Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Suspicious? HI-jack this
   
BullGuard Antivirus Forum > Bullguard zone > BullGuard Customers > Suspicious? HI-jack this  
Forum Quick Jump
 
New Topic Post reply to : Suspicious? HI-jack this Printable version of : Suspicious? HI-jack this
[ << Previous Thread | Next Thread >> ]

waveyminter
New Member


Date Joined Dec 2007
Total Posts : 19
  		   Posted 2-7-2008 5:09 (GMT +1)    Quote: Suspicious? HI-jack thisAlert an admin about: Suspicious? HI-jack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:23, on 07/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\WINDOWS\system32\CTsvcCDA.exe
H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
H:\Program Files\Kontiki\KService.exe
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\PnkBstrB.exe
H:\Program Files\Spyware Doctor\svcntaux.exe
H:\Program Files\Spyware Doctor\swdsvc.exe
H:\WINDOWS\System32\PAStiSvc.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\BT Auto Backup\VaultClientSRV.exe
H:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
H:\Program Files\Microsoft Windows OneCare Live\winss.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\System32\alg.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
H:\Program Files\Microsoft Windows OneCare Live\GtCC.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
H:\WINDOWS\system32\CTXFIHLP.EXE
H:\WINDOWS\system32\RunDll32.exe
H:\Program Files\Ideazon\ZEngine\Zboard.exe
H:\WINDOWS\SYSTEM32\CTXFISPI.EXE
H:\WINDOWS\system32\CTHELPER.EXE
H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
H:\Program Files\Spyware Doctor\SDTrayApp.exe
H:\Program Files\Kontiki\KHost.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\btbb_wcm\McciTrayApp.exe
H:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
H:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\AlfaClock\AlfaClock.exe
H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\BT Broadband Desktop Help\bin\BTHelpBrowser.exe
H:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
H:\Program Files\Steam\Steam.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Google\Google Updater\GoogleUpdater.exe
H:\Program Files\Logitech\SetPoint\SetPoint.exe
H:\Program Files\Folding@Home\winFAH.exe
H:\Program Files\BT Broadband Desktop Help\bin\BTHelp.exe
H:\Program Files\Xfire\xfire.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\Program Files\OpenOffice.org 2.3\program\soffice.exe
H:\Program Files\BT Broadband Desktop Help\bin\mpbtn.exe
H:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
H:\PROGRA~1\Motive\Common\MOTIVE~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bt.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VolPanel] "H:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BullGuard] "H:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [CM108Sound] RunDll32 CM108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Zboard] H:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "H:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [4oD] "H:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] H:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [btbb_McciTrayApp] H:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
O4 - HKLM\..\Run: [OneCareUI] "H:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [BullGuard] "H:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlfaClock Classic] "H:\Program Files\AlfaClock\AlfaClock.exe" /startup
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "H:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Steam] "H:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AnVir Task Manager Free] "H:\Program Files\AnVir Task Manager Free\AnVir.exe" Minimized
O4 - HKCU\..\Run: [kdx] H:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: Folding@Home 5.03.lnk = ?
O4 - Startup: OpenOffice.org 2.3.lnk = H:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Xfire.lnk = H:\Program Files\Xfire\xfire.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = H:\Program Files\BT Broadband Desktop Help\bin\matcli.exe
O4 - Global Startup: Google Updater.lnk = H:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = H:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Reboot.exe
O8 - Extra context menu item: &Winamp Toolbar Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://H:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - H:\Documents and Settings\User\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197469395828
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control) - https://secure.gopetslive.com/dev/gopets.cab
O18 - Protocol: bw+0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {F46C80EA-A9ED-44A7-8485-0D6C3C4181F1} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: H:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - H:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - H:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: BGRaSvc - BullGuard - H:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - H:\Program Files\Kontiki\KService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - H:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - H:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: STI Simulator - Unknown owner - H:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: BT Auto Backup Service (VaultClientSRV) - Unknown owner - H:\Program Files\BT Auto Backup\VaultClientSRV.exe
O23 - Service: YPCService - Yahoo! Inc. - H:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 26491 bytes


Suspicious anything? anyone?

Please, help out if you think there is programs or proceses that look unnormal and so on: )
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 13652
  		   Posted 2-7-2008 5:45 (GMT +1)    Quote: Suspicious? HI-jack thisAlert an admin about: Suspicious? HI-jack this
Hello smile
 
 
It looks clean to Me. However, I´ll suggest You remove - LogitechDesktopMessenger - from add/remove programs in controlpanel.
 
 
Do You have any problems ?

Do NOT post your problem in someone elses thread.

Back to Top
 

waveyminter
New Member


Date Joined Dec 2007
Total Posts : 19
  		   Posted 2-8-2008 11:05 (GMT +1)    Quote: Suspicious? HI-jack thisAlert an admin about: Suspicious? HI-jack this
Ok, i just keep getting very slow @ times and just wondering if i have installed or allowed a program to run by accident and it's causing some problems. Obviously not, just gotta suspend MSN and Xfire for a few minutes to allow precious seconds of startup : )

Thanks.
Chris ~
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 13652
  		   Posted 2-9-2008 10:36 (GMT +1)    Quote: Suspicious? HI-jack thisAlert an admin about: Suspicious? HI-jack this
Ok, You have many programs om bootup, I´ll therefore suggest You post new hijackthis log, as it looks like some of them are unnecessary

Do NOT post your problem in someone elses thread.

Back to Top
 

waveyminter
New Member


Date Joined Dec 2007
Total Posts : 19
  		   Posted 2-9-2008 1:33 (GMT +1)    Quote: Suspicious? HI-jack thisAlert an admin about: Suspicious? HI-jack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:02, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
H:\WINDOWS\system32\CTXFIHLP.EXE
H:\WINDOWS\system32\RunDll32.exe
H:\Program Files\Ideazon\ZEngine\Zboard.exe
H:\WINDOWS\SYSTEM32\CTXFISPI.EXE
H:\WINDOWS\system32\CTHELPER.EXE
H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
H:\Program Files\Spyware Doctor\SDTrayApp.exe
H:\Program Files\Kontiki\KHost.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\btbb_wcm\McciTrayApp.exe
H:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
H:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
H:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
H:\Program Files\AlfaClock\AlfaClock.exe
H:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
H:\Program Files\Steam\Steam.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\WINDOWS\system32\CTsvcCDA.exe
H:\Program Files\AnVir Task Manager Free\AnVir.exe
H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Kontiki\KService.exe
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\Program Files\Google\Google Updater\GoogleUpdater.exe
H:\Program Files\Logitech\SetPoint\SetPoint.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\Program Files\Folding@Home\winFAH.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\PnkBstrB.exe
H:\Program Files\Spyware Doctor\svcntaux.exe
H:\Program Files\MagicDisc\MagicDisc.exe
H:\Program Files\Spyware Doctor\swdsvc.exe
H:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
H:\Program Files\Xfire\xfire.exe
H:\Program Files\OpenOffice.org 2.3\program\soffice.exe
H:\Program Files\BT Broadband Desktop Help\bin\mpbtn.exe
H:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
H:\WINDOWS\System32\PAStiSvc.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\BT Auto Backup\VaultClientSRV.exe
H:\Program Files\Folding@Home\FahCore_81.exe
H:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
H:\Program Files\Microsoft Windows OneCare Live\winss.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\System32\alg.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\PROGRA~1\MOZILL~1\FIREFOX.EXE
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bt.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VolPanel] "H:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BullGuard] "H:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [CM108Sound] RunDll32 CM108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Zboard] H:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "H:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [4oD] "H:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] H:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [btbb_McciTrayApp] H:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
O4 - HKLM\..\Run: [OneCareUI] "H:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [amd_dc_opt] H:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "H:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S
O4 - HKCU\..\Run: [BullGuard] "H:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlfaClock Classic] "H:\Program Files\AlfaClock\AlfaClock.exe" /startup
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "H:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Steam] "H:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AnVir Task Manager Free] "H:\Program Files\AnVir Task Manager Free\AnVir.exe" Minimized
O4 - HKCU\..\Run: [kdx] H:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: Folding@Home 5.03.lnk = ?
O4 - Startup: MagicDisc.lnk = H:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 2.3.lnk = H:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Xfire.lnk = H:\Program Files\Xfire\xfire.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = H:\Program Files\BT Broadband Desktop Help\bin\matcli.exe
O4 - Global Startup: Google Updater.lnk = H:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Logitech SetPoint.lnk = H:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Reboot.exe
O8 - Extra context menu item: &Winamp Toolbar Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://H:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - H:\Documents and Settings\User\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197469395828
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control) - https://secure.gopetslive.com/dev/gopets.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: H:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - H:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - H:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: BGRaSvc - BullGuard - H:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - H:\Program Files\Kontiki\KService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - H:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - H:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: STI Simulator - Unknown owner - H:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: BT Auto Backup Service (VaultClientSRV) - Unknown owner - H:\Program Files\BT Auto Backup\VaultClientSRV.exe
O23 - Service: YPCService - Yahoo! Inc. - H:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 14299 bytes


Thats new one, Just started up.
Back to Top
 
New Topic Post reply to : Suspicious? HI-jack this Printable version of : Suspicious? HI-jack this
 
Forum Information
Currently it is Saturday, November 22, 2008 8:35 PM (GMT +1)
There are a total of 64.077 posts in 15.840 threads.
In the last 3 days there were 26 new threads and 166 reply posts. View Active Threads
Who's Online
This forum has 27202 registered members. Please welcome our newest member, wowzer77.
49 Guest(s), 1 Registered Member(s) are currently online.  Details
Touch
5 Latest Threads
Internet Redircet Virus on Vista (19)22-11-2008 19:31:44 (Touch)
UrqOIyaw.dll trojan (i think) wont go away (1)22-11-2008 19:29:59 (Touch)
Windows behaving strangely (10)22-11-2008 19:28:51 (Touch)
Browser redirect virus (3)22-11-2008 16:44:48 (Touch)
Why am i getting this message Exception Processing Message 0x0000013 (0)22-11-2008 16:02:25 (Oggy)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard