what do you guys think of my hijack this log, it doesnt look good to me

wonders_eyes

wonders_eyes

banned
here it is, its got 'file missing' everywhere. and my comp is so broken now days


Logfile of HijackThis v1.99.1
Scan saved at 23:16:14, on 30/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\bit\bdnagent.exe
D:\Program Files\bit\bdswitch.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
d:\program files\bit\bdmcon.exe
C:\Program Files\HijackThis\rename.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...b/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...b/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) -  - (no file)
O2 - BHO: (no name) - @¿49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - H@¿07962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - orer - (no file)
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: (no name) - {03AD4066-4C53-478D-A1D1-18C20BF0B824} - C:\windows\system32\onmqucpu.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\andres stuff\progammes\Reader\ActiveX\AcroIEHelper.ocx (file missing)
O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\windows\System32\cbxxyaw.dll
O2 - BHO: (no name) - {1D18964D-20CD-4C78-835A-D394AA776EF9} - (no file)
O2 - BHO: (no name) - {4B93726E-FB64-433B-AB06-81F9916DED9E} - C:\windows\system32\rqopq.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\NEWPRO~1\SPYBOT~1\SDHelper.dll (file missing)
O2 - BHO: (no name) - {5C3ED1A0-00D1-4446-BF70-635C422A6E32} - C:\windows\system32\oppmj.dll (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\windows\system32\hcojukuh.dll (file missing)
O2 - BHO: (no name) - {689DEFA3-0E19-0FB6-4874-78924E21D4C3} - C:\WINDOWS\system32\wanvv.dll (file missing)
O2 - BHO: (no name) - {6CBD4D07-E808-49EE-96FD-11A40D420457} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {8A8677BB-C056-CEF5-2451-EE5B552964C7} - C:\WINDOWS\system32\xusvjg.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: (no name) - {D5D03E38-76E4-455E-9C92-2CDCE69AC424} - C:\windows\system32\rqopo.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\windows\system32\xmtiirjh.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {F9E5E3EC-1926-4497-AFDD-255A312BC7A3} - C:\WINDOWS\system32\dxeijkwg.dll
O2 - BHO: (no name) - ø@¿J - (no file)
O2 - BHO: (no name) - ˜@¿B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\tvaxlabf.dll",realset
O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\bit\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "D:\Program Files\bit\bdnagent.exe"
O4 - HKLM\..\Run: [Error Nuker] E:\new programs\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [gvecmfr] c:\windows\system32\gvecmfr.exe gvecmfr
O4 - HKLM\..\Run: [Ad-Protect] C:\Program Files\Ad-Protect\ad-protect.exe /s
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\MSASCui.exe" -hide
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem
O4 - HKCU\..\Run: [Torrent Finder] "C:\Program Files\Torrent Finder\Torrent-Finder.exe"
O4 - HKCU\..\Run: [BitTorrent] "E:\new programs\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Rgdq] C:\Documents and Settings\Danielle.PERSONAL-DC3628\My Documents\?ssembly\w?nword.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\NEWPRO~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164647949838
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\svchgy.dll
O20 - Winlogon Notify: cbxxyaw - C:\WINDOWS\SYSTEM32\cbxxyaw.dll
O20 - Winlogon Notify: hgggedd - hgggedd.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: ljjghhe - ljjghhe.dll (file missing)
O20 - Winlogon Notify: nnnoopn - nnnoopn.dll (file missing)
O20 - Winlogon Notify: oppmj - C:\windows\system32\oppmj.dll (file missing)
O20 - Winlogon Notify: rqopo - C:\windows\system32\rqopo.dll
O20 - Winlogon Notify: rqopq - C:\windows\system32\rqopq.dll (file missing)
O20 - Winlogon Notify: rqronol - rqronol.dll (file missing)
O20 - Winlogon Notify: urqpoom - urqpoom.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrip32 - winrip32.dll (file missing)
O20 - Winlogon Notify: wvuvuur - wvuvuur.dll (file missing)
O20 - Winlogon Notify: yayaaba - yayaaba.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: WebExtLocation - {FE2DB5FF-5ECF-11D2-B28F-0080C8383C7B} - C:\windows\system32\msnwinnet.dll (file missing)
O21 - SSODL: Servermidi - {F826834A-50ED-4927-973D-1FCB6D6D2E9D} - C:\windows\system32\hexnt.dll
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - (no file)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - (no file)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE



thnx:D
any help???????
 
Other then using a good registry cleaner like RegCleaner to cleanup some "orphans" found the "missing file" seen is typical. There are a pair of items found that should be fixed first.
O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing)

O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing)

Besides a good run of RegCleaner you could use a drive cleanup tool as well by the looks of things there. This is mainly from leftover uninstallers left behind. CCleaner is a second freeware found at http://www.ccleaner.com/

The actual preferred tool for registry cleaning however is RegCleaner found at http://www.dewassoc.com/support/useful/regcleaner.htm

The main window that first opens will list everything installed other then MS updates. You can manually remove leftover items found there or go to the tools item on the explorer bar and choose the registry cleanup item for the automatic tool. The "do them all" is a quick click there.
 
You must log in or register to reply here.
Back
Top