Quote:
Originally Posted by dksuddeth
If you have hijackthis ver. 1.99, run it and post the log. If not, download it and then run it from its own folder, not a temp folder, then post the log.
|
This is officially my longest post:
C:\Documents and Settings\Owner.SFGCFBJHVK\Desktop\Winamp\eMusic\eMusicClient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\OWNER~1.SFG\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7D0CFC31-6ED1-6676-A6AB-35C6FF6F9792} - C:\WINDOWS\system32\aqju.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\Owner.SFGCFBJHVK\Local Settings\Temp\g6.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Windows Login] explored.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [] SBC Yahoo! Connection Manager
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [proc knob 1 trust] C:\Documents and Settings\All Users.WINDOWS\Application Data\facestupidprocknob\Tool safe.exe
O4 - HKLM\..\Run: [a3kMJ6d] C:\documents and settings\owner.sfgcfbjhvk\local settings\temp\a3kMJ6d.exe
O4 - HKLM\..\Run: [v0ED9Rvf] C:\documents and settings\owner.sfgcfbjhvk\local settings\temp\v0ED9Rvf.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [gRYbA] C:\documents and settings\owner.sfgcfbjhvk\local settings\temp\gRYbA.exe
O4 - HKLM\..\Run: [5Rd] C:\documents and settings\owner.sfgcfbjhvk\local settings\temp\5Rd.exe
O4 - HKLM\..\Run: [oFmMny] C:\documents and settings\owner.sfgcfbjhvk\local settings\temp\oFmMny.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [web axis one find] C:\Documents and Settings\All Users.WINDOWS\Application Data\bendbuildwebaxis\tick settings.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\gcasServ.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Documents and Settings\Owner.SFGCFBJHVK\Desktop\Winamp\winampa.exe
O4 - HKLM\..\RunServices: [Windows Login] explored.exe
O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] C:\Program Files\gcASCleaner.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Grid bash] C:\DOCUME~1\OWNER~1.SFG\APPLIC~1\Elseface\Browse Dumb.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Ottw] C:\Documents and Settings\Owner.SFGCFBJHVK\Application Data\aeec.exe
O4 - HKCU\..\Run: [Gfbalnu] C:\WINDOWS\system32\?hkdsk.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.yahoo.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/22a318a2...p/RdxIE601.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) -
http://download.zonelabs.com/bin/pro...tor/WebSWK.cab
O16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} -
http://www.adshooter.com/pop_shooter...0/SYSsfitb.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) -
http://www.live365.com/players/play365.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
http://phobos.apple.com/detection/ITDetector.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -
http://download.abacast.com/download...basetup152.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) -
http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O23 - Service: Windows Login - Unknown - C:\WINDOWS\System32\explored.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE