Help! Hijackthis Log.
in [Help and Support]
|
From: EOFTL on 21 Jan 2010 14:40 Hi. Can you help me see if anything is wrong on my computer? I keep getting all these viruses. I HAD the "Antivirus 2010" virus, but got rid of it using rkill and Malwarebytes. I've been having the "DCOM server process terminated unexpectantly" problem on my Toshiba laptop recently. I stopped the problem by disabling the DCOM Server Process Launcher, and that got rid of the problem. Google redirects me when I click on a link, but only sometimes now. I have Malwarebytes, AVG Free, and Hijackthis. Malwarebytes and AVG say there's no viruses, malware, etc. This is my Hijackthis Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:21:41 PM, on 1/21/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\WINDOWS\system32\TDispVol.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\WINDOWS\system32\ZoomingHook.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Tencent\QQDownload\QQDownload.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O1 - Hosts: ::1 localhost O1 - Hosts: 91.212.127.226 winwarepro.microsoft.com O1 - Hosts: 91.212.127.226 winwarepro.com O1 - Hosts: 91.212.127.226 www.winwarepro.com O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TDispVol] TDispVol.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [realtekc] "C:\Documents and Settings\Kong\Application Data\Gmail\exiap6415386.exe" 2 O4 - HKCU\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [QQDownload] "C:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Startup: 枆捅QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &妏蚚閉撰唅瑞狟婥 - C:\Program Files\Tencent\QQDownload\geturl.htm O8 - Extra context menu item: &妏蚚閉撰唅瑞狟婥窒蟈諉 - C:\Program Files\Tencent\QQDownload\getAllurl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: 氝樓善QQ桶 - C:\Program Files\Tencent\QQ\AddEmotion.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238945657901 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 8869 bytes -- EOFTL ------------------------------------------------------------------------ EOFTL's Profile: http://forums.techarena.in/members/176647.htm View this thread: http://forums.techarena.in/windows-xp-support/1295186.htm http://forums.techarena.in
From: db on 21 Jan 2010 15:51 yes, I would delete your 01's they are hijacking your browser. -- db���`�...�><)))�> DatabaseBen, Retired Professional - Systems Analyst - Database Developer - Accountancy - Veteran of the Armed Forces - @Hotmail.com - nntp Postologist ~ "share the nirvana" - dbZen ~~~~~~~~~~~~~~~ > > "EOFTL" <EOFTL.455o7b(a)DoNotSpam.com> wrote in message news:EOFTL.455o7b(a)DoNotSpam.com... > > Hi. Can you help me see if anything is wrong on my computer? I keep > getting all these viruses. > > I HAD the "Antivirus 2010" virus, but got rid of it using rkill and > Malwarebytes. > > I've been having the "DCOM server process terminated unexpectantly" > problem on my Toshiba laptop recently. I stopped the problem by > disabling the DCOM Server Process Launcher, and that got rid of the > problem. > > Google redirects me when I click on a link, but only sometimes now. > > I have Malwarebytes, AVG Free, and Hijackthis. > > Malwarebytes and AVG say there's no viruses, malware, etc. > This is my Hijackthis Log: > > > Logfile of Trend Micro HijackThis v2.0.2 > Scan saved at 2:21:41 PM, on 1/21/2010 > Platform: Windows XP SP2 (WinNT 5.01.2600) > MSIE: Internet Explorer v8.00 (8.00.6001.18702) > Boot mode: Normal > > Running processes: > C:\WINDOWS\System32\smss.exe > C:\WINDOWS\system32\winlogon.exe > C:\WINDOWS\system32\services.exe > C:\WINDOWS\system32\lsass.exe > C:\WINDOWS\system32\svchost.exe > C:\WINDOWS\System32\svchost.exe > C:\WINDOWS\system32\spoolsv.exe > C:\WINDOWS\Explorer.EXE > C:\WINDOWS\system32\hkcmd.exe > C:\WINDOWS\system32\igfxpers.exe > C:\WINDOWS\RTHDCPL.EXE > C:\Program Files\Synaptics\SynTP\SynTPEnh.exe > C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe > C:\WINDOWS\system32\TCtrlIOHook.exe > C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe > C:\WINDOWS\system32\TDispVol.exe > C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe > C:\WINDOWS\system32\TPSMain.exe > C:\Program Files\TOSHIBA\TouchPad\TPTray.exe > C:\WINDOWS\system32\ZoomingHook.exe > C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe > C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe > C:\PROGRA~1\AVG\AVG8\avgtray.exe > C:\Program Files\HP\HP Software Update\HPWuSchd2.exe > C:\Program Files\ltmoh\Ltmoh.exe > C:\WINDOWS\system32\ctfmon.exe > C:\Program Files\Tencent\QQDownload\QQDownload.exe > C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe > C:\Program Files\Synaptics\SynTP\SynToshiba.exe > C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe > C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe > C:\WINDOWS\system32\TPSBattM.exe > C:\WINDOWS\system32\agrsmsvc.exe > C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe > C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe > C:\WINDOWS\system32\svchost.exe > C:\Program Files\Java\jre6\bin\jqs.exe > C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe > C:\PROGRA~1\AVG\AVG8\avgrsx.exe > C:\PROGRA~1\AVG\AVG8\avgnsx.exe > C:\WINDOWS\System32\svchost.exe > C:\WINDOWS\System32\svchost.exe > C:\WINDOWS\system32\svchost.exe > C:\PROGRA~1\AVG\AVG8\avgemc.exe > C:\Program Files\AVG\AVG8\avgcsrvx.exe > C:\WINDOWS\system32\wuauclt.exe > C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe > C:\Program Files\Internet Explorer\iexplore.exe > C:\Program Files\Internet Explorer\iexplore.exe > C:\WINDOWS\system32\wuauclt.exe > C:\Program Files\Internet Explorer\iexplore.exe > C:\Program Files\Trend Micro\HijackThis\HijackThis.exe > > O1 - Hosts: ::1 localhost > O1 - Hosts: 91.212.127.226 winwarepro.microsoft.com > O1 - Hosts: 91.212.127.226 winwarepro.com > O1 - Hosts: 91.212.127.226 www.winwarepro.com > O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - > C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll > O2 - BHO: Adobe PDF Reader Link Helper - > {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common > Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll > O2 - BHO: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - > C:\Program Files\Tencent\QQToolbar\IEBar.dll > O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - > {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program > Files\AVG\AVG8\avgssie.dll > O2 - BHO: Windows Live Sign-in Helper - > {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common > Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll > O2 - BHO: Google Toolbar Helper - > {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google > Toolbar\GoogleToolbar_32.dll > O2 - BHO: HP Smart Web Printing 1.0 - > {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web > Printing\SmartWebPrinting.dll > O2 - BHO: Google Toolbar Notifier BHO - > {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program > Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll > O2 - BHO: Google Dictionary Compression sdch - > {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google > Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll > O2 - BHO: JQSIEStartDetectorImpl - > {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program > Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll > O3 - Toolbar: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - > C:\Program Files\Tencent\QQToolbar\IEBar.dll > O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - > C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll > O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" > /Spoil /RemAdvDef /Migration32 > O4 - HKLM\..\Run: [MSPY2002] > C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC > O4 - HKLM\..\Run: [PHIME2002ASync] > C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC > O4 - HKLM\..\Run: [PHIME2002A] > C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName > O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe > O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe > O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe > O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE > O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE > O4 - HKLM\..\Run: [SynTPEnh] C:\Program > Files\Synaptics\SynTP\SynTPEnh.exe > O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera > Assistant Software for Toshiba\traybar.exe" /start > O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe > O4 - HKLM\..\Run: [TFncKy] TFncKy.exe > O4 - HKLM\..\Run: [TDispVol] TDispVol.exe > O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe > O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA > Applet\HWSetup.exe hwSetUP > O4 - HKLM\..\Run: [TPSMain] TPSMain.exe > O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe > O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe > O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming > Utility\SmoothView.exe > O4 - HKLM\..\Run: [RemoteControl] "C:\Program > Files\CyberLink\PowerDVD\PDVDServ.exe" > O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe > O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe > O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software > Update\HPWuSchd2.exe > O4 - HKLM\..\Run: [realtekc] "C:\Documents and > Settings\Kong\Application Data\Gmail\exiap6415386.exe" 2 > O4 - HKCU\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe > O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe > O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows > Live\Messenger\msnmsgr.exe" /background > O4 - HKCU\..\Run: [QQDownload] "C:\Program > Files\Tencent\QQDownload\QQDownload.exe" autostart > O4 - HKCU\..\Run: [swg] "C:\Program > Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" > O4 - Startup: 枆捅QQ.lnk = C:\Program > Files\Tencent\QQ\QQ.exe > O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program > Files\Adobe\Reader 8.0\Reader\reader_sl.exe > O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program > Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe > O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program > Files\HP\Digital Imaging\bin\hpqtra08.exe > O4 - Global Startup: McAfee Security Scan.lnk = ? > O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft > Office\Office10\OSA.EXE > O8 - Extra context menu item: > &妏蚚閉撰唅瑞狟婥 - > C:\Program Files\Tencent\QQDownload\geturl.htm > O8 - Extra context menu item: > &妏蚚閉撰唅瑞狟婥窒蟈諉 > - C:\Program Files\Tencent\QQDownload\getAllurl.htm > O8 - Extra context menu item: E&xport to Microsoft Excel - > res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 > O8 - Extra context menu item: > 氝樓善QQ桶 - C:\Program > Files\Tencent\QQ\AddEmotion.htm > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - > C:\Program Files\Messenger\msmsgs.exe > O9 - Extra 'Tools' menuitem: Windows Messenger - > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program > Files\Messenger\msmsgs.exe > O15 - ESC Trusted Zone: http://*.update.microsoft.com > O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) > - > http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238945657901 > O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - > http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab > O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - > C:\Program Files\AVG\AVG8\avgpp.dll > O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll > O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - > Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe > O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies > CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe > O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, > s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe > O23 - Service: Google Software Updater (gusvc) - Google - C:\Program > Files\Google\Common\Google Updater\GoogleUpdaterService.exe > O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision > Corporation - C:\Program Files\Common > Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe > O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun > Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe > > -- > End of file - 8869 bytes > > > -- > EOFTL > ------------------------------------------------------------------------ > EOFTL's Profile: http://forums.techarena.in/members/176647.htm > View this thread: > http://forums.techarena.in/windows-xp-support/1295186.htm > > http://forums.techarena.in >
From: EOFTL on 21 Jan 2010 17:12 Peter Foldes: Oh, sorry. I didn't know. Thanks for the heads up. db: Oh okay. Thanks. How do I delete them? -- EOFTL ------------------------------------------------------------------------ EOFTL's Profile: http://forums.techarena.in/members/176647.htm View this thread: http://forums.techarena.in/windows-xp-support/1295186.htm http://forums.techarena.in
From: Ken Blake, MVP on 21 Jan 2010 17:27 On Thu, 21 Jan 2010 15:36:36 -0500, "Peter Foldes" <okf22(a)hotmail.com> wrote: > Do not post the Hijack this log here Peter, yes I agree. Hijack This logs should not be posted here. But you, by quoting it, reposted the entire thing. -- Ken Blake, Microsoft MVP (Windows Desktop Experience) since 2003 Please Reply to the Newsgroup
From: David H. Lipman on 21 Jan 2010 17:39 From: "EOFTL" <EOFTL.455tra(a)DoNotSpam.com> | Peter Foldes: Oh, sorry. I didn't know. Thanks for the heads up. TechArena.in is a leech of Usenet and fakes that it provides forums when they are actually Usenet news groups and uses the vBulletin USENET gateway. In this case it is a news group within the Microsoft.* hierarchy and can be directly accessed via the Microsoft news server; MSNews.Microsoft.Com using a news client via TCP port 119. Users of TechArena.in are strongly ENCOURAGED to drop the TechArena.in leech of Usenet and access "this" News Group directly with the following News URL... news://msnews.microsoft.com/microsoft.public.windowsxp.help_and_support Forums where you can get expert advice for HiJack This! (HJT) Logs. NOTE: Registration is REQUIRED in any of the below before posting a log Suggested primary: http://www.thespykiller.co.uk/index.php?board=3.0 Suggested secondary: http://www.bleepingcomputer.com/forums/forum22.html http://www.malwarebytes.org/forums/index.php?showforum=7 Suggested tertiary: http://www.dslreports.com/forum/cleanup http://www.cybertechhelp.com/forums/forumdisplay.php?f=25 http://www.atribune.org/forums/index.php?showforum=9 http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html http://gladiator-antivirus.com/forum/index.php?showforum=170 http://forum.networktechs.com/forumdisplay.php?f=130 http://forums.maddoktor2.com/index.php?showforum=17 http://www.spywarewarrior.com/viewforum.php?f=5 http://forums.spywareinfo.com/index.php?showforum=18 http://forums.techguy.org/f54-s.html http://forums.tomcoyote.org/index.php?showforum=27 http://forums.subratam.org/index.php?showforum=7 http://www.5starsupport.com/ipboard/index.php?showforum=18 http://aumha.net/viewforum.php?f=30 http://makephpbb.com/phpbb/viewforum.php?f=2 http://forums.techguy.org/54-security/ http://forums.security-central.us/forumdisplay.php?f=13 -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
Next
|
Last
Pages: 1 2 Prev: Problem with dxdiag and fullscreen applications Next: Autontfs not found, skipping autochk |