| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 64256 | 2005-12-08 23:54:00 | Brother's Computer | guy_who_doesnt_know_much (9248) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 411216 | 2005-12-08 23:54:00 | Well basically it runs slower than the All Black's Prop. I ran highjackthis and this is what it came up with: Logfile of HijackThis v1.99.1 Scan saved at 12:22:56 p.m., on 9/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Warcraft III\Maps\Download\hijackthis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: PBHelper - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Oemji\Toolbar\PopupBlocker\PBHelper.dll O2 - BHO: Curl - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: OemjiSearchPlus - {D240DC29-C093-4388-B71F-A7103C796B0C} - C:\Program Files\Oemji\OemjiSearchPlus\OemjiPls.dll O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file) O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file) O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {804DB5C7-31E6-4885-850A-F1941B58A4C7} - (no file) O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe" O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - Global Startup: KYESCAN.lnk = ? O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00000000-0000-0000-0000-000020030000} - www.advnt01.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - www.spywarestormer.com O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - zone.msn.com O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - 64.156.31.77 O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - download.mcafee.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - by20fd.bay20.hotmail.msn.com O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - www.advnt01.com O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - www.gamehouse.com O16 - DPF: {7EB15626-CB8E-4174-8A72-C055B12B4310} (CQD2Loader Object) - smartdownloader.com O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - toolbar.google.com O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - zone.msn.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - zone.msn.com O16 - DPF: {B94B4225-E02E-4D3F-BADB-026F1E2F3AD7} - www.instantplugin.com O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - download.mcafee.com O16 - DPF: {C886256C-7A63-4213-AD2F-02AD3735DF06} (AtlCtrl Class) - dl.adshooter.com O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - advnt01.com O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - zone.msn.com O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - zone.msn.com O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - cabs.media-motor.net O18 - Filter: text/html - {F172838A-39F4-4B44-99FA-15852183565F} - C:\Documents and Settings\Owner\Local Settings\Application Data\microsoft\internet explorer\V0.28.dat O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: SysTray.Exgr - {5368D1FC-4F5C-4f1b-B134-E67214FC78E9} - C:\WINDOWS\system32\mppmqioj.dll (file missing) O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1\INTERN~2\autocomp.exe (file missing) O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe If someone would be so kind as to go through it and tell me what I don't want on there it would be much appreciated. |
guy_who_doesnt_know_much (9248) | ||
| 411217 | 2005-12-09 00:07:00 | Boot into safe mode. Disable system restore. Run hijackthis again. And tick these. Tick fix checked. Then reboot. O2 - BHO: Curl - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - (no file) O2 - BHO: OemjiSearchPlus - {D240DC29-C093-4388-B71F-A7103C796B0C} - C:\Program Files\Oemji\OemjiSearchPlus\OemjiPls.dll - this is spyware/adware. O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file) O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file) O3 - Toolbar: (no name) - {804DB5C7-31E6-4885-850A-F1941B58A4C7} - (no file) O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file) O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE This is for the souncard, but also monitors. O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe" O4 - Global Startup: KYESCAN.lnk = ? O16 - DPF: {00000000-0000-0000-0000-000020030000} - www.advnt01.com - This looks like a dialler. O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - www.spywarestormer.com O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - 64.156.31.77 O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - www.advnt01.com - this is also a dialler. O16 - DPF: {7EB15626-CB8E-4174-8A72-C055B12B4310} (CQD2Loader Object) - smartdownloader.com O16 - DPF: {B94B4225-E02E-4D3F-BADB-026F1E2F3AD7} - www.instantplugin.com O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - advnt01.com O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - cabs.media-motor.net O18 - Filter: text/html - {F172838A-39F4-4B44-99FA-15852183565F} - C:\Documents and Settings\Owner\Local Settings\Application Data\microsoft\internet explorer\V0.28.dat O21 - SSODL: SysTray.Exgr - {5368D1FC-4F5C-4f1b-B134-E67214FC78E9} - C:\WINDOWS\system32\mppmqioj.dll (file missing) O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1\INTERN~2\autocomp.exe (file missing) - Is Tracks Eraser Pro installed? If it isnt, tick this entry. |
Speedy Gonzales (78) | ||
| 411218 | 2005-12-09 00:13:00 | could you please explain what a 'dialler' is? I will do the above when I can get onto his computer. thanks |
guy_who_doesnt_know_much (9248) | ||
| 411219 | 2005-12-09 00:18:00 | A dialler, if u dont remove those dialler entries, will disconnect u from the net, and dial overseas to some place. And you'll have a BIG phone bill. I would tell your bro NOT to get on the net, until those entries I posted are ticked and removed in safe mode. |
Speedy Gonzales (78) | ||
| 411220 | 2005-12-09 00:36:00 | I would advise uninstalling this malware folder C:\Program Files\AutoUpdate .Check first as it may be in Add/Remove.You can find this by going to Start/Settings/Control Panel. | Pancake (6359) | ||
| 411221 | 2005-12-09 00:58:00 | And apart form Hijackthis get some other anti-spyware programs - the FAQ here lists what you need. | pctek (84) | ||
| 411222 | 2005-12-09 00:59:00 | Actually I know this probably doesn't help but some of those All Black props are pretty damn quick, especially over the first 30 or 40 metres! | Tukapa (62) | ||
| 411223 | 2005-12-09 03:26:00 | Actually I know this probably doesn't help but some of those All Black props are pretty damn quick, especially over the first 30 or 40 metres! I still wouldn't want to be in their 'Way' at 41 metres tho. PJ. :groan: :groan: |
Poppa John (284) | ||
| 1 | |||||