i have a question, wonder if u all can help me

©omputer ©hick · 09-08-2005, 10:13 PM

thanks buzz. ok here is the logfile:

Quote:

Logfile of HijackThis v1.99.1
Scan saved at 4:12:22 PM, on 9/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Foxie Suite\Firewall.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Heather\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://games.amishdonkey.com/
O2 - BHO: FoxieToolbar Class - {432CAE3B-690F-4C3B-BD97-070EBDA210D5} - C:\Program Files\Foxie Suite\foxietoolbar.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FoxieSecurityModule Class - {C65185B1-D52B-44A9-861F-8201B50D1F37} - C:\Program Files\Foxie Suite\foxiecore.dll
O3 - Toolbar: Foxie - {09C02180-3B46-4CD8-83FF-34DAF442BDEF} - C:\Program Files\Foxie Suite\foxiecore.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Desktop Search - {306BBB66-D9E4-4481-833E-C1D5FCA06774} - C:\Program Files\Foxie Suite\Resources\HTML\Desktop.htm (HKCU)
O9 - Extra button: Privacy Cleaner - {546E08AA-809F-4F1A-BE1A-6B122EBFCD5A} - C:\Program Files\Foxie Suite\Cleaner.exe (HKCU)
O9 - Extra button: Swift Sweeper - {61039B22-563D-4922-B844-B076C318A66A} - C:\Program Files\Foxie Suite\Sweeper.exe (HKCU)
O9 - Extra button: The Infinity Button - {E4143585-2688-4EBC-B264-27C774F600D5} - C:\Program Files\Foxie Suite\Resources\HTML\Infinity.htm (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

I hope you guys can help me make sense of it

**Buzz1927** · 09-08-2005, 11:27 PM

Well he's not using a keylogger, you might want to get rid of viewpoint, tho.

©omputer ©hick · 09-09-2005, 01:03 AM

what is viewpoint? thanks btw

skidude · 09-09-2005, 02:13 AM

You have a seroius problem on your hands. What I would do it just get a nice strong safe, and when you are done, put you laptop in the safe and lock it, and keep the combo. with you ALL THE TIME. That is the only solution I can think of. BTW- From your story, a divorce sounds like the best road to go.

I'll try and search the web for something that can help you.

EDIT- Here is some software that I think might help. If someone could verify if this could help that would be good, but it's worth a look, here are the links-

http://www.newegg.com/Product/Produc...82E16832108610

http://www.newegg.com/Product/Produc...82E16832108227 (has a description which stood out, saying "protection from adware and keystroke logging programs, which can threaten the security of a system, spy on users' private data")

4W4K3 · 09-09-2005, 02:18 AM

Quote:

Originally Posted by 4W4K3

mmm...remove the computer from your house. actually i have a better idea.

Buy an external Harddrive. Copy everything from your computer to that external hard drive. Then, when you leave the house, take the external harddrive with you. They are meant for transportation and portability so no worries about damaginfg it. That makes your computer a paperweight until you get home and plug it back in. How much stuff is on your computer GB wise?

http://www.newegg.com/Product/Produc...82E16822161101

.

again, doing this will solve all your problems.

lloyd · 09-10-2005, 03:43 PM

lol....funi sh*t

Jeffro · 09-12-2005, 12:02 AM

Quote:

Originally Posted by elmarcorulz

what happens when the usb bit is taken out?

Quote:

Originally Posted by cyberguys.com

Password override can unlock your PC if the transmitter is lost or unavailable

I would imagine that would happen if the usb thingy was gone too...

09-08-2005, 11:27 PM	#22 (permalink)
Buzz1927 Digaredd Join Date: May 2005 Location: Melbourne AU Posts: 6,734	Well he's not using a keylogger, you might want to get rid of viewpoint, tho. __________________ The Grim Reaper - Son of Glyndwr "To Hell or Connacht" may you burn in Hell tonight!

09-09-2005, 02:13 AM	#24 (permalink)
skidude Diamond Member Join Date: Aug 2005 Location: Orono, Maine Age: 19 Posts: 4,997	You have a seroius problem on your hands. What I would do it just get a nice strong safe, and when you are done, put you laptop in the safe and lock it, and keep the combo. with you ALL THE TIME. That is the only solution I can think of. BTW- From your story, a divorce sounds like the best road to go. I'll try and search the web for something that can help you. EDIT- Here is some software that I think might help. If someone could verify if this could help that would be good, but it's worth a look, here are the links- http://www.newegg.com/Product/Produc...82E16832108610 http://www.newegg.com/Product/Produc...82E16832108227 (has a description which stood out, saying "protection from adware and keystroke logging programs, which can threaten the security of a system, spy on users' private data") __________________ Desktop / Laptop CPU- TBA / Intel Core 2 Quad Q9550 2.8 GHz Video- TBA / 2x 8800M GTX SLI Memory- TBA / 4GB DDR2800 Hard Drives- TBA / 2x 320GB 5400RPM (RAID 0) Mobo- TBA / Sager NP9262 "In These Lowly Halls / No Moon Will Beam, No Sun Will Shine / In These Narrow Rooms / No Tears Are Seen, No Laughter Heard" --- Insomnium --- Last edited by skidude; 09-09-2005 at 02:21 AM.

09-10-2005, 03:43 PM	#26 (permalink)
lloyd Bronze Member Join Date: Aug 2005 Posts: 95	lol....funi sht Last edited by Byteman; 09-10-2005 at 05:18 PM.*

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

09-09-2005, 01:03 AM	#23 (permalink)
©omputer ©hick New Member Join Date: Sep 2005 Posts: 8	what is viewpoint? thanks btw