My Hyjack this log

Question

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:25:41 PM, on 10/9/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: Normal Running processes:H:\Windows\system32\Dwm.exeH:\Windows\Explorer.EXEH:\Windows\system32	askeng.exeH:\Program Files\Windows Defender\MSASCui.exeH:\Windows\vVX3000.exeH:\Program Files\CyberLink\PowerDVD\DVDLauncher.exeH:\Program Files\Common Files\AOL\1172054938\EE\aolsoftware.exeH:\Program Files\Common Files\InstallShield\UpdateService\issch.exeH:\Program Files\Yahoo!\Common\YMailAdvisor.exeH:\Program Files\Yahoo!\Search Protection\SearchProtection.exeH:\Program Files\Microsoft IntelliType Pro\itype.exeH:\Program Files\Microsoft IntelliPoint\ipoint.exeH:\Program Files\Alwil Software\Avast4\ashDisp.exeH:\Program Files\Dell Support Center\bin\sprtcmd.exeH:\Program Files\Java\jre1.6.0_07\bin\jusched.exeH:\Windows\sttray.exeH:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exeH:\Windows\System32undll32.exeH:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exeH:\Program Files\Common Files\Pure Networks Shared\Platform
mctxth.exeH:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exeH:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exeH:\Program Files\iTunes\iTunesHelper.exeH:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeH:\Windows\ehome\ehtray.exeH:\Program Files\Creative\MediaSource5\MtdAcqu.exeH:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeH:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exeH:\Users\Cortney\Documents\My Received Files\uBBMonitor.exeH:\Windows\System32\mobsync.exeH:\Program Files\Windows Media Player\wmplayer.exeH:\Program Files\Windows Media Player\wmpnscfg.exeH:\Program Files\Internet Explorer\IEUser.exeH:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeH:\Windows\ehome\ehmsas.exeH:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exeH:\Program Files\Yahoo!\Messenger\YahooMessenger.exeh:\program files\aol\aim toolbar 5.0\AolTbServer.exeH:\Users\Cortney\AppData\Roaming\mjusbsp\magicJack.exeH:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeH:\Program Files\Internet Explorer\iexplore.exeH:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeH:\Program Files\LimeWire\LimeWire.exeH:\Program Files\Google\Google Updater\GoogleUpdater.exeH:\Program Files\Windows Live Toolbar\msn_sl.exeH:\Program Files\Trend Micro\HijackThis\HijackThis.exeH:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: cpmsky browser enhancer - {380d9da2-47b3-16a7-eb68-0ff4dc656f7d} - H:\Windows\system32\unrvsmknhrppimpje.dllO2 - BHO: Merriam-Webster Online BHO - {5ADA9CAC-04F9-4DD2-ABFD-74D673BE8624} - H:\WINDOWS\_MWOLTB.DLLO2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - H:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dllO3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - H:\WINDOWS\_MWOLTB.DLLO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [VX3000] H:\Windows\vVX3000.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] 'H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe'O4 - HKLM\..\Run: [AOLDialer] H:\Program Files\Common Files\AOL\ACS\AOLDial.exeO4 - HKLM\..\Run: [AppleSyncNotifier] H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [DVDLauncher] 'H:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe'O4 - HKLM\..\Run: [Google Desktop Search] 'H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe' /startupO4 - HKLM\..\Run: [googletalk] H:\Program Files\Google\Google Talk\googletalk.exe /autostartO4 - HKLM\..\Run: [HostManager] H:\Program Files\Common Files\AOL\1172054938\ee\AOLSoftware.exeO4 - HKLM\..\Run: [ISUSScheduler] 'H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe' -startO4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [VoiceCenter] 'H:\Program Files\Creative\VoiceCenter\AndreaVC.exe' /trayO4 - HKLM\..\Run: [YMailAdvisor] 'H:\Program Files\Yahoo!\Common\YMailAdvisor.exe'O4 - HKLM\..\Run: [YSearchProtection] 'H:\Program Files\Yahoo!\Search Protection\SearchProtection.exe'O4 - HKLM\..\Run: [ISUSPM Startup] H:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [itype] 'H:\Program Files\Microsoft IntelliType Pro\itype.exe'O4 - HKLM\..\Run: [IntelliPoint] 'H:\Program Files\Microsoft IntelliPoint\ipoint.exe'O4 - HKLM\..\Run: [LifeCam] 'H:\Program Files\Microsoft LifeCam\LifeExp.exe'O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [imvrqwqudmas] H:\Windows\System32egsvr32.exe /s 'H:\Windows\system32\unrvsmknhrppimpje.dll'O4 - HKLM\..\Run: [dellsupportcenter] 'H:\Program Files\Dell Support Center\bin\sprtcmd.exe' /P dellsupportcenterO4 - HKLM\..\Run: [SunJavaUpdateSched] 'H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe'O4 - HKLM\..\Run: [StartCCC] 'H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe' MSRunO4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exeO4 - HKLM\..\Run: [VolPanel] 'H:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe' /rO4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntryO4 - HKLM\..\Run: [LELA] 'H:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe' /minimizedO4 - HKLM\..\Run: [nmctxth] 'H:\Program Files\Common Files\Pure Networks Shared\Platform
mctxth.exe'O4 - HKLM\..\Run: [CanonSolutionMenu] H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logonO4 - HKLM\..\Run: [CanonMyPrinter] H:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonO4 - HKLM\..\Run: [SSBkgdUpdate] 'H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe' -Embedding -bootO4 - HKLM\..\Run: [OpwareSE4] 'H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe'O4 - HKLM\..\Run: [WrtMon.exe] H:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exeO4 - HKLM\..\Run: [QuickTime Task] 'H:\Program Files\QuickTime\QTTask.exe' -atboottimeO4 - HKLM\..\Run: [iTunesHelper] 'H:\Program Files\iTunes\iTunesHelper.exe'O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 'H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe'O4 - HKCU\..\Run: [cdloader] 'H:\Users\Cortney\AppData\Roaming\mjusbsp\cdloader2.exe' MAGICJACKO4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [ehTray.exe] H:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WMPNSCFG] H:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [MtdAcqu] 'H:\Program Files\Creative\MediaSource5\MtdAcqu.exe' /sO4 - HKCU\..\Run: [Creative MediaSource Go] 'H:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe' /SCBO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] 'H:\Program Files\Windows Live\Messenger\msnmsgr.exe' /background (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] 'H:\Program Files\Windows Live\Messenger\msnmsgr.exe' /background (User 'Default user')O4 - Global Startup: Google Updater.lnk = H:\Program Files\Google\Google Updater\GoogleUpdater.exeO4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: TotalMedia Backup Monitor.lnk = H:\Documents and Settings\Cortney\My Documents\My Received Files\uBBMonitor.exeO8 - Extra context menu item: &AIM Search - h:\program files\aol\aim toolbar 5.0esources\en-US\local\search.htmlO8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm801MSUSO8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dllO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllO9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - H:\Program Files\PokerStars\PokerStarsUpdate.exeO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - H:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Doyles Room Poker - {725E77D3-B919-4eef-8EEE-D09DE618B6C1} - H:\Microgaming\Poker\DoylesRoomMPP\MPPoker.exeO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - H:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLLO9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\Windows\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\Windows\Network Diagnostic\xpnetdiag.exeO9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - H:\Program Files\PokerStars.NET\PokerStarsUpdate.exeO13 - Gopher Prefix:O15 - Trusted Zone: http://*.mcafee.comO16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://favorites.live.com/cab/ImportAx.cab?v=13,0,1609,00O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dllO16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab55579.cabO16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cabO16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) -

bamajim · Answer

tndion

1. Reboot into Safe Mode
This can be done by

Restart your PC, and after it starts, but before you see the Windows Splash screen
Begin tapping the F8 key twice a second untill you reach another menu screen (black background with white menu choices)
Use your arrow keys and select Safe Mode and then Enter

2. Rerun Hijackthis (scan only) and place checks beside the following entries

O2 - BHO: cpmsky browser enhancer - {380d9da2-47b3-16a7-eb68-0ff4dc656f7d} - H:\Windows\system32\unrvsmknhrppimpje.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [imvrqwqudmas] H:\Windows\System32\regsvr32.exe /s "H:\Windows\system32\unrvsmknhrppimpje.dll"
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm801MSUS
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)

Close all other open windows except Hijackthis and Select " Fix checked"

Close Hijackthis

3. Using Windows Explorer

Rt Click the Start Buttton (The Vista Icon) ->> Explore, and you will see the "tree' of file folders in the left side of the window.
Click on the ">" next to any folder name to expand its contents

Locate and Delete the following file

H:\Windows\system32\unrvsmknhrppimpje.dll

Note: Vista sometimes likes to hide the System32 folder so if you dont see it in the tree of folders on the left just copy and paste C:\Windows\System32 into the explorer browser bar
Note Also The file names in Vista are arranged in columns in the folders, so the file names will appear in one column and the file extension will be listed under the file type column.
Example

unrvsmknhrppimpje will appear in the name column and .dll will appear in the type column

Close Windows Explorer->> Reboot your PC ->> Rerun Hijackthis and post a fresh Hijackthis log As a reply to this thread

Microsoft MVP Consumer-Security

SpywareHammer

"The world is what you make of it"

tndion · Answer

href=' http://favorites.live.com/quickadd.aspx'>http://favorites.live.com/quickadd.aspx />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - H:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Doyles Room Poker - {725E77D3-B919-4eef-8EEE-D09DE618B6C1} - H:\Microgaming\Poker\DoylesRoomMPP\MPPoker.exe O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - H:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - H:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O13 - Gopher Prefix: O15 - Trusted Zone: http://*.mcafee.com'>http://*.mcafee.com />O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://favorites.live.com/cab/ImportAx.cab?v=13,0,1609,00'>https://favorites.live.com/cab/ImportAx.cab?v=13,0,1609,00 />O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab'>http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab />O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204'>http://go.microsoft.com/fwlink/?linkid=39204 />O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab55579.cab'>http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab55579.cab />O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab'>http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab />O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cab'>http://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cab />O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab'>http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab />O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206151668640'>http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206151668640 />O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1223618369385&h=a1cfb51edcb4a7aa74ab1377a901e5e5/&filename=jinstall-6u7-windows-i586-jc.cab'>http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1223618369385&h=a1cfb51edcb4a7aa74ab1377a901e5e5/&filename=jinstall-6u7-windows-i586-jc.cab />O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe'>http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe />O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab'>http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab />O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab'>http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab />O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab'>http://zone.msn.com/binframework/v10/StProxy.cab55579.cab />O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} - O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab'>http://messenger.zone.msn.com/binary/Chess.cab57176.cab />O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: H:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - H:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - H:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - H:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - H:\Windows\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - H:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - H:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - H:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe O23 - Service: Creative Service for CDROM Access - Unknown owner - H:\WINDOWS\system32\CTsvcCDA.EXE (file missing) O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - H:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - H:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - H:\Program Files\Common Files\Pure Networks Shared\Platform
msrvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - H:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - H:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - H:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - H:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - H:\Program Files\Viewpoint\Common\ViewpointService.exe --End of file - 19101 bytes

tndion · Answer

My computer still shows this error message at startup but I think thats it I haven't seen it come up since...

tndion · Answer

I was able fix fix most of the selected items but I could not do step 3 for some reason...       Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:57:33 AM, on 10/12/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: Normal Running processes:H:\Windows\system32\Dwm.exeH:\Windows\system32	askeng.exeH:\Windows\Explorer.EXEH:\Windows\system32	askeng.exeH:\Program Files\Windows Defender\MSASCui.exeH:\Windows\vVX3000.exeH:\Program Files\Adobe\Reader 8.0\Readereader_sl.exeH:\Program Files\Common Files\AOL\ACS\AOLDial.exeH:\Program Files\CyberLink\PowerDVD\DVDLauncher.exeH:\Program Files\Common Files\AOL\1172054938\EE\aolsoftware.exeH:\Program Files\Common Files\InstallShield\UpdateService\issch.exeH:\Program Files\Yahoo!\Common\YMailAdvisor.exeH:\Program Files\Yahoo!\Search Protection\SearchProtection.exeH:\Program Files\Microsoft IntelliType Pro\itype.exeH:\Program Files\Microsoft IntelliPoint\ipoint.exeH:\Program Files\Alwil Software\Avast4\ashDisp.exeH:\Program Files\Dell Support Center\bin\sprtcmd.exeH:\Windows\sttray.exeH:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exeH:\Windows\System32undll32.exeH:\Program Files\Common Files\Pure Networks Shared\Platform
mctxth.exeH:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeH:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exeH:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exeH:\Program Files\iTunes\iTunesHelper.exeH:\Program Files\Java\jre1.6.0_07\bin\jusched.exeH:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeH:\Windows\ehome\ehtray.exeH:\Program Files\Creative\MediaSource5\MtdAcqu.exeH:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exeH:\Program Files\Windows Media Player\wmpnscfg.exeH:\Users\Cortney\Documents\My Received Files\uBBMonitor.exeH:\Windows\System32\mobsync.exeH:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exeH:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeH:\Windows\ehome\ehmsas.exeH:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeH:\Users\Cortney\AppData\Roaming\mjusbsp\st00000\mjsetup.exeH:\Users\Cortney\AppData\Roaming\mjusbsp\magicJack.exeH:\Program Files\Internet Explorer\iexplore.exeH:\Program Files\Internet Explorer\IEUser.exeh:\program files\aol\aim toolbar 5.0\AolTbServer.exeH:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeH:\Windows\system32\SearchFilterHost.exeH:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllR3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - H:\Program Files\P2P_Energy	bP2P_.dllO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - H:\Program Files\P2P_Energy	bP2P_.dllO2 - BHO: Merriam-Webster Online BHO - {5ADA9CAC-04F9-4DD2-ABFD-74D673BE8624} - H:\WINDOWS\_MWOLTB.DLLO2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - H:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dllO3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - H:\WINDOWS\_MWOLTB.DLLO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - H:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - H:\Program Files\P2P_Energy	bP2P_.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [VX3000] H:\Windows\vVX3000.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] 'H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe'O4 - HKLM\..\Run: [AOLDialer] H:\Program Files\Common Files\AOL\ACS\AOLDial.exeO4 - HKLM\..\Run: [AppleSyncNotifier] H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [DVDLauncher] 'H:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe'O4 - HKLM\..\Run: [Google Desktop Search] 'H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe' /startupO4 - HKLM\..\Run: [googletalk] H:\Program Files\Google\Google Talk\googletalk.exe /autostartO4 - HKLM\..\Run: [HostManager] H:\Program Files\Common Files\AOL\1172054938\ee\AOLSoftware.exeO4 - HKLM\..\Run: [ISUSScheduler] 'H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe' -startO4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [VoiceCenter] 'H:\Program Files\Creative\VoiceCenter\AndreaVC.exe' /trayO4 - HKLM\..\Run: [YMailAdvisor] 'H:\Program Files\Yahoo!\Common\YMailAdvisor.exe'O4 - HKLM\..\Run: [YSearchProtection] 'H:\Program Files\Yahoo!\Search Protection\SearchProtection.exe'O4 - HKLM\..\Run: [ISUSPM Startup] H:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [itype] 'H:\Program Files\Microsoft IntelliType Pro\itype.exe'O4 - HKLM\..\Run: [IntelliPoint] 'H:\Program Files\Microsoft IntelliPoint\ipoint.exe'O4 - HKLM\..\Run: [LifeCam] 'H:\Program Files\Microsoft LifeCam\LifeExp.exe'O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [dellsupportcenter] 'H:\Program Files\Dell Support Center\bin\sprtcmd.exe' /P dellsupportcenterO4 - HKLM\..\Run: [StartCCC] 'H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe' MSRunO4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exeO4 - HKLM\..\Run: [VolPanel] 'H:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe' /rO4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntryO4 - HKLM\..\Run: [LELA] 'H:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe' /minimizedO4 - HKLM\..\Run: [nmctxth] 'H:\Program Files\Common Files\Pure Networks Shared\Platform
mctxth.exe'O4 - HKLM\..\Run: [CanonSolutionMenu] H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logonO4 - HKLM\..\Run: [CanonMyPrinter] H:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonO4 - HKLM\..\Run: [SSBkgdUpdate] 'H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe' -Embedding -bootO4 - HKLM\..\Run: [OpwareSE4] 'H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe'O4 - HKLM\..\Run: [WrtMon.exe] H:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exeO4 - HKLM\..\Run: [QuickTime Task] 'H:\Program Files\QuickTime\QTTask.exe' -atboottimeO4 - HKLM\..\Run: [iTunesHelper] 'H:\Program Files\iTunes\iTunesHelper.exe'O4 - HKLM\..\Run: [SunJavaUpdateSched] 'H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe'O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 'H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe'O4 - HKCU\..\Run: [cdloader] 'H:\Users\Cortney\AppData\Roaming\mjusbsp\cdloader2.exe' MAGICJACKO4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [ehTray.exe] H:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [MtdAcqu] 'H:\Program Files\Creative\MediaSource5\MtdAcqu.exe' /sO4 - HKCU\..\Run: [Creative MediaSource Go] 'H:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe' /SCBO4 - HKCU\..\Run: [WMPNSCFG] H:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] 'H:\Program Files\Windows Live\Messenger\msnmsgr.exe' /background (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] 'H:\Program Files\Windows Live\Messenger\msnmsgr.exe' /background (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: TotalMedia Backup Monitor.lnk = H:\Documents and Settings\Cortney\My Documents\My Received Files\uBBMonitor.exeO8 - Extra context menu item: &AIM Search - h:\program files\aol\aim toolbar 5.0esources\en-US\local\search.htmlO8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites -

bamajim · Answer

tndion I was able fix fix most of the selected items but I could not do step 3 for some reason... What happened? Were you not able to find the file? If you found the file, were you unable to delete it? Microsoft MVP Consumer-Security SpywareHammer   'The world is what you make of it'

tndion · Answer

I couln't find the file.When I right clcked explore I could not find the file and the message I sent before was a false alarm the error message still appears all the time and it takes exactly 5 cancel clicks to get it off the screen.

tndion · Answer

I looked in H:\windows\system32\   but couldn't find the file...

bamajim · Answer

tndion 1. Go HERE and download TempFix. Save it to your Desktop (but do not run it yet) 2. Reboot into Safe Mode This can be done by Restart your PC, and after it starts, but before you see the Windows Splash screen Begin tapping the F8 key twice a second untill you reach another menu screen (black background with white menu choices) Use your arrow keys and select Safe Mode and then Enter 3. Rt Click TempFix.zip ->> Extract all ->> And extract it to your Desktop Additional help on extracting zip files can be found HERE Open the TempFix Folder. Rt Click TempFix.vbe ->>Select Open Then Open to confirm. As the program runs, it will appear that nothing is happening. When the program is fnished it will produce a log for you C:\TempFix.txt Copy and paste the contents of that log in your reply. Note: if your root drive is something other thatn C:\ then the log will default to your designated root drive 4. Then reboot your PC into Normal Windows Mode->> Rerun Hijackthis and post a fresh Hiajckthis log. As well as the C:\TempFix.txt log Microsoft MVP Consumer-Security SpywareHammer   'The world is what you make of it'

Virus & Spyware

My Hyjack this log

Was this post helpful?