Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Winfixer removal

Started by 13thwonder , Nov 14 2005 05:04 AM

  • Please log in to reply

#1
13thwonder
Posted 14 November 2005 - 05:04 AM

13thwonder

    Member

  • Member
  • PipPip
  • 20 posts
Logfile of HijackThis v1.99.1
Scan saved at 6:03:48 AM, on 11/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common

Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Gmail

Notifier\G001-1.0.25.0\gnotify.exe
C:\Program Files\Panicware\Pop-Up Stopper Free

Edition\PSFree.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hjc\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat

6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSEvents Object -

{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} -

C:\WINDOWS\System32\ddawu.dll
O3 - Toolbar: &Radio -

{8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program

Files\Common Files\Real\Update_OB\realsched.exe"

-osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run:

[{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]

C:\Program Files\Google\Gmail

Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition]

"C:\Program Files\Panicware\Pop-Up Stopper Free

Edition\PSFree.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk =

C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program

Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search -

res://C:\Program Files\AOL

Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel

-

res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/

3000
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM -

{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -

C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player -

{d81ca86b-ef63-42af-bee3-4502d9a03c2d} -

http://wwws.musicmat...enWebRadio.html

(file missing)
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF:

{EF791A6B-FC12-4C68-99EF-FB9E207A39E6}

(McFreeScan Class) -

http://download.mcaf.../vso/en-us/tool

s/mcfscan/2,0,0,4489/mcfscan.cab
O16 - DPF:

{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6}

(MSN Chat Control 4.5) -

http://chat.msn.com/bin/msnchat45.cab
O16 - DPF:

{FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6}

(IWinAmpActiveX Class) -

http://pdl.stream.ao.../unagi/ampx_en_

dl.cab
O20 - Winlogon Notify: ddawu -

C:\WINDOWS\System32\ddawu.dll
O23 - Service: Network Security Service (NSS) (

11Fßä#·ºÄÖ`I) - Unknown owner -

C:\WINDOWS\system32\msmi.exe (file missing)
O23 - Service: WLTRYSVC - Unknown owner -

C:\WINDOWS\System32\wltrysvc.exe



thanks in advance
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP