHook: (no name) - <default> - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - (no file)
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCent er2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDM on.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\real sched.exe" -osboot
O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix .exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [PCPitstop Optimize Registration Reminder] C:\Program Files\PCPitstop\Optimize\ Reminder.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.e xe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmo n.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\Sty leXP.exe -Hide
O4 - Startup: Axis & Allies Registration.lnk = C:\Documents and Settings\Russell\Local Settings\Temp\{7A6B7206-B3FD-459B-8D45-872234FC030D}\{47836B39-2465-4F39-9D7E-52F70A1C3D72}\ATR1.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\A dobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolba r.dll/cmsearch.html
O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - C:\PROGRA~1\FLASHS~1\save .htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolba r.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolba r.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.ht m
O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolba r.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolba r.dll/cmtrans.html
O9 - Extra button: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save .htm
O9 - Extra 'Tools' menuitem: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save .htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdoc vw.dll
O9 - Extra button: Voiceglo directory - {C9B8ABB6-1CC3-4957-9CA3-053036B2EE3A} - C:\Documents and Settings\All Users\Desktop\Glophone.ln k (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flas hget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flas hget.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab27571.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab34120.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10...y.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab32846.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab27571.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames...l.cab36107.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10...y.cab35645.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (ZPA_Backgammon Object) - http://zone.msn.com/bingame/zpagames...n.cab36385.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msg rapp.dll" (file missing)
O20 - Winlogon Notify: ftp - C:\DOCUME~1\Russell\LOCAL S~1\Temp\ptf.dat (file missing)
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Star dock\mcpstub.dll
O20 - Winlogon Notify: svcpc - C:\DOCUME~1\Zach\LOCALS~1 \Temp\cpcvs.dat (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\STARDOCK\OBJE CT~1\WINDOW~1\fastload.dl l
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc .exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv. exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfr mps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc 01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Drive r\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodServic e.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\me ntalray\satellite\raysat_ 3dsmax8server.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqla dhlp.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.ex e
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc 32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.e xe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMA NT~1\SCRIPT~1\SBServ.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiA ccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\Sty leXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONEL ABS\vsmon.exe
__________________
[CENTER]
[url=http://gearsofwar.xbox360.gamebattles.com/stats/10774][img]http://gearsofwar.xbox360.gamebattles.com/card/10774|basic[/img][/url][/center]F*** Pillowpants! Honk if you love or like ****y![/center]
wallaby is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Tags
hjt , logfile

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT -8. The time now is 05:21 AM.

Contact Us - PC Gaming - PSP - PS3 - Xbox 360 - Nintendo DS - Wii - Archive - Privacy Statement - Top


Use of this Web site constitutes acceptance of the TERMS & CONDITIONS and PRIVACY POLICY
Copyright © 2009, QJ.NET. All Rights Reserved.
Contact Us