Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

dr watson


  • This topic is locked This topic is locked

#1
micks

micks

    New Member

  • Member
  • Pip
  • 2 posts
been having problems for a while
thought it was my graphics card giving up
till i did a google on the dr watson message

here's my HJT log
any help much appreciated

Logfile of HijackThis v1.99.1
Scan saved at 22:05:25, on 03/07/2005
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v6.00 SP1

(6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Photoshop Elements

3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Sitecom\Bluetooth

Software\bin\btwdins.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Common Files\Microsoft

Shared\VS7Debug\mdm.exe
C:\Program Files\Adobe\Photoshop Elements

3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Gmail

Notifier\G001-1.0.24.0\gnotify.exe
C:\WINDOWS\svchost.exe
C:\Program Files\Java\jre1.5.0_03

\bin\jusched.exe
C:\WINDOWS\System32\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\iisvers.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program

Files\Creative\MediaSource\Detector\CTDet

ect.exe
C:\Program Files\WallMaster\wallmast.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spyware

Doctor\swdoctor.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_03

\bin\javaw.exe
C:\Program

Files\NetLimiter\NetLimiter.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla

Firefox\firefox.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Documents and

Settings\neil\Desktop\security

etc\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://home.iol.ie
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.sallins.wan/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://home.iol.ie
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://home.iol.ie
R3 - URLSearchHook: (no name) - _

{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -

(no file)
R3 - URLSearchHook: UB Class - {00000000

-15D9-4736-AB29-131578A45F2B} -

C:\WINDOWS\system32\wsrchc3.dll
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat 5.0

\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: blank - {3CC12C40-47EB-4705-

8140-168ADC713E94} - blank (file missing)
O2 - BHO: SpywareGuard Download

Protection - {4A368E80-174F-4872-96B5-

0B27DDD11DB2} - C:\Program

Files\SpywareGuard\dlprotect.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36

-3DB1-42A4-A3CB-D426709BBFEB} -

C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-

1895-11CF-8E15-001234567890} -

C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} -

blank (file missing)
O2 - BHO: PCTools Browser Monitor -

{B56A7D7D-6927-48C8-A975-17DF180C71AC} -

C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: FlashFXP Helper for Internet

Explorer - {E5A1691B-D188-4419-AD02-

90002030B8EE} - C:\PROGRA~1\FLASHF~1

\FlashFXP\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-

11d4-9B18-009027A5CD4F} - blank (file

missing)
O4 - HKLM\..\Run: [Zone Labs Client]

C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-

a3ec-b109a192b4c2}] C:\Program

Files\Google\Gmail Notifier\G001-

1.0.24.0\gnotify.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program

Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [wnddrv]

C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run:

[TotalRecorderScheduler] "C:\Program

Files\HighCriteria\TotalRecorder\TotRecSc

hed.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program

Files\Common

Files\Real\Update_OB\realsched.exe" -

osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched]

C:\Program Files\Java\jre1.5.0_03

\bin\jusched.exe
O4 - HKLM\..\Run: [SmcService]

C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
O4 - HKLM\..\Run: [REGSHAVE] C:\Program

Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task]

C:\WINDOWS\System32\qttask.exe
O4 - HKLM\..\Run: [Picasa Media Detector]

C:\Program Files\Picasa2

\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NvMediaCenter]

RUNDLL32.EXE C:\WINDOWS\system32

\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works

Portfolio] C:\Program Files\Microsoft

Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [LifeScape Media

Detector] C:\Program

Files\Picasa\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iisvers]

C:\WINDOWS\iisvers.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program

Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [dla]

C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033]

"C:\Program Files\D-Tools\daemon.exe" -

lang 1033
O4 - HKLM\..\Run:

[BluetoothAuthenticationAgent]

rundll32.exe

bthprops.cpl,,BluetoothAuthenticationAgen

t
O4 - HKLM\..\Run: [bluestart]

c:\\rraut.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor]

"C:\Program Files\Spyware

Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [NBJ] "C:\Program

Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Creative Detector]

C:\Program

Files\Creative\MediaSource\Detector\CTDet

ect.exe /R
O4 - Startup: Adobe Gamma.lnk =

C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma

Loader.exe
O4 - Startup: SpywareGuard.lnk =

C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: WallMaster Pro.lnk =

C:\Program Files\WallMaster\wallmast.exe
O4 - Global Startup: Adobe Gamma

Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma

Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office

OneNote 2003 Quick Launch.lnk =

C:\Program Files\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &Google

Search - res://c:\program

files\google\GoogleToolbar2.dll/cmsearch.

html
O8 - Extra context menu item: Ask Jeeves

Search -

java script:external.menuArguments.locatio

n.href="java script:AskBarcommand='cmd-

search-selection'"
O8 - Extra context menu item: Backward

Links - res://c:\program

files\google\GoogleToolbar2.dll/cmbacklin

ks.html
O8 - Extra context menu item: Cached

Snapshot of Page - res://c:\program

files\google\GoogleToolbar2.dll/cmcache.h

tml
O8 - Extra context menu item: Dictionary

Search -

java script:external.menuArguments.locatio

n.href="java script:AskBarcommand='cmd-

search-selection-word'"
O8 - Extra context menu item: E&xport to

Microsoft Excel - res://C:\PROGRA~1

\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To

&Bluetooth - C:\Program

Files\Sitecom\Bluetooth

Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar

Pages - res://c:\program

files\google\GoogleToolbar2.dll/cmsimilar

.html
O8 - Extra context menu item: Translate

into English - res://c:\program

files\google\GoogleToolbar2.dll/cmtrans.h

tml
O9 - Extra button: (no name) - {08B0E5C0

-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.5.0_03

\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java

Console - {08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program

Files\Java\jre1.5.0_03

\bin\npjpi150_03.dll
O9 - Extra button: Spyware Doctor -

{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -

C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-

18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-

26C3-4e1f-A54D-A2CD196348E9} -

C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite -

{B863453A-26C3-4e1f-A54D-A2CD196348E9} -

C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: @btrez.dll,-4015 -

{CCA281CA-C863-46ef-9331-5C8D4460577F} -

C:\Program Files\Sitecom\Bluetooth

Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,

-4017 - {CCA281CA-C863-46ef-9331-

5C8D4460577F} - C:\Program

Files\Sitecom\Bluetooth

Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910

-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger - {FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program

Files\Internet

Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF:

START_PAGE_URL=http://www.eircom.net
O16 - DPF: {04E214E5-63AF-4236-83C6-

A7ADCBF9BD02} (HouseCall Control) -

http://housecall60.t...cro.com/houseca

ll/xscan60.cab
O16 - DPF: {140F03AE-0588-11D4-BD45-

0050048A82BF} (eShare Web Collaboration

Class) -

https://chat.microso...rade.com/netage

nt/objects/emagic.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-

0050DA18DE71} (RdxIE Class) -

http://207.188.7.150...4d8f6d04ca35718

/netzip/RdxIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-

00C04F9A3B61} (HouseCall Control) -

http://a840.g.akamai.../840/537/200406

1001/housecall.trendmicro.com/housecall/x

scan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-

EB0E5584767D} -

http://toolbar.googl...data/GoogleActi

vate.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-

6689520C7CD7} (DmiReader Class) -

http://support.euro....om/global/apps/

systemprofiler/PROFILER.CAB
O18 - Protocol: widimg - {EE7C2AFF-5742-

44FF-BD0E-E521B0D3C3BA} -

C:\WINDOWS\system32\btxppanel.dll
O18 - Filter: text/html - {DFAA31C8-A356

-4313-9D95-5EDAB46C5070} - (no file)
O23 - Service: Adobe LM Service - Adobe

Systems - C:\Program Files\Common

Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor

(AdobeActiveFileMonitor) - Unknown owner

- C:\Program Files\Adobe\Photoshop

Elements 3.0

\PhotoshopElementsFileAgent.exe
O23 - Service: Bluetooth Service

(btwdins) - Broadcom Corporation -

C:\Program Files\Sitecom\Bluetooth

Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM

Access - Creative Technology Ltd -

C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: LexBce Server (LexBceS) -

Lexmark International, Inc. -

C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Photoshop Elements Device

Connect (PhotoshopElementsDeviceConnect)

- Unknown owner - C:\Program

Files\Adobe\Photoshop Elements 3.0

\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall

Pro (SmcService) - Sygate Technologies,

Inc. - C:\Program

Files\Sygate\SPF\Smc.exe
O23 - Service: TrueVector Internet

Monitor (vsmon) - Zone Labs, LLC -

C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
  • 0

Advertisements


#2
tampabelle

tampabelle

    Member 5k

  • Retired Staff
  • 6,363 posts
Hi ,


We are sorry to have missed your log due to heavy traffic.

If you still need help, please post back a fresh Hijack This log.

In the problem has been resolved, please let us know.
  • 0

#3
micks

micks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
cheers i see the workload you have

i think i got sorted all seems ok at the moment

thanks
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP