Need a log checked out

Status
Not open for further replies.
S

ShortThrow

Baseband Member
Messages
97
I've run all the antispyware crap I can think of and still am having some problems. I know there are some obvious items on this log, but help me out ;)

Logfile of HijackThis v1.99.1
Scan saved at 1:26:58 AM, on 7/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\Tyler\APPLIC~1\ICROSO~1.NET\winlogon.exe
C:\WINDOWS\system32\SMANTE~1\WNSPOO~1.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ishost.exe
C:\WINDOWS\system32\ismon.exe
C:\WINDOWS\system32\isnotify.exe
C:\WINDOWS\system32\issearch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GS.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 148.244.150.58:80
R3 - URLSearchHook: (no name) - {2C7BBF31-09DC-7775-F6EE-70D58A59EC98} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WUSB54GS] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Nerr] "C:\DOCUME~1\Tyler\APPLIC~1\ICROSO~1.NET\winlogon.exe" -vt yazb
O4 - HKCU\..\Run: [Oao] C:\WINDOWS\system32\SMANTE~1\WNSPOO~1.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0117F37E-DF98-041B-8CE4-3D9E7FD26C37} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {013CE1AD-EAF9-7F76-E468-1D346EBF314C} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {0251A7B9-DD54-0C35-C880-776C067D22A1} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {04EEC534-6A6A-4537-2B4C-67E66B3E4D84} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {0505DBFC-B328-17D8-4996-119735A4671A} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {05711530-5B1F-2215-216E-78215AF2043B} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {064504CA-AB50-26E0-6ADC-38107E369F6B} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {080CFB5C-D95A-241E-9DF8-4C56637049CC} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {0EC42393-3932-6987-1CF7-1BE03A748D74} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {12831009-67E7-367F-0B76-3BD31B29AE20} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {144D2CA7-B01D-4812-9295-69F75D089142} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {17E9E50F-A7A8-4A0E-E605-24E33207D69B} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {18C910D9-CE29-5D63-3258-2ED8346250E1} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {19FF610A-D5E6-0EB4-2CA8-06D23CAE15C6} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {1B254D46-9183-1574-A3F1-48A4787122CA} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {1B8E95F2-EDC3-57AF-1058-57B101DD2FDF} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {1C3AAD52-99D0-243C-BEF2-2C9B1E3D9DC8} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {1CD1BB1B-81D1-612E-A634-281C67CFD0A6} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {1D0F8EF5-E0DA-2350-A471-6ED6231232EB} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {1DD78CAF-E74D-2913-D632-1C025853D9CB} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {1E6C4EC5-7755-7895-F494-75A84F3BC9DE} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {216F13FB-CE6C-3504-DDAE-4F202CDF815C} - http://69.50.167.163/1/gdnUS2077.exe
O16 - DPF: {2372F9EC-8B0F-3618-52D6-415148305220} - http://63.218.226.78/loader.exe
O16 - DPF: {25486567-24FF-6BB9-B306-3E4041123457} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {2647956F-9F46-5382-3085-3DC66A3010AF} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {26BC844A-9FC4-6F88-702C-59D26EA55DF0} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {2D5C72FB-75E5-7779-D049-6FA06F5C7B1E} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {31FC2699-0684-3EE9-6DD5-55DA1C371179} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {326B3E76-1887-65AB-4B7A-1CD43D657817} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {37BC4566-F8FA-2B56-57F4-3E7470B93D7B} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {395BF2DD-9D2A-37C1-1049-5A4B3D52EEC9} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {3EF76BAE-A144-13D3-17B0-05C81549ACFC} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {42036BFD-2608-74F8-923D-2EE318ECAA84} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {42778AD7-AA86-37AD-BBE6-6787730ABEED} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {427B16E7-4384-108F-BD0B-7F495E377EF2} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {43A8A1E2-F6BB-4810-27B7-0FC7314766D4} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {45F17EA5-5059-5703-37D3-6ED03D480BA2} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {46B16CB8-D7C1-78AB-5491-78B45A6D8C6F} - http://69.50.182.94/1/gdnUS1733.exe
O16 - DPF: {46D989A3-E7B2-5B15-AD13-32A77E566DC2} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {486AD44D-8AD1-25BE-34F6-636D2520EB7E} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {4B0028A1-17EA-226C-1041-414C44619DFB} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {4C6194BB-3683-7C44-F7A5-2FC37DDB6D36} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {4F9E8AA4-CD39-07E9-0BF0-2A4F64B6B3F4} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {5198449F-A23B-3DD2-07A1-1C8C69224A64} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {52086B83-5874-6740-DF55-3A6A3B585E0F} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {5306C7D8-25DA-2F8C-18FA-600A0285071F} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {538C607B-C599-70B2-C596-1E95443AFACA} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {539B931E-5B64-11C6-D5BC-63C163BA28FF} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {56512992-6109-0B73-44D6-68F46280DC69} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {5B0C8DD9-4664-6987-B33C-43A870E14E59} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {5B417294-469F-2262-F881-252573A8B916} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {5B90D589-89FB-6166-06FE-65F03DCDD401} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {5CB16479-5AAD-6DB4-0AD0-6CCE42A578CD} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {60973291-0252-3B82-C331-57FC75FB7D68} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {613C46F1-ABE4-52DD-252C-3E3D02095040} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {61F4DD9F-E9BB-6009-651E-33111172F99E} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {622CA58E-3F46-08E6-8506-76BF1ED945CD} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {62A07227-C13E-2784-FAD4-2A1D1FF214D6} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {65CC231A-F9DC-5048-FA25-07D83DA53695} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {65F1389F-5AC7-783A-0CD4-24F2133AA9F2} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {66874D1C-CF45-7584-ABBB-283B1E1EE497} - http://69.50.167.163/1/gdnUS2077.exe
O16 - DPF: {66B2EED6-54C7-337E-3312-371E3E7ABA7B} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {682DE665-FE84-0999-9EAE-477E15DF92B0} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {68F260D5-5539-6C6A-0BF4-480C4251A3E6} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {699FE9D7-EEA0-2D3F-DD0D-262F2996ED73} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6A71F7B5-A784-5752-836C-73DA2013BBBE} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {6B936B64-75F9-6C50-D1F9-5A8436AFEDFF} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6BE7705A-AE49-1240-3545-05B834D3DDC2} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6D08AB35-A486-530D-EA53-675F665FBCE0} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6E6E1B33-3CE9-2249-B5E6-12A7798E19BE} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6EBDBEC6-56B0-131B-B05E-23C208AA4D7B} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6F242281-F616-4412-C8DF-2B926C533C75} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6FAA64E2-54D2-0151-77AC-05DB602A94E6} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {6FC23523-1596-0D30-25A3-69270D6D6ADF} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {72C1C3E2-D9FF-68D6-8D1C-51E222C8B82F} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {740CC636-1CA9-5DD2-42B0-3E341C2AB272} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {77021135-D872-515B-EE24-00ED44703D50} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {78B6D05E-1877-65BA-7152-7AEB5694CBEB} - http://82.179.166.72/1/gdnUS48.exe
O16 - DPF: {78D158D7-613B-5171-4D31-7E1061F7D46F} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {78E0B5A7-580B-52A3-6E59-023C580920CF} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {79CE3783-30FD-4170-7C53-13EB2999BA17} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {79CF57A1-F9D1-014A-7ED9-03BB49320606} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7A0B2048-6D1A-03E9-1C06-36C731EB5AB2} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7AA10EBD-ACBC-0E75-CB39-295E4AAF5F8C} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7B871915-2EE3-4F47-4DAA-33AD6F161953} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7B9E895E-D4AF-5A57-BBB4-0B2E31C01857} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7D06D34E-EA46-7ABF-E1FA-5BC81108C456} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7E2BD015-DC2C-3489-C6EA-3AAF66E0785F} - http://69.50.173.166/1/gdnUS2050.exe
O16 - DPF: {7E6CAFB1-7FA0-54BD-E2C7-64CF17BA625F} - http://69.50.173.166/1/gdnUS2050.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\fast.dll
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\WINDOWS\system32\pmnqguh.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: WUSB54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GS.exe (file missing)
 
Follow these instructions carefully

Download ALL 10 programs and update if needed.

Ad Aware SE Personal Free

Ad-aware Messenger Service Plugin

Ad-Aware VX2 Cleaner Plugin

Spybot Search and Destroy Free

Windows Defender 2 Beta

HijackThis

Ewido

CCleaner

Cleanup!

Follow these steps

Delete the prefetch folder C:\WINDOWS\Prefetch, this folder will come back on next reboot.

Go to Add/Remove programs and remove any offending programs such was weatherbug, search assistants, etc.

Delete all cookies and temporary internet files in the control panel, Internet Options.

Go to Start, run, type msconfig, go to startup, disable everything except your antivirus, Firewall, click apply, don¡¦t reboot yet.

Download Msconfig Cleanup below

Msconfig Cleanup

Run Msconfig Cleanup after you unchecked the items you were told to uncheck and recheck, click "Select All", then click "Clean up Selected", then click "Quit". Make sure your antivirus and firewall are not checked. If you delete your antivirus and firewall entries, you will need to reinstall them so be sure to check them.

Now run each Spy ware program 1 by 1. Running all 3 at the same time will slow most systems down.

When each program has finished scanning, remove everything.

Now go to the recycle bin and delete everything that is in it.

Then run CCleaner „² make sure you run the Cleaner section of Windows and Applications and then the Registry Cleaner. Make a backup if you wish while running the Registry cleaner when it asks you.

When finished with the scans, reboot, and go into Safe Mode and run these scans again, remove everything they find, and then reboot back into Windows in normal mode.

Then run HiJackthis!

Save the log, copy and paste the log on www.techist.com
Do not attach the log, copy and paste always. This will make things go much faster.
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom