what do you guys think of my hijack this log, it doesnt look good to me

wonders_eyes · 05-01-2007, 12:19 AM

here it is, its got 'file missing' everywhere. and my comp is so broken now days

Logfile of HijackThis v1.99.1
Scan saved at 23:16:14, on 30/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\bit\bdnagent.exe
D:\Program Files\bit\bdswitch.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
d:\program files\bit\bdmcon.exe
C:\Program Files\HijackThis\rename.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - - (no file)
O2 - BHO: (no name) - @¿49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - H@¿07962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - orer - (no file)
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: (no name) - {03AD4066-4C53-478D-A1D1-18C20BF0B824} - C:\windows\system32\onmqucpu.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\andres stuff\progammes\Reader\ActiveX\AcroIEHelper.ocx (file missing)
O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\windows\System32\cbxxyaw.dll
O2 - BHO: (no name) - {1D18964D-20CD-4C78-835A-D394AA776EF9} - (no file)
O2 - BHO: (no name) - {4B93726E-FB64-433B-AB06-81F9916DED9E} - C:\windows\system32\rqopq.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\NEWPRO~1\SPYBOT~1\SDHelper.dll (file missing)
O2 - BHO: (no name) - {5C3ED1A0-00D1-4446-BF70-635C422A6E32} - C:\windows\system32\oppmj.dll (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\windows\system32\hcojukuh.dll (file missing)
O2 - BHO: (no name) - {689DEFA3-0E19-0FB6-4874-78924E21D4C3} - C:\WINDOWS\system32\wanvv.dll (file missing)
O2 - BHO: (no name) - {6CBD4D07-E808-49EE-96FD-11A40D420457} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {8A8677BB-C056-CEF5-2451-EE5B552964C7} - C:\WINDOWS\system32\xusvjg.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: (no name) - {D5D03E38-76E4-455E-9C92-2CDCE69AC424} - C:\windows\system32\rqopo.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\windows\system32\xmtiirjh.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {F9E5E3EC-1926-4497-AFDD-255A312BC7A3} - C:\WINDOWS\system32\dxeijkwg.dll
O2 - BHO: (no name) - ø@¿J - (no file)
O2 - BHO: (no name) - ˜@¿B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\tvaxlabf.dll",realset
O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\bit\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "D:\Program Files\bit\bdnagent.exe"
O4 - HKLM\..\Run: [Error Nuker] E:\new programs\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [gvecmfr] c:\windows\system32\gvecmfr.exe gvecmfr
O4 - HKLM\..\Run: [Ad-Protect] C:\Program Files\Ad-Protect\ad-protect.exe /s
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\MSASCui.exe" -hide
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem
O4 - HKCU\..\Run: [Torrent Finder] "C:\Program Files\Torrent Finder\Torrent-Finder.exe"
O4 - HKCU\..\Run: [BitTorrent] "E:\new programs\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Rgdq] C:\Documents and Settings\Danielle.PERSONAL-DC3628\My Documents\?ssembly\w?nword.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\NEWPRO~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...scbase8460.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1164647949838
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - AppInit_DLLs: C:\WINDOWS\system32\svchgy.dll
O20 - Winlogon Notify: cbxxyaw - C:\WINDOWS\SYSTEM32\cbxxyaw.dll
O20 - Winlogon Notify: hgggedd - hgggedd.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: ljjghhe - ljjghhe.dll (file missing)
O20 - Winlogon Notify: nnnoopn - nnnoopn.dll (file missing)
O20 - Winlogon Notify: oppmj - C:\windows\system32\oppmj.dll (file missing)
O20 - Winlogon Notify: rqopo - C:\windows\system32\rqopo.dll
O20 - Winlogon Notify: rqopq - C:\windows\system32\rqopq.dll (file missing)
O20 - Winlogon Notify: rqronol - rqronol.dll (file missing)
O20 - Winlogon Notify: urqpoom - urqpoom.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrip32 - winrip32.dll (file missing)
O20 - Winlogon Notify: wvuvuur - wvuvuur.dll (file missing)
O20 - Winlogon Notify: yayaaba - yayaaba.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: WebExtLocation - {FE2DB5FF-5ECF-11D2-B28F-0080C8383C7B} - C:\windows\system32\msnwinnet.dll (file missing)
O21 - SSODL: Servermidi - {F826834A-50ED-4927-973D-1FCB6D6D2E9D} - C:\windows\system32\hexnt.dll
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - (no file)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - (no file)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

thnx

any help???????

PC eye · 05-01-2007, 12:37 AM

Other then using a good registry cleaner like RegCleaner to cleanup some "orphans" found the "missing file" seen is typical. There are a pair of items found that should be fixed first.
O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing)

O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing)

Besides a good run of RegCleaner you could use a drive cleanup tool as well by the looks of things there. This is mainly from leftover uninstallers left behind. CCleaner is a second freeware found at http://www.ccleaner.com/

The actual preferred tool for registry cleaning however is RegCleaner found at http://www.dewassoc.com/support/useful/regcleaner.htm

The main window that first opens will list everything installed other then MS updates. You can manually remove leftover items found there or go to the tools item on the explorer bar and choose the registry cleanup item for the automatic tool. The "do them all" is a quick click there.

05-01-2007, 12:19 AM	#1 (permalink)
wonders_eyes banned Join Date: Apr 2007 Location: uk Age: 22 Posts: 80	what do you guys think of my hijack this log, it doesnt look good to me here it is, its got 'file missing' everywhere. and my comp is so broken now days Logfile of HijackThis v1.99.1 Scan saved at 23:16:14, on 30/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe D:\Program Files\Comodo\Firewall\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe D:\Program Files\bit\bdnagent.exe D:\Program Files\bit\bdswitch.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe d:\program files\bit\bdmcon.exe C:\Program Files\HijackThis\rename.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - - (no file) O2 - BHO: (no name) - @¿49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: (no name) - H@¿07962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: (no name) - orer - (no file) O2 - BHO: (no name) - rsion - (no file) O2 - BHO: (no name) - {03AD4066-4C53-478D-A1D1-18C20BF0B824} - C:\windows\system32\onmqucpu.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\andres stuff\progammes\Reader\ActiveX\AcroIEHelper.ocx (file missing) O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\windows\System32\cbxxyaw.dll O2 - BHO: (no name) - {1D18964D-20CD-4C78-835A-D394AA776EF9} - (no file) O2 - BHO: (no name) - {4B93726E-FB64-433B-AB06-81F9916DED9E} - C:\windows\system32\rqopq.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\NEWPRO~1\SPYBOT~1\SDHelper.dll (file missing) O2 - BHO: (no name) - {5C3ED1A0-00D1-4446-BF70-635C422A6E32} - C:\windows\system32\oppmj.dll (file missing) O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\windows\system32\hcojukuh.dll (file missing) O2 - BHO: (no name) - {689DEFA3-0E19-0FB6-4874-78924E21D4C3} - C:\WINDOWS\system32\wanvv.dll (file missing) O2 - BHO: (no name) - {6CBD4D07-E808-49EE-96FD-11A40D420457} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {8A8677BB-C056-CEF5-2451-EE5B552964C7} - C:\WINDOWS\system32\xusvjg.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O2 - BHO: (no name) - {D5D03E38-76E4-455E-9C92-2CDCE69AC424} - C:\windows\system32\rqopo.dll O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\windows\system32\xmtiirjh.dll O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing) O2 - BHO: (no name) - {F9E5E3EC-1926-4497-AFDD-255A312BC7A3} - C:\WINDOWS\system32\dxeijkwg.dll O2 - BHO: (no name) - ø@¿J - (no file) O2 - BHO: (no name) - ˜@¿B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtim e.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\tvaxlabf.dll",realset O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\bit\bdmcon.exe" O4 - HKLM\..\Run: [BDNewsAgent] "D:\Program Files\bit\bdnagent.exe" O4 - HKLM\..\Run: [Error Nuker] E:\new programs\Error Nuker\bin\ErrorNuker.exe autostart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [gvecmfr] c:\windows\system32\gvecmfr.exe gvecmfr O4 - HKLM\..\Run: [Ad-Protect] C:\Program Files\Ad-Protect\ad-protect.exe /s O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\MSASCui.exe" -hide O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem O4 - HKCU\..\Run: [Torrent Finder] "C:\Program Files\Torrent Finder\Torrent-Finder.exe" O4 - HKCU\..\Run: [BitTorrent] "E:\new programs\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [Rgdq] C:\Documents and Settings\Danielle.PERSONAL-DC3628\My Documents\?ssembly\w?nword.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\NEWPRO~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...scbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1164647949838 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\Office12\GR99D3~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O20 - AppInit_DLLs: C:\WINDOWS\system32\svchgy.dll O20 - Winlogon Notify: cbxxyaw - C:\WINDOWS\SYSTEM32\cbxxyaw.dll O20 - Winlogon Notify: hgggedd - hgggedd.dll (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: ljjghhe - ljjghhe.dll (file missing) O20 - Winlogon Notify: nnnoopn - nnnoopn.dll (file missing) O20 - Winlogon Notify: oppmj - C:\windows\system32\oppmj.dll (file missing) O20 - Winlogon Notify: rqopo - C:\windows\system32\rqopo.dll O20 - Winlogon Notify: rqopq - C:\windows\system32\rqopq.dll (file missing) O20 - Winlogon Notify: rqronol - rqronol.dll (file missing) O20 - Winlogon Notify: urqpoom - urqpoom.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winrip32 - winrip32.dll (file missing) O20 - Winlogon Notify: wvuvuur - wvuvuur.dll (file missing) O20 - Winlogon Notify: yayaaba - yayaaba.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: WebExtLocation - {FE2DB5FF-5ECF-11D2-B28F-0080C8383C7B} - C:\windows\system32\msnwinnet.dll (file missing) O21 - SSODL: Servermidi - {F826834A-50ED-4927-973D-1FCB6D6D2E9D} - C:\windows\system32\hexnt.dll O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - (no file) O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - (no file) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE thnx any help???????

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Please Help Me Guys! HIJACK THIS LOG	eNd_iT	Computer Security	5	08-06-2006 05:54 PM
hijack this log -- Help please!	victorb17	Computer Security	4	11-18-2005 05:22 PM
Toshiba Hijack this log	ANNR	Computer Security	5	07-28-2005 07:05 PM
Hijack This Log -- Help please	Jameseee	Computer Security	20	07-19-2005 09:44 PM
Well guys got some good news and some bad news	Flash_AAA	Video Cards and Monitors	14	08-02-2004 01:25 PM

05-01-2007, 12:37 AM	#2 (permalink)
PC eye banned Join Date: Apr 2006 Posts: 21,092	Other then using a good registry cleaner like RegCleaner to cleanup some "orphans" found the "missing file" seen is typical. There are a pair of items found that should be fixed first. O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing) O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing) Besides a good run of RegCleaner you could use a drive cleanup tool as well by the looks of things there. This is mainly from leftover uninstallers left behind. CCleaner is a second freeware found at http://www.ccleaner.com/ The actual preferred tool for registry cleaning however is RegCleaner found at http://www.dewassoc.com/support/useful/regcleaner.htm The main window that first opens will list everything installed other then MS updates. You can manually remove leftover items found there or go to the tools item on the explorer bar and choose the registry cleanup item for the automatic tool. The "do them all" is a quick click there.