MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: hijack this help XXX popups
December 13, 2019, 02:36:44 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
December 13, 2019, 02:36:44 AM

Login with username, password and session length
 Featured Sites:
News
New  We now offer MyTechSupport.ca Merchandise! Every purchase goes towards maintaining our site.
Thank you for supporting MyTechSupport.ca!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: hijack this help XXX popups  (Read 1061 times)
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« on: October 18, 2004, 04:29:16 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:   Windows XP
Problem Application Name & Version:  popups
Problem Hardware Make & Model:
Error Messages:



Hey there,
   THe past couple weeks I've been getting more and more pop-ups. I've run ad-aware and Spybot SD but neither seem to work. The main sites that pop up are XXX and its getting really annoying. Its usually Megateens.com or teen-attack.com... I've tried everything. Here's my HiJackThis report: please help!! thank you so much

Logfile of HijackThis v1.97.7
Scan saved at 12:28:33 PM, on 10/18/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Digital Line Detect\DLG.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Hop\Local Settings\Temp\Temporary Directory 12 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {05FC52D4-F42E-2548-1BAB-F3608DA30F02} - C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Hop\Application Data\Mozilla\Profiles\default\o9ahh0ll.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKLM\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKLM\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKLM\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKLM\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKLM\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKLM\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKLM\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKLM\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKLM\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKLM\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKLM\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKLM\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKLM\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKLM\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKLM\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKLM\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKLM\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKLM\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKLM\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKLM\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKLM\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKLM\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKLM\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKLM\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKLM\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKLM\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKLM\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKLM\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKLM\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKLM\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKLM\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKLM\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKLM\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKLM\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKLM\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKLM\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKLM\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKLM\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKLM\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKLM\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKLM\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKLM\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKLM\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKLM\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKLM\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKLM\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKLM\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKLM\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKLM\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKLM\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKLM\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKLM\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKLM\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKLM\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKLM\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKLM\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKLM\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKLM\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKLM\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKLM\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [nthhntor] C:\WINDOWS\system32\nthhntor.exe
O4 - HKCU\..\Run: [s-hhs-6464] C:\WINDOWS\s-hhs-6464.exe
O4 - HKCU\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKCU\..\Run: [6432] C:\WINDOWS\6432.exe
O4 - HKCU\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKCU\..\Run: [mssyms] C:\WINDOWS\system32\mssyms.exe
O4 - HKCU\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKCU\..\Run: [3264s-ornt] C:\WINDOWS\system32\3264s-ornt.exe
O4 - HKCU\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKCU\..\Run: [s-ms] C:\WINDOWS\s-ms.exe
O4 - HKCU\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKCU\..\Run: [ntSPnt32] C:\WINDOWS\system32\ntSPnt32.exe
O4 - HKCU\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKCU\..\Run: [PE64orms] C:\WINDOWS\PE64orms.exe
O4 - HKCU\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKCU\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKCU\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKCU\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKCU\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKCU\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKCU\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKCU\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKCU\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKCU\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKCU\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKCU\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKCU\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKCU\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKCU\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKCU\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKCU\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKCU\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKCU\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKCU\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKCU\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKCU\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKCU\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKCU\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKCU\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKCU\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKCU\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKCU\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKCU\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKCU\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKCU\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKCU\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKCU\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKCU\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKCU\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKCU\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKCU\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKCU\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKCU\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKCU\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKCU\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKCU\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKCU\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKCU\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKCU\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKCU\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKCU\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKCU\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKCU\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKCU\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKCU\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKCU\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKCU\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKCU\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKCU\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Corel Network monitor worker (HKLM)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: PartyPoker.com (HKLM)
O9 - Extra 'Tools' menuitem: PartyPoker.com (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Corel Network monitor worker (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinstc.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098028127069
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38110.4391435185
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Thanks again!!!
 HoptheTerp



Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #1 on: October 18, 2004, 04:36:35 PM »

Please download and run the following programs:

AD-AWARE

Install the program and launch it.

First, in the bottom right-hand corner of the main window click on Check for updates now then click Connect and download the latest reference files.

Then, in the main window: Click Start and under Select a scan Mode tick Perform full system scan.

Then, deselect Search for negligible risk entries.

To start the scan, click the Next button.

When the scan is finished mark everything for removal and get rid of it. (Right-click the window and choose select all from the drop down menu and then click Next)

Restart your computer.

SPYBOT SEARCH & DESTROY

Open Spybot Search & Destroy (Click Start, Programs, Spybot S&D (Advanced Mode). Click online, Search for updates, Download all available updates. Close all Browser windows, Click ''Check for Problems''. Anything that needs to be fixed it will show in red and have a green check in the box to the left. Click ''Fix Selected Problems'', Then restart your computer.

Your hijack this is outdated.Please download the newest version
From Here

Make sure you unzip hijack this to its own folder such as C:\Program files as this is where the backups will be created.Run Hijack this but do NOT fix anything.Click save log and a log will open in notepad.Copy and paste your log here.
Logged

John Vickers
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #2 on: October 18, 2004, 09:40:05 PM »

Thanks! I did everything you said. Here's my new log:

Logfile of HijackThis v1.98.2
Scan saved at 5:39:37 PM, on 10/18/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Hop\My Documents\File Library\hoppyx52\Downloaded Programs\hijackthis1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {05FC52D4-F42E-2548-1BAB-F3608DA30F02} - C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Hop\Application Data\Mozilla\Profiles\default\o9ahh0ll.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKLM\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKLM\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKLM\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKLM\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKLM\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKLM\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKLM\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKLM\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKLM\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKLM\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKLM\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKLM\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKLM\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKLM\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKLM\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKLM\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKLM\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKLM\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKLM\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKLM\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKLM\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKLM\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKLM\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKLM\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKLM\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKLM\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKLM\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKLM\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKLM\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKLM\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKLM\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKLM\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKLM\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKLM\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKLM\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKLM\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKLM\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKLM\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKLM\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKLM\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKLM\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKLM\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKLM\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKLM\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKLM\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKLM\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKLM\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKLM\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKLM\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKLM\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKLM\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKLM\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKLM\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKLM\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKLM\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKLM\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKLM\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKLM\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKLM\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKLM\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKLM\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKLM\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKLM\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKLM\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKLM\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKLM\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKLM\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKLM\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKLM\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKLM\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKLM\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKLM\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKLM\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKLM\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [nthhntor] C:\WINDOWS\system32\nthhntor.exe
O4 - HKCU\..\Run: [s-hhs-6464] C:\WINDOWS\s-hhs-6464.exe
O4 - HKCU\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKCU\..\Run: [6432] C:\WINDOWS\6432.exe
O4 - HKCU\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKCU\..\Run: [mssyms] C:\WINDOWS\system32\mssyms.exe
O4 - HKCU\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKCU\..\Run: [3264s-ornt] C:\WINDOWS\system32\3264s-ornt.exe
O4 - HKCU\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKCU\..\Run: [s-ms] C:\WINDOWS\s-ms.exe
O4 - HKCU\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKCU\..\Run: [ntSPnt32] C:\WINDOWS\system32\ntSPnt32.exe
O4 - HKCU\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKCU\..\Run: [PE64orms] C:\WINDOWS\PE64orms.exe
O4 - HKCU\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKCU\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKCU\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKCU\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKCU\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKCU\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKCU\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKCU\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKCU\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKCU\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKCU\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKCU\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKCU\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKCU\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKCU\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKCU\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKCU\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKCU\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKCU\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKCU\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKCU\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKCU\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKCU\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKCU\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKCU\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKCU\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKCU\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKCU\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKCU\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKCU\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKCU\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKCU\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKCU\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKCU\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKCU\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKCU\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKCU\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKCU\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKCU\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKCU\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKCU\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKCU\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKCU\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKCU\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKCU\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKCU\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKCU\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKCU\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKCU\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKCU\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKCU\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKCU\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKCU\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKCU\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKCU\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKCU\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKCU\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKCU\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKCU\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKCU\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKCU\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKCU\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKCU\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKCU\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKCU\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKCU\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKCU\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKCU\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKCU\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file) (HKCU)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098028127069
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page May 21, 2018, 01:36:02 AM