sidthereal
New Member
Logfile of HijackThis v1.99.1
Scan saved at 4:59:53 PM, on 3/15/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend\Tmas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis\HijackThis.exe
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\hi\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [winsupdater] C:\Program Files\winsupdater\winsupdater.exe /auto
O4 - HKLM\..\Run: [] winlog.exe
O4 - HKLM\..\Run: [Microsof Avps32 Control] av32.pif
O4 - HKLM\..\Run: [Microsoft Configu] msconfigu.exe
O4 - HKLM\..\Run: [cc32] C:\WINDOWS\System32\cc32.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler] C:\nefdw.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe
O4 - HKLM\..\Run: [pcvp] C:\WINDOWS\System32\pcvp.exe
O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe
O4 - HKLM\..\Run: [lcps] C:\WINDOWS\System32\lcps.exe
O4 - HKLM\..\Run: [RavTimeXP] C:\WINDOWS\Mstray.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\Run: [HTTP] C:\WINDOWS\System32\HTTP.exe
O4 - HKLM\..\Run: [Microsoft Configuew] msconfiguw.exe
O4 - HKLM\..\Run: [MS22] C:\WINDOWS\System32\MS22.exe
O4 - HKLM\..\Run: [Microsoft Configuewe] msconfiguwe.exe
O4 - HKLM\..\RunServices: [] winlog.exe
O4 - HKLM\..\RunServices: [Microsof Avps32 Control] av32.pif
O4 - HKLM\..\RunServices: [Microsoft Configu] msconfigu.exe
O4 - HKLM\..\RunServices: [Microsoft Configuew] msconfiguw.exe
O4 - HKLM\..\RunServices: [Microsoft Configuewe] msconfiguwe.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - HKCU\..\Run: [MuscleCarSetup.exe] C:\DOCUME~1\ADMINI~1\Desktop\MUSCLE~1.EXE /r
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "F:\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Microsoft Configu] msconfigu.exe
O4 - HKCU\..\Run: [Microsoft Configuew] msconfiguw.exe
O4 - HKCU\..\Run: [Microsoft Configuewe] msconfiguwe.exe
O4 - HKCU\..\RunServices: [Microsoft Configu] msconfigu.exe
O4 - HKCU\..\RunServices: [Microsoft Configuew] msconfiguw.exe
O4 - HKCU\..\RunServices: [Microsoft Configuewe] msconfiguwe.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend\Tmas.exe
O4 - Startup: BitTorrent.lnk = F:\Bt\bittorrent.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend\Tmas.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2C7303C-C1FC-4D05-8FFB-1EEF10A12DA6}: NameServer = 203.94.243.70,203.94.227.70
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\enl6l13s1.dll (file missing)
O20 - Winlogon Notify: SMDEn - C:\WINDOWS\system32\u0ru0a99ed.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\dk lite\DKService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mswmf32 - Unknown owner - C:\WINDOWS\mswmf32.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: nvidGUIv (nvidGUIv2) - Unknown owner - C:\WINDOWS\nvidGUIv.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\axdcfasb.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
comp has been acting slow and unstable...could the log help?
thanks in advance
Scan saved at 4:59:53 PM, on 3/15/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend\Tmas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis\HijackThis.exe
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\hi\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [winsupdater] C:\Program Files\winsupdater\winsupdater.exe /auto
O4 - HKLM\..\Run: [] winlog.exe
O4 - HKLM\..\Run: [Microsof Avps32 Control] av32.pif
O4 - HKLM\..\Run: [Microsoft Configu] msconfigu.exe
O4 - HKLM\..\Run: [cc32] C:\WINDOWS\System32\cc32.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler] C:\nefdw.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe
O4 - HKLM\..\Run: [pcvp] C:\WINDOWS\System32\pcvp.exe
O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe
O4 - HKLM\..\Run: [lcps] C:\WINDOWS\System32\lcps.exe
O4 - HKLM\..\Run: [RavTimeXP] C:\WINDOWS\Mstray.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\Run: [HTTP] C:\WINDOWS\System32\HTTP.exe
O4 - HKLM\..\Run: [Microsoft Configuew] msconfiguw.exe
O4 - HKLM\..\Run: [MS22] C:\WINDOWS\System32\MS22.exe
O4 - HKLM\..\Run: [Microsoft Configuewe] msconfiguwe.exe
O4 - HKLM\..\RunServices: [] winlog.exe
O4 - HKLM\..\RunServices: [Microsof Avps32 Control] av32.pif
O4 - HKLM\..\RunServices: [Microsoft Configu] msconfigu.exe
O4 - HKLM\..\RunServices: [Microsoft Configuew] msconfiguw.exe
O4 - HKLM\..\RunServices: [Microsoft Configuewe] msconfiguwe.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - HKCU\..\Run: [MuscleCarSetup.exe] C:\DOCUME~1\ADMINI~1\Desktop\MUSCLE~1.EXE /r
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "F:\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Microsoft Configu] msconfigu.exe
O4 - HKCU\..\Run: [Microsoft Configuew] msconfiguw.exe
O4 - HKCU\..\Run: [Microsoft Configuewe] msconfiguwe.exe
O4 - HKCU\..\RunServices: [Microsoft Configu] msconfigu.exe
O4 - HKCU\..\RunServices: [Microsoft Configuew] msconfiguw.exe
O4 - HKCU\..\RunServices: [Microsoft Configuewe] msconfiguwe.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend\Tmas.exe
O4 - Startup: BitTorrent.lnk = F:\Bt\bittorrent.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend\Tmas.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2C7303C-C1FC-4D05-8FFB-1EEF10A12DA6}: NameServer = 203.94.243.70,203.94.227.70
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\enl6l13s1.dll (file missing)
O20 - Winlogon Notify: SMDEn - C:\WINDOWS\system32\u0ru0a99ed.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\dk lite\DKService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mswmf32 - Unknown owner - C:\WINDOWS\mswmf32.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: nvidGUIv (nvidGUIv2) - Unknown owner - C:\WINDOWS\nvidGUIv.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\axdcfasb.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
comp has been acting slow and unstable...could the log help?
thanks in advance
