1. You are currently running Hijackthis from a
Temp file.
Hijackthis creates backup's that we may need, which could be lost or deleted easily from a temp location
Please move Hijackthis to it's own folder, It can be done by
Create a folder on the C: drive called C:\HJT.
You can do this by going to My Computer (Windows key+e) then double click on C:
then right click and select New then Folder and name it HJT. Then Move the file Hijackthis.exe into that folder
2. Go
HERE and Download
System Repair Engine by smallfrogs
Save it to your Desktop Rt Click sreng2.zip->>Extract all->>Extract it to your desktop Open the sreng folder Double click SREng->>Click Run At the main Window, in the left Pane,Select Smart Scan At the next window make sure all of the boxes are checked and Select Scan When the scan is complete Select Save reports Save it to your desktop and Close the tool Double Click SREngLog.txt copy and paste that log as a reply to this thread
Do not run any other options with this tool unless instructed to do so.
==================================
Startup Folders
[Ferramenta de Verificação de Mídia do Picture Motion Browser]
C:\PROGRA~1\Sony\SONYPI~1\VOLUME~1\SPUVOL~1.EXE [Sony Corporation]>
[Iomega Product Registration]
C:\PROGRA~1\Iomega\REGIST~1\Register.exe [Leader Technologies]>
[Webshots]
C:\PROGRA~1\Webshots\Launcher.exe [N/A]>
==================================
Services
[Agendador do LiveUpdate automático / Agendador do LiveUpdate automático]
<"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe">
[ASP.NET State Service / aspnet_state]
bamajim
10.4K Posts
0
December 18th, 2006 23:00
Hijackthis creates backup's that we may need, which could be lost or deleted easily from a temp location
Please move Hijackthis to it's own folder, It can be done by
Create a folder on the C: drive called C:\HJT.
You can do this by going to My Computer (Windows key+e) then double click on C:
then right click and select New then Folder and name it HJT. Then Move the file Hijackthis.exe into that folder
2. Go HERE and Download System Repair Engine by smallfrogs
Rt Click sreng2.zip->>Extract all->>Extract it to your desktop
Open the sreng folder
Double click SREng->>Click Run
At the main Window, in the left Pane,Select Smart Scan
At the next window make sure all of the boxes are checked and Select Scan
When the scan is complete Select Save reports
Save it to your desktop and Close the tool
Double Click SREngLog.txt copy and paste that log as a reply to this thread
Irene Gama
2 Posts
0
December 19th, 2006 12:00
Windows XP Professional Service Pack 2 (Build 2600)
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<"C:\Program Files\KlipFolio\KlipFolio.exe" /BOOT> [Serence Inc.]
<"C:\Program Files\My Kazaa Gold\MyGoldKazaa.exe" /hide> [My Kazaa Gold < support@MyKazaaGold.com>]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Corporation]
<"rundll32.exe" ftutil2.dll,SetWriteCacheMode> [(Verified)Promise Technology, Inc.]
[(Verified)Realtek Semiconductor Corp.]
<"C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"> [Intel Corporation]
<"RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation]
<"nwiz.exe" /installquiet /keeploaded /nodetect> [N/A]
<"c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"> [Sonic Solutions]
[]
<"c:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation]
<"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run> [Hewlett-Packard Company]
<"C:\Windows\Creator\Remind_XP.exe"> [SoftThinks]
<"C:\Program Files\HP\HP Software Update\HPwuSchd2.exe"> [Hewlett-Packard Co.]
<"C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray> [Webroot Software, Inc.]
[(Verified)HP]
[Hewlett-Packard]
<"C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"> [Hewlett-Packard]
<"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Corporation]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
[Webroot Software, Inc.]
Startup Folders
[Ferramenta de Verificação de Mídia do Picture Motion Browser]
C:\PROGRA~1\Sony\SONYPI~1\VOLUME~1\SPUVOL~1.EXE [Sony Corporation]>
[Iomega Product Registration]
C:\PROGRA~1\Iomega\REGIST~1\Register.exe [Leader Technologies]>
[Webshots]
C:\PROGRA~1\Webshots\Launcher.exe [N/A]>
Services
[Agendador do LiveUpdate automático / Agendador do LiveUpdate automático]
<"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe">
[ASP.NET State Service / aspnet_state]
[Symantec Event Manager / ccEvtMgr]
<"c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe">
[Symantec Internet Security Password Validation / ccISPwdSvc]
<"c:\Program Files\Norton Internet Security\ccPwdSvc.exe">
[Symantec Network Proxy / ccProxy]
<"c:\Program Files\Common Files\Symantec Shared\ccProxy.exe">
[Symantec Settings Manager / ccSetMgr]
<"c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe">
[COM Host / comHost]
<"c:\Program Files\Norton Internet Security\comHost.exe">
[Intel(R) Quick Resume technology / ELService]
[Intel(R) Matrix Storage Event Monitor / IAANTMON]
[LightScribeService Direct Disc Labeling Service / LightScribeService]
<"C:\Program Files\Common Files\LightScribe\LSSrvc.exe">
[LiveUpdate / LiveUpdate]
<"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE">
[Serviço do Auto-Protect do Norton AntiVirus / navapsvc]
<"c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe">
[Norton Protection Center Service / NSCService]
<"c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE">
[NVIDIA Display Driver Service / NVSvc]
[Pml Driver HPH11 / Pml Driver HPH11]
[Symantec AVScan / SAVScan]
<"c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe">
[Symantec Network Drivers Service / SNDSrvc]
<"c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe">
[Symantec SPBBCSvc / SPBBCSvc]
<"c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe">
[Symantec Core LC / Symantec Core LC]
<"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe">
[Webroot Spy Sweeper Engine / WebrootSpySweeperService]
<"C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe">
Drivers
[Promise driver accelerator / bb-run]
<\SystemRoot\system32\DRIVERS\bb-run.sys>
[Dot4 HPH11 / Dot4 HPH11]
[Print Class Driver for IEEE-1284.4 HPH11 / Dot4Print HPH11]
[Storage Class Driver for IEEE-1284.4 (HPH11) / Dot4Storage HPH11]
[Dot4Usb HPH11 / Dot4Usb HPH11]
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express]
[Symantec Eraser Control driver / eeCtrl]
<\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys>
[ELacpi / ELacpi]
[EL hid Service / ELhid]
<\??\C:\WINDOWS\System32\Drivers\Elhid.sys>
[EL KB Service / ELkbd]
<\??\C:\WINDOWS\System32\Drivers\Elkbd.sys>
[EL Monitor Service / ELmon]
<\??\C:\WINDOWS\System32\Drivers\Elmon.sys>
[EL Mouse Service / ELmou]
<\??\C:\WINDOWS\System32\Drivers\Elmou.sys>
[EraserUtilRebootDrv / EraserUtilRebootDrv]
<\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys>
[ftsata2 / ftsata2]
<\SystemRoot\system32\DRIVERS\ftsata2.sys>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
[Intel RAID Controller / iaStor]
<\SystemRoot\System32\DRIVERS\iastor.sys>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
[NAVENG / NAVENG]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061218.016\NAVENG.Sys>
[NAVEX15 / NAVEX15]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061218.016\NavEx15.Sys>
[nv / nv]
[Ps2 / Ps2]
[Direct Parallel Link Driver / Ptilink]
[PxHelp20 / PxHelp20]
<\SystemRoot\System32\Drivers\PxHelp20.sys>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
[SAVRT / SAVRT]
<\??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS>
[SAVRTPEL / SAVRTPEL]
<\??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS>
[Secdrv / Secdrv]
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
[SPBBCDrv / SPBBCDrv]
<\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys>
[Spy Sweeper File System Filer Driver: 0509 / SSFS0509]
<\SystemRoot\SYSTEM32\Drivers\SSFS0509.SYS> www.webroot.com)>
[Spy Sweeper Hookrack MiniDriver / SSHRMD]
<\SystemRoot\SYSTEM32\Drivers\SSHRMD.SYS> www.webroot.com)>
[Spy Sweeper Interdiction Driver / SSIDRV]
<\SystemRoot\SYSTEM32\Drivers\SSIDRV.SYS> www.webroot.com)>
[Webroot Spy Sweeper Keylogger Shield Keyboard Filter / SSKBFD]
www.webroot.com)>
[SYMDNS / SYMDNS]
<\SystemRoot\System32\Drivers\SYMDNS.SYS>
[SymEvent / SymEvent]
<\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS>
[SYMFW / SYMFW]
<\SystemRoot\System32\Drivers\SYMFW.SYS>
[SYMIDS / SYMIDS]
<\SystemRoot\System32\Drivers\SYMIDS.SYS>
[SYMIDSCO / SYMIDSCO]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20061215.005\symidsco.sys>
[symlcbrd / symlcbrd]
<\??\C:\WINDOWS\system32\drivers\symlcbrd.sys>
[SYMNDIS / SYMNDIS]
<\SystemRoot\System32\Drivers\SYMNDIS.SYS>
[SYMREDRV / SYMREDRV]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS>
[SYMTDI / SYMTDI]
<\SystemRoot\System32\Drivers\SYMTDI.SYS>
[ViaIde / ViaIde]
<\SystemRoot\system32\DRIVERS\viaide.sys>
[LIteon Wireless PCI Network Adapter Service / WN5301]
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[StumbleUpon Launcher]
{145B29F4-A56B-4b90-BBAC-45784EBEBBB7}
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
[CNavExtBho Class]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}
[Java Plug-in 1.5.0_09]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
[&Pesquisar]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}
[Ajuda com a ligação]
{E2D4D26B-0180-43a4-B05F-462D6D54C789} <, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683}
[Norton AntiVirus]
{C4069E3A-68F1-403E-B40E-20066696354B}
[StumbleUpon Toolbar]
{5093EB4C-3E93-40AB-9266-B607BA87BDC8}
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
[Webshots Multiple Media Uploader - Container]
{2E12FB00-546B-4EE3-9CC2-057BF02E1C17}
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
[Java Plug-in 1.5.0_09]
{8AD9C840-044E-11D1-B3E9-00805F499D93}
[Office Update Installation Engine]
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
[Java Plug-in 1.5.0_06]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
[Java Plug-in 1.5.0_09]
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
[Java Plug-in 1.5.0_09]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[StumbleUpon Launcher]
{145B29F4-A56B-4B90-BBAC-45784EBEBBB7}
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700}
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95}
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B}
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69}
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[StumbleUpon Toolbar]
{5093EB4C-3E93-40AB-9266-B607BA87BDC8}
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6}
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
[Windows Media Services DRM Storage object]
{760C4B83-E211-11D2-BF3E-00805FBE84A6}
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2}
[CNavExtBho Class]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Norton AntiVirus]
{C4069E3A-68F1-403E-B40E-20066696354B}
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[E&xportar para o Microsoft Excel]
[StumbleUpon: &Blog This]
bamajim
10.4K Posts
0
December 19th, 2006 13:00