MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: HiJackThis Log help - PC is not liking me :(
November 14, 2019, 05:02:05 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 14, 2019, 05:02:05 PM

Login with username, password and session length
 Featured Sites:
News
12th Anniversary Celebrating 12 Years! (1997 - 2009) 12th Anniversary
Thanks to ALL that make this site what it is!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: HiJackThis Log help - PC is not liking me :(  (Read 1181 times)
BayGirl
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 2


Bookmark and Share

View Profile
« on: August 05, 2004, 08:27:13 PM »

I have something funky going on with my pc... i have run bazooka and s&d and trend micro keeps finding viruses while the pc is running... here is my hijackthis log... please help!!!!

Thanks in advance,
Tara-Nicole   Kiss



Logfile of HijackThis v1.97.7
Scan saved at 4:20:31 PM, on 8/5/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\AIM95\aim.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com"); (C:\Documents and Settings\Tom\Application Data\Mozilla\Profiles\default\hj9x110v.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_02.src"); (C:\Documents and Settings\Tom\Application Data\Mozilla\Profiles\default\hj9x110v.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: RemindU - file://C:\Program Files\topMoxie\TEMP\upromise_script0.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: RemindU (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Ali Baba Slots TM by pogo - http://temp36.pogo.com/applet/slots/alibaba-ob-assets.cab
O16 - DPF: Animal Ark by pogo.com - http://play04.pogo.com/applet/animal/animal-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://gammon.pogo.com/applet-5.9.0.18/backgammon/backgammon-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet-5.9.0.25/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet-5.9.0.25/checkers2/checkers-ob-assets.cab
O16 - DPF: Checkers by pogo.com - http://chckrs.pogo.com/applet/checkers/checkers-ob-assets.cab
O16 - DPF: Chess by pogo - http://chess2.pogo.com/applet-5.9.0.25/chess2/chess2-ob-assets.cab
O16 - DPF: Cribbage by pogo - http://crib.pogo.com/applet-5.8.6.20/cribbage/cribbage-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Dice Derby by pogo.com - http://checkeredflag.pogo.com/applet/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://domino.pogo.com/applet-5.8.5.21/domino/domino-ob-assets.cab
O16 - DPF: Dominoes by pogo.com - http://temp22.pogo.com/applet/domino/domino-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://doublebonus.pogo.com/applet/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo - http://bingoe.pogo.com/applet-5.8.1.28/bingo/bingoe-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://solitaire45.pogo.com/applet/solitaire2/solitaire2-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo.com - http://temp29.pogo.com/applet/solitaire2/solitaire2-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://superbingo.pogo.com/applet-5.8.4.18/superbingo/superbingo-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet/greenback/greenback-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo.com - http://greenback.pogo.com/applet/greenback/greenback-ob-assets.cab
O16 - DPF: Hammerhead Pool by pogo.com - http://pool28.pogo.com/applet/pool/pool-ob-assets.cab
O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-5.8.5.21/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo - http://temp35.pogo.com/applet/drawpoker/drawpoker-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo.com - http://hspoker02.pogo.com/applet/drawpoker/drawpoker-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://pool2.pogo.com/applet-5.8.6.20/pool2/pool-ob-assets.cab
O16 - DPF: Jackpot Bingo by pogo - http://bingoj03.pogo.com/applet/bingo/bingoj-ob-assets.cab
O16 - DPF: Jokers Wild Poker by pogo - http://vpjoke02.pogo.com/applet-5.8.1.28/videopoker2/jokerswild-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-5.9.1.18/gin/gin-ob-assets.cab
O16 - DPF: Jungle Gin by pogo.com - http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong2.pogo.com/applet-5.9.0.18/mahjong/mahjong-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.28/nascar/nascar-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://freecell.pogo.com/applet-5.8.6.20/freecell/freecell-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo.com - http://freecell.pogo.com/applet/freecell/freecell-ob-assets.cab
O16 - DPF: Pebble Beach Golf by pogo - http://temp40.pogo.com/applet/pebble/pebble-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.0.18/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://flinger.pogo.com/applet-5.8.3.26/flinger/flinger-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://swashbucks.pogo.com/applet-5.9.0.25/piratesgold/piratesgold-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-5.9.0.25/popfu/popfu-ob-assets.cab
O16 - DPF: Pop Fu by pogo.com - http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet/poppit/poppit-ob-assets.cab
O16 - DPF: Poppit! TM by pogo.com - http://temp36.pogo.com/applet/poppit/poppit-ob-assets.cab
O16 - DPF: Sametime Meeting Toolkit ST25 - file://C:\WINDOWS\Java\ControlF1\STMeeting25.cab
O16 - DPF: SciFi Slots by pogo - http://temp91.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo.com - http://showbiz2.pogo.com/applet/slots/showbiz2-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://showbiz.pogo.com/applet-5.8.1.28/slots/showbiz-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades12.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Spades by pogo.com - http://temp36.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game3.pogo.com/applet-5.9.1.18/squelchies/squelchies-ob-assets.cab
O16 - DPF: Squelchies by pogo.com - http://squelchies.pogo.com/applet/squelchies/squelchies-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://solitaire14.pogo.com/applet-5.8.4.18/sweettooth/sweettooth-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-5.9.1.28/holdem/holdem-ob-assets.cab
O16 - DPF: Top Down Baseball Challenge by pogo - http://topdown2.pogo.com/applet-5.8.2.19/topdown2/topdown2-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://peaks.pogo.com/applet/peaks/peaks-ob-assets.cab
O16 - DPF: Tube Runner by pogo.com - http://play24.pogo.com/applet/tube/tube-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-5.9.1.18/jumbee/jumbee-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game6.pogo.com/applet-5.8.5.28/turbo21/turbo21-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo.com - http://temp22.pogo.com/applet/turbo21/turbo21-ob-assets.cab
O16 - DPF: Word Riot by pogo.com - http://wordriot.pogo.com/applet/wordriot/wordriot-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://whomp.pogo.com/applet-5.8.2.19/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Word Whomp by pogo.com - http://temp39.pogo.com/applet/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown2.pogo.com/applet/whackdown/whackdown-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo.com - http://whackdown.pogo.com/applet/whackdown/whackdown-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet-5.9.1.28/worldclass/worldclass-ob-assets.cab
O16 - DPF: {045C8B41-7413-4924-995C-89877BA921D4} (NamoWeCtl 5.0 for Namo_M) - http://www.namo.com/products/activesquare/tryit/intranet/NamoWec_M.cab
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://otx.ifilm.com/OTXMedia/OTXMedia.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/247aeeee8a79bac78806/netzip/RdxIE6.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {59D04288-805E-4D43-BE09-83B1083E9E1E} (IUpdateAutoLaunch Control) - http://idenphones.motorola.com/idenupdate/iUpdateAutoLaunch.ocx
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/big/1.1.63-big/GoogleNav.cab
O16 - DPF: {6F6DBC29-7A0C-4AC0-A42D-10EC70678526} (Word Cubes Control) - http://mirror.worldwinner.com/games/v41/wordcube/wordcube.cab
O16 - DPF: {70647AB5-18FD-4142-82B0-5852478DD0D4} (Vividence Connector Launcher) - http://task.vividence.com/download/ConnectorLauncher.cab
O16 - DPF: {73954DC6-A1B2-4157-966F-D9914A39F59C} (Vividence Connector Launcher) - http://task.vividence.com/download/ConnectorLauncher.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_5/nminstall_en_4.52.30.0_SILENT_2.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://mirror.worldwinner.com/games/v41/sol/sol.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37625.8874074074
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://a320.g.akamai.net/7/320/1456/v50245/www.pulse3d.com/players/english/5.0/win/PulsePlayer5AxWin.cab
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://204.118.132.145/2_0/ACNePlayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca05.rightnowtech.com/uo/eatech/rnt/rnl/java/RntX.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab

Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #1 on: August 06, 2004, 05:35:37 AM »

Your using an old version of Hijackthis
Delete your copy,
download the latest version from
HERE or HERE

Repost a new log, thanks
Logged

 
BayGirl
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 2


Bookmark and Share

View Profile
« Reply #2 on: August 06, 2004, 11:47:28 AM »

Logfile of HijackThis v1.98.1
Scan saved at 7:39:59 AM, on 8/6/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\AIM95\aim.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Tom\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com"); (C:\Documents and Settings\Tom\Application Data\Mozilla\Profiles\default\hj9x110v.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_02.src"); (C:\Documents and Settings\Tom\Application Data\Mozilla\Profiles\default\hj9x110v.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: RemindU - file://C:\Program Files\topMoxie\TEMP\upromise_script0.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: RemindU - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\topMoxie\TEMP\upromise_script0.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Ali Baba Slots TM by pogo - http://temp36.pogo.com/applet/slots/alibaba-ob-assets.cab
O16 - DPF: Animal Ark by pogo.com - http://play04.pogo.com/applet/animal/animal-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://gammon.pogo.com/applet-5.9.0.18/backgammon/backgammon-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet-5.9.0.25/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet-5.9.0.25/checkers2/checkers-ob-assets.cab
O16 - DPF: Checkers by pogo.com - http://chckrs.pogo.com/applet/checkers/checkers-ob-assets.cab
O16 - DPF: Chess by pogo - http://chess2.pogo.com/applet-5.9.0.25/chess2/chess2-ob-assets.cab
O16 - DPF: Cribbage by pogo - http://crib.pogo.com/applet-5.8.6.20/cribbage/cribbage-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Dice Derby by pogo.com - http://checkeredflag.pogo.com/applet/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://domino.pogo.com/applet-5.8.5.21/domino/domino-ob-assets.cab
O16 - DPF: Dominoes by pogo.com - http://temp22.pogo.com/applet/domino/domino-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://doublebonus.pogo.com/applet/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo - http://bingoe.pogo.com/applet-5.8.1.28/bingo/bingoe-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://solitaire45.pogo.com/applet/solitaire2/solitaire2-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo.com - http://temp29.pogo.com/applet/solitaire2/solitaire2-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://superbingo.pogo.com/applet-5.8.4.18/superbingo/superbingo-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet/greenback/greenback-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo.com - http://greenback.pogo.com/applet/greenback/greenback-ob-assets.cab
O16 - DPF: Hammerhead Pool by pogo.com - http://pool28.pogo.com/applet/pool/pool-ob-assets.cab
O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-5.8.5.21/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo - http://temp35.pogo.com/applet/drawpoker/drawpoker-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo.com - http://hspoker02.pogo.com/applet/drawpoker/drawpoker-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://pool2.pogo.com/applet-5.8.6.20/pool2/pool-ob-assets.cab
O16 - DPF: Jackpot Bingo by pogo - http://bingoj03.pogo.com/applet/bingo/bingoj-ob-assets.cab
O16 - DPF: Jokers Wild Poker by pogo - http://vpjoke02.pogo.com/applet-5.8.1.28/videopoker2/jokerswild-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-5.9.1.18/gin/gin-ob-assets.cab
O16 - DPF: Jungle Gin by pogo.com - http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong2.pogo.com/applet-5.9.0.18/mahjong/mahjong-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.28/nascar/nascar-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://freecell.pogo.com/applet-5.8.6.20/freecell/freecell-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo.com - http://freecell.pogo.com/applet/freecell/freecell-ob-assets.cab
O16 - DPF: Pebble Beach Golf by pogo - http://temp40.pogo.com/applet/pebble/pebble-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.0.18/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://flinger.pogo.com/applet-5.8.3.26/flinger/flinger-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://swashbucks.pogo.com/applet-5.9.0.25/piratesgold/piratesgold-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-5.9.0.25/popfu/popfu-ob-assets.cab
O16 - DPF: Pop Fu by pogo.com - http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet/poppit/poppit-ob-assets.cab
O16 - DPF: Poppit! TM by pogo.com - http://temp36.pogo.com/applet/poppit/poppit-ob-assets.cab
O16 - DPF: Sametime Meeting Toolkit ST25 - file://C:\WINDOWS\Java\ControlF1\STMeeting25.cab
O16 - DPF: SciFi Slots by pogo - http://temp91.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo.com - http://showbiz2.pogo.com/applet/slots/showbiz2-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://showbiz.pogo.com/applet-5.8.1.28/slots/showbiz-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades12.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Spades by pogo.com - http://temp36.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game3.pogo.com/applet-5.9.1.18/squelchies/squelchies-ob-assets.cab
O16 - DPF: Squelchies by pogo.com - http://squelchies.pogo.com/applet/squelchies/squelchies-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://solitaire14.pogo.com/applet-5.8.4.18/sweettooth/sweettooth-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-5.9.1.28/holdem/holdem-ob-assets.cab
O16 - DPF: Top Down Baseball Challenge by pogo - http://topdown2.pogo.com/applet-5.8.2.19/topdown2/topdown2-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://peaks.pogo.com/applet/peaks/peaks-ob-assets.cab
O16 - DPF: Tube Runner by pogo.com - http://play24.pogo.com/applet/tube/tube-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-5.9.1.18/jumbee/jumbee-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game6.pogo.com/applet-5.8.5.28/turbo21/turbo21-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo.com - http://temp22.pogo.com/applet/turbo21/turbo21-ob-assets.cab
O16 - DPF: Word Riot by pogo.com - http://wordriot.pogo.com/applet/wordriot/wordriot-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://whomp.pogo.com/applet-5.8.2.19/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Word Whomp by pogo.com - http://temp39.pogo.com/applet/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown2.pogo.com/applet/whackdown/whackdown-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo.com - http://whackdown.pogo.com/applet/whackdown/whackdown-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet-5.9.1.28/worldclass/worldclass-ob-assets.cab
O16 - DPF: {045C8B41-7413-4924-995C-89877BA921D4} (NamoWeCtl 5.0 for Namo_M) - http://www.namo.com/products/activesquare/tryit/intranet/NamoWec_M.cab
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://otx.ifilm.com/OTXMedia/OTXMedia.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/big/1.1.63-big/GoogleNav.cab
O16 - DPF: {70647AB5-18FD-4142-82B0-5852478DD0D4} (Vividence Connector Launcher) - http://task.vividence.com/download/ConnectorLauncher.cab
O16 - DPF: {73954DC6-A1B2-4157-966F-D9914A39F59C} (Vividence Connector Launcher) - http://task.vividence.com/download/ConnectorLauncher.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_5/nminstall_en_4.52.30.0_SILENT_2.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://a320.g.akamai.net/7/320/1456/v50245/www.pulse3d.com/players/english/5.0/win/PulsePlayer5AxWin.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab

Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #3 on: August 07, 2004, 02:31:11 AM »

Do another Scan with Hijackthis and put a check next to these entries
and then FIX CHECKED when ALL other windows are closed

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O8 - Extra context menu item: RemindU - file://C:\Program Files\topMoxie\TEMP\upromise_script0.htm
O9 - Extra button: RemindU - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\topMoxie\TEMP\upromise_script0.htm (file missing) (HKCU)

RESTART your Computer in SAFE MODE

Find and delete this folder
C:\Program Files\topMoxie <--this folder

Restart back in normal and post back with a fresh hijackthis log
Let me know how your doing
Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page October 29, 2018, 03:20:08 AM