proj1 virus
halo2_god
New York state
Hello please help here is my hijkthis log
0
This discussion has been closed.
Comments
Scan saved at 1:25:05 PM, on 10/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Stardock\Object Desktop\ThemeManager\wbload.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\AOL\1121838437\ee\AOLHostManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1121838437\ee\AOLServiceHost.exe
C:\Program Files\AIM\aim.exe
c:\program files\common files\aol\1121838437\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\AOL\1121838437\ee\AOLServiceHost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Patrick\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe,
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,qsdimlk.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: (no name) - {07389CA5-44DB-0C5E-33AF-F0DA5451BAB7} - C:\WINDOWS\system32\vxxdjfao.dll
O2 - BHO: (no name) - {0A1581AA-EB9A-6E66-2EEA-52FE4AC13278} - C:\WINDOWS\system32\gciirwur.dll
O2 - BHO: (no name) - {1A39FBDB-FAFF-A350-3E14-F7A1DC10D56D} - (no file)
O2 - BHO: (no name) - {1B5FC7D1-856F-F2EC-4993-1A83985518D5} - (no file)
O2 - BHO: (no name) - {37E0143D-C110-C4F6-1CAF-9B1FC09388DE} - C:\WINDOWS\system32\jtaahhrv.dll
O2 - BHO: (no name) - {3A3C995F-9C90-620A-0F57-D0A0AE36BE75} - C:\WINDOWS\system32\mwcnikgh.dll
O2 - BHO: (no name) - {43980379-5A77-8214-736A-1A7F85D20B02} - C:\WINDOWS\system32\lzwidprm.dll
O2 - BHO: (no name) - {4DB8043C-408D-C20C-69F9-0DF933855F2F} - C:\WINDOWS\system32\rwntcgxx.dll
O2 - BHO: (no name) - {4F806A66-D942-27B8-A7FF-8C59BD0FBA5D} - C:\WINDOWS\system32\mgwbmiek.dll
O2 - BHO: (no name) - {5650cded-2cc2-4048-9c52-9a839509b03b} - C:\WINDOWS\system32\mllvid.dll
O2 - BHO: (no name) - {603ADC6C-FA75-4359-2C75-8B09474554B3} - (no file)
O2 - BHO: (no name) - {605603AA-5B0D-3046-C1A0-46B9F00DC54D} - (no file)
O2 - BHO: (no name) - {6AFC1A49-C7F9-9F63-87F2-69D30BAE9523} - (no file)
O2 - BHO: (no name) - {72D37AFD-40C0-217C-E055-B52A5D6910AD} - (no file)
O2 - BHO: (no name) - {806482D1-8D20-8AD4-4762-D33EF2A7B16D} - (no file)
O2 - BHO: (no name) - {807E1415-3F29-AD1A-5E52-F0A394D7FA87} - (no file)
O2 - BHO: (no name) - {841CF6F2-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {842C08F3-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {844CFEF3-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {846CC7F2-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {848CEFEF-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {849C9EF2-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {84A0D9C6-2133-D93F-6D4B-B10A77C18B4B} - (no file)
O2 - BHO: (no name) - {84AC7EF3-2C01-5080-0000-000005000000} - (no file)
O2 - BHO: (no name) - {8AEEA103-F31C-B8D6-46ED-5607E705D85D} - C:\WINDOWS\system32\flqnzkra.dll
O2 - BHO: (no name) - {90F40961-6129-8955-A5DD-B9DBBC53800D} - (no file)
O2 - BHO: (no name) - {99150B3F-2555-B63B-F00D-A10EE8D52F34} - (no file)
O2 - BHO: (no name) - {9AD1459A-4F97-C1CC-1FD7-4779B355027B} - C:\WINDOWS\system32\qgdnxkyn.dll
O2 - BHO: (no name) - {A3BC44B8-F568-D830-7CF0-52D65D1F5CDF} - (no file)
O2 - BHO: (no name) - {ACCE14C3-7624-7899-F1AA-9A9A8E645178} - C:\WINDOWS\system32\ebarfwct.dll
O2 - BHO: (no name) - {ACE95B6D-A1A6-49BF-333C-813C25BC64BF} - C:\WINDOWS\system32\kkhxmojh.dll
O2 - BHO: (no name) - {B522B51D-CAF2-7DCF-559B-9DD673EC5883} - (no file)
O2 - BHO: (no name) - {B8711B9A-0E5A-4415-4ED7-A049F7A1B7D3} - (no file)
O2 - BHO: (no name) - {B998D7F5-0217-A9BD-94AA-558D6D69D42E} - (no file)
O2 - BHO: (no name) - {BA82498A-7FB9-23B0-B5C7-F23C83F756FB} - C:\WINDOWS\system32\bpfaipvj.dll
O2 - BHO: (no name) - {C8B788E7-0CFD-72BB-8E59-7DD7B6C57DB2} - (no file)
O2 - BHO: (no name) - {CBDA5522-BEF6-8C19-3471-DDFF248A4946} - (no file)
O2 - BHO: (no name) - {CEAC6319-458A-83FC-59CF-E3285DF68390} - C:\WINDOWS\system32\ixawimst.dll
O2 - BHO: (no name) - {D3149679-1F6E-1334-86F5-A3E7AB8A1C0C} - C:\WINDOWS\system32\lupzgifu.dll
O2 - BHO: (no name) - {DB0A5A06-F441-7D6A-E18F-AEF1BA801D50} - (no file)
O2 - BHO: (no name) - {DC758241-D26D-C272-4584-B7C671A57D21} - C:\WINDOWS\system32\prwtckng.dll
O2 - BHO: (no name) - {E3CC6BB5-82EA-9545-CD1C-AC3FE2A0EDB0} - (no file)
O2 - BHO: (no name) - {F09913F2-C2D0-1502-B570-B74EF9DABDA9} - (no file)
O2 - BHO: (no name) - {F0F8FBFE-FC29-B9F1-48D0-C7DAFA0EC1B5} - (no file)
O2 - BHO: (no name) - {F12C443D-05E1-899D-3D97-25047B1F08B6} - (no file)
O2 - BHO: (no name) - {F8ABD9B6-7C33-64C5-9B5B-8BCE6629EC3F} - C:\WINDOWS\system32\mhyltzsx.dll
O2 - BHO: (no name) - {FC187ECD-1DF0-78B6-32BF-F280F435F18C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Comedy-Planet] C:\Program Files\Comedy-Planet\comedy-planet.exe
O4 - HKLM\..\Run: [sncuxpaw] C:\WINDOWS\system32\sncuxpaw.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [fdelpmnt] C:\WINDOWS\system32\fdelpmnt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1121838437\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Optimum Online net guide] "C:\Program Files\Optimum Online\Netsurf.exe" -trayicon
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ewd2efe1] RUNDLL32.EXE w81e9966.dll,n 0052efdc0000000381e9966
O4 - HKLM\..\Run: [Configuration Manager]
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [lcqtd] C:\WINDOWS\system32\pofbcg.exe reg_run
O4 - HKCU\..\Run: [PSDream] "C:\Program Files\PSDream\PSDream.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149431802984
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} - http://pictures04.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: Internet Settings - C:\WINDOWS\system32\sylogcfg.dll (file missing)
O20 - Winlogon Notify: mllvid - C:\WINDOWS\SYSTEM32\mllvid.dll
O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
O23 - Service: wvtgvxeopaeo (6) - Unknown owner - C:\WINDOWS\system32\6.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Miscrosoft Updates Service 5 (MsUpdate5) - Unknown owner - C:\WINDOWS\system32\msupd5.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe